lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 19 Dec 2012 13:48:33 -0800
From:	"H. Peter Anvin" <>
To:	Jacob Shin <>, Borislav Petkov <>,
	Yinghai Lu <>,
	"H. Peter Anvin" <>,
	"Yu, Fenghua" <>,
	"" <>,
	"" <>,
	"" <>,
	Konrad Rzeszutek Wilk <>,
	Stefano Stabellini <>
Subject: Re: [tip:x86/microcode] x86/microcode_intel_early.c: Early update ucode on Intel's CPU

There are a few very serious problems we need to figure out related to generalizing very early boot.  If this range gets mapped, will the CPU treat it as WB?  If so, with what consequences for either the HT region or the hole below it?

Jacob Shin <> wrote:

>On Wed, Dec 19, 2012 at 09:37:51PM +0100, Borislav Petkov wrote:
>> On Sat, Dec 15, 2012 at 03:17:05PM -0800, H. Peter Anvin wrote:
>> > On 12/15/2012 03:15 PM, Yinghai Lu wrote:
>> > >>
>> > >>That is for the kernel region itself (that code is actually
>unchanged from
>> > >>the current code), and yes, we could cap that one to _end if
>there are
>> > >>systems which have bugs in that area.  The dynamic page tables
>map 1G
>> > >>aligned at a time.
>> > >
>> > >dynamic should be 2M too.
>> > >
>> > >AMD system:
>> > >
>> >
>> > >
>> > >  BIOS-e820: [mem 0x0000000100000000-0x000000e037ffffff] usable
>> > >  BIOS-e820: [mem 0x000000e038000000-0x000000fcffffffff] reserved
>> > >  BIOS-e820: [mem 0x0000010000000000-0x0000011ffeffffff] usable
>> > >
>> > >the hole is not 1G aligned.
>> > >
>> > >or HT region is from e040000000 ?
>> > >
>> > 
>> > The HT region starts at 0xfd00000000 -- after that reserved region,
>> > so I have no idea what that particular system is trying to do or
>> > what is requirements are (nor what its MTRR setup is, since you
>> > didn't post it.)
>> This is something that Jacob should be able to answer since he's been
>> dealing with the 1T support.
>> Jacob, how is the HT hole marked on AMD? I know hazily that we do say
>> "all memory regions cacheable by default if not explicitly marked"
>> we need to exclude the HT hole from that, right?
>> So how are we doing that, MTRRs?
>HT hole is architectural, I guess in manuals somewhere and is:
>0xfd00000000 ~ 0x10000000000. CPU cannot generate memory read/write in
>that region.
>On that above particular system, there is 1TB of total RAM, and since
>we do not want to loose memory around the HT hole, what BIOS has done
>is programmed the DRAM controller to move the last 128 GB of memory
>to above the HT region. There are 8 memory nodes, the last DRAM
>address of the 7th node is 0xe038000000. Then there is a hole and the
>first address of the last memory node starts at 1TB.
>MTRRs only cover under 4GB, and does not cover the HT hole.
>Yinghai's mm patchset to only direct map regions backed by RAM solves
>our memory hole around HT area.
>I've tested Yinghai's patchset (several of early versions)
>successfully on our above 1TB system. I'll try the latest tip/mm2
>again sometime later today, but I'm pretty sure it should be fine.
>> Thanks.
>> -- 
>> Regards/Gruss,
>>     Boris.
>> Sent from a fat crate under my desk. Formatting is fine.
>> --

Sent from my mobile phone. Please excuse brevity and lack of formatting.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists