• electricprism@lemmy.ml
    link
    fedilink
    arrow-up
    10
    arrow-down
    1
    ·
    2 days ago

    How about a Linux Patch that reports binary blobs wirh no source AS __ Security Vulnerabilities __

    Or are we not allowed to criticize the back doors that hackers gain access to.

      • DaPorkchop_@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        2 days ago

        Debian-based distros (and probably most othera as well) actually have a package called “intel-microcode” which gets updated fairly regularly.

        • nanook@friendica.eskimo.com
          link
          fedilink
          arrow-up
          1
          ·
          2 days ago

          @DaPorkchop_ Oddly, if you build your own kernel and remove the system provided one, the package gets automatically removed as well which is weird, because it is really still needed regardless.

      • ryannathans
        link
        fedilink
        arrow-up
        1
        ·
        2 days ago

        If that’s the case, why wouldn’t they put the microcode in the kernel?

        • nanook@friendica.eskimo.com
          link
          fedilink
          arrow-up
          1
          ·
          2 days ago

          @ryannathans Why bloat the kernel with the microcode for every intel processor that might need it (and there is a similar thing for AMD) when you don’t have that specific processor? It does make more sense for it to be a separate, especially on memory constrained systems. I mean if you’ve got 256GB of RAM probably not a big deal but if you’ve got 256MB a big deal.

          • ryannathans
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            2 days ago

            The kernel compilation is already configurable between megabytes and gigabyte+

            Distros pick their featureset

  • ouch@lemmy.world
    link
    fedilink
    arrow-up
    4
    arrow-down
    3
    ·
    2 days ago

    The Linux kernel would maintain a list of the latest Intel microcode versions for each CPU family, which is based on the data from the Intel microcode GitHub repository. In turn this list would need to be kept updated with new Linux kernel releases and as Intel pushes out new CPU microcode files.

    Sounds like that would be outdated for everyone without a rolling distro.

    • trolololol@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      19 hours ago

      Sounds like a user space application, there’s no place for this in the kernel. So would you need to upgrade kennel and reboot to update the list? Nonsense.

    • AndrewZabar@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      23 hours ago

      Yeah, methinks this will be one of those alerts pretty much everyone will be like “yeah, yeah, I know” and click to silence those notifications.

    • Atemu@lemmy.ml
      link
      fedilink
      arrow-up
      10
      ·
      2 days ago

      Stable distros can and will backport security fixes. Good ones that is.