| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YpCuyrqc/YEmdPs6@zn.tnic>
Date: Fri, 27 May 2022 12:58:18 +0200
From: Borislav Petkov <bp@...en8.de>
To: Ingo Molnar <mingo@...nel.org>
Cc: X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>,
Peter Zijlstra <peterz@...radead.org>,
Andrew Cooper <andrew.cooper3@...rix.com>
Subject: Re: [RFC PATCH 2/3] x86/microcode: Default-disable late loading
On Fri, May 27, 2022 at 12:37:24PM +0200, Ingo Molnar wrote:
> Might make sense to outline here valid circumstances under which late
> loading is used? Such as some weird kernel package that doesn't have the
> latest firmware included in the initrd?
Well, considering how we do correctness first, functionality later, I'd
really really like to not do late loading at all.
I wasn't aware of this sequence Cooper gave me on IRC but consider what
happens where one thread is doing the microcode uploading and the other
gets an NMI!
Our "precious" dance we have right now is not protected against that
scenario so *actually*, if we have to do the right thing, we should not
do late loading at all and zap it.
> Because it's hard (for me) to see any valid circumstance under which late
> loading should be supported at all TBH: new kernels where this patch is
> active would come with a modern package.
>
> Ie. we should consider removing late loading altogether.
Yap, exactly.
Late loading is actually broken as it is right now, IMNSVHO.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists