| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Oct 2022 13:09:00 -0700
From: Ashok Raj <ashok.raj@...el.com>
To: Borislav Petkov <bp@...en8.de>,
Thomas Gleixner <tglx@...utronix.de>
Cc: Tony Luck <tony.luck@...el.com>,
Dave Hansen <dave.hansen@...el.com>,
LKML Mailing List <linux-kernel@...r.kernel.org>,
X86-kernel <x86@...nel.org>,
Tom Lendacky <thomas.lendacky@....com>,
Arjan van de Ven <arjan.van.de.ven@...el.com>,
Jacob Jun Pan <jacob.jun.pan@...el.com>
Subject: [PATCH 00/13] Make microcode loading more robust
This series adds more robustness to microcode loading.
- Adds proper quiesce to sibling threads in an NMI handler.
- Fixes some nasty early loading bugs that are there for a long time.
- Adds a minimum revision ID to Intel patch meta-data, requested by Thomas.
- Turns microcode late loading back on by default.
- Adds some debugfs support to provide ability to test the microcode flows
without the need for a new microcode.
This series has too many changes from previous post, but for anecdotal
references.
https://lore.kernel.org/lkml/20220817051127.3323755-1-ashok.raj@intel.com/
Here is a summary of those patches.
patch1: Allow printing the old and new rev during an early update
patch2: Fix a potential bug during CPU hot-add flow for microcode update.
patch3: Fixes a nasty early loading bug that locks up with endless retries.
patch4: Add a helper to perform self NMI
patch5: Drop siblings in NMI while primary thread updates the microcode.
patch6: Rename refresh_fw to late_loading, in preparation for min-rev patches.
patch7: Move late loading warning to the same function as where taint happens.
patch8: Adds support for microcode meta-data to declare a minimum version
patch9: Add a generic way to declare support for min-rev across vendors.
patch10: Drop wbinvd(), its not required after patch7.
patch11: Print microcode updated messages only when its successfully loaded
patch12: Issue a warning if MCE arrives while a microcode update is in progress.
patch13: Debug patch: To permit testing repeated loading of microcode.
Ashok Raj (12):
x86/microcode/intel: Print old and new rev after early microcode
update
x86/microcode: Do not load from filesystem for CPU hot add
x86/microcode/intel: Fix a hang if early loading microcode fails
x86/microcode: Place siblings in NMI loop while update in progress
x86/microcode: Rename refresh_fw to late_loading
x86/microcode: Move late-load warning to earlier where kernel taint
happens
x86/microcode/intel: Add minimum required revision to microcode header
x86/microcode: Add a generic mechanism to declare support for minrev
x86/microcode/intel: Drop wbinvd() from microcode loading
x86/microcode: Display revisions only when update is successful
x86/mce: Warn of a microcode update is in progress when MCE arrives
x86/microcode/intel: Add ability to update microcode even if rev is
unchanged
Jacob Pan (1):
x86/x2apic: Support x2apic self IPI with NMI_VECTOR
arch/x86/include/asm/microcode.h | 39 ++++++-
arch/x86/include/asm/microcode_intel.h | 4 +-
arch/x86/kernel/apic/x2apic_phys.c | 6 +-
arch/x86/kernel/cpu/mce/core.c | 5 +
arch/x86/kernel/cpu/microcode/amd.c | 6 +-
arch/x86/kernel/cpu/microcode/core.c | 156 ++++++++++++++++++++++---
arch/x86/kernel/cpu/microcode/intel.c | 85 +++++++++-----
arch/x86/kernel/cpu/microcode/nmi.c | 72 ++++++++++++
arch/x86/kernel/nmi.c | 7 ++
arch/x86/Kconfig | 7 +-
arch/x86/kernel/cpu/microcode/Makefile | 1 +
11 files changed, 332 insertions(+), 56 deletions(-)
create mode 100644 arch/x86/kernel/cpu/microcode/nmi.c
--
2.34.1
Powered by blists - more mailing lists