| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Nov 2009 18:09:39 +0100 From: Borislav Petkov <borislav.petkov@....com> To: Dmitry Adamushko <dmitry.adamushko@...il.com> CC: Andreas Herrmann <herrmann.der.user@...glemail.com>, Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org, "H. Peter Anvin" <hpa@...or.com>, Mike Travis <travis@....com>, Tigran Aivazian <tigran@...azian.fsnet.co.uk>, Thomas Gleixner <tglx@...utronix.de>, Andreas Mohr <andi@...as.de>, Jack Steiner <steiner@....com> Subject: Re: [ RFC, PATCH - 1/2, v2 ] x86-microcode: refactor microcode output messages On Thu, Nov 12, 2009 at 04:48:34PM +0100, Dmitry Adamushko wrote: > request_firmware_nowait() sends an async request which can be > preserved (and this is an assumption -- I haven't really verified it > yet) until some latter stage when user-space has been started and is > capable of handling (cached) firmware-load requests. I may be (and > perhaps I'm) wrong with the above assumption and the solution is > either never build such a module into the kernel or only do it with > built-in firmware blobs. I don't think built-in blobs is the way we want to go here - in that case updating the microcode would require rebuilding the kernel, which is a clear overkill and exactly the opposite of what we should be doing. Imagine a big supercomputer consisting of several thousand nodes, all with identical CPUs. Now, everytime there's microcode patch available, you have to reboot all those machines after having distributed the updated kernel images just so that all nodes have their microcode updated. Many admins would go: "Hmm, no!" What actually got somehow dropped from Andreas' patch and which we talked about and agreed upon earlier is that the best thing to do would be to do $ rmmod microcode $ modprobe microcode after having copied the new ucode patch to /lib/firmware without disturbing the machine execution. The async _nowait() version sounds good but in that case you're still going to need to trigger the microcode update somehow (and AFAIK there's no mechanism for that yet.) So reloading the module is the easiest thing and it doesn't need any code changes except the Kconfig oneliner. Hmm... -- Regards/Gruss, Boris. Operating | Advanced Micro Devices GmbH System | Karl-Hammerschmidt-Str. 34, 85609 Dornach b. München, Germany Research | Geschäftsführer: Andrew Bowd, Thomas M. McCoy, Giuliano Meroni Center | Sitz: Dornach, Gemeinde Aschheim, Landkreis München (OSRC) | Registergericht München, HRB Nr. 43632 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists