lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 06 Dec 2011 19:34:37 +0530
From:	"Srivatsa S. Bhat" <srivatsa.bhat@...ux.vnet.ibm.com>
To:	Borislav Petkov <bp@...64.org>
CC:	Ingo Molnar <mingo@...e.hu>, Fenghua Yu <fenghua.yu@...el.com>,
	"Rafael J. Wysocki" <rjw@...k.pl>,
	Thomas Gleixner <tglx@...utronix.de>,
	H Peter Anvin <hpa@...or.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Tony Luck <tony.luck@...el.com>,
	Arjan van de Ven <arjan.van.de.ven@...el.com>,
	Suresh B Siddha <suresh.b.siddha@...el.com>,
	Len Brown <len.brown@...el.com>,
	Randy Dunlap <rdunlap@...otime.net>,
	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
	Peter Zijlstra <peterz@...radead.org>,
	linux-kernel <linux-kernel@...r.kernel.org>,
	linux-pm <linux-pm@...r.kernel.org>, x86 <x86@...nel.org>,
	Tejun Heo <tj@...nel.org>,
	"Herrmann3, Andreas" <Andreas.Herrmann3@....com>
Subject: Re: [PATCH v4 0/7] x86: BSP or CPU0 online/offline

On 12/06/2011 06:30 PM, Borislav Petkov wrote:

> On Tue, Dec 06, 2011 at 04:17:58PM +0530, Srivatsa S. Bhat wrote:
>> In this case, the other patch that I mentioned in my previous mail
>> would be required (or an equivalent), because the optimization
>> patch which is now in mainline, would apply the same old microcode
>> image on this new CPU too, blindly.
> 
> Not blindly, the microcode is still verified.
> 


I saw your other mail about the validity of this whole scenario, and I
kind of agree to your point.

My thoughts below might not be so relevant/significant considering that,
but anyways, just to understand what you said above:
I didn't quite find where the microcode is verified if the kernel happens
to have the microcode image already.

>From what I saw, microcode image is not freed nor invalidated when a
CPU goes down (which was introduced by the optimization patch). And hence,
when the CPU comes back up, the call sequence would look something like:

case CPU_ONLINE:
case CPU_ONLINE_FROZEN:
    * microcode_update_cpu(cpu);
        * microcode_resume_cpu(cpu) /* Because uci->valid was 1 */
            * eventually calls apply_microcode_amd(cpu) for AMD or
                               apply_microcode(cpu) for Intel

And both these functions simply write the microcode image to the CPU
and then check whether the _write_ was successful, (not whether the required
microcode version was applied).

That was why, to take care of this, the other patch (below) was written, IMHO.
http://thread.gmane.org/gmane.linux.kernel/1205405/
 
Regards,
Srivatsa S. Bhat

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