[PATCH v1 Part2 0/5] Declare safe late loadable microcode

From: Ashok Raj
Date: Fri Jan 13 2023 - 12:43:44 EST

Next message: Ashok Raj: "[PATCH v1 Part2 1/5] x86/microcode: Move late load warning to the same function that taints kernel"
Previous message: Mark Brown: "Re: next: BUG: kernel NULL pointer dereference, address: 0000000000000008 - RIP: 0010:do_wp_page"
Next in thread: Ashok Raj: "[PATCH v1 Part2 1/5] x86/microcode: Move late load warning to the same function that taints kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Boris & Thomas,

Attached is a series that adds support for microcode to declare a minimum
revision number that is safe for late loading.

Late loading was disabled[1] in 5.19 due to lack of an ability to declare
when a microcode is safe for late loading.

This series is inspired by recommendations from Thomas [2].

This series is part2 and applies on top of that cleanup series part1[3].

- Move where the warning and tainting is done to the same function. It
helps when later patches enable late loading, to issue the warning only
when the vendor doesn't support a mechanism for declaring a microcode
for safe late loading.

- Add meta-data for Intel microcode to specify a minimum revision that the
CPU must be on before attempting to load this microcode.

- Extend this as a generic mechanism to allow the common infrastructure to
permit late loading.

- Some CPUs required a wbinvd() to be issued before attempting to load a
microcode. These were later addressed via microcode patches. Now there
exists a mechanism to declare a minimum revision, those flushes aren't
required any longer.

- Provide a mechanism to override minrev as a way to bypass during the
transition. It is recommended to always use early loading, especially if
one is moving to a newer kernel. This is a chicken bit option :) and
completely optional.

[1] https://lore.kernel.org/lkml/20220524185324.28395-3-bp@xxxxxxxxx/
[2] https://lore.kernel.org/linux-kernel/alpine.DEB.2.21.1909062237580.1902@xxxxxxxxxxxxxxxxxxxxxxx/
[3] https://lore.kernel.org/lkml/20230109153555.4986-1-ashok.raj@xxxxxxxxx/

Cheers,
Ashok

Cc: LKML <linux-kernel@xxxxxxxxxxxxxxx>
Cc: x86 <x86@xxxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: Tony Luck <tony.luck@xxxxxxxxx>
Cc: Dave Hansen <dave.hansen@xxxxxxxxx>
Cc: Alison Schofield <alison.schofield@xxxxxxxxx>
Cc: Reinette Chatre <reinette.chatre@xxxxxxxxx>
Cc: Thomas Gleixner (Intel) <tglx@xxxxxxxxxxxxx>
Cc: Tom Lendacky <thomas.lendacky@xxxxxxx>
Cc: Stefan Talpalaru <stefantalpalaru@xxxxxxxxx>
Cc: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
Cc: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx>
Cc: Jonathan Corbet <corbet@xxxxxxx>
Cc: Rafael J. Wysocki <rafael@xxxxxxxxxx>
Cc: Peter Zilstra (Intel) <peterz@xxxxxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxx>
Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>

Ashok Raj (5):
x86/microcode: Move late load warning to the same function that taints
kernel
x86/microcode/intel: Add minimum required revision to microcode header
x86/microcode: Add a generic mechanism to declare support for minrev
x86/microcode/intel: Drop wbinvd() from microcode loading
x86/microcode: Provide an option to override minrev enforcement

arch/x86/include/asm/microcode.h | 4 ++
arch/x86/include/asm/microcode_intel.h | 3 +-
arch/x86/kernel/cpu/microcode/core.c | 36 ++++++++++++++---
arch/x86/kernel/cpu/microcode/intel.c | 55 ++++++++++++++++++++------
arch/x86/Kconfig | 7 ++--
5 files changed, 83 insertions(+), 22 deletions(-)

--
2.34.1

Next message: Ashok Raj: "[PATCH v1 Part2 1/5] x86/microcode: Move late load warning to the same function that taints kernel"
Previous message: Mark Brown: "Re: next: BUG: kernel NULL pointer dereference, address: 0000000000000008 - RIP: 0010:do_wp_page"
Next in thread: Ashok Raj: "[PATCH v1 Part2 1/5] x86/microcode: Move late load warning to the same function that taints kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]