On Sat, Mar 10, 2018 at 05:16:40PM +0100, Maciej S. Szmigiero wrote: > To make sure that it is clear what this patch is about:
I know what you're trying to do but it seems you don't want to listen. So let me try one last time to clear your confusion. > It *isn't* about verifying the actual microcode update, that is, the > blob that gets sent to the CPU as the new microcode. > Such verification is (hopefully) done by the CPU itself. Yes, it is done by the CPU. Microcode is encrypted. > There is no container file at all for family 17h (Zen) so > distributions like OpenSUSE that include this file must have gotten it > from some other source Or maybe they've gotten it from AMD directly. Don't you think that getting microcode from the CPU vendor directly is the logical thing? > That's why to get things like IBPB it is sometimes necessary to use > a newer microcode version than included in linux-firmware, sourced for > example from a BIOS update. linux-firmware will get F17h microcode soon. > Since BIOS updates contain only actual (raw) microcode updates one > has to place it in a microcode container file so this driver can parse > it. > > As far I know there is no tool to automate this work so one has to > manually tweak the container metadata. Let me get this straight: am I reading this correctly that you've tried to carve out the F17h microcode from a BIOS update blob and you're trying to load that?!? If so, you could've simply taken a distro microcode package and used F17h microcode from there - they are all the same. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.