webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,518 Commits 2 Branches 1 Tag
2a8de00c6fbc7625d385ebd04ad466ee8a024a12
Commit Graph

18 Commits

Author SHA1 Message Date
Peter Müller
9a7e4d8506 Switch checksums from MD5 to BLAKE2 
Historically, the MD5 checksums in our LFS files serve as a protection
against broken downloads, or accidentally corrupted source files.

While the sources are nowadays downloaded via HTTPS, it make sense to
beef up integrity protection for them, since transparently intercepting
TLS is believed to be feasible for more powerful actors, and the state
of the public PKI ecosystem is clearly not helping.

Therefore, this patch switches from MD5 to BLAKE2, updating all LFS
files as well as make.sh to deal with this checksum algorithm. BLAKE2 is
notably faster (and more secure) than SHA2, so the performance penalty
introduced by this patch is negligible, if noticeable at all.

In preparation of this patch, the toolchain files currently used have
been supplied with BLAKE2 checksums as well on
https://source.ipfire.org/.

Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremeripfire.org>
 2022-04-02 14:19:25 +00:00
Adolf Belka
7f0449f253 intel-microcode: Update to version 20220207 
- Update from 20210608 to 20220207
- Update of rootfile
- Changelog
	# Release Notes 20220207
	    - Security updates for [INTEL-SA-00528](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html)
	    - Security updates for [INTEL-SA-00532](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html)
	    - Update for functional issues. Refer to [Third Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780) for details.
	    - Update for functional issues. Refer to [Second Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
	    - Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/scalable/xeon-scalable-spec-update.html?wapkw=processor+specification+update) for details.
	    - Update for functional issues. Refer to [11th Generation Intel® Core™ Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/631123) for details.
	    - Update for functional issues. Refer to [11th Generation Intel® Core™ Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/634808) for details.
	    - Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/341079) for details.
	    - Update for functional issues. Refer to [10th Generation Intel® Core™ Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/615213) for details.
	    - Update for functional issues. Refer to [8th Generation Intel® Core™ Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338025) for details.
	    - Update for functional issues. Refer to [8th Gen Intel® Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-family-spec-update.html?wapkw=processor+specification+update) for details.
	    - Update for functional issues. Refer to [7th and 8th Generation Intel® Core™ Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/334663) for details.
	    - Update for functional issues. Refer to [6th Generation Intel® Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/core/desktop-6th-gen-core-family-spec-update.html) for details.
	    - Update for functional issues. Refer to [Intel® Pentium® Silver and Intel® Celeron® Processors](https://www.intel.com/content/www/us/en/products/docs/processors/pentium/silver-celeron-spec-update.html?wapkw=processor+specification+update) for details.
	### New Platforms
	    None
	### Updated Platforms
	    | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
	    |:---------------|:---------|:------------|:---------|:---------|:---------
	    | HSX-E/EP       | Cx/M1    | 06-3f-02/6f | 00000046 | 00000049 | Core Gen4 X series; Xeon E5 v3
	    | HSX-EX         | E0       | 06-3f-04/80 | 00000019 | 0000001a | Xeon E7 v3
	    | SKL-U/Y        | D0       | 06-4e-03/c0 | 000000ea | 000000ec | Core Gen6 Mobile
	    | BDX-ML         | B0/M0/R0 | 06-4f-01/ef | 0b00003e | 0b000040 | Xeon E5/E7 v4; Core i7-69xx/68xx
	    | SKX-SP         | B1       | 06-55-03/97 | 0100015b | 0100015c | Xeon Scalable
