Currently, `genkernel --microcode` will add microcodes for both, AMD and Intel processors if found on the local system to the initramfs. While AMD users will typically not install sys-firmware/intel-microcode package and therefore don't end with Intel microcodes added to their initramfs, Intel user will probably have installed sys-kernel/linux-firmware because they may require some other firmware provided by the package which also provides AMD microcodes (yes, one could make use of "savedconfig" feature to prevent installation of AMD ucodes but...). To save some space for initramfs, please allow specifying if you want none, all, only AMD or only Intel microcodes.
Can genkernel get out of the business of packaging microcode? sys-firmware/intel-microcode[initramfs] is now generating a nice /boot/intel-uc.img. If linux-firmware does the same for AMD, then genkernel can just pull those prebuilt-cpios.
This would require us to add the build logic into linux-firmware package. It would be more than just `cat ucode1 ucode2 > AmdAuthentic.dat` [1], i.e. we would need to implement bug 643786 for AMD [2]. Would require a new USE flag because you don't want /boot/amd-ucodes.img on all systems where you have linux-firmware package installed but you also don't want people to force to use savedconfig feature just for that. Dracut will never use this file. It would be only used by genkernel (and maybe people who are using a bootloader supporting multiple initrds and are doing this on their own). I am not convinced but I also don't have strong objections. But given that it is mostly only used by genkernel it doesn't feel right to add this logic into linux-firmware package. [1] https://github.com/dracutdevs/dracut/blob/master/dracut.sh#L1660 [2] https://github.com/dracutdevs/dracut/blob/master/dracut-functions.sh#L658
Ok, I'll work on something for genkernel then to let users pick the microcode better. First pass idea on it: EARLY_MICROCODE: - yes (alias 'all') - no - one or more of intel, amd, or globs to match in {intel,amd}-ucode/.
(In reply to Robin Johnson from comment #1) > Can genkernel get out of the business of packaging microcode? > > sys-firmware/intel-microcode[initramfs] is now generating a nice > /boot/intel-uc.img. > If linux-firmware does the same for AMD, then genkernel can just pull those > prebuilt-cpios. Is that possible right now? I failed to find it in the current unstable genkernel, but asking to make sure. I've tried some methods, but seems like the best approach so far is to build sys-firmware/intel-microcode with USE="initramfs", generate a genkernel initramfs and simply $(cat intel-uc.img initramfs-genkernel*) and use it as the initrd. This way even UUIDs work as root= parameter for the kernel. If genkernel can do that for us, it's even better I suppose.
(In reply to Robin Johnson from comment #3) > Ok, I'll work on something for genkernel then to let users pick the > microcode better. > > First pass idea on it: > EARLY_MICROCODE: > - yes (alias 'all') > - no > - one or more of intel, amd, or globs to match in {intel,amd}-ucode/. Sounds good! I'd like to see some error checking for this as well. First idea: If yes/all, genkernel should fail if neither AMD nor Intel firmwares were found. Print a warning if just one of them is missing. If "amd"/"intel", genkernel should fail if AMD/Intel firmware is not found. I.e. "not found" = {intel,amd}-ucode/ is empty. (In reply to Tomáš Mózes from comment #4) > (In reply to Robin Johnson from comment #1) > Is that possible right now? I failed to find it in the current unstable > genkernel, but asking to make sure. Yes, current genkernel-3.5.2.5 will already generate combined files for intel-ucode/* and amd-ucode/* and will create one large initramfs containing both microcode files and genkernel's initramfs. It works without any problems. Never heard about UUID problems caused by microcode loading.
re: UUID issue He's referring to the fact that the kernel relies on the initramfs to lookup the root partition when its specified by UUID. GRUB avoids the situation if there's no initramfs found by not referring to it by UUID. But some other bugs like 579674 (and others) proposed making GRUB find the early microcode cpio and that caused GRUB to assume it had an initramfs and then specify the root partition by UUID. The fix was that people had to add GRUB_DISABLE_LINUX_UUID=true into /etc/default/grub to get around the issue. See https://forums.gentoo.org/viewtopic-p-7914208.html for more info.
I am closing this bug as resolved: Current git master supports "--microcode=<type>" and "type" can be "all", "amd" or "intel". In addition, "--microcode-initramfs" is deprecated when using a recent bootloader like >=sys-boot/grub-2.02-r1. Instead you should use sys-firmware/intel-microcode[initramfs] and grub2 will pick up intel-uc.img for you (same for AMD, however for AMD we don't have a package which will generate the amd-uc.img file at the moment). I still don't understand the UUID problem. I am running systems with root=UUID=<UUID> for years without any problems. If there's still an issue, please file a new bug.
