lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu,  2 Jul 2020 18:18:26 +0300
From:   Mihai Carabas <mihai.carabas@...cle.com>
To:     linux-kernel@...r.kernel.org
Cc:     tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, x86@...nel.org,
        boris.ostrovsky@...cle.com, konrad.wilk@...cle.com,
        Mihai Carabas <mihai.carabas@...cle.com>
Subject: [PATCH RFC 6/7] x86: cpu: bugs.c: reprobe bugs at runtime

Adapt check_bugs to be callable at runtime after the
microcode late loading has been done.

Also update SRBDS to reset the default value for srbds_mitigation and call
update_srbds_msr on all CPUs.

Signed-off-by: Mihai Carabas <mihai.carabas@...cle.com>
---
 arch/x86/kernel/cpu/bugs.c           | 37 ++++++++++++++++++++++++++----------
 arch/x86/kernel/cpu/microcode/core.c |  2 ++
 2 files changed, 29 insertions(+), 10 deletions(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 21b9df3..c4084d7 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -77,17 +77,19 @@
 
 void __ref check_bugs(void)
 {
-	identify_boot_cpu();
+	if (system_state != SYSTEM_RUNNING) {
+		identify_boot_cpu();
 
-	/*
-	 * identify_boot_cpu() initialized SMT support information, let the
-	 * core code know.
-	 */
-	cpu_smt_check_topology();
+		/*
+		 * identify_boot_cpu() initialized SMT support information,
+		 * let the core code know.
+		 */
+		cpu_smt_check_topology();
 
-	if (!IS_ENABLED(CONFIG_SMP)) {
-		pr_info("CPU: ");
-		print_cpu_info(&boot_cpu_data);
+		if (!IS_ENABLED(CONFIG_SMP)) {
+			pr_info("CPU: ");
+			print_cpu_info(&boot_cpu_data);
+		}
 	}
 
 	/*
@@ -112,6 +114,13 @@ void __ref check_bugs(void)
 	srbds_select_mitigation();
 
 	/*
+	 * If we are late loading the microcode, code below should
+	 * not be executed --- it is only needed during boot.
+	 */
+	if (system_state == SYSTEM_RUNNING)
+		return;
+
+	/*
 	 * As MDS and TAA mitigations are inter-related, print MDS
 	 * mitigation until after TAA mitigation selection is done.
 	 */
@@ -452,10 +461,17 @@ void update_srbds_msr(void)
 	wrmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
 }
 
+static void _update_srbds_msr(void *p)
+{
+	update_srbds_msr();
+}
+
 static void srbds_select_mitigation(void)
 {
 	u64 ia32_cap;
 
+	srbds_mitigation = SRBDS_MITIGATION_FULL;
+
 	if (!boot_cpu_has_bug(X86_BUG_SRBDS))
 		return;
 
@@ -473,7 +489,8 @@ static void srbds_select_mitigation(void)
 	else if (cpu_mitigations_off() || srbds_off)
 		srbds_mitigation = SRBDS_MITIGATION_OFF;
 
-	update_srbds_msr();
+	on_each_cpu(_update_srbds_msr, NULL, 1);
+
 	pr_info("%s\n", srbds_strings[srbds_mitigation]);
 }
 
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 2cd983a..6d327a0 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -31,6 +31,7 @@
 #include <linux/fs.h>
 #include <linux/mm.h>
 
+#include <asm/bugs.h>
 #include <asm/microcode_intel.h>
 #include <asm/cpu_device_id.h>
 #include <asm/microcode_amd.h>
@@ -669,6 +670,7 @@ static ssize_t reload_store(struct device *dev,
 
 	mutex_lock(&microcode_mutex);
 	ret = microcode_reload_late();
+	check_bugs();
 	mutex_unlock(&microcode_mutex);
 
 put:
-- 
1.8.3.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