Patch to /etc/default/intel-microcode needs to be updated
The build of Tails ISOs is currently broken since intel-microcode 3.20140913.1~bpo70+1 reached wheezy-backports, due to our patch against /etc/default/intel-microcode not applying anymore.
Update patch to include all Intel CPU microcodes (Closes: #8189).
First, make it actually apply on current /etc/default/intel-microcode.
Second, keep using IUCODE_TOOL_SCANCPUS=no, as we still want to include all
microcodes, not only the one(s) for the build machine's CPU.
Third, use forced early mode for IUCODE_TOOL_INITRAMFS:
- We can't use non-early initramfs mode anymore, since support for it has
- We could not use "early" mode with the previous version of the
intel-microcode packaging, since it only supported building on Intel CPU.
- Quoting debian/changelog: "early" mode now allows a "non-Intel box to
generate an early initramfs with microcode for an Intel box", and "on auto
mode, do nothing in a non-intel box. In forced "early" mode, attempt to run
So, this introduces a change in behaviour, but that's the best supported one,
the most robust one, and the one we wanted to use previously but could not.