	    | SKX-SP         | H0/M0/U0 | 06-55-04/b7 | 02006b06 | 02006c0a | Xeon Scalable
	    | SKX-D          | M1       | 06-55-04/b7 | 02006b06 | 02006c0a | Xeon D-21xx
	    | CLX-SP         | B0       | 06-55-06/bf | 04003102 | 0400320a | Xeon Scalable Gen2
	    | CLX-SP         | B1       | 06-55-07/bf | 05003102 | 0500320a | Xeon Scalable Gen2
	    | CPX-SP         | A1       | 06-55-0b/bf | 07002302 | 07002402 | Xeon Scalable Gen3
	    | BDX-DE         | V2/V3    | 06-56-03/10 | 0700001b | 0700001c | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
	    | BDX-DE         | Y0       | 06-56-04/10 | 0f000019 | 0f00001a | Xeon D-1557/59/67/71/77/81/87
	    | BDX-NS         | A1       | 06-56-05/10 | 0e000012 | 0e000014 | Xeon D-1513N/23/33/43/53
	    | APL            | D0       | 06-5c-09/03 | 00000044 | 00000046 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
	    | APL            | E0       | 06-5c-0a/03 | 00000020 | 00000024 | Atom x5-E39xx
	    | SKL-H/S        | R0/N0    | 06-5e-03/36 | 000000ea | 000000ec | Core Gen6; Xeon E3 v5
	    | DNV            | B0       | 06-5f-01/01 | 00000034 | 00000036 | Atom C Series
	    | ICX-SP         | D0       | 06-6a-06/87 | 0d0002a0 | 0d000331 | Xeon Scalable Gen3
	    | GLK            | B0       | 06-7a-01/01 | 00000036 | 00000038 | Pentium Silver N/J5xxx, Celeron N/J4xxx
	    | GKL-R          | R0       | 06-7a-08/01 | 0000001a | 0000001c | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
	    | ICL-U/Y        | D1       | 06-7e-05/80 | 000000a6 | 000000a8 | Core Gen10 Mobile
	    | LKF            | B2/B3    | 06-8a-01/10 | 0000002a | 0000002d | Core w/Hybrid Technology
	    | TGL            | B1       | 06-8c-01/80 | 00000088 | 0000009a | Core Gen11 Mobile
	    | TGL-R          | C0       | 06-8c-02/c2 | 00000016 | 00000022 | Core Gen11 Mobile
	    | TGL-H          | R0       | 06-8d-01/c2 | 0000002c | 0000003c | Core Gen11 Mobile
	    | AML-Y22        | H0       | 06-8e-09/10 | 000000ea | 000000ec | Core Gen8 Mobile
	    | KBL-U/Y        | H0       | 06-8e-09/c0 | 000000ea | 000000ec | Core Gen7 Mobile
	    | CFL-U43e       | D0       | 06-8e-0a/c0 | 000000ea | 000000ec | Core Gen8 Mobile
	    | WHL-U          | W0       | 06-8e-0b/d0 | 000000ea | 000000ec | Core Gen8 Mobile
	    | AML-Y42        | V0       | 06-8e-0c/94 | 000000ea | 000000ec | Core Gen10 Mobile
	    | CML-Y42        | V0       | 06-8e-0c/94 | 000000ea | 000000ec | Core Gen10 Mobile
	    | WHL-U          | V0       | 06-8e-0c/94 | 000000ea | 000000ec | Core Gen8 Mobile
	    | EHL            | B1       | 06-96-01/01 | 00000011 | 00000015 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E
	    | JSL            | A0/A1    | 06-9c-00/01 | 0000001d | 2400001f | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
	    | KBL-G/H/S/E3   | B0       | 06-9e-09/2a | 000000ea | 000000ec | Core Gen7; Xeon E3 v6
	    | CFL-H/S/E3     | U0       | 06-9e-0a/22 | 000000ea | 000000ec | Core Gen8 Desktop, Mobile, Xeon E
	    | CFL-S          | B0       | 06-9e-0b/02 | 000000ea | 000000ec | Core Gen8
	    | CFL-H/S        | P0       | 06-9e-0c/22 | 000000ea | 000000ec | Core Gen9
	    | CFL-H          | R0       | 06-9e-0d/22 | 000000ea | 000000ec | Core Gen9 Mobile
	    | CML-H          | R1       | 06-a5-02/20 | 000000ea | 000000ec | Core Gen10 Mobile
	    | CML-S62        | G1       | 06-a5-03/22 | 000000ea | 000000ec | Core Gen10
	    | CML-S102       | Q0       | 06-a5-05/22 | 000000ec | 000000ee | Core Gen10
	    | CML-U62 V1     | A0       | 06-a6-00/80 | 000000e8 | 000000ea | Core Gen10 Mobile
	    | CML-U62 V2     | K1       | 06-a6-01/80 | 000000ea | 000000ec | Core Gen10 Mobile
	    | RKL-S          | B0       | 06-a7-01/02 | 00000040 | 00000050 | Core Gen11
	### Removed Platforms
	    | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
	    |:---------------|:---------|:------------|:---------|:---------|:---------
	    | SNR            | B0       | 06-86-04/01 | 0b00000f |          | Atom P59xxB
	    | SNR            | B1       | 06-86-05/01 | 0b00000f |          | Atom P59xxB

