diff --git a/.gitignore b/.gitignore index 63c3eff..9c96bb0 100644 --- a/.gitignore +++ b/.gitignore @@ -2,5 +2,5 @@ SOURCES/06-2d-07 SOURCES/06-4e-03 SOURCES/06-55-04 SOURCES/06-5e-03 -SOURCES/microcode-20220809.tar.gz +SOURCES/microcode-20230214.tar.gz SOURCES/microcode_ctl-2.1-18.tar.xz diff --git a/.microcode_ctl.metadata b/.microcode_ctl.metadata index 13e0df9..af8f824 100644 --- a/.microcode_ctl.metadata +++ b/.microcode_ctl.metadata @@ -2,5 +2,5 @@ bcf2173cd3dd499c37defbc2533703cfa6ec2430 SOURCES/06-2d-07 06432a25053c823b0e2a6b8e84e2e2023ee3d43e SOURCES/06-4e-03 2e405644a145de0f55517b6a9de118eec8ec1e5a SOURCES/06-55-04 86c60ee7d5d0d7115a4962c1c61ceecb0fd3a95a SOURCES/06-5e-03 -13f53eed16b393325f1cf571113f102afb7ac27b SOURCES/microcode-20220809.tar.gz +28bbd30591e0d62f441de019b2829ff265cd238d SOURCES/microcode-20230214.tar.gz 3959afc5d69a916a730131ce0f768db263e9e4f1 SOURCES/microcode_ctl-2.1-18.tar.xz diff --git a/SOURCES/codenames.list b/SOURCES/codenames.list index a48b6da..3694570 100644 --- a/SOURCES/codenames.list +++ b/SOURCES/codenames.list @@ -265,6 +265,7 @@ SOC;;XMM 7272 (SoFIA);;01;60650;;;XMM 7272 Mobile;;Cannon Lake;D0;80;60663;CNL;U;Core Gen8 Mobile; Server;;Ice Lake;C0;87;606a5;ICX;SP;Xeon Scalable Gen3; Server;;Ice Lake;D0;87;606a6;ICX;SP;Xeon Scalable Gen3; +Server;;Ice Lake;B0;10;606c1;ICL;D;;Xeon D-17xx, D-27xx SOC;;Gemini Lake;B0;01;706a1;GLK;;;Pentium J5005/N5000, Celeron J4005/J4105/N4000/N4100 SOC;;Gemini Lake;R0;01;706a8;GLK;R;;Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 Mobile;;Ice Lake;D1;80;706e5;ICL;U,Y;Core Gen10 Mobile; @@ -286,6 +287,13 @@ Mobile;;Comet Lake;V0;94;806ec;CML;U 4+2;Core Gen10 Mobile; Mobile;;Whiskey Lake;W0;d0;806eb;WHL;U;Core Gen8 Mobile; Mobile;;Whiskey Lake;V0;94;806ec;WHL;U;Core Gen8 Mobile; Mobile;;Whiskey Lake;V0;94;806ed;WHL;U;Core Gen8 Mobile; +Server;;Sapphire Rapids;E0,S1;87;806f4;SPR;SP;Xeon Scalable Gen4; +Server;;Sapphire Rapids;B1;10;806f5;SPR;HBM;Xeon Max; +Server;;Sapphire Rapids;E2;87;806f5;SPR;SP;Xeon Scalable Gen4; +Server;;Sapphire Rapids;E3;87;806f6;SPR;SP;Xeon Scalable Gen4; +Server;;Sapphire Rapids;E4,S2;87;806f7;SPR;SP;Xeon Scalable Gen4; +Server;;Sapphire Rapids;B3;10;806f8;SPR;HBM;Xeon Max; +Server;;Sapphire Rapids;E5,S3;87;806f8;SPR;SP;Xeon Scalable Gen4; SOC;;Elkhart Rate;B1;01;90661;EHL;;Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E; Desktop;;Alder Lake;C0;02;90672;ADL;S 8+8;Core Gen12; Mobile;;Alder Lake;C0;03;90672;ADL;HX;Core Gen12 Mobile; @@ -315,6 +323,9 @@ Desktop;;Comet Lake;Q0;22;a0655;CML;S 10+2;Core Gen10 Desktop; Mobile;;Comet Lake;A0;80;a0660;CML;U 6+2;Core Gen10 Mobile; Mobile;;Comet Lake;K1;80;a0661;CML;U 6+2 v2;Core Gen10 Mobile; Desktop;;Rocket Lake;B0;02;a0671;RKL;S;Core Gen11; +Desktop;;Raptor Lake;S0;32;b0671;RPL;S;Core Gen13; +Mobile;;Raptor Lake;J0;07;b06a2;RPL;P 6+8,H 6+8;Core Gen13; +Mobile;;Raptor Lake;Q0;07;b06a3;RPL;U 2+8;Core Gen13; Desktop;;Alder Lake;C0;03;b06f2;ADL;;Core Gen12; Desktop;;Alder Lake;C0;03;b06f5;ADL;;Core Gen12; diff --git a/SOURCES/microcode_ctl-use-microcode-20220809-tgz.patch b/SOURCES/microcode_ctl-use-microcode-20220809-tgz.patch deleted file mode 100644 index 9c24c02..0000000 --- a/SOURCES/microcode_ctl-use-microcode-20220809-tgz.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: microcode_ctl-2.1-18/Makefile -=================================================================== ---- microcode_ctl-2.1-18.orig/Makefile 2018-07-24 09:15:12.463115045 +0200 -+++ microcode_ctl-2.1-18/Makefile 2018-08-09 06:18:45.524503945 +0200 -@@ -8,7 +8,7 @@ - # 2 of the License, or (at your option) any later version. - - PROGRAM = intel-microcode2ucode --MICROCODE_INTEL = microcode-20180703.tgz -+MICROCODE_INTEL = microcode-20220809.tar.gz - - INS = install - CC = gcc diff --git a/SOURCES/microcode_ctl-use-microcode-20230214-tgz.patch b/SOURCES/microcode_ctl-use-microcode-20230214-tgz.patch new file mode 100644 index 0000000..28d48eb --- /dev/null +++ b/SOURCES/microcode_ctl-use-microcode-20230214-tgz.patch @@ -0,0 +1,13 @@ +Index: microcode_ctl-2.1-18/Makefile +=================================================================== +--- microcode_ctl-2.1-18.orig/Makefile 2018-07-24 09:15:12.463115045 +0200 ++++ microcode_ctl-2.1-18/Makefile 2018-08-09 06:18:45.524503945 +0200 +@@ -8,7 +8,7 @@ + # 2 of the License, or (at your option) any later version. + + PROGRAM = intel-microcode2ucode +-MICROCODE_INTEL = microcode-20180703.tgz ++MICROCODE_INTEL = microcode-20230214.tar.gz + + INS = install + CC = gcc diff --git a/SPECS/microcode_ctl.spec b/SPECS/microcode_ctl.spec index f294a7f..79bdbdd 100644 --- a/SPECS/microcode_ctl.spec +++ b/SPECS/microcode_ctl.spec @@ -1,5 +1,5 @@ %define upstream_version 2.1-18 -%define intel_ucode_version 20220809 +%define intel_ucode_version 20230214 %define caveat_dir %{_datarootdir}/microcode_ctl/ucode_with_caveats %define microcode_ctl_libexec %{_libexecdir}/microcode_ctl @@ -21,7 +21,7 @@ Summary: Tool to transform and deploy CPU microcode update for x86. Name: microcode_ctl Version: 2.1 -Release: 73.15%{?dist} +Release: 73.16%{?dist} Epoch: 2 Group: System Environment/Base License: GPLv2+ and Redistributable, no modification permitted @@ -339,7 +339,7 @@ rm -rf intel-ucode # send the message to syslog, so it gets recorded on /var/log if [ -e /usr/bin/logger ]; then - %{check_caveats} -m -d | /usr/bin/logger -p syslog.notice -t DISCLAIMER + %{check_caveats} -m -d | /usr/bin/logger -p syslog.warning -t DISCLAIMER fi # also paste it over dmesg (some customers drop dmesg messages while # others keep them into /var/log for the later case, we'll have the @@ -442,7 +442,7 @@ rpm -qa --qf "${qf}" ${pkgs} | sort -r -n -k'3,3' | { done if [ -n "${skipped}" ]; then - skip_msg="After installation of a new version of microcode_ctl package, + skip_msg="<4>After installation of a new version of microcode_ctl package, initramfs hasn't been re-generated for all the installed kernel packages. The following kernel packages have been skipped:${skipped}. Please re-generate initramfs manually for these kernel packages with the @@ -451,7 +451,7 @@ Intel CPU microcode included into early initramfs image for it, if needed." if [ -e /usr/bin/logger ]; then echo "${skip_msg}" | - /usr/bin/logger -p syslog.notice -t microcode_ctl + /usr/bin/logger -p syslog.warning -t microcode_ctl fi if [ -e /dev/kmsg ]; then @@ -553,6 +553,184 @@ rm -rf %{buildroot} %changelog +* Wed Feb 15 2023 Eugene Syromiatnikov - 2:2.1-73.16 +- Update Intel CPU microcode to microcode-20230214 release, addresses + CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090 (#2171238, + #2171263): + - Addition of 06-6c-01/0x10 (ICL-D B0) microcode at revision 0x1000211; + - Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision + 0x2b000181; + - Addition of 06-8f-04/0x10 microcode at revision 0x2c000170; + - Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in + intel-ucode/06-8f-04) at revision 0x2b000181; + - Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in + intel-ucode/06-8f-04) at revision 0x2c000170; + - Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in + intel-ucode/06-8f-04) at revision 0x2b000181; + - Addition of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) at + revision 0x2c000170; + - Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in + intel-ucode/06-8f-04) at revision 0x2b000181; + - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in + intel-ucode/06-8f-04) at revision 0x2b000181; + - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in + intel-ucode/06-8f-04) at revision 0x2c000170; + - Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in + intel-ucode/06-8f-05) at revision 0x2b000181; + - Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at + revision 0x2c000170; + - Addition of 06-8f-05/0x87 (SPR-SP E2) microcode at revision + 0x2b000181; + - Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision + 0x2c000170; + - Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in + intel-ucode/06-8f-05) at revision 0x2b000181; + - Addition of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) at + revision 0x2c000170; + - Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in + intel-ucode/06-8f-05) at revision 0x2b000181; + - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in + intel-ucode/06-8f-05) at revision 0x2b000181; + - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in + intel-ucode/06-8f-05) at revision 0x2c000170; + - Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in + intel-ucode/06-8f-06) at revision 0x2b000181; + - Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at + revision 0x2c000170; + - Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in + intel-ucode/06-8f-06) at revision 0x2b000181; + - Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in + intel-ucode/06-8f-06) at revision 0x2c000170; + - Addition of 06-8f-06/0x87 (SPR-SP E3) microcode at revision + 0x2b000181; + - Addition of 06-8f-06/0x10 microcode at revision 0x2c000170; + - Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in + intel-ucode/06-8f-06) at revision 0x2b000181; + - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in + intel-ucode/06-8f-06) at revision 0x2b000181; + - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in + intel-ucode/06-8f-06) at revision 0x2c000170; + - Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in + intel-ucode/06-8f-07) at revision 0x2b000181; + - Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in + intel-ucode/06-8f-07) at revision 0x2b000181; + - Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in + intel-ucode/06-8f-07) at revision 0x2b000181; + - Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode at revision + 0x2b000181; + - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in + intel-ucode/06-8f-07) at revision 