Bug#773479: pu: package intel-microcode/1.20140913.1
Control: tag -1 pending On Thu, Dec 18, 2014 at 08:54:23PM -0200, Henrique de Moraes Holschuh wrote: On Thu, 18 Dec 2014, Henrique de Moraes Holschuh wrote: On Thu, 18 Dec 2014, Adam D. Barratt wrote: Control: tags -1 + confirmed wheezy On Thu, 2014-12-18 at 17:59 -0200, Henrique de Moraes Holschuh wrote: Please approve an update of intel-microcode in non-free stable (wheezy), to version 1.20140913.1. Intel released in 2014-09-13 a new microcode update package, which targets their Haswell processors (server, mobile and desktop). The 2014-09-13 microcode update is in unstable since 2014-10-19, and in jessie since 2014-10-30. No issues were reported. This update, among other errata fixes we know nothing about (as usual), disables Intel TSX instructions. As it was widely published, Intel TSX instructions in the Haswell microarchitecture are subject to a critical errata that can cause unpredictable system behavior once they're used. Please go ahead. Thank you. Uploading now! Package uploaded and accepted by dinstall, it is in the queue waiting for the unblock. Flagged for acceptance. Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 signature.asc Description: Digital signature
Processed: Re: Bug#773479: pu: package intel-microcode/1.20140913.1
Processing control commands: tag -1 pending Bug #773479 [release.debian.org] pu: package intel-microcode/1.20140913.1 Added tag(s) pending. -- 773479: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773479 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b773479.141901828917265.transcr...@bugs.debian.org
Bug#773479: pu: package intel-microcode/1.20140913.1
On Fri, 19 Dec 2014, Jonathan Wiltshire wrote: Please go ahead. Thank you. Uploading now! Package uploaded and accepted by dinstall, it is in the queue waiting for the unblock. Flagged for acceptance. Thank you! -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141219205941.ga15...@khazad-dum.debian.net
Bug#773479: pu: package intel-microcode/1.20140913.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: pu Please approve an update of intel-microcode in non-free stable (wheezy), to version 1.20140913.1. Intel released in 2014-09-13 a new microcode update package, which targets their Haswell processors (server, mobile and desktop). The 2014-09-13 microcode update is in unstable since 2014-10-19, and in jessie since 2014-10-30. No issues were reported. This update, among other errata fixes we know nothing about (as usual), disables Intel TSX instructions. As it was widely published, Intel TSX instructions in the Haswell microarchitecture are subject to a critical errata that can cause unpredictable system behavior once they're used. It is important to update the microcode of Intel Haswell system processors even on Debian stable systems, because without the update any third-party code could issue an Intel TSX instruction and trigger the erratum (some sort of L1 cache malfunction). And that's just the one erratum we know for sure this microcode update addresses, it could be fixing other errata as well. There is no shortage of them in Haswell and Haswell-E. For future-proofing and safety, this package update removes support for *automated* microcode updates outside of the initramfs, and adds a safety layer that ensures any such microcode update will only be applied by direct action of the local admin. This is *much* safer in this new world of Intel microcode updates that cause visible changes to the ISA (instruction set architecture). The changes are throughoutly documented by the NEWS entry and the package README.Debian. The postinst script also informs the admin that he must reboot to apply the microcode update. As usual, I've attached an abridged debdiff to remove the noise related to the upstream microcode data file changes. diffstat (for the complete debdiff): changelog |9 debian/README.Debian| 14 debian/changelog| 23 debian/intel-microcode.NEWS | 16 debian/intel-microcode.kpreinst | 16 debian/intel-microcode.postinst | 38 debian/rules| 10 debian/ucode-blacklist.txt |7 microcode-20140624.dat |38773 -- microcode-20140913.dat |40694 10 files changed, 40790 insertions(+), 38810 deletions(-) diffstat (for the abridged debdiff): changelog |9 + debian/README.Debian| 14 ++ debian/changelog| 23 +++ debian/intel-microcode.NEWS | 16 debian/intel-microcode.kpreinst | 16 +++- debian/intel-microcode.postinst | 38 ++ debian/rules| 10 ++ debian/ucode-blacklist.txt |7 +++ 8 files changed, 96 insertions(+), 37 deletions(-) Thank you. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh diff -Nru intel-microcode-1.20140624.1/changelog intel-microcode-1.20140913.1/changelog --- intel-microcode-1.20140624.1/changelog 2014-06-27 16:58:54.0 -0300 +++ intel-microcode-1.20140913.1/changelog 2014-10-30 16:14:19.0 -0200 @@ -1,3 +1,12 @@ +2014-09-13: + * New Microcodes: +sig 0x000306f2, pf mask 0x6f, 2014-09-03, rev 0x0029, size 28672 + + * Updated Microcodes: +sig 0x000306c3, pf mask 0x32, 2014-07-03, rev 0x001c, size 21504 +sig 0x00040651, pf mask 0x72, 2014-07-03, rev 0x001c, size 20480 +sig 0x00040661, pf mask 0x32, 2014-07-03, rev 0x0012, size 23552 + 2014-06-24: * Updated Microcodes: sig 0x000306a9, pf mask 0x12, 2014-05-29, rev 0x001b, size 12288 diff -Nru intel-microcode-1.20140624.1/debian/changelog intel-microcode-1.20140913.1/debian/changelog --- intel-microcode-1.20140624.1/debian/changelog 2014-06-27 17:00:55.0 -0300 +++ intel-microcode-1.20140913.1/debian/changelog 2014-12-18 16:31:28.0 -0200 @@ -1,3 +1,26 @@ +intel-microcode (1.20140913.1) stable; urgency=low + + * New upstream microcode data file 20140913 ++ New Microcodes: + sig 0x000306f2, pf mask 0x6f, 2014-09-03, rev 0x0029, size 28672 ++ Updated Microcodes: + sig 0x000306c3, pf mask 0x32, 2014-07-03, rev 0x001c, size 21504 + sig 0x00040651, pf mask 0x72, 2014-07-03, rev 0x001c, size 20480 + sig 0x00040661, pf mask 0x32, 2014-07-03, rev 0x0012, size 23552 ++ WARNING: UNSAFE TO BE APPLIED AT RUNTIME (lp#1370352) + * Microcode updates are now applied only through the initramfs ++ postinst: don't apply microcode update ++ kernel preinst: stop loading microcode module ++ modprobe.d: blacklist microcode module from autoloading outside + of the initramfs + *
Bug#773479: pu: package intel-microcode/1.20140913.1
Control: tags -1 + confirmed wheezy On Thu, 2014-12-18 at 17:59 -0200, Henrique de Moraes Holschuh wrote: Please approve an update of intel-microcode in non-free stable (wheezy), to version 1.20140913.1. Intel released in 2014-09-13 a new microcode update package, which targets their Haswell processors (server, mobile and desktop). The 2014-09-13 microcode update is in unstable since 2014-10-19, and in jessie since 2014-10-30. No issues were reported. This update, among other errata fixes we know nothing about (as usual), disables Intel TSX instructions. As it was widely published, Intel TSX instructions in the Haswell microarchitecture are subject to a critical errata that can cause unpredictable system behavior once they're used. Please go ahead. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1418935671.23220.13.ca...@adam-barratt.org.uk
Processed: Re: Bug#773479: pu: package intel-microcode/1.20140913.1
Processing control commands: tags -1 + confirmed wheezy Bug #773479 [release.debian.org] pu: package intel-microcode/1.20140913.1 Added tag(s) wheezy and confirmed. -- 773479: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773479 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b773479.141893567913726.transcr...@bugs.debian.org
Bug#773479: pu: package intel-microcode/1.20140913.1
On Thu, 18 Dec 2014, Adam D. Barratt wrote: Control: tags -1 + confirmed wheezy On Thu, 2014-12-18 at 17:59 -0200, Henrique de Moraes Holschuh wrote: Please approve an update of intel-microcode in non-free stable (wheezy), to version 1.20140913.1. Intel released in 2014-09-13 a new microcode update package, which targets their Haswell processors (server, mobile and desktop). The 2014-09-13 microcode update is in unstable since 2014-10-19, and in jessie since 2014-10-30. No issues were reported. This update, among other errata fixes we know nothing about (as usual), disables Intel TSX instructions. As it was widely published, Intel TSX instructions in the Haswell microarchitecture are subject to a critical errata that can cause unpredictable system behavior once they're used. Please go ahead. Thank you. Uploading now! -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141218224455.gb5...@khazad-dum.debian.net
Bug#773479: pu: package intel-microcode/1.20140913.1
On Thu, 18 Dec 2014, Henrique de Moraes Holschuh wrote: On Thu, 18 Dec 2014, Adam D. Barratt wrote: Control: tags -1 + confirmed wheezy On Thu, 2014-12-18 at 17:59 -0200, Henrique de Moraes Holschuh wrote: Please approve an update of intel-microcode in non-free stable (wheezy), to version 1.20140913.1. Intel released in 2014-09-13 a new microcode update package, which targets their Haswell processors (server, mobile and desktop). The 2014-09-13 microcode update is in unstable since 2014-10-19, and in jessie since 2014-10-30. No issues were reported. This update, among other errata fixes we know nothing about (as usual), disables Intel TSX instructions. As it was widely published, Intel TSX instructions in the Haswell microarchitecture are subject to a critical errata that can cause unpredictable system behavior once they're used. Please go ahead. Thank you. Uploading now! Package uploaded and accepted by dinstall, it is in the queue waiting for the unblock. Thank you! -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141218225423.gb5...@khazad-dum.debian.net