110
Intel Linux Patch Would Report Outdated CPU Microcode As A Security Vulnerability
(www.phoronix.com)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
How does it know if the microcode is outdated?
@ryannathans @captainkangaroo I'm going to make the wild assumption that the kernel will have a table of the current microcode versions at the time of it's release, but I doubt that
will get updated except by kernel upgrades.
There's probably an efivar that reads the current microcode version.
Debian-based distros (and probably most othera as well) actually have a package called "intel-microcode" which gets updated fairly regularly.
@DaPorkchop_ Oddly, if you build your own kernel and remove the system provided one, the package gets automatically removed as well which is weird, because it is really still needed regardless.
If that's the case, why wouldn't they put the microcode in the kernel?
@ryannathans Why bloat the kernel with the microcode for every intel processor that might need it (and there is a similar thing for AMD) when you don't have that specific processor? It does make more sense for it to be a separate, especially on memory constrained systems. I mean if you've got 256GB of RAM probably not a big deal but if you've got 256MB a big deal.
The kernel compilation is already configurable between megabytes and gigabyte+
Distros pick their featureset