Re: [RFC PATCH 2/3] x86/microcode: Default-disable late loading

[Borislav Petkov]

On Fri, May 27, 2022 at 12:37:24PM +0200, Ingo Molnar wrote:
> Might make sense to outline here valid circumstances under which late 
> loading is used? Such as some weird kernel package that doesn't have the 
> latest firmware included in the initrd?

Well, considering how we do correctness first, functionality later, I'd
really really like to not do late loading at all.

I wasn't aware of this sequence Cooper gave me on IRC but consider what
happens where one thread is doing the microcode uploading and the other
gets an NMI!

Our "precious" dance we have right now is not protected against that
scenario so *actually*, if we have to do the right thing, we should not
do late loading at all and zap it.

> Because it's hard (for me) to see any valid circumstance under which late 
> loading should be supported at all TBH: new kernels where this patch is 
> active would come with a modern package.
> 
> Ie. we should consider removing late loading altogether.

Yap, exactly.

Late loading is actually broken as it is right now, IMNSVHO.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette