lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220817051127.3323755-1-ashok.raj@intel.com>
Date:   Wed, 17 Aug 2022 05:11:22 +0000
From:   Ashok Raj <ashok.raj@...el.com>
To:     Borislav Petkov <bp@...en8.de>,
        Thomas Gleixner <tglx@...utronix.de>
Cc:     Tony Luck <tony.luck@...el.com>,
        Dave Hansen <dave.hansen@...el.com>,
        "LKML Mailing List" <linux-kernel@...r.kernel.org>,
        X86-kernel <x86@...nel.org>,
        Andy Lutomirski <luto@...capital.net>,
        Tom Lendacky <thomas.lendacky@....com>,
        "Jacon Jun Pan" <jacob.jun.pan@...el.com>,
        Ashok Raj <ashok.raj@...el.com>
Subject: [PATCH v3 0/5] Making microcode late-load robust

Hi Boris

I thought v2 worked, but there were some glaring errors in them.
I added more trace and this did go through and finish. More testing would
help.

Let me know how you want to handle 1-3. patch4,5 needs more review and some
help testing on AMD as well.

v2: https://lore.kernel.org/lkml/20220816043754.3258815-1-ashok.raj@intel.com/
v1: https://lore.kernel.org/lkml/20220813223825.3164861-1-ashok.raj@intel.com/


Changes since v2

- Dropped Documentation, queued for tip
  https://lore.kernel.org/lkml/166063601497.401.9527776956724011207.tip-bot2@tip-bot2/

Patches: 1-3
   No Changes since v1

Patch4:
   x2apic doesn't handle NMI vector via the self IPI MSR, it can only
   send Fixed mode interrupts. Enhance send_IPI_self() to comprehend
   and use a function that will deliver to the NMI.

Patch5: 
   - Modified when the NMI was triggered. Moved it closer to when
     __reload_late() is running.
   - Used the new apic->send_IPI_self() support helper.
   - Added an atomic to check if the primary has completed the load.
   - Triggering the NMI and when its taken determines how long the primary
     CPU needs to wait. For Now i have no timeout, but will check on couple
     more platforms before coming with a number, so it can bail out if
     secondaries don't show up in a reasonable amount of time.

Ashok Raj (5):
  x86/microcode/intel: Check against CPU signature before saving
    microcode
  x86/microcode/intel: Allow a late-load only if a min rev is specified
  x86/microcode: Avoid any chance of MCE's during microcode update
  x86/x2apic: Support x2apic self IPI with NMI_VECTOR
  x86/microcode: Place siblings in NMI loop while update in progress

 arch/x86/include/asm/mce.h             |   4 +
 arch/x86/include/asm/microcode_intel.h |   4 +-
 arch/x86/kernel/apic/x2apic_phys.c     |   6 +-
 arch/x86/kernel/cpu/mce/core.c         |   9 +
 arch/x86/kernel/cpu/microcode/core.c   | 229 ++++++++++++++++++++++++-
 arch/x86/kernel/cpu/microcode/intel.c  |  34 +++-
 6 files changed, 274 insertions(+), 12 deletions(-)

-- 
2.32.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