[gentoo-commits] repo/gentoo:master commit in: sys-firmware/intel-microcode/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-firmware/intel-microcode/
Date:	Wed, 23 May 2018 18:24:51
Message-Id:	`1527099876.eb9036f6f998c91c6bc021f73bc10ca1b5240ae7.whissi@gentoo`

1

commit:     eb9036f6f998c91c6bc021f73bc10ca1b5240ae7

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Wed May 23 18:02:28 2018 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Wed May 23 18:24:36 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb9036f6

7

8

sys-firmware/intel-microcode: Bump

9

10

Ebuild changes:

11

===============

12

- Based on Intel's microcode tarball from 2018-04-25.

13

14

- Added 210+ additional microcode updates (for production, no beta release!),

15

  which are signed by Intel and publicly available but are not distributed

16

  via Intel's microcode tarball for marketing/product phase out reasons.

17

  You can prevent the usage of these microcode updates and stick with

18

  content from Intel's official release tarball via new "vanilla"

19

  USE flag.

20

21

- Blacklisted microcode 0x000604f1 aka 06-4f-01 aka CPUID 406F1 which

22

  requires a newer microcode loader in kernel which is only available

23

  in kernel >=4.14.34.

24

  It is blacklisted because loading via older loader could crash the

25

  system. A news item with instructions will follow.

26

27

Closes: https://github.com/gentoo/gentoo/pull/8532

28

Bug: https://bugs.gentoo.org/654638

29

Package-Manager: Portage-2.3.38, Repoman-2.3.9

30

31

 sys-firmware/intel-microcode/Manifest              |   2 +

32

 .../intel-microcode-20180426.ebuild                | 129 +++++++++++++++++++++

33

 sys-firmware/intel-microcode/metadata.xml          |   1 +

34

 3 files changed, 132 insertions(+)

35

36

diff --git a/sys-firmware/intel-microcode/Manifest b/sys-firmware/intel-microcode/Manifest

37

index c6a73a98102..0a0431030f7 100644

38

--- a/sys-firmware/intel-microcode/Manifest

39

+++ b/sys-firmware/intel-microcode/Manifest

40

@@ -1,3 +1,4 @@

41

+DIST intel-microcode-collection-20180426.tar.xz 4155132 BLAKE2B 222c48ba0123887b4ae299e0acc4696512dc1c7528f1b735dd79b2d2f0bf6d988d061e773fb3949b2ab9ddcb69e4224ddb431ccda1c4b329ca37e9409ca60380 SHA512 038d43cd698183baa14b14f1b05e76c93386568494b2621e49338cf3c02fd0e663284ca864a50b3df4188bde5669bf4794cdcf7f4a287dcd42efbb8717809990

42

 DIST microcode-20140430.tgz 785594 BLAKE2B e51a187ca99ad496804f117871b50693b03b50759c9dd23002149ff7fa4b74888c83e8e1fcf078a973dea82e6a9439de8415c56c902ed0163e55ceaaff0eaf23 SHA512 12954522629ce15c4b95c158b6288b3877a3d1f87bea838f8138e53987ef1b6c0edc7a8cbb802a981ccca178b70b4323907aafa7479c0c2fed4497f6fb7bbc1c

43

 DIST microcode-20140624.tgz 787237 BLAKE2B 1c2d8f39bf142570283e80f370f41c502ef04d24b4348ca4b44c881e3b1e54df72a88e09350d45a33d47d9955d84a80ae8a11e44561b1a8944a59f9326d4d81a SHA512 c774006aae639e7fae90bc1f5d8308b407e7cd3b7d0da6e35577560bf6201c2b15f7d7b6b0cd727c50be1e9d508b484b067856631fa2598498982109bff0e44c

44

 DIST microcode-20140913.tgz 830537 BLAKE2B 665c72fc3a3e1e13d9e58eba0ed202b30856532eee590006c02112df926b879985a97ba9a96b58a6aad0285bff95a3fbb27b22d533f958fe170887f0ab37eef1 SHA512 e179fe0001b1157cc95aee39185f51fd182d53c1bdb30bfc95bc3a70795c32012050f3a4adf06735a77d8ef9c703a330c6a2610b73b70f09f5760e31d39cb89c

45

@@ -13,3 +14,4 @@ DIST microcode-20171117_p20171215-r1.tgz 1477015 BLAKE2B 3911aed3bbbd350be69a99b

46

 DIST microcode-20171117_p20171215.tgz 1468587 BLAKE2B 58777a39f843ae880f7dd8971a9570dbfc176d69541bb9d3cdc948d7be71a7df2559265fb1c8a199bc7567bb5a60176ade1d2c36624d0193dbac98d82401d0dd SHA512 25db94dbf18b1fea9497ec1e61bb5349d7bc78b0578d8869546bc3ec579b96bee7cd62657e66ebd3d4616805e85d790ac7ee7c0fed70b5db30236ffd12b33293

47

 DIST microcode-20180108.tgz 3676678 BLAKE2B 197e0188e516a3071be9e2e7a6261d78208613db8b746c7df533ce37884197dbd06a4e6ab027cbddba38903f590130f2d974e46da8fbab0613561523653460ab SHA512 f4010d83353948df27beeb804ef11e4f019f63397a4936f9d139e2842f7944d1ae864b9376987eaffc7db5b97201d5de2f4c1d7cc6b0f545ae15ec53a61fce2b

48

 DIST microcode-20180312.tgz 3789662 BLAKE2B e948d74833fe75b9bbdff1e4676f5d49a13bdd06aa6525c39be3448b822203947a5f55515484401ee0c96e8ade19ea580718949bed65883d983509661a16e637 SHA512 cc2cabf6d12c83b65eeb30fca7eb0b503e037dbee3d7ce9cb307b02ed8ac9426b2bafc2c1f1281dddff0945f8308f0d3cd320edea4596551354188d64760b854

49

+DIST microcode-20180425.tgz 1565473 BLAKE2B 70e0a56f0f5f720e00ab18d6553bc221147589e83df34fdc0c130c6f74a239e48355bfe1845b1de919ed1bce9ade7b7db298883eb3de1d53732a694b15d76f62 SHA512 6cea53cc0f486891fb9ddffc1e03e8e0a6d1d91df6bfda81250b2c60714e7b4111caa9df5afa7f13d8144e591550ef7eb4fd1e153fc67fc904afb83ccc2e3bb0

50

51

diff --git a/sys-firmware/intel-microcode/intel-microcode-20180426.ebuild b/sys-firmware/intel-microcode/intel-microcode-20180426.ebuild

52

new file mode 100644

53

index 00000000000..648f16f204a

54

--- /dev/null

55

+++ b/sys-firmware/intel-microcode/intel-microcode-20180426.ebuild

56

@@ -0,0 +1,129 @@

57

+# Copyright 1999-2018 Gentoo Foundation

58

+# Distributed under the terms of the GNU General Public License v2

59

+

60

+EAPI="6"

61

+

62

+inherit linux-info toolchain-funcs mount-boot

63

+

64

+# Find updates by searching and clicking the first link (hopefully it's the one):

65

+# http://www.intel.com/content/www/us/en/search.html?keyword=Processor+Microcode+Data+File

66

+

67

+COLLECTION_SNAPSHOT="20180426"

68

+INTEL_SNAPSHOT="20180425"

69

+NUM="27776"

70

+DESCRIPTION="Intel IA32/IA64 microcode update data"

71

+HOMEPAGE="http://inertiawar.com/microcode/ https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=${NUM}"

72

+SRC_URI="https://downloadmirror.intel.com/${NUM}/eng/microcode-${INTEL_SNAPSHOT}.tgz

73

+	https://dev.gentoo.org/~whissi/dist/intel-microcode/intel-microcode-collection-${COLLECTION_SNAPSHOT}.tar.xz"

74

+

75

+LICENSE="intel-ucode"

76

+SLOT="0"

77

+KEYWORDS=""

78

+IUSE="initramfs +split-ucode vanilla"

79

+REQUIRED_USE="|| ( initramfs split-ucode )"

80

+

81

+DEPEND="sys-apps/iucode_tool"

82

+RDEPEND="!<sys-apps/microcode-ctl-1.17-r2" #268586

83

+

84

+S=${WORKDIR}

85

+

86

+# Blacklist bad microcode here.

87

+# 0x000604f1 aka 06-4f-01 aka CPUID 406F1 require newer microcode loader

88

+DEFAULT_MICROCODE_SIGNATURES="-s !0x000604f1"

89

+

90

+# Advanced users only:

91

+# merge with:

92

+# only current CPU: MICROCODE_SIGNATURES="-S"

93

+# only specific CPU: MICROCODE_SIGNATURES="-s 0x00000f4a -s 0x00010676"

94

+# exclude specific CPU: MICROCODE_SIGNATURES="-s !0x00000686"

95

+MICROCODE_SIGNATURES="${MICROCODE_SIGNATURES:=${DEFAULT_MICROCODE_SIGNATURES}}"

96

+

97

+pkg_pretend() {

98

+	if [[ "${MICROCODE_SIGNATURES}" != "${DEFAULT_MICROCODE_SIGNATURES}" ]]; then

99

+		ewarn "The user has opted in for advanced use:"

100

+		ewarn "MICROCODE_SIGNATURES is set to \"${MICROCODE_SIGNATURES}\" instead of default \"${DEFAULT_MICROCODE_SIGNATURES}\"!"

101

+	fi

102

+	use initramfs && mount-boot_pkg_pretend

103

+}

104

+

105

+src_prepare() {

106

+	default

107

+

108

+	# Prevent "invalid file format" errors from iucode_tool

109

+	rm -f "${S}"/intel-ucod*/list || die

110

+}

111

+

112

+src_install() {

113

+	# This will take ALL of the upstream microcode sources:

114

+	# - microcode.dat

115

+	# - intel-ucode/

116

+	# In some cases, they have not contained the same content (eg the directory has newer stuff).

117

+	MICROCODE_SRC=(

118

+		"${S}"/intel-ucode/

119

+		"${S}"/intel-ucode-with-caveats/

120

+	)

121

+

122

+	# Allow users who are scared about microcode updates not included in Intel's official

123

+	# microcode tarball to opt-out and comply with Intel marketing

124

+	if ! use vanilla; then

125

+		MICROCODE_SRC+=( "${S}"/intel-microcode-collection-${COLLECTION_SNAPSHOT} )

126

+	fi

127

+

128

+	opts=(

129

+		${MICROCODE_SIGNATURES}

130

+		# be strict about what we are doing

131

+		--overwrite

132

+		--strict-checks

133

+		--no-ignore-broken

134

+		# we want to install latest version

135

+		--no-downgrade

136

+		# show everything we find

137

+		--list-all

138

+		# show what we selected

139

+		--list

140

+	)

141

+

142

+	# The earlyfw cpio needs to be in /boot because it must be loaded before

143

+	# rootfs is mounted.

144

+	use initramfs && dodir /boot && opts+=( --write-earlyfw="${ED%/}"/boot/intel-uc.img )

145

+	# split location:

146

+	use split-ucode && dodir /lib/firmware/intel-ucode && opts+=( --write-firmware="${ED%/}"/lib/firmware/intel-ucode )

147

+

148

+	iucode_tool \

149

+		"${opts[@]}" \

150

+		"${MICROCODE_SRC[@]}" \

151

+		|| die "iucode_tool ${opts[@]} ${MICROCODE_SRC[@]}"

152

+

153

+	dodoc releasenote

154

+}

155

+

156

+pkg_preinst() {

157

+	use initramfs && mount-boot_pkg_preinst

158

+}

159

+

160

+pkg_prerm() {

161

+	use initramfs && mount-boot_pkg_prerm

162

+}

163

+

164

+pkg_postrm() {

165

+	use initramfs && mount-boot_pkg_postrm

166

+}

167

+

168

+pkg_postinst() {

169

+	use initramfs && mount-boot_pkg_postinst

170

+

171

+	if [[ "${MICROCODE_SIGNATURES}" != "${DEFAULT_MICROCODE_SIGNATURES}" ]]; then

172

+		if kernel_is -lt 4 14 34; then

173

+			ewarn "${P} contains microcode updates which require"

174

+			ewarn "additional kernel patches which aren't yet included in kernel <4.14.34."

175

+			ewarn "Loading such a microcode through kernel interface from an unpatched kernel"

176

+			ewarn "can crash your system!"

177

+			ewarn ""

178

+			ewarn "Those microcodes are blacklisted per default. However, you have altered"

179

+			ewarn "MICROCODE_SIGNATURES and maybe unintentionally re-enabled those microcodes."

180

+			ewarn ""

181

+			ewarn "Check ${EROOT%/}/usr/share/doc/${P}/releasenot* if your microcode update"

182

+			ewarn "requires additional kernel patches or not."

183

+		fi

184

+	fi

185

+}

186

187

diff --git a/sys-firmware/intel-microcode/metadata.xml b/sys-firmware/intel-microcode/metadata.xml

188

index f8bcf6658dd..2d96b231657 100644

189

--- a/sys-firmware/intel-microcode/metadata.xml

190

+++ b/sys-firmware/intel-microcode/metadata.xml

191

@@ -9,5 +9,6 @@

192

 	<flag name="initramfs">install a small initramfs for use with CONFIG_MICROCODE_EARLY</flag>

193

 	<flag name="monolithic">install the large text microcode.dat (used by older kernels via microcode_ctl)</flag>

194

 	<flag name="split-ucode">install the split binary ucode files (used by the kernel directly)</flag>

195

+	<flag name="vanilla">install only microcode updates from Intel's official microcode tarball</flag>

196

 </use>

197

 </pkgmetadata>

1	commit: eb9036f6f998c91c6bc021f73bc10ca1b5240ae7
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Wed May 23 18:02:28 2018 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Wed May 23 18:24:36 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb9036f6
7
8	sys-firmware/intel-microcode: Bump
9
10	Ebuild changes:
11	===============
12	- Based on Intel's microcode tarball from 2018-04-25.
13
14	- Added 210+ additional microcode updates (for production, no beta release!),
15	which are signed by Intel and publicly available but are not distributed
16	via Intel's microcode tarball for marketing/product phase out reasons.
17	You can prevent the usage of these microcode updates and stick with
18	content from Intel's official release tarball via new "vanilla"
19	USE flag.
20
21	- Blacklisted microcode 0x000604f1 aka 06-4f-01 aka CPUID 406F1 which
22	requires a newer microcode loader in kernel which is only available
23	in kernel >=4.14.34.
24	It is blacklisted because loading via older loader could crash the
25	system. A news item with instructions will follow.
26
27	Closes: https://github.com/gentoo/gentoo/pull/8532
28	Bug: https://bugs.gentoo.org/654638
29	Package-Manager: Portage-2.3.38, Repoman-2.3.9
30
31	sys-firmware/intel-microcode/Manifest \| 2 +
32	.../intel-microcode-20180426.ebuild \| 129 +++++++++++++++++++++
33	sys-firmware/intel-microcode/metadata.xml \| 1 +
34	3 files changed, 132 insertions(+)
35
36	diff --git a/sys-firmware/intel-microcode/Manifest b/sys-firmware/intel-microcode/Manifest
37	index c6a73a98102..0a0431030f7 100644
38	--- a/sys-firmware/intel-microcode/Manifest
39	+++ b/sys-firmware/intel-microcode/Manifest
40	@@ -1,3 +1,4 @@
41	+DIST intel-microcode-collection-20180426.tar.xz 4155132 BLAKE2B 222c48ba0123887b4ae299e0acc4696512dc1c7528f1b735dd79b2d2f0bf6d988d061e773fb3949b2ab9ddcb69e4224ddb431ccda1c4b329ca37e9409ca60380 SHA512 038d43cd698183baa14b14f1b05e76c93386568494b2621e49338cf3c02fd0e663284ca864a50b3df4188bde5669bf4794cdcf7f4a287dcd42efbb8717809990
42	DIST microcode-20140430.tgz 785594 BLAKE2B e51a187ca99ad496804f117871b50693b03b50759c9dd23002149ff7fa4b74888c83e8e1fcf078a973dea82e6a9439de8415c56c902ed0163e55ceaaff0eaf23 SHA512 12954522629ce15c4b95c158b6288b3877a3d1f87bea838f8138e53987ef1b6c0edc7a8cbb802a981ccca178b70b4323907aafa7479c0c2fed4497f6fb7bbc1c
43	DIST microcode-20140624.tgz 787237 BLAKE2B 1c2d8f39bf142570283e80f370f41c502ef04d24b4348ca4b44c881e3b1e54df72a88e09350d45a33d47d9955d84a80ae8a11e44561b1a8944a59f9326d4d81a SHA512 c774006aae639e7fae90bc1f5d8308b407e7cd3b7d0da6e35577560bf6201c2b15f7d7b6b0cd727c50be1e9d508b484b067856631fa2598498982109bff0e44c
44	DIST microcode-20140913.tgz 830537 BLAKE2B 665c72fc3a3e1e13d9e58eba0ed202b30856532eee590006c02112df926b879985a97ba9a96b58a6aad0285bff95a3fbb27b22d533f958fe170887f0ab37eef1 SHA512 e179fe0001b1157cc95aee39185f51fd182d53c1bdb30bfc95bc3a70795c32012050f3a4adf06735a77d8ef9c703a330c6a2610b73b70f09f5760e31d39cb89c
45	@@ -13,3 +14,4 @@ DIST microcode-20171117_p20171215-r1.tgz 1477015 BLAKE2B 3911aed3bbbd350be69a99b
46	DIST microcode-20171117_p20171215.tgz 1468587 BLAKE2B 58777a39f843ae880f7dd8971a9570dbfc176d69541bb9d3cdc948d7be71a7df2559265fb1c8a199bc7567bb5a60176ade1d2c36624d0193dbac98d82401d0dd SHA512 25db94dbf18b1fea9497ec1e61bb5349d7bc78b0578d8869546bc3ec579b96bee7cd62657e66ebd3d4616805e85d790ac7ee7c0fed70b5db30236ffd12b33293
