解锁磁盘后,常用的措辞发生了变化,并出现了一条关于下载固件的消息。我想知道发生了什么,所以我尝试了 dmsg -
% sudo dmsg
[ 0.000000] microcode: microcode updated early to revision 0xf8, date = 2023-09-28
[ 0.000000] Linux version 6.1.0-30-amd64 ([email protected]) (gcc-12 (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Debian 6.1.124-1 (2025-01-12)
微码信息很模糊。这是否不正常?
我如何确定我拥有什么固件、我应该拥有什么固件以及什么是可用的固件?
编辑:changelog.Debian 的顶部
intel-microcode (3.20241112.1~deb12u1) bookworm; urgency=medium
* Build for bookworm
* All trixie-only changes (from 3.20240813.2) are reverted on this branch
-- Henrique de Moraes Holschuh <[email protected]> Sat, 07 Dec 2024 14:49:05 -0300
intel-microcode (3.20241112.1) unstable; urgency=medium
* New upstream microcode datafile 20241112 (closes: #1086483)
- Mitigations for INTEL-SA-01101 (CVE-2024-21853)
Improper Finite State Machines (FSMs) in the Hardware logic in some
4th and 5th Generation Intel Xeon Processors may allow an authorized
user to potentially enable denial of service via local access.
- Mitigations for INTEL-SA-01079 (CVE-2024-23918)
Potential security vulnerabilities in some Intel Xeon processors
using Intel SGX may allow escalation of privilege. Intel disclosed
that some processor models were already fixed by a previous
microcode update.
- Updated mitigations for INTEL-SA-01097 (CVE-2024-24968)
Improper finite state machines (FSMs) in hardware logic in some
Intel Processors may allow an privileged user to potentially enable a
denial of service via local access.
- Mitigations for INTEL-SA-01103 (CVE-2024-23984)
A potential security vulnerability in the Running Average Power Limit
(RAPL) interface for some Intel Processors may allow information
disclosure. Added mitigations for more processor models.
* Updated Microcodes:
sig 0x000806f8, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800
sig 0x000806f7, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f6, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f5, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f4, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x00090672, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256
sig 0x00090675, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000b06f2, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000b06f5, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000906a3, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232
sig 0x000906a4, pf_mask 0x80, 2024-06-03, rev 0x0435
sig 0x000a06a4, pf_mask 0xe6, 2024-08-02, rev 0x0020, size 138240
sig 0x000b06a2, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2024-05-29, rev 0x4123
sig 0x000b06a8, pf_mask 0xe0, 2024-05-29, rev 0x4123
sig 0x000c06f2, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128
sig 0x000c06f1, pf_mask 0x87, 2024-06-20, rev 0x21000283
* source: update symlinks to reflect id of the latest release, 20241112
* Update changelog for 3.20240910.1 and 3.20240813.1 with new information:
INTEL-SA-1103 was addressed by 3.20240813.1 for some processor models,
and not by 3.20240910. INTEL-SA-1079 was addressed by 3.20240910.1 for
some processor models.
-- Henrique de Moraes Holschuh <[email protected]> Thu, 14 Nov 2024 15:37:40 -0300
此消息意味着内核本身在启动过程中很早就负责更新微码;请参阅此处的消息。
要查看当前拥有的微码版本,请运行
您的微码由软件包提供
intel-microcode;您将在 中看到更新的详细信息/usr/share/doc/intel-microcode/changelog.Debian.gz。如果您的系统是最新的,您将运行最新的可用微码。