| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260108165028.27417-1-bp@kernel.org>
Date: Thu, 8 Jan 2026 17:50:28 +0100
From: Borislav Petkov <bp@...nel.org>
To: X86 ML <x86@...nel.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
"Borislav Petkov (AMD)" <bp@...en8.de>
Subject: [PATCH] x86/microcode/AMD: Allow loader debugging to be enabled on baremetal too
From: "Borislav Petkov (AMD)" <bp@...en8.de>
Debugging the loader on baremetal does make sense, so enable it there
too.
Signed-off-by: Borislav Petkov (AMD) <bp@...en8.de>
---
arch/x86/Kconfig | 8 +++++---
arch/x86/kernel/cpu/microcode/amd.c | 4 ++--
arch/x86/kernel/cpu/microcode/core.c | 16 ++++++++++++----
arch/x86/kernel/cpu/microcode/internal.h | 1 +
4 files changed, 20 insertions(+), 9 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 80527299f859..c10593768984 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1366,10 +1366,12 @@ config MICROCODE_DBG
default n
depends on MICROCODE
help
- Enable code which allows for debugging the microcode loader in
- a guest. Meaning the patch loading is simulated but everything else
+ Enable code which allows to debug the microcode loader. When running
+ in a guest the patch loading is simulated but everything else
related to patch parsing and handling is done as on baremetal with
- the purpose of debugging solely the software side of things.
+ the purpose of debugging solely the software side of things. On
+ baremetal, it simply dumps additional debugging information during
+ normal operation.
You almost certainly want to say n here.
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 46673530bc6f..caa0f595abcf 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -322,7 +322,7 @@ static u32 get_patch_level(void)
{
u32 rev, dummy __always_unused;
- if (IS_ENABLED(CONFIG_MICROCODE_DBG)) {
+ if (IS_ENABLED(CONFIG_MICROCODE_DBG) && hypervisor_present) {
int cpu = smp_processor_id();
if (!microcode_rev[cpu]) {
@@ -714,7 +714,7 @@ static bool __apply_microcode_amd(struct microcode_amd *mc, u32 *cur_rev,
invlpg(p_addr_end);
}
- if (IS_ENABLED(CONFIG_MICROCODE_DBG))
+ if (IS_ENABLED(CONFIG_MICROCODE_DBG) && hypervisor_present)
microcode_rev[smp_processor_id()] = mc->hdr.patch_id;
/* verify patch application was successful */
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 68049f171860..651202e6fefb 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -57,6 +57,8 @@ bool force_minrev = IS_ENABLED(CONFIG_MICROCODE_LATE_FORCE_MINREV);
u32 base_rev;
u32 microcode_rev[NR_CPUS] = {};
+bool hypervisor_present;
+
/*
* Synchronization.
*
@@ -117,7 +119,13 @@ bool __init microcode_loader_disabled(void)
* Disable when:
*
* 1) The CPU does not support CPUID.
- *
+ */
+ if (!cpuid_feature()) {
+ dis_ucode_ldr = true;
+ return dis_ucode_ldr;
+ }
+
+ /*
* 2) Bit 31 in CPUID[1]:ECX is clear
* The bit is reserved for hypervisor use. This is still not
* completely accurate as XEN PV guests don't see that CPUID bit
@@ -127,9 +135,9 @@ bool __init microcode_loader_disabled(void)
* 3) Certain AMD patch levels are not allowed to be
* overwritten.
*/
- if (!cpuid_feature() ||
- ((native_cpuid_ecx(1) & BIT(31)) &&
- !IS_ENABLED(CONFIG_MICROCODE_DBG)) ||
+ hypervisor_present = native_cpuid_ecx(1) & BIT(31);
+
+ if ((hypervisor_present && !IS_ENABLED(CONFIG_MICROCODE_DBG)) ||
amd_check_current_patch_level())
dis_ucode_ldr = true;
diff --git a/arch/x86/kernel/cpu/microcode/internal.h b/arch/x86/kernel/cpu/microcode/internal.h
index a10b547eda1e..3b93c0676b4f 100644
--- a/arch/x86/kernel/cpu/microcode/internal.h
+++ b/arch/x86/kernel/cpu/microcode/internal.h
@@ -48,6 +48,7 @@ extern struct early_load_data early_data;
extern struct ucode_cpu_info ucode_cpu_info[];
extern u32 microcode_rev[NR_CPUS];
extern u32 base_rev;
+extern bool hypervisor_present;
struct cpio_data find_microcode_in_initrd(const char *path);
--
2.51.0
Powered by blists - more mailing lists