Skip to content

feat: update amd64-microcode to 3.20250311.1 #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Zeno-sole merged 1 commit into from
Oct 16, 2025
Merged

feat: update amd64-microcode to 3.20250311.1 #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 35 additions & 0 deletions README
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,41 @@ amdtee/ currently includes firmware for the amd_pmf driver.

latest commits in this release:

commit 3660cb7665df91e664b240c19c560f138d74f483
Author: John Allen <john.allen@amd.com>
Date: Wed Feb 19 20:29:05 2025 +0000

linux-firmware: Update AMD SEV firmware

Update AMD SEV firmware to version 1.55 build 29 for AMD family 19h processors
with models in the range 00h to 0fh.

Update AMD SEV firmware to version 1.55 build 39 for AMD family 19h processors
with models in the range 10h to 1fh.

Update AMD SEV firmware to version 1.55 build 39 for AMD family 19h processors
with models in the range a0h to afh.

Add AMD SEV firmware version 1.55 build 54 for AMD family 1ah processors with
models in the range 00h to 0fh.

Signed-off-by: John Allen <john.allen@amd.com>

commit 48bb90cceb882cab8e9ab692bc5779d3bf3a13b8
Author: John Allen <john.allen@amd.com>
Date: Thu Nov 21 10:22:38 2024 -0600

linux-firmware: Update AMD cpu microcode

* Update AMD cpu microcode for processor family 17h
* Update AMD cpu microcode for processor family 19h

Key Name = AMD Microcode Signing Key (for signing microcode container files only)
Key ID = F328AE73
Key Fingerprint = FC7C 6C50 5DAF CC14 7183 57CA E4BE 5339 F328 AE73

Signed-off-by: John Allen <john.allen@amd.com>

commit ace84e6edc27bcba8e44ba8588e93a4c74a4fba1
Author: John Allen <john.allen@amd.com>
Date: Tue Aug 20 18:26:55 2024 +0000
Expand Down
17 changes: 16 additions & 1 deletion amd-ucode/README
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,20 +30,35 @@ Microcode patches in microcode_amd_fam15h.bin:
Microcode patches in microcode_amd_fam16h.bin:
Family=0x16 Model=0x00 Stepping=0x01: Patch=0x0700010f Length=3458 bytes


Microcode patches in microcode_amd_fam17h.bin:
Family=0x17 Model=0x71 Stepping=0x00: Patch=0x08701034 Length=3200 bytes
Family=0x17 Model=0x01 Stepping=0x02: Patch=0x0800126f Length=3200 bytes
Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107c Length=3200 bytes
Family=0x17 Model=0x60 Stepping=0x01: Patch=0x0860010d Length=3200 bytes
Family=0x17 Model=0x08 Stepping=0x02: Patch=0x0800820d Length=3200 bytes
Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008 Length=3200 bytes
Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a0000a Length=3200 bytes
Family=0x17 Model=0x68 Stepping=0x01: Patch=0x08608108 Length=3200 bytes

Microcode patches in microcode_amd_fam19h.bin:
Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a00107a Length=5568 bytes
Family=0x19 Model=0x7c Stepping=0x00: Patch=0x0a70c005 Length=5568 bytes
Family=0x19 Model=0x75 Stepping=0x02: Patch=0x0a705206 Length=5568 bytes
Family=0x19 Model=0x08 Stepping=0x02: Patch=0x0a00820c Length=5568 bytes
Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a101248 Length=5568 bytes
Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00215 Length=5568 bytes
Family=0x19 Model=0x44 Stepping=0x01: Patch=0x0a404107 Length=5568 bytes
Family=0x19 Model=0x78 Stepping=0x00: Patch=0x0a708007 Length=5568 bytes
Family=0x19 Model=0x21 Stepping=0x00: Patch=0x0a20102d Length=5568 bytes
Family=0x19 Model=0x74 Stepping=0x01: Patch=0x0a704107 Length=5568 bytes
Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001238 Length=5568 bytes
Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a101148 Length=5568 bytes
Family=0x19 Model=0x61 Stepping=0x02: Patch=0x0a601209 Length=5568 bytes
Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d5 Length=5568 bytes
Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116 Length=5568 bytes
Family=0x19 Model=0x18 Stepping=0x01: Patch=0x0a108108 Length=5568 bytes
Family=0x19 Model=0x50 Stepping=0x00: Patch=0x0a500011 Length=5568 bytes
Family=0x19 Model=0x21 Stepping=0x02: Patch=0x0a201210 Length=5568 bytes

NOTE: For Genoa (Family=0x19 Model=0x11) and Bergamo (Family=0x19 Model=0xa0),
either AGESA version >= 1.0.0.8 OR a kernel with the following commit is
Expand Down
Binary file modified amd-ucode/microcode_amd_fam17h.bin
View file
Open in desktop
Binary file not shown.
16 changes: 8 additions & 8 deletions amd-ucode/microcode_amd_fam17h.bin.asc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
-----BEGIN PGP SIGNATURE-----

iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmX+B5wACgkQ5L5TOfMo
rnOyEQgAjcQdiUYTOecifIkRdvIotUmd0rYG4Y4atXIkcMKpuZXY3ipiIJQTi+zb
fsTrrzqvfdS0FeG9GPePsgZwBvUCbvxbW+I2ffw4KXmZQh7J0WE3qYAEx3uV3IaE
UtV6yM9OW6EEFuIwx8m2LQsl3bP6X/Cwgf3DEHlsVZzDexrYNU9lP/BkujpO0m/q
s8PanPluQqesoaOm+DAQnceMC4r1jpfeZ3DShvyGqaNzB9HeOE2uQEfWW69cfkU9
n3Lsqxjgl45EmKyNqqy5o3uMBwMJzl0jW2NR5k80+H65hv4Skclk6YCz651zx9C5
bisCiEwf4gg7ffQPLYW9MCsK3yjTaQ==
=vQEt
iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmc/W5AACgkQ5L5TOfMo
rnN+IQf/SpWITbAMKm22ZkUs6NOwgOV3bKx6D38BPQ3MRwAzfN8nTT9h33tlw0rc
XdxdzfyRh+FJcweQHVOzLMLtUH6GwTFfGphjDBEFAhNLMZoeD29Z98IDaOQfWSJ2
geGlZY7tfNZycN/NCYJqRON3MmpqAqoILp1tuck5JU+eQzcCGW5nn96LeAQc7Cin
8q4X3FvYbRIGuiChSF3R9yxPIVtY1Pps/gtg9j0Q5zXBWN3Yb3OcRPCZi4xjZmDg
FfYg79UzB2eM+HdoQ+ymqRgySLIqunBxcNP8pOkyrW0lxLEIhqj7TE++M6om/mwT
pzUx+Q7L5FS9b/n3c7Hw0esH6yztcA==
=1U/Y
-----END PGP SIGNATURE-----
Binary file modified amd-ucode/microcode_amd_fam19h.bin
View file
Open in desktop
Binary file not shown.
16 changes: 8 additions & 8 deletions amd-ucode/microcode_amd_fam19h.bin.asc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
-----BEGIN PGP SIGNATURE-----

iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmX9xsgACgkQ5L5TOfMo
rnP2aQf/QBOiKUZsrVIbnn0+Ls84yDYovoesYriy1rbK+K5CVRb/0iqoFn5xKIu6
bvyHN0fnj7Ko+oedNvcRCmlu+jiw08s3WArQb6r3fK4QT/2Wj2f+qX14uoFuCGUd
QgZTc4hZxNxSZBbQuKVbtDmT0iFtV0jKBp/ajdYD9++rA+VcIemKtwX/sxEZnUFi
fXg016uAs/Q9LQ5KWvz3VhFz2G77BEXjDIJNAHSVCxmWCvsd05kf1SbXUswlj/T8
JtuH840zfZicZEk8e3grO4fSywLyrZCjqATSXa+XY63thCIglM9c6V+EBL3jGXxh
Cs2tZH8/ge+tL/UBBJ8FdOZcVSpkeQ==
=HHoV
iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmc/W4EACgkQ5L5TOfMo
rnPSAwf/UozBxuAEmSJMgUE3CVKyuvs0VpI1fvUpybW5Dqgz+6DLXtLJBFQLjLn1
UlxhkHmiZ63QXazpu3QUBGUkUh5fpKDsn8P1XVRPTtOc4IMsWVlCh3RJwFpmQRqW
8h30WDwxRzIb0VvGg8bclLGH/t1dozagk87eYbq9sz8I/qV9P/kd/BFifNSqANOq
xQmb9oNFu3JuFHqNoLdR02dQ9T/l21TDoLQwjjyFwAY8B1JNQTjTlq6brfnOKICu
SRF3PMAS+EOwplGtgUXYhgYBHNikKM9Vk7Ua3DFxcMm1ZKhL3Z+O0OloLapLaR3x
HEivYRaVoKdVNZfl4rMsjyp7fnU07w==
=ex8u
-----END PGP SIGNATURE-----
Binary file modified amd/amd_sev_fam19h_model0xh.sbin
View file
Open in desktop
Binary file not shown.
Binary file modified amd/amd_sev_fam19h_model1xh.sbin
View file
Open in desktop
Binary file not shown.
Binary file modified amd/amd_sev_fam19h_modelaxh.sbin
View file
Open in desktop
Binary file not shown.
Binary file added amd/amd_sev_fam1ah_model0xh.sbin
View file
Open in desktop
Binary file not shown.
39 changes: 39 additions & 0 deletions debian/changelog
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,42 @@
amd64-microcode (3.20250311.1) unstable; urgency=medium

* Update package data from linux-firmware 20250311
* New AMD-SEV firmware from AMD upstream (20250221)
* SECURITY UPDATE (AMD-SB-3019 / CVE-2024-56161):
Update remote attestation to be compatible with AMD systems with
up-to-date firmware (i.e. which fixes "EntrySign"), and update
AMD-SEV for AMD-SB-3019 mitigations. Note that this AMD-SEV
update DOES NOT FIX the microcode "EntrySign" vulnerability.
(closes: #1095470)
+ Updated SEV firmware:
Family 17h models 30h-3fh: version 0.24 build 20
Family 19h models 00h-0fh: version 1.55 build 29
Family 19h models 10h-1fh: version 1.55 build 39
Family 19h models a0h-afh: version 1.55 build 39
+ New SEV firmware:
Family 1ah models 00h-0fh: version 1.55 build 54
* New AMD microcode updates from AMD upstream (20241121)
+ Add patches for many (non-server) family 19h processors
* Updated Microcode patches:
+ Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a0000a
* New Microcode patches:
+ Family=0x17 Model=0x60 Stepping=0x01: Patch=0x0860010d
+ Family=0x17 Model=0x68 Stepping=0x01: Patch=0x08608108
+ Family=0x17 Model=0x71 Stepping=0x00: Patch=0x08701034
+ Family=0x19 Model=0x08 Stepping=0x02: Patch=0x0a00820c
+ Family=0x19 Model=0x18 Stepping=0x01: Patch=0x0a108108
+ Family=0x19 Model=0x21 Stepping=0x00: Patch=0x0a20102d
+ Family=0x19 Model=0x21 Stepping=0x02: Patch=0x0a201210
+ Family=0x19 Model=0x44 Stepping=0x01: Patch=0x0a404107
+ Family=0x19 Model=0x50 Stepping=0x00: Patch=0x0a500011
+ Family=0x19 Model=0x61 Stepping=0x02: Patch=0x0a601209
+ Family=0x19 Model=0x74 Stepping=0x01: Patch=0x0a704107
+ Family=0x19 Model=0x75 Stepping=0x02: Patch=0x0a705206
+ Family=0x19 Model=0x78 Stepping=0x00: Patch=0x0a708007
+ Family=0x19 Model=0x7c Stepping=0x00: Patch=0x0a70c005

-- Henrique de Moraes Holschuh <hmh@debian.org> Sun, 23 Mar 2025 21:13:20 -0300

amd64-microcode (3.20240820.1) unstable; urgency=high

* Update package data from linux-firmware 20240820
Expand Down
Loading