47	DIST microcode-20180108.tgz 3676678 BLAKE2B 197e0188e516a3071be9e2e7a6261d78208613db8b746c7df533ce37884197dbd06a4e6ab027cbddba38903f590130f2d974e46da8fbab0613561523653460ab SHA512 f4010d83353948df27beeb804ef11e4f019f63397a4936f9d139e2842f7944d1ae864b9376987eaffc7db5b97201d5de2f4c1d7cc6b0f545ae15ec53a61fce2b
48	DIST microcode-20180312.tgz 3789662 BLAKE2B e948d74833fe75b9bbdff1e4676f5d49a13bdd06aa6525c39be3448b822203947a5f55515484401ee0c96e8ade19ea580718949bed65883d983509661a16e637 SHA512 cc2cabf6d12c83b65eeb30fca7eb0b503e037dbee3d7ce9cb307b02ed8ac9426b2bafc2c1f1281dddff0945f8308f0d3cd320edea4596551354188d64760b854
49	+DIST microcode-20180425.tgz 1565473 BLAKE2B 70e0a56f0f5f720e00ab18d6553bc221147589e83df34fdc0c130c6f74a239e48355bfe1845b1de919ed1bce9ade7b7db298883eb3de1d53732a694b15d76f62 SHA512 6cea53cc0f486891fb9ddffc1e03e8e0a6d1d91df6bfda81250b2c60714e7b4111caa9df5afa7f13d8144e591550ef7eb4fd1e153fc67fc904afb83ccc2e3bb0
50
51	diff --git a/sys-firmware/intel-microcode/intel-microcode-20180426.ebuild b/sys-firmware/intel-microcode/intel-microcode-20180426.ebuild
52	new file mode 100644
53	index 00000000000..648f16f204a
54	--- /dev/null
55	+++ b/sys-firmware/intel-microcode/intel-microcode-20180426.ebuild
56	@@ -0,0 +1,129 @@
57	+# Copyright 1999-2018 Gentoo Foundation
58	+# Distributed under the terms of the GNU General Public License v2
59	+
60	+EAPI="6"
61	+
62	+inherit linux-info toolchain-funcs mount-boot
63	+
64	+# Find updates by searching and clicking the first link (hopefully it's the one):
65	+# http://www.intel.com/content/www/us/en/search.html?keyword=Processor+Microcode+Data+File
66	+
67	+COLLECTION_SNAPSHOT="20180426"
68	+INTEL_SNAPSHOT="20180425"
69	+NUM="27776"
70	+DESCRIPTION="Intel IA32/IA64 microcode update data"
71	+HOMEPAGE="http://inertiawar.com/microcode/ https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=${NUM}"
72	+SRC_URI="https://downloadmirror.intel.com/${NUM}/eng/microcode-${INTEL_SNAPSHOT}.tgz
73	+ https://dev.gentoo.org/~whissi/dist/intel-microcode/intel-microcode-collection-${COLLECTION_SNAPSHOT}.tar.xz"
74	+
75	+LICENSE="intel-ucode"
76	+SLOT="0"
77	+KEYWORDS=""
78	+IUSE="initramfs +split-ucode vanilla"
79	+REQUIRED_USE="\|\| ( initramfs split-ucode )"
80	+
81	+DEPEND="sys-apps/iucode_tool"
82	+RDEPEND="!<sys-apps/microcode-ctl-1.17-r2" #268586
83	+
84	+S=${WORKDIR}
85	+
86	+# Blacklist bad microcode here.
87	+# 0x000604f1 aka 06-4f-01 aka CPUID 406F1 require newer microcode loader
88	+DEFAULT_MICROCODE_SIGNATURES="-s !0x000604f1"
89	+
90	+# Advanced users only:
91	+# merge with:
92	+# only current CPU: MICROCODE_SIGNATURES="-S"
93	+# only specific CPU: MICROCODE_SIGNATURES="-s 0x00000f4a -s 0x00010676"
94	+# exclude specific CPU: MICROCODE_SIGNATURES="-s !0x00000686"
95	+MICROCODE_SIGNATURES="${MICROCODE_SIGNATURES:=${DEFAULT_MICROCODE_SIGNATURES}}"
96	+
97	+pkg_pretend() {
98	+ if [[ "${MICROCODE_SIGNATURES}" != "${DEFAULT_MICROCODE_SIGNATURES}" ]]; then
99	+ ewarn "The user has opted in for advanced use:"
100	+ ewarn "MICROCODE_SIGNATURES is set to \"${MICROCODE_SIGNATURES}\" instead of default \"${DEFAULT_MICROCODE_SIGNATURES}\"!"
101	+ fi
102	+ use initramfs && mount-boot_pkg_pretend
103	+}
104	+
105	+src_prepare() {
106	+ default
107	+
108	+ # Prevent "invalid file format" errors from iucode_tool
