From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:306:2d92::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id +JOABwYiwmS6JgEASxT56A (envelope-from ) for ; Thu, 27 Jul 2023 09:51:34 +0200 Received: from aspmx1.migadu.com ([2001:41d0:306:2d92::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id GJZjBwYiwmR7eAEAauVa8A (envelope-from ) for ; Thu, 27 Jul 2023 09:51:34 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 825C149FE4 for ; Thu, 27 Jul 2023 09:51:33 +0200 (CEST) Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=ultrarare.space header.s=dkim header.b=YVJytBR3; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1690444293; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=dfREXQKUGXOPO1RNYOaKWmFCquClF0hm/5F1aL4VtS8=; b=o1ak7c/gtMXIrvxv/JNc7CsECppbNwPQjLaRKBmBdOkrj5vZ/sZB/nQzwa1JNv444v2bDk DLdwxCedBdZPg4ZLHrbWKLH4mbq4WgvNe9gIW7dVe02XMqiD1iLZRVx28gI5BE+Xy4ZOt4 WaUDUmvABsFPnMOmJNTyN/1K4IElzqorzYbjAnK3e0CtQr7gJtO7L1Rq1583vFIjFB/RcM sYEUqaby2RjuTZCI3ZY6lLsFaATZMsF1L0yyi8Jq1ntUlNS15G+EktSIRRtEmPcY/jQjSF TYgPweIc+uXcREgWfpKOKJiISl8J2zpE6z81cdxZVaawzmwNb7saM5QU8LHMFg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1690444293; a=rsa-sha256; cv=none; b=p/gTzHC/va/TjHZ85d82+moJHLLRGlGKwYKaBg8ovC03WZhDZCIW2u0luE7JmtzjBPHrJ1 yD3lwlfkUTnv1z1AaRTCiIlyH8s9lNUwR2iHUufSmdRxYJjZPaxLv2yxuu6P2jl3UkjnD0 +XWNnrcmkwJ0mem/NyjB80U20vyNjICY980Nq5YfbjahBn3vQvYKps8AfHjqbRLFewKBfk xAr4tsHuV/jIw/0+FpERdjQkzxTCmRTOQK3oD6Zw7IAlPziovtZiqP8Zm/evRmqJiglH5G R+SnxhDuVx4m8y5BTW56DdJ+jxbUt0IFvzTpRh8SIV2xwMW8dWRC1XNX00b5uw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=ultrarare.space header.s=dkim header.b=YVJytBR3; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qOvCM-0002uf-5p; Thu, 27 Jul 2023 03:14:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qOvCF-0002sL-4k for guix-patches@gnu.org; Thu, 27 Jul 2023 03:14:03 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qOvCE-00064K-TY for guix-patches@gnu.org; Thu, 27 Jul 2023 03:14:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1qOvCE-0007pS-A1; Thu, 27 Jul 2023 03:14:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#64889] [PATCH] gnu: spectre-meltdown-checker: Update to 0.46. Resent-From: Hilton Chain Original-Sender: "Debbugs-submit" Resent-CC: leo@famulari.name, me@tobias.gr, guix-patches@gnu.org Resent-Date: Thu, 27 Jul 2023 07:14:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 64889 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 64889@debbugs.gnu.org Cc: Hilton Chain , Leo Famulari , Tobias Geerinckx-Rice X-Debbugs-Original-To: guix-patches@gnu.org X-Debbugs-Original-Xcc: Leo Famulari , Tobias Geerinckx-Rice Received: via spool by submit@debbugs.gnu.org id=B.169044200830038 (code B ref -1); Thu, 27 Jul 2023 07:14:02 +0000 Received: (at submit) by debbugs.gnu.org; 27 Jul 2023 07:13:28 +0000 Received: from localhost ([127.0.0.1]:40601 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qOvBf-0007oN-0P for submit@debbugs.gnu.org; Thu, 27 Jul 2023 03:13:27 -0400 Received: from lists.gnu.org ([2001:470:142::17]:33572) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qOvBc-0007nw-SY for submit@debbugs.gnu.org; Thu, 27 Jul 2023 03:13:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qOvBX-0002kB-LP for guix-patches@gnu.org; Thu, 27 Jul 2023 03:13:19 -0400 Received: from mail.boiledscript.com ([144.168.59.46]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qOvBV-00060Y-6V for guix-patches@gnu.org; Thu, 27 Jul 2023 03:13:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ultrarare.space; s=dkim; t=1690441723; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=dfREXQKUGXOPO1RNYOaKWmFCquClF0hm/5F1aL4VtS8=; b=YVJytBR3FLKo5L3gGYjweAI8YIf7y3Uxb9XfwiHDruwLFqHhfMF7zFUg2jcjipgwf+zDpS A1jL4wr3yHEyNKoMabHD9ngJ/iAGqZotlM5Og+Ap7y2WCzxQwdvh0q7o2fLK+4WFocJ5dT DQV/kzbg1+Xxu/JnOgT5/38RT0q7+sXdcYqlSbwIQfUMI72Fnuwr1sy3KdlvfV3/u+e1HG K2tDb5USj/SoEoFKwzhcTaSHrPcX8e6OIax4uB52EzHUktrUTcuFDT+EJATpIRBUSbYzHR sjQItNPSuDuDXPNFt4Vqz2cpBB2m8H9hTlbGXmmaADJ1cEjnuwqUl3k4CO18FA== Date: Thu, 27 Jul 2023 15:12:48 +0800 Message-ID: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spamd-Bar: + Received-SPF: pass client-ip=144.168.59.46; envelope-from=hako@ultrarare.space; helo=mail.boiledscript.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Hilton Chain X-ACL-Warn: , Hilton Chain via Guix-patches From: Hilton Chain via Guix-patches via Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Scanner: mx2.migadu.com X-Migadu-Spam-Score: -1.64 X-Spam-Score: -1.64 X-Migadu-Queue-Id: 825C149FE4 X-TUID: RcgOw2gMi8q0 * gnu/packages/patches/spectre-meltdown-checker-externalize-fwdb.patch: Update patch. * gnu/packages/patches/spectre-meltdown-checker-find-kernel.patch: Delete file * gnu/local.mk (dist_patch_DATA): Remove it. * gnu/packages/linux.scm (spectre-meltdown-checker): Update to 0.46. [arguments]<#:phases>: Correct bunzip2, substitute lzop and mktemp. --- gnu/local.mk | 1 - gnu/packages/linux.scm | 13 +-- ...re-meltdown-checker-externalize-fwdb.patch | 109 +++++++++++++++--- ...spectre-meltdown-checker-find-kernel.patch | 26 ----- 4 files changed, 96 insertions(+), 53 deletions(-) delete mode 100644 gnu/packages/patches/spectre-meltdown-checker-find-kernel.patch diff --git a/gnu/local.mk b/gnu/local.mk index ae2f3dd49f..85522d8b58 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1951,7 +1951,6 @@ dist_patch_DATA = \ %D%/packages/patches/source-highlight-gcc-compat.patch \ %D%/packages/patches/softhsm-fix-openssl3-tests.patch \ %D%/packages/patches/spectre-meltdown-checker-externalize-fwdb.patch \ - %D%/packages/patches/spectre-meltdown-checker-find-kernel.patch \ %D%/packages/patches/sphinxbase-fix-doxygen.patch \ %D%/packages/patches/sssd-system-directories.patch \ %D%/packages/patches/steghide-fixes.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 250e26cf09..379b8e6b63 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -10314,7 +10314,7 @@ (define-public edac-utils (define-public spectre-meltdown-checker (package (name "spectre-meltdown-checker") - (version "0.45") + (version "0.46") (source (origin (method git-fetch) (uri (git-reference @@ -10323,15 +10323,14 @@ (define-public spectre-meltdown-checker (file-name (git-file-name name version)) (patches (search-patches - "spectre-meltdown-checker-externalize-fwdb.patch" - "spectre-meltdown-checker-find-kernel.patch")) + "spectre-meltdown-checker-externalize-fwdb.patch")) ;; Remove builtin firmware database. (modules '((guix build utils))) (snippet '(substitute* "spectre-meltdown-checker.sh" (("^# [AI],.