m/node: build microcode payloads This adds a builder for loadable microcode payloads for the Linux kernel and microcode for Intel and AMD CPUs. It also adds a rule generating a microcode payload for Metropolis at //metropolis/node:ucode but does not integrate it yet. Change-Id: I00145e4c983d9ff3e81881e92cbecc3e09392665 Reviewed-on: https://review.monogon.dev/c/monogon/+/546 Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>

commit: 80deba52ce3d1ff3c60fa2901cbbb0135e40f90b [log] [tgz]
author: Lorenz Brun <lorenz@monogon.tech> Thu Feb 24 17:07:13 2022 +0100
committer: Lorenz Brun <lorenz@monogon.tech> Tue Mar 01 19:32:09 2022 +0000
tree: 659869cf80fae0c808d7caae2d8341669bd8e1c5
parent: ac82c0d984cd23b4b35163b223c9ed0001df8f55 [diff] [blame]
diff --git a/third_party/intel_ucode/external.bzl b/third_party/intel_ucode/external.bzl
new file mode 100644
index 0000000..4e68775
--- /dev/null
+++ b/third_party/intel_ucode/external.bzl

@@ -0,0 +1,18 @@
+load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
+
+def intel_ucode_external(name, version):
+    sums = {
+        "20220207": "532527bd17f3ea6664452b536699818a3bf896e4ace689a43a73624711b7c921",
+    }
+    all_content = """
+# Anything other than family 6 is not interesting to us
+filegroup(name = "fam6h", srcs = glob(["intel-ucode/06-*"]), visibility = ["//visibility:public"])
+    """
+
+    http_archive(
+        name = name,
+        build_file_content = all_content,
+        sha256 = sums[version],
+        strip_prefix = "Intel-Linux-Processor-Microcode-Data-Files-microcode-" + version,
+        urls = ["https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/refs/tags/microcode-%s.tar.gz" % version],
+    )
commit	80deba52ce3d1ff3c60fa2901cbbb0135e40f90b	[log] [tgz]
author	Lorenz Brun <lorenz@monogon.tech>	Thu Feb 24 17:07:13 2022 +0100
committer	Lorenz Brun <lorenz@monogon.tech>	Tue Mar 01 19:32:09 2022 +0000
tree	659869cf80fae0c808d7caae2d8341669bd8e1c5
parent	ac82c0d984cd23b4b35163b223c9ed0001df8f55 [diff] [blame]