If the distribution does not have it by default, please include the instructions to use it on the system.

Note: I can’t compile the libre kernel from the source.

  • refalo
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    1 month ago

    I would argue they’re not safe to use because they block security updates like CPU microcode in the name of absolute freedom.

    • kixik@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      1 month ago

      Not sure why you mentioned this. At least on Arc, or any distro based on it like Artix, the ucode per CPU is offered as a separate package:

      % pacman -Ss ucode
      system/amd-ucode 20241111.b5885ec5-1
          Microcode update image for AMD CPUs
      world/intel-ucode 20241112-1 [installed]
          Microcode update files for Intel CPUs
      world/iucode-tool 2.3.1-5
          Tool to manipulate Intel
      galaxy/amd-ucode-xz 20230625.ee91452d-4
          Microcode update image for AMD CPUs
      extra/intel-ucode 20241112-1 [installed]
          Microcode update files for Intel CPUs
      extra/iucode-tool 2.3.1-5
          Tool to manipulate Intel
      

      If your distro doesn’t help with ucode packages, you can ultimately download it from intel/amd/whatever. And the same applies for the hardware firmware in general.

      So it’s true that some hardware won’t properly work out of the box by using libre-linux, but nothing prevents you from getting the required firmware from other packages or sources. Granted that doesn’t make things easier. And granted that might defeat the purpose of using linux-libre, but you might at least only add only strictly required binary blobs for your current hardware.

      • refalo
        link
        fedilink
        arrow-up
        2
        ·
        1 month ago

        real linux-libre distros do not offer microcode packages because they are non-free

    • underscores@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      23 days ago

      That’s definitely a factor to consider, but running binary blobs that you don’t have the source for is also a risk. It comes down to what threat vectors you think are important and what risks you’re willing to take.