No announcement yet.

Updated microcode for coreboot BIOS devs

  • Filter
  • Time
  • Show
Clear All
new posts

  • Updated microcode for coreboot BIOS devs

    Good day! I have discovered a tech news article that says:

    " AMD has released CPU microcode updates for processors released as
    far as 2011 affected by the Spectre variant 2 (CVE-2017-5715)
    vulnerability. The company has forwarded these microcode updates to PC
    and motherboard makers to include them in BIOS updates. "

    However, we at coreboot have not received any microcode updates from AMD !
    I sent a letter below to [email protected] - no reply at all.
    Then we contacted a Tech Support but got an unhelpful reply from Santosh:

    " I request you to refer the below link for more information
    on the latest security flaw in Intel and AMD Chips. As of now
    we do not have much information regarding this issue."

    But we do not want to read about that vulnerability - we already know a lot !
    We just need the same updated microcode binaries which have been sent
    to Acer, Dell, HP, Gigabyte, Microsoft and many others, but didn't reach us

    Please could you forward this letter below to someone at AMD who has an
    access to the updated microcode binaries and could share them with us?

    Best regards,
    Mike Banon,
    coreboot BIOS firmware developer,
    [email protected]

    Subject: " Updated microcode for coreboot BIOS devs "

    We, the coreboot BIOS developers, have not received any microcode
    updates from AMD (aimed towards patching the spectre v2
    vulnerability). AMD sent these updated microcode binaries to many
    motherboard and BIOS development companies, but forgot to send these
    files to us at coreboot! Could you please provide a standalone
    download of your updated microcode binaries, to make it possible for
    us to include them to our coreboot BIOS running on AMD platforms ? We
    will appreciate if you will share these updated microcode binaries
    with us - maybe together with SHA-256 or SHA-512 hashes of these files
    or GnuPG signatures to ensure the security of transaction

    Best regards,
    Mike Banon,
    coreboot BIOS firmware engineer,
    [email protected]

    === END OF THE LETTER ===
    bridgman , bridgman

  • #2
    Originally posted by debianxfce View Post
    Use Asus motherboards and Bioses. With Ez Flash 3 you can flash new bioses via internet within bios
    Sadly the "Asus Bioses" (most likely you meant either AMI or InsydeH2O) - are not open source! I could not participate in their development and could not even check whether they contain the firmware backdoors. By the way, I already have one ASUS motherboard ( AM1I-A ) - and I am also running coreboot on it. In addition to being open source and free from backdoors, coreboot/SeaBIOS are providing so many opportunities - e.g. you could easily put Linux kernel there, or memtest, or even a floppy-based operating system like FreeDOS or KolibriOS. Possible to boot a floppy-based OS right from your BIOS flash chip - but, that is only possible with coreboot/SeaBIOS: no proprietary BIOSes could provide this exclusive opportunity