[tip:,x86/microcode] x86/microcode: Do not taint when late loading on AMD
Commit Message
The following commit has been merged into the x86/microcode branch of tip:
Commit-ID: 09b951476df9eadf15f2acba7568fa35e4b2313b
Gitweb: https://git.kernel.org/tip/09b951476df9eadf15f2acba7568fa35e4b2313b
Author: Borislav Petkov (AMD) <bp@alien8.de>
AuthorDate: Fri, 03 Mar 2023 12:46:49 +01:00
Committer: Borislav Petkov (AMD) <bp@alien8.de>
CommitterDate: Sun, 12 Mar 2023 21:32:51 +01:00
x86/microcode: Do not taint when late loading on AMD
Describe why the concurrency issues which late loading poses are not
affecting AMD hardware, after discussing it with hw folks. Thus, do not
taint when late loading on it.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230303114649.18552-1-bp@alien8.de
---
Documentation/x86/microcode.rst | 10 ++++++++++
arch/x86/kernel/cpu/microcode/core.c | 3 ++-
2 files changed, 12 insertions(+), 1 deletion(-)
Comments
On Sun, Mar 12, 2023 at 08:47:36PM -0000, tip-bot2 for Borislav Petkov (AMD) wrote:
> The following commit has been merged into the x86/microcode branch of tip:
>
> Commit-ID: 09b951476df9eadf15f2acba7568fa35e4b2313b
> Gitweb: https://git.kernel.org/tip/09b951476df9eadf15f2acba7568fa35e4b2313b
> Author: Borislav Petkov (AMD) <bp@alien8.de>
> AuthorDate: Fri, 03 Mar 2023 12:46:49 +01:00
> Committer: Borislav Petkov (AMD) <bp@alien8.de>
> CommitterDate: Sun, 12 Mar 2023 21:32:51 +01:00
>
> x86/microcode: Do not taint when late loading on AMD
>
> Describe why the concurrency issues which late loading poses are not
> affecting AMD hardware, after discussing it with hw folks. Thus, do not
> taint when late loading on it.
>
> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
> Link: https://lore.kernel.org/r/20230303114649.18552-1-bp@alien8.de
Forgot to adjust the error message too. Updated patch coming up.
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 779f70547fb7..22cf57c899b6 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -440,9 +440,6 @@ static int microcode_reload_late(void)
int old = boot_cpu_data.microcode, ret;
struct cpuinfo_x86 prev_info;
- pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
- pr_err("You should switch to early loading, if possible.\n");
-
atomic_set(&late_cpus_in, 0);
atomic_set(&late_cpus_out, 0);
@@ -498,8 +495,11 @@ static ssize_t reload_store(struct device *dev,
if (ret == 0)
ret = size;
- if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD)
+ if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD) {
+ pr_err("Late microcode loading is dangerous and taints the kernel.\n");
+ pr_err("You should switch to early loading if possible.\n");
add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
+ }
return ret;
}
@@ -208,6 +208,16 @@ Basically there is no way to declare a new microcode update suitable
for late-loading. This is another one of the problems that caused late
loading to be not enabled by default.
+AMD
+---
+
+Late loading on AMD does not have the concurrency issues described
+above: when loading is attempted on T0, the T1 is quiesced and does not
+execute instructions. Therefore, even if a higher priority interrupt or
+a fault happens, the whole core will see it either before the microcode
+patch has been applied or after. In either case, T0 and T1 will have the
+same microcode revision and nothing intermediate.
+
Builtin microcode
=================
@@ -498,7 +498,8 @@ put:
if (ret == 0)
ret = size;
- add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
+ if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD)
+ add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
return ret;
}