[coreboot] Microcode updates for slightly older intel CPU's re: meltdown/spectre
Nico Huber
nico.h at gmx.de
Tue Mar 20 23:14:59 CET 2018
On 20.03.2018 22:25, Taiidan at gmx.com wrote:
> Yeah I tried that but it didn't work.
>
> git fetch https://review.coreboot.org/blobs refs/changes/15/23315/6 &&
> git cherry-pick FETCH_HEAD
>
> warning: no common commits
> remote: Counting objects: 555, done
> remote: Finding sources: 100% (30/30)
> remote: Total 1426 (delta 1), reused 1418 (delta 1)
> Receiving objects: 100% (1426/1426), 13.30 MiB | 4.21 MiB/s, done.
> Resolving deltas: 100% (396/396), done.
> From https://review.coreboot.org/blobs
> * branch refs/changes/15/23315/6 -> FETCH_HEAD
> error: could not apply 4f04985590... cpu: intel: microcode update for
> currently tracked models to 20180312
> hint: after resolving the conflicts, mark the corrected paths
> hint: with 'git add <paths>' or 'git rm <paths>'
> hint: and commit the result with 'git commit
>
> What do I do now? I have never used git before.
It's probably easier for you if you load the microcode update from your
OS.
>
> These patches need to be added stat
You obviously have no idea what you are talking about. AFAIK, nobody who
has the right to submit to the blobs repository has commented yet on
newer microcode updates or was asked personally if this is acceptable.
You might have noticed that microcode updates are not public domain but
licensed.
> - the stakes are too high for this
> to take months.
You still didn't get what Spectre is about, did you? It's just one of
many side-channel attacks that are possible when you run untrusted code
on your machine. These updates just help with one instance of a much
bigger problem and won't magically make your computer (and the software
you run) secure.
Have a look at [1] or uMatrix. These are much better mitigations, IMHO.
But if you are really security concerned you already know that anyway.
Nico
[1] https://noscript.net/
More information about the coreboot
mailing list