genkernel should enable these options in the kernel by default on x86: CONFIG_BLK_DEV_INITRD CONFIG_MICROCODE CONFIG_MICROCODE_AMD CONFIG_MICROCODE_INTEL CONFIG_MICROCODE_EARLY if it sees CONFIG_MICROCODE_EARLY enabled, it should further bundle the boot time microcode that is needed for these processors. these are the paths that have to be in the initramfs: intel /kernel/x86/microcode/GenuineIntel.bin amd /kernel/x86/microcode/AuthenticAMD.bin i'm not sure how to build the amd file, but the intel one can be created by running the command: iucode_tool -w GenuineIntel.bin /lib/firmware/microcode.dat
(In reply to SpanKY from comment #0) > these are the paths that have to be in the initramfs: > intel /kernel/x86/microcode/GenuineIntel.bin > amd /kernel/x86/microcode/AuthenticAMD.bin These file have to be in "early cpio image", not in initramfs. https://www.kernel.org/doc/Documentation/x86/early-microcode.txt "The format of the combined initrd image is microcode in cpio format followed by the initrd image (maybe compressed)." (In reply to SpanKY from comment #0) > i'm not sure how to build the amd file, but the intel one can be created by > running the command: > iucode_tool -w GenuineIntel.bin /lib/firmware/microcode.dat AFAIK you can just concatenate individual microcode files: cat /lib/firmware/intel-ucode/* > GenuineIntel.bin cat /lib/firmware/amd-ucode/* > AuthenticAMD.bin At least this is what dracut do. :)
(In reply to SpanKY from comment #0) > genkernel should enable these options in the kernel by default on x86: > CONFIG_BLK_DEV_INITRD > CONFIG_MICROCODE > CONFIG_MICROCODE_AMD > CONFIG_MICROCODE_INTEL > CONFIG_MICROCODE_EARLY These options are default in genkernel HEAD as of today. > if it sees CONFIG_MICROCODE_EARLY enabled, it should further bundle the boot > time microcode that is needed for these processors. these are the paths > that have to be in the initramfs: > intel /kernel/x86/microcode/GenuineIntel.bin > amd /kernel/x86/microcode/AuthenticAMD.bin > > i'm not sure how to build the amd file, but the intel one can be created by > running the command: > iucode_tool -w GenuineIntel.bin /lib/firmware/microcode.dat This might not make it into the 3.4.52 release, but I will try to tackle it as soon as I can as this is important for my workstation. (In reply to Alexander Tsoy from comment #1) > (In reply to SpanKY from comment #0) > > these are the paths that have to be in the initramfs: > > intel /kernel/x86/microcode/GenuineIntel.bin > > amd /kernel/x86/microcode/AuthenticAMD.bin > > These file have to be in "early cpio image", not in initramfs. > https://www.kernel.org/doc/Documentation/x86/early-microcode.txt > "The format of the combined initrd image is microcode in cpio format > followed by > the initrd image (maybe compressed)." > > (In reply to SpanKY from comment #0) > > i'm not sure how to build the amd file, but the intel one can be created by > > running the command: > > iucode_tool -w GenuineIntel.bin /lib/firmware/microcode.dat > > AFAIK you can just concatenate individual microcode files: > cat /lib/firmware/intel-ucode/* > GenuineIntel.bin > cat /lib/firmware/amd-ucode/* > AuthenticAMD.bin > At least this is what dracut do. :) The initramfs is a cpio image, although I have not scrutinized/tested the load early code to verify that it can handle everything being in one cpio. If we cannot, we will need to have it be separate and concatenate.
(In reply to Alexander Tsoy from comment #1) initramfs is the same early cpio image. there is only one mechanism in the kernel. people just use multiple names for it.
(In reply to SpanKY from comment #3) The early initramfs for microcode updates must be uncompressed. That's why it is usually a separate cpio archive prepended to the initramfs.
after testing for safety, I've committed the kernel config changes. they don't do anything without the needed initramfs changes so this isn't a fix, just the first part.
Might be worthwhile considering the setup I'm using at the moment: - enable the initramfs use flag on microcode-data - cp /lib/firmware/microcode.cpio /boot - edit /etc/grub.d/10_linux so that it detects the microcode.cpio and emits an `initrd` directive before the normal `initrd` (or by itself if no other initrd/initramfs is present).
Has anyone verified that the AMD ones can be concatted? On my machine it didn't seem to like that when mixing family 15 and family 16. I had to only include the correct one.
Ironically, I just shut down my AMD box for good this weekend, so I can't verify this, but things did appear to be working with concatenated microcode blobs on the Family 15 processor in that system.
This shipped with v3.5.0.7
