That means the whitelist ends up basically empty right now. Should I
add a command line parameter to override it? Otherwise we end up having
to rebuild the kernel every time there's a microcode release which
covers a new CPU SKU (which is why I kind of hate the whitelist, but
Arjan is very insistent...)
Ick, no, whitelists are a pain for everyone involved. Don't do that
unless it is absolutely the only way it will ever work.
Arjan, why do you think this can only be done as a whitelist?