eaf889aea0
Update to Pentium Silver N/J5xxx, Celeron N/J4xxx https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html Fixes: CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
34 lines
943 B
Nix
34 lines
943 B
Nix
{ stdenv, fetchFromGitHub, libarchive, iucode-tool }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "microcode-intel";
|
|
version = "20201112";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "intel";
|
|
repo = "Intel-Linux-Processor-Microcode-Data-Files";
|
|
rev = "microcode-${version}";
|
|
sha256 = "104l3py5z6405wpa2fscqpc5r9dgrf1ckaf27hrswivi32gvp7f2";
|
|
};
|
|
|
|
nativeBuildInputs = [ iucode-tool libarchive ];
|
|
|
|
installPhase = ''
|
|
runHook preInstall
|
|
|
|
mkdir -p $out kernel/x86/microcode
|
|
iucode_tool -w kernel/x86/microcode/GenuineIntel.bin intel-ucode/
|
|
echo kernel/x86/microcode/GenuineIntel.bin | bsdcpio -o -H newc -R 0:0 > $out/intel-ucode.img
|
|
|
|
runHook postInstall
|
|
'';
|
|
|
|
meta = with stdenv.lib; {
|
|
homepage = "http://www.intel.com/";
|
|
description = "Microcode for Intel processors";
|
|
license = licenses.unfreeRedistributableFirmware;
|
|
platforms = platforms.linux;
|
|
maintainers = with maintainers; [ andir ];
|
|
};
|
|
}
|