[Slackbuilds-users] intel-microcode

Andrzej Telszewski atelszewski at gmail.com
Mon Jan 8 02:00:42 UTC 2018


On 08/01/18 02:31, David Melik wrote:
> On Sun, 07 Jan 2018 22:16:08 +0100, Andrzej Telszewski wrote:
>  > [...]  I see the rush in updating Intel microcode all over the place.
>  > Yet, I can only find version 20171117 on Intel site.
>  >
>  > Has anyone any idea what is happening?
>  >
>  > I'm happy to update intel-microcode.SlackBuild as soon as the update is
>  > available upstream. [...]
> 
> Probably recent serious (insecurity) hardware bugs discovered in CPUs 
> from last decades.

That I know ;-)

I just don't know where they get the updated microcode file from.
I saw Intel released BIOS update for my machine, with the only change 
being the microcode updated.
But I haven't seen any microcode file update on Intel site.

> 
> If I install intel-microcode (CPU from a year or two ago) can I still 
> use Management Engine Cleaner? ( https://github.com/corna/me_cleaner .) 
> Now that the truth about Intel running a secret entire other CPU with 
> operating system in your CPU has come out, not sure they're going to 
> still let ME Cleaner work, and also, if ME Cleaner is not perfected yet, 
> what a potential side effects may be.
> 

I don't think the two are related.
If you remove ME and apply microcode from Linux, then the microcode 
would have to somehow enable back the ME. Which might be hard if you 
removed the ME code physically from the Flash chip ;)

There's also possibility of disabling ME by flipping a bit responsible 
for it - in that case you don't physically remove the code from the 
chip, but you tell the system to disable ME.

If I remember correctly, this bit is located in the Flash chip for the 
BIOS/UEFI.

Microcode update has no possibility of programming the Flash.
Microcode is code that is sent to the CPU to basically perform CPU 
reconfiguration. And microcode is volatile, meaning it has to be sent to 
the CPU every boot. It is done either by BIOS/UEFI or Linux.


> Another topic, but as a subscriber, can't I still post (same email 
> address) here on Gmane, or I have to email now?
> 
> 
> _______________________________________________
> SlackBuilds-users mailing list
> SlackBuilds-users at slackbuilds.org
> https://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users
> Archives - https://lists.slackbuilds.org/pipermail/slackbuilds-users/
> FAQ - https://slackbuilds.org/faq/
> 


-- 
Best regards,
Andrzej Telszewski


More information about the SlackBuilds-users mailing list