From: Alex Vong <alexvong1995@gmail.com>
To: Tobias Geerinckx-Rice <me@tobias.gr>
Cc: development@libreboot.org, guix-devel@gnu.org
Subject: Re: Meltdown / Spectre
Date: Sun, 14 Jan 2018 23:11:25 +0800 [thread overview]
Message-ID: <87wp0kqxuq.fsf@gmail.com> (raw)
In-Reply-To: <807794bd-5262-8b36-1f9f-dd3a316928ff@tobias.gr> (Tobias Geerinckx-Rice's message of "Mon, 8 Jan 2018 22:51:00 +0100")
Tobias Geerinckx-Rice <me@tobias.gr> writes:
> Hej Marius,
>
> [I see this is being CC'd to @libreboot.org. I'm answering only as a GNU
> Guix user and contributor, and assume people who live and breathe this
> stuff will find plenty of holes in my opinion. Which this is.]
>
> Marius Bakke wrote on 08/01/18 at 19:26:
>> In my opinion, CPU microcode falls under "non-functional data", as
>> expressly permitted by the GNU FSDG.
>
> I'm not sure how tongue-in-cheek this is, so I'm not sure how to
> respond. I hope nobody on the Internet is wrong^Wseriously suggesting
> that microcode or any other firmware isn't machine code and —
> unfortunately for everyone everywhere — very (dis)functional indeed.
>
> (Don't get me wrong: I wish it weren't so, or that there were some sort
> of commonly-agreed-upon wink-nudge fiction that it wasn't. If there is,
> then Debian isn't playing along: microcode blobs are ‘non-free’[0].)
>
> I think the real and thornier question for GuixSD is: if the recent CPU
> vulnerabilities require a microcode update to fully mitigate, then how
> do we square not recommending proprietary globs like this in official
> channels with giving users all knowledge required to decide for themselves?
>
For this particular question, I think we can point users to this
discussion thread in the news section for example. Then they can decide
for themselves what to do. I think this is close to the best thing we
can do now.
>> It is not required for the processor to function, it is merely *a
>> posteriori* data that the CPU can use to fix erratic behaviour.
>
> AIUI, at least on x86 CPUs, the microcode *is* a large and/or functional
> part of the processor. I suspect that's the case for most sufficiently
> modern (complex) chips, but it's not my field.
>
Agree, in my assembly programming course, the lecturer mentioned that
(if I recall correctly) a mircrocode update can bring new instruction
set to a CPU, so it is a very programmable part of the CPU.
> Kind regards,
>
> T G-R
>
> [0]: https://lists.debian.org/debian-devel/2012/11/msg00109.html,
> https://packages.debian.org/search?keywords=microcode
next prev parent reply other threads:[~2018-01-14 15:11 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-06 13:20 What do Meltdown and Spectre mean for libreboot x200 user? Alex Vong
2018-01-06 17:23 ` Mark H Weaver
2018-01-06 17:43 ` Meltdown / Spectre Leo Famulari
2018-01-06 20:15 ` Mark H Weaver
2018-01-07 6:38 ` Mark H Weaver
2018-01-07 21:29 ` Mark H Weaver
2018-01-09 21:39 ` Alex Vong
2018-01-10 4:59 ` Leo Famulari
2018-01-16 10:57 ` Ludovic Courtès
2018-01-19 22:06 ` Mark H Weaver
2018-01-20 0:17 ` Leo Famulari
2018-01-21 16:26 ` Mark H Weaver
2018-01-24 14:23 ` Ludovic Courtès
2018-01-24 16:19 ` Mark H Weaver
2018-01-26 22:05 ` Mark H Weaver
2018-01-27 16:12 ` Ludovic Courtès
2018-01-10 15:00 ` ng0
2018-01-08 10:30 ` Ludovic Courtès
2018-01-10 5:27 ` Leo Famulari
2018-01-07 2:44 ` Chris Marusich
2018-01-08 17:22 ` Katherine Cox-Buday
2018-01-08 18:26 ` Marius Bakke
2018-01-08 21:51 ` Tobias Geerinckx-Rice
2018-01-08 22:01 ` Tobias Geerinckx-Rice
2018-01-09 20:13 ` Katherine Cox-Buday
2018-01-09 21:18 ` Tobias Geerinckx-Rice
2018-01-10 5:26 ` Leo Famulari
2018-01-11 19:45 ` Katherine Cox-Buday
2018-01-11 21:49 ` Adonay Felipe Nogueira
2018-01-10 10:46 ` Tobias Platen
2018-01-10 17:20 ` Leo Famulari
2018-01-10 6:43 ` Christopher Lemmer Webber
2018-01-10 18:41 ` Kei Kebreau
2018-01-16 3:58 ` Chris Marusich
2018-01-17 19:20 ` Gábor Boskovits
2018-01-14 15:11 ` Alex Vong [this message]
2018-01-09 23:10 ` Mark H Weaver
2018-01-10 5:04 ` Leo Famulari
2018-01-16 11:10 ` Ludovic Courtès
2018-01-17 2:38 ` Mike Gerwitz
2018-01-17 14:11 ` Ludovic Courtès
2018-01-10 9:36 ` Chris Marusich
2018-01-10 11:49 ` Adonay Felipe Nogueira
2018-01-10 12:35 ` Tobias Platen
2018-01-10 14:04 ` Gábor Boskovits
2018-01-12 0:25 ` Marius Bakke
2018-01-15 8:07 ` Pjotr Prins
2018-01-16 3:08 ` Mike Gerwitz
2018-01-16 10:04 ` Pjotr Prins
2018-01-12 7:39 ` Chris Marusich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wp0kqxuq.fsf@gmail.com \
--to=alexvong1995@gmail.com \
--cc=development@libreboot.org \
--cc=guix-devel@gnu.org \
--cc=me@tobias.gr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).