*") ""))) (sha256 (base32 - "1xx8h5791lhc2xw0dcbzjkklzvlxwxkjzh8di4g8divfy24fqsn8")))) + "0j42p6dayb7k87kf8sqimxlaswis3qh0569a15zccyknv9vf129k")))) (build-system copy-build-system) (arguments (list @@ -10350,11 +10349,11 @@ (define-public spectre-meltdown-checker (find-command inputs cmd)) ;; Commands safe to substitute directly. - (("\\<(awk|(base|dir)name|bunzip|g(un)?zip|lz4)\\>" all cmd) + (("\\<(awk|(base|dir)name|bunzip2|g(un)?zip|lz4)\\>" all cmd) (find-command inputs cmd)) - (("\\<(modprobe|pgrep|rmmod|umount|unlzma)\\>" all cmd) + (("\\<(lzop|mktemp|modprobe|pgrep|rmmod|umount)\\>" all cmd) (find-command inputs cmd)) - (("\\<(unxz|unzstd|uuencode)\\>" all cmd) + (("\\<(unlzma|unxz|unzstd|uuencode)\\>" all cmd) (find-command inputs cmd)) ;; Commands which should only be substituted based on their diff --git a/gnu/packages/patches/spectre-meltdown-checker-externalize-fwdb.patch b/gnu/packages/patches/spectre-meltdown-checker-externalize-fwdb.patch index cce70b880f..35673ceb91 100644 --- a/gnu/packages/patches/spectre-meltdown-checker-externalize-fwdb.patch +++ b/gnu/packages/patches/spectre-meltdown-checker-externalize-fwdb.patch @@ -1,27 +1,28 @@ -From 340b08737e552c3c186863d76d123808d853a159 Mon Sep 17 00:00:00 2001 +From 8caeb440a176cb7f8908403da51106c74e2b5cb8 Mon Sep 17 00:00:00 2001 From: Hilton Chain -Date: Sat, 12 Nov 2022 22:45:24 +0800 +Date: Thu, 27 Jul 2023 14:45:14 +0800 Subject: [PATCH] Replace fwdb downloader with a local file option. Also warn about non-free software. --- - spectre-meltdown-checker.sh | 180 +++--------------------------------- - 1 file changed, 15 insertions(+), 165 deletions(-) + spectre-meltdown-checker.sh | 253 +++--------------------------------- + 1 file changed, 17 insertions(+), 236 deletions(-) diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh -index 30f760c..ce46970 100755 +index e7b6b33..33bdf71 100755 --- a/spectre-meltdown-checker.sh +++ b/spectre-meltdown-checker.sh -@@ -22,8 +22,6 @@ exit_cleanup() +@@ -23,9 +23,6 @@ exit_cleanup() [ -n "${dumped_config:-}" ] && [ -f "$dumped_config" ] && rm -f "$dumped_config" [ -n "${kerneltmp:-}" ] && [ -f "$kerneltmp" ] && rm -f "$kerneltmp" [ -n "${kerneltmp2:-}" ] && [ -f "$kerneltmp2" ] && rm -f "$kerneltmp2" - [ -n "${mcedb_tmp:-}" ] && [ -f "$mcedb_tmp" ] && rm -f "$mcedb_tmp" - [ -n "${intel_tmp:-}" ] && [ -d "$intel_tmp" ] && rm -rf "$intel_tmp" +- [ -n "${linuxfw_tmp:-}" ] && [ -f "$linuxfw_tmp" ] && rm -f "$linuxfw_tmp" [ "${mounted_debugfs:-}" = 1 ] && umount /sys/kernel/debug 2>/dev/null [ "${mounted_procfs:-}" = 1 ] && umount "$procfs" 2>/dev/null [ "${insmod_cpuid:-}" = 1 ] && rmmod cpuid 2>/dev/null -@@ -93,9 +91,9 @@ show_usage() +@@ -97,9 +94,9 @@ show_usage() --vmm [auto,yes,no] override the detection of the presence of a hypervisor, default: auto --allow-msr-write allow probing for write-only MSRs, this might produce kernel