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2022-02-10 06:57:00 +00:00
Michael Tremer
6cf219c427 Drop support for i586 
This patch removes support for i586 according to the decision being
taken over a year ago.

It removes the architecture from the build system and removes all
required hacks and other quirks that have been necessary before.

There is no need to ship any changed files to the remaining
architectures as the removed code branches have not been used.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-12-04 23:27:26 +01:00
Michael Tremer
65171dc956 intel-microcode: Update to 20210608 
Fixes various security vulnerabilities:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-06-09 17:02:11 +00:00
Arne Fitzenreiter
a11783096e intel-microcode: update to 20201118 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-12-02 23:42:29 +01:00
Arne Fitzenreiter
81e87afb7b intel-microcode: update to 20201112 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-11-13 09:03:00 +01:00
Arne Fitzenreiter
1c217406f2 intel-microcode: update to 20201110 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-11 11:50:14 +00:00
Peter Müller
04b39060f7 intel-microcode: update to 20200616 
Ice Lake Intel CPUs have been found of being vulnerable to MDS, thus
requiring new microcodes for them. <sarcasm>Yay!</sarcasm> Please refer to
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20200616
for further information.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:49:24 +00:00
Arne Fitzenreiter
4d43b3dcb1 intel-microcode: update to 20200609 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-06-12 17:47:29 +02:00
Arne Fitzenreiter
6fb7936c16 intel-microcode: update to 20191115 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-05 12:48:13 +01:00
Peter Müller
1ec32691e9 intel-microcode: update to 20191112 
For release notes, refer to:
- https://blogs.intel.com/technology/2019/11/ipas-november-2019-intel-platform-update-ipu/
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20191112

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-11-13 19:58:08 +00:00
Arne Fitzenreiter
4e69701332 intel-microcode: update to 20190618 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-06-22 21:05:21 +02:00
Arne Fitzenreiter
29b907c677 intel-microcode: update to 20190514 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-05-15 13:17:26 +02:00
Arne Fitzenreiter
1ce35de5cc intel-microcode: update to 20180807a 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-08-24 20:19:29 +02:00
Arne Fitzenreiter
3d0e252e35 intel-microcode: update to 20180807 
fixes #11590

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-08-11 20:52:45 +02:00
Jonatan Schlag
87b5f3711b Add Intel microcode updates 
Fixes: #11590
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-05-29 16:42:51 +01:00
Michael Tremer
3ed1c621cf Revert "Add Intel microcode updates from Jan 2018" 
This reverts commit d404b1dba2.

Intel has pulled these microcode updates because of
random system reboots and systems becoming unstable.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-24 16:08:22 +00:00
Jonatan Schlag
d404b1dba2 Add Intel microcode updates from Jan 2018 
Add intel microcode to the distribution and configure dracut in a way
that the microcode is loaded early in the boot process.

Fixes #11590

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Acknowledged-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-14 15:25:08 +00:00