lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 14 Apr 2023 10:38:54 -0000
From:   "tip-bot2 for Borislav Petkov (AMD)" <tip-bot2@...utronix.de>
To:     linux-tip-commits@...r.kernel.org
Cc:     "Borislav Petkov (AMD)" <bp@...en8.de>, x86@...nel.org,
        linux-kernel@...r.kernel.org
Subject: [tip: x86/microcode] x86/microcode: Do not taint when late loading on AMD

The following commit has been merged into the x86/microcode branch of tip:

Commit-ID:     7bc9c1df89a3e5496ace55c198ff09409da0feb0
Gitweb:        https://git.kernel.org/tip/7bc9c1df89a3e5496ace55c198ff09409da0feb0
Author:        Borislav Petkov (AMD) <bp@...en8.de>
AuthorDate:    Fri, 03 Mar 2023 12:46:49 +01:00
Committer:     Borislav Petkov (AMD) <bp@...en8.de>
CommitterDate: Fri, 14 Apr 2023 12:27:36 +02:00

x86/microcode: Do not taint when late loading on AMD

Describe why the concurrency issues which late loading poses are not
affecting AMD hardware, after discussing it with hw folks. Thus, do not
taint when late loading on it.

Signed-off-by: Borislav Petkov (AMD) <bp@...en8.de>
Link: https://lore.kernel.org/r/20230411125056.2333-1-bp@alien8.de
---
 Documentation/x86/microcode.rst      | 10 ++++++++++
 arch/x86/kernel/cpu/microcode/core.c |  9 +++++----
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/Documentation/x86/microcode.rst b/Documentation/x86/microcode.rst
index b627c6f..15b52e2 100644
--- a/Documentation/x86/microcode.rst
+++ b/Documentation/x86/microcode.rst
@@ -208,6 +208,16 @@ Basically there is no way to declare a new microcode update suitable
 for late-loading. This is another one of the problems that caused late
 loading to be not enabled by default.
 
+AMD
+---
+
+Late loading on AMD does not have the concurrency issues described
+above: when loading is attempted on T0, the T1 is quiesced and does not
+execute instructions. Therefore, even if a higher priority interrupt or
+a fault happens, the whole core will see it either before the microcode
+patch has been applied or after. In either case, T0 and T1 will have the
+same microcode revision and nothing intermediate.
+
 Builtin microcode
 =================
 
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 7a329e5..22cf57c 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -440,9 +440,6 @@ static int microcode_reload_late(void)
 	int old = boot_cpu_data.microcode, ret;
 	struct cpuinfo_x86 prev_info;
 
-	pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
-	pr_err("You should switch to early loading, if possible.\n");
-
 	atomic_set(&late_cpus_in,  0);
 	atomic_set(&late_cpus_out, 0);
 
@@ -498,7 +495,11 @@ put:
 	if (ret == 0)
 		ret = size;
 
-	add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
+	if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD) {
+		pr_err("Late microcode loading is dangerous and taints the kernel.\n");
+		pr_err("You should switch to early loading if possible.\n");
+		add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
+	}
 
 	return ret;
 }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