109	+ rm -f "${S}"/intel-ucod*/list \|\| die
110	+}
111	+
112	+src_install() {
113	+ # This will take ALL of the upstream microcode sources:
114	+ # - microcode.dat
115	+ # - intel-ucode/
116	+ # In some cases, they have not contained the same content (eg the directory has newer stuff).
117	+ MICROCODE_SRC=(
118	+ "${S}"/intel-ucode/
119	+ "${S}"/intel-ucode-with-caveats/
120	+ )
121	+
122	+ # Allow users who are scared about microcode updates not included in Intel's official
123	+ # microcode tarball to opt-out and comply with Intel marketing
124	+ if ! use vanilla; then
125	+ MICROCODE_SRC+=( "${S}"/intel-microcode-collection-${COLLECTION_SNAPSHOT} )
126	+ fi
127	+
128	+ opts=(
129	+ ${MICROCODE_SIGNATURES}
130	+ # be strict about what we are doing
131	+ --overwrite
132	+ --strict-checks
133	+ --no-ignore-broken
134	+ # we want to install latest version
135	+ --no-downgrade
136	+ # show everything we find
137	+ --list-all
138	+ # show what we selected
139	+ --list
140	+ )
141	+
142	+ # The earlyfw cpio needs to be in /boot because it must be loaded before
143	+ # rootfs is mounted.
144	+ use initramfs && dodir /boot && opts+=( --write-earlyfw="${ED%/}"/boot/intel-uc.img )
145	+ # split location:
146	+ use split-ucode && dodir /lib/firmware/intel-ucode && opts+=( --write-firmware="${ED%/}"/lib/firmware/intel-ucode )
147	+
148	+ iucode_tool \
149	+ "${opts[@]}" \
150	+ "${MICROCODE_SRC[@]}" \
151	+ \|\| die "iucode_tool ${opts[@]} ${MICROCODE_SRC[@]}"
152	+
153	+ dodoc releasenote
154	+}
155	+
156	+pkg_preinst() {
157	+ use initramfs && mount-boot_pkg_preinst
158	+}
159	+
160	+pkg_prerm() {
161	+ use initramfs && mount-boot_pkg_prerm
162	+}
163	+
164	+pkg_postrm() {
165	+ use initramfs && mount-boot_pkg_postrm
166	+}
167	+
168	+pkg_postinst() {
169	+ use initramfs && mount-boot_pkg_postinst
170	+
171	+ if [[ "${MICROCODE_SIGNATURES}" != "${DEFAULT_MICROCODE_SIGNATURES}" ]]; then
172	+ if kernel_is -lt 4 14 34; then
173	+ ewarn "${P} contains microcode updates which require"
174	+ ewarn "additional kernel patches which aren't yet included in kernel <4.14.34."
175	+ ewarn "Loading such a microcode through kernel interface from an unpatched kernel"
176	+ ewarn "can crash your system!"
177	+ ewarn ""
178	+ ewarn "Those microcodes are blacklisted per default. However, you have altered"
179	+ ewarn "MICROCODE_SIGNATURES and maybe unintentionally re-enabled those microcodes."
180	+ ewarn ""
181	+ ewarn "Check ${EROOT%/}/usr/share/doc/${P}/releasenot* if your microcode update"
182	+ ewarn "requires additional kernel patches or not."
183	+ fi
184	+ fi
185	+}
186
187	diff --git a/sys-firmware/intel-microcode/metadata.xml b/sys-firmware/intel-microcode/metadata.xml
188	index f8bcf6658dd..2d96b231657 100644
189	--- a/sys-firmware/intel-microcode/metadata.xml
190	+++ b/sys-firmware/intel-microcode/metadata.xml
191	@@ -9,5 +9,6 @@
192	<flag name="initramfs">install a small initramfs for use with CONFIG_MICROCODE_EARLY</flag>
193	<flag name="monolithic">install the large text microcode.dat (used by older kernels via microcode_ctl)</flag>
194	<flag name="split-ucode">install the split binary ucode files (used by the kernel directly)</flag>
195	+ <flag name="vanilla">install only microcode updates from Intel's official microcode tarball</flag>
196	</use>
197	</pkgmetadata>

Gentoo Archives: gentoo-commits