m/node: build microcode payloads This adds a builder for loadable microcode payloads for the Linux kernel and microcode for Intel and AMD CPUs. It also adds a rule generating a microcode payload for Metropolis at //metropolis/node:ucode but does not integrate it yet. Change-Id: I00145e4c983d9ff3e81881e92cbecc3e09392665 Reviewed-on: https://review.monogon.dev/c/monogon/+/546 Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>

commit: 80deba52ce3d1ff3c60fa2901cbbb0135e40f90b [log] [tgz]
author: Lorenz Brun <lorenz@monogon.tech> Thu Feb 24 17:07:13 2022 +0100
committer: Lorenz Brun <lorenz@monogon.tech> Tue Mar 01 19:32:09 2022 +0000
tree: 659869cf80fae0c808d7caae2d8341669bd8e1c5
parent: ac82c0d984cd23b4b35163b223c9ed0001df8f55 [diff] [blame]
diff --git a/metropolis/node/BUILD.bazel b/metropolis/node/BUILD.bazel
index 72a8e11..1168cf5 100644
--- a/metropolis/node/BUILD.bazel
+++ b/metropolis/node/BUILD.bazel

@@ -2,6 +2,7 @@
 load("//metropolis/node/build:def.bzl", "erofs_image", "verity_image")
 load("//metropolis/node/build:efi.bzl", "efi_unified_kernel_image")
 load("//metropolis/node/build/fwprune:def.bzl", "fsspec_linux_firmware")
+load("//metropolis/node/build/mkucode:def.bzl", "cpio_ucode")
 load("@rules_pkg//:pkg.bzl", "pkg_zip")
 
 go_library(
@@ -28,6 +29,15 @@
     kernel = "//third_party/linux",
 )
 
+cpio_ucode(
+    name = "ucode",
+    ucode = {
+        "@linux-firmware//:amd_ucode": "AuthenticAMD",
+        "@intel_ucode//:fam6h": "GenuineIntel",
+    },
+    visibility = ["//metropolis:__subpackages__"],
+)
+
 erofs_image(
     name = "rootfs",
     extra_dirs = [
commit	80deba52ce3d1ff3c60fa2901cbbb0135e40f90b	[log] [tgz]
author	Lorenz Brun <lorenz@monogon.tech>	Thu Feb 24 17:07:13 2022 +0100
committer	Lorenz Brun <lorenz@monogon.tech>	Tue Mar 01 19:32:09 2022 +0000
tree	659869cf80fae0c808d7caae2d8341669bd8e1c5
parent	ac82c0d984cd23b4b35163b223c9ed0001df8f55 [diff] [blame]