From patchwork Mon Jan 30 21:39:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashok Raj X-Patchwork-Id: 50512 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp2410521wrn; Mon, 30 Jan 2023 13:44:15 -0800 (PST) X-Google-Smtp-Source: AMrXdXtJJFzSn4pxISvSwFPWOQ0lyZFM7x1zE7rBJhqTPTl6f+ylUwsmH6zMz5Yu8hBb3ItNNybc X-Received: by 2002:a17:907:ca07:b0:86e:cb6c:4462 with SMTP id uk7-20020a170907ca0700b0086ecb6c4462mr48330038ejc.36.1675115055246; Mon, 30 Jan 2023 13:44:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1675115055; cv=none; d=google.com; s=arc-20160816; b=ZsnCdBFkQkc52XGD+9NUWlqI0D3zXbb0zjdCaweSX3EGoiKZ8+owzRWVeSUaJIbRh8 qYNDwRGOnU8aci/0HvgAbaPwzWSfu+bbasZb3JeFET9YrHvrfvjIVNWwKwLVQDcXVn/9 Ggn1NH0ebkwLQfx1s1VR5JI2bLLOCI1ohSm7Wq4NqQlM3/ObsN+iCKVe4IhibiEJqhhy LZGdgMyWdS4CxbwzaJzO4OdhOpmbcWQtcoX2zf3S6NId8QGXx3+Sru6LFezUmuqPoVfZ S7ZesIK2fIXkQecFWTtmdz5lHfz7yM2OsQTad28rZ1+Wmba1JBCMVZy6Ho1J2bnR0UFE zfJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Gfzx9XxO/4/MQEiQ8Azu2d4nqhj0k0I20EhMmIwLdmk=; b=lBhtE1eipgTPFV4v+7RD8CnbCiGQtS744vtZWxEBsyua55OPTZnbGSq7bd9lngLXp8 jR+ZzRvuei15JhiRqo3ruspFAAVYl0Wkcg0UoIB5Np1sHGG8B0m97kfxpU8B6OLi5bq3 aPzpbmQJ1rRbeIQPCRdJB0BvW778/cidVrSw0uv0CHZhC+SdKQCKUVDRXsHi0IsIn05G C3n5htGS8XeCZ7AbVwldMjcBRmVgngY15