logs or be blocked by your system --cpu [#,all] interact with CPUID and MSR of CPU core number #, or all (default: CPU core 0) @@ -34,10 +35,33 @@ index 30f760c..ce46970 100755 --dump-mock-data used to mimick a CPU on an other system, mainly used to help debugging this script Return codes: -@@ -837,147 +833,6 @@ show_header() +@@ -858,217 +855,6 @@ show_header() _info } +-# Family-Model-Stepping to CPUID +-# prints CPUID in base-10 to stdout +-fms2cpuid() +-{ +- _family="$1" +- _model="$2" +- _stepping="$3" +- +- if [ "$(( _family ))" -le 15 ]; then +- _extfamily=0 +- _lowfamily=$(( _family )) +- else +- # when we have a family > 0xF, then lowfamily is stuck at 0xF +- # and extfamily is ADDED to it (as in "+"), to ensure old software +- # never sees a lowfamily < 0xF for newer families +- _lowfamily=15 +- _extfamily=$(( (_family) - 15 )) +- fi +- _extmodel=$(( (_model & 0xF0 ) >> 4 )) +- _lowmodel=$(( (_model & 0x0F ) >> 0 )) +- echo $(( (_stepping & 0x0F) | (_lowmodel << 4) | (_lowfamily << 8) | (_extmodel << 16) | (_extfamily << 20) )) +-} +- -[ -z "$HOME" ] && HOME="$(getent passwd "$(whoami)" | cut -d: -f6)" -mcedb_cache="$HOME/.mcedb" -update_fwdb() @@ -97,13 +121,15 @@ index 30f760c..ce46970 100755 - echo ERROR "please install the \`sqlite3\` program" - return 1 - fi -- mcedb_revision=$(sqlite3 "$mcedb_tmp" "select revision from MCE") +- mcedb_revision=$(sqlite3 "$mcedb_tmp" "SELECT \"revision\" from \"MCE\"") - if [ -z "$mcedb_revision" ]; then - echo ERROR "downloaded file seems invalid" - return 1 - fi -- sqlite3 "$mcedb_tmp" "alter table Intel add column origin text" -- sqlite3 "$mcedb_tmp" "update Intel set origin='mce'" +- sqlite3 "$mcedb_tmp" "ALTER TABLE \"Intel\" ADD COLUMN \"origin\" TEXT" +- sqlite3 "$mcedb_tmp" "ALTER TABLE \"AMD\" ADD COLUMN \"origin\" TEXT" +- sqlite3 "$mcedb_tmp" "UPDATE \"Intel\" SET \"origin\"='mce'" +- sqlite3 "$mcedb_tmp" "UPDATE \"AMD\" SET \"origin\"='mce'" - - echo OK "MCExtractor database revision $mcedb_revision" - @@ -141,7 +167,7 @@ index 30f760c..ce46970 100755 - _version=$(echo "$_line" | awk '{print $8}') - _version=$(( _version )) - _version=$(printf "0x%08X" "$_version") -- _sqlstm="$(printf "INSERT INTO Intel (origin,cpuid,version,yyyymmdd) VALUES (\"%s\",\"%s\",\"%s\",\"%s\");" "intel" "$(printf "%08X" "$_cpuid")" "$(printf "%08X" "$_version")" "$_date")" +- _sqlstm="$(printf "INSERT INTO \"Intel\" (\"origin\",\"cpuid\",\"version\",\"yyyymmdd\") VALUES ('%s','%s','%s','%s');" "intel" "$(printf "%08X" "$_cpuid")" "$(printf "%08X" "$_version")" "$_date")" - sqlite3 "$mcedb_tmp" "$_sqlstm" - done - _intel_timestamp=$(stat -c %Y "$intel_tmp/Intel-Linux-Processor-Microcode-Data-Files-main/license" 2>/dev/null) @@ -150,10 +176,52 @@ index 30f760c..ce46970 100755 - _intel_latest_date=$(date +%Y%m%d -d @"$_intel_timestamp") - else - echo "Falling back to the latest microcode date" -- _intel_latest_date=$(sqlite3 "$mcedb_tmp" "SELECT yyyymmdd from Intel WHERE origin = 'intel' ORDER BY yyyymmdd DESC LIMIT 1;") +- _intel_latest_date=$(sqlite3 "$mcedb_tmp" "SELECT \"yyyymmdd\" FROM \"Intel\" WHERE \"origin\"='intel' ORDER BY \"yyyymmdd\" DESC LIMIT 