0x2b000181; + - Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in + intel-ucode/06-8f-08) at revision 0x2b000181; + - Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) at + revision 0x2c000170; + - Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in + intel-ucode/06-8f-08) at revision 0x2b000181; + - Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in + intel-ucode/06-8f-08) at revision 0x2c000170; + - Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in + intel-ucode/06-8f-08) at revision 0x2b000181; + - Addition of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) at + revision 0x2c000170; + - Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in + intel-ucode/06-8f-08) at revision 0x2b000181; + - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode at revision + 0x2b000181; + - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode at revision + 0x2c000170; + - Addition of 06-b7-01/0x32 (RPL-S S0) microcode at revision 0x112; + - Addition of 06-ba-02/0xc0 microcode at revision 0x410e; + - Addition of 06-ba-03/0xc0 microcode (in intel-ucode/06-ba-02) at + revision 0x410e; + - Addition of 06-ba-02/0xc0 microcode (in intel-ucode/06-ba-03) at + revision 0x410e; + - Addition of 06-ba-03/0xc0 microcode at revision 0x410e; + - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in + intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xa4 up to 0xa6; + - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) + microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from + revision 0xf0 up to 0xf4; + - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in + intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xf0 up + to 0xf4; + - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015e + up to 0x1000161; + - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003302 + up to 0x4003303; + - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision + 0x5003302 up to 0x5003303; + - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002501 + up to 0x7002503; + - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000375 + up to 0xd000389; + - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3c up + to 0x3e; + - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x20 up + to 0x22; + - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xb2 + up to 0xb8; + - Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x31 up + to 0x32; + - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x40 up + to 0x42; + - Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x16 up + to 0x17; + - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision + 0x22 up to 0x2c (old pf 0x3); + - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in + intel-ucode/06-97-02) from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) + from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) + from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in + intel-ucode/06-97-05) from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x22 + up to 0x2c (old pf 0x3); + - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) + from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) + from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision + 0x421 up to 0x429; + - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in + intel-ucode/06-9a-03) from revision 0x421 up to 0x429; + - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in + intel-ucode/06-9a-04) from revision 0x421 up to 0x429; + - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x421 + up to 0x429; + - Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000023 + up to 0x24000024; + - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf0 up + to 0xf4; + - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf0 + up to 0xf4; + - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf0 + up to 0xf4; + - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf0 + up to 0xf4; + - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision + 0xf0 up to 0xf4; + - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x54 up + to 0x57; + - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in + intel-ucode/06-bf-02) from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in + intel-ucode/06-bf-02) from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x22 up to + 0x2c (old pf 0x3); + - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) + from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in + intel-ucode/06-bf-05) from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in + intel-ucode/06-bf-05) from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) + from revision 0x22 up to 0x2c (old pf 0x3); + - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x22 up to + 0x2c (old pf 0x3). +- Change the logger severity level to warning to align with the kmsg one. + * Tue Aug 09 2022 Eugene Syromiatnikov - 2:2.1-73.15 - Update Intel CPU microcode to microcode-20220510 release, addresses CVE-2022-21233 (#2119080):