1;") - fi - echo DONE "(version $_intel_latest_date)" - +- # now parse the most recent linux-firmware amd-ucode README file +- _info_nol "Fetching latest amd-ucode README from linux-firmware project... " +- linuxfw_url="https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/amd-ucode/README" +- linuxfw_tmp=$(mktemp -t smc-linuxfw-XXXXXX) +- if command -v wget >/dev/null 2>&1; then +- wget -q "$linuxfw_url" -O "$linuxfw_tmp"; ret=$? +- elif command -v curl >/dev/null 2>&1; then +- curl -sL "$linuxfw_url" -o "$linuxfw_tmp"; ret=$? +- elif command -v fetch >/dev/null 2>&1; then +- fetch -q "$linuxfw_url" -o "$linuxfw_tmp"; ret=$? +- else +- echo ERROR "please install one of \`wget\`, \`curl\` of \`fetch\` programs" +- return 1 +- fi +- if [ "$ret" != 0 ]; then +- echo ERROR "error $ret while downloading linux-firmware README" +- return $ret +- fi +- echo DONE +- +- _info_nol "Parsing the README... " +- nbfound=0 +- for line in $(grep -E 'Family=0x[0-9a-f]+ Model=0x[0-9a-f]+ Stepping=0x[0-9a-f]+: Patch=0x[0-9a-f]+' "$linuxfw_tmp" | tr " " ","); do +- _debug "Parsing line $line" +- _family=$( echo "$line" | grep -Eoi 'Family=0x[0-9a-f]+' | cut -d= -f2) +- _model=$( echo "$line" | grep -Eoi 'Model=0x[0-9a-f]+' | cut -d= -f2) +- _stepping=$(echo "$line" | grep -Eoi 'Stepping=0x[0-9a-f]+' | cut -d= -f2) +- _version=$( echo "$line" | grep -Eoi 'Patch=0x[0-9a-f]+' | cut -d= -f2) +- _version=$(printf "0x%08X" "$(( _version ))") +- _cpuid=$(fms2cpuid "$_family" "$_model" "$_stepping") +- _cpuid=$(printf "0x%08X" "$_cpuid") +- _date="20000101" +- _sqlstm="$(printf "INSERT INTO \"AMD\" (\"origin\",\"cpuid\",\"version\",\"yyyymmdd\") VALUES ('%s','%s','%s','%s');" "linux-firmware" "$(printf "%08X" "$_cpuid")" "$(printf "%08X" "$_version")" "$_date")" +- _debug "family $_family model $_model stepping $_stepping cpuid $_cpuid" +- _debug "$_sqlstm" +- sqlite3 "$mcedb_tmp" "$_sqlstm" +- nbfound=$((nbfound + 1)) +- unset _family _model _stepping _version _cpuid _date _sqlstm +- done +- echo "found $nbfound microcodes" +- unset nbfound +- - dbversion="$mcedb_revision+i$_intel_latest_date" - - if [ "$1" != builtin ] && [ -n "$previous_dbversion" ] && [ "$previous_dbversion" = "v$dbversion" ]; then @@ -165,8 +233,11 @@ index 30f760c..ce46970 100755 - { - echo "# Spectre & Meltdown Checker"; - echo "# %%% MCEDB v$dbversion"; -- sqlite3 "$mcedb_tmp" "SELECT '# I,0x'||t1.cpuid||',0x'||MAX(t1.version)||','||t1.yyyymmdd FROM Intel AS t1 LEFT OUTER JOIN Intel AS t2 ON t2.cpuid=t1.cpuid AND t2.yyyymmdd > t1.yyyymmdd WHERE t2.yyyymmdd IS NULL GROUP BY t1.cpuid ORDER BY t1.cpuid ASC;" | grep -v '^# .,0x00000000,'; -- sqlite3 "$mcedb_tmp" "SELECT '# A,0x'||t1.cpuid||',0x'||MAX(t1.version)||','||t1.yyyymmdd FROM AMD AS t1 LEFT OUTER JOIN AMD AS t2 ON t2.cpuid=t1.cpuid AND t2.yyyymmdd > t1.yyyymmdd WHERE t2.yyyymmdd IS NULL GROUP BY t1.cpuid ORDER BY t1.cpuid ASC;" | grep -v '^# .,0x00000000,'; +- # ensure the official Intel DB always has precedence over mcedb, even if mcedb has seen a more recent fw +- sqlite3 "$mcedb_tmp" "DELETE FROM \"Intel\" WHERE \"origin\"!='intel' AND \"cpuid\" IN (SELECT \"cpuid\" FROM \"Intel\" WHERE \"origin\"='intel' GROUP BY \"cpuid\" ORDER BY \"cpuid\" ASC);" +- # we'll use the more recent fw for Intel and AMD +- sqlite3 "$mcedb_tmp" "SELECT '# I,0x'||\"t1\".\"cpuid\"||',0x'||MAX(\"t1\".\"version\")||','||\"t1\".\"yyyymmdd\" FROM \"Intel\" AS \"t1\" LEFT OUTER JOIN \"Intel\" AS \"t2\" ON \"t2\".\"cpuid\"=\"t1\".\"cpuid\" AND \"t2\".\"yyyymmdd\" > \"t1\".\"yyyymmdd\" WHERE \"t2\".\"yyyymmdd\" IS NULL GROUP BY \"t1\".\"cpuid\" ORDER BY \"t1\".\"cpuid\" ASC;" | grep -v '^# .,0x00000000,'; +- sqlite3 "$mcedb_tmp" "SELECT '# A,0x'||\"t1\".\"cpuid\"||',0x'||MAX(\"t1\".\"version\")||','||\"t1\".\"yyyymmdd\" FROM \"AMD\" AS \"t1\" LEFT OUTER JOIN \"AMD\" AS \"t2\" ON \"t2\".\"cpuid\"=\"t1\".\"cpuid\" AND \"t2\".\"yyyymmdd\" > \"t1\".\"yyyymmdd\" WHERE \"t2\".\"yyyymmdd\" IS NULL GROUP BY \"t1\".\"cpuid\" ORDER BY \"t1\".\"cpuid\" ASC;" | grep -v '^# .,0x00000000,'; - } > "$mcedb_cache" - echo DONE "(version $dbversion)" - @@ -182,7 +253,7 @@ index 30f760c..ce46970 100755 parse_opt_file() { # parse_opt_file option_name option_value -@@ -1067,12 +922,15 @@ while [ -n "${1:-}" ]; do +@@ -1158,12 +944,15 @@ while [ -n "${1:-}" ]; do # deprecated, kept for compatibility opt_explain=0 shift @@ -204,7 +275,7 @@ index 30f760c..ce46970 100755 elif [ "$1" = "--dump-mock-data" ]; then opt_mock=1 shift -@@ -2033,21 +1891,11 @@ is_xen_domU() +@@ -2192,21 +1981,11 @@ is_xen_domU() fi } @@ -228,7 +299,7 @@ index 30f760c..ce46970 100755 fi read_mcedb() { -@@ -2063,7 +1911,9 @@ is_latest_known_ucode() +@@ -2222,7 +2001,9 @@ is_latest_known_ucode() return 2 fi ucode_latest="latest microcode version for your CPU model is unknown" @@ -240,5 +311,5 @@ index 30f760c..ce46970 100755 elif is_amd; then cpu_brand_prefix=A -- -2.38.1 +2.41.0 diff --git a/gnu/packages/patches/spectre-meltdown-checker-find-kernel.patch b/gnu/packages/patches/spectre-meltdown-checker-find-kernel.patch deleted file mode 100644 index c0e24d8eed..0000000000 --- a/gnu/packages/patches/spectre-meltdown-checker-find-kernel.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 5b757d930ec0cf102b03fb9817d17e06c72e74b3 Mon Sep 17 00:00:00 2001 -From: Hilton Chain -Date: Sat, 5 Nov 2022 23:22:31 +0800 -Subject: [PATCH] Locate the kernel bzimage used by Guix System - ---- - spectre-meltdown-checker.sh | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh -index 248a444..855a090 100755 ---- a/spectre-meltdown-checker.sh -+++ b/spectre-meltdown-checker.sh -@@ -2251,6 +2251,8 @@ if [ "$opt_live" = 1 ]; then - [ -e "/boot/kernel-genkernel-$(uname -m)-$(uname -r)" ] && opt_kernel="/boot/kernel-genkernel-$(uname -m)-$(uname -r)" - # NixOS: - [ -e "/run/booted-system/kernel" ] && opt_kernel="/run/booted-system/kernel" -+ # Guix System: -+ [ -e "/run/booted-system/kernel/bzImage" ] && opt_kernel="/run/booted-system/kernel/bzImage" - # systemd kernel-install: - [ -e "/etc/machine-id" ] && [ -e "/boot/$(cat /etc/machine-id)/$(uname -r)/linux" ] && opt_kernel="/boot/$(cat /etc/machine-id)/$(uname -r)/linux" - # Clear Linux: - -base-commit: a6c943d38f315f339697ec26e7374a09b88f2183 --- -2.38.0 base-commit: c7e45139faa27b60f2c7d0a4bc140f9793d97d47 -- 2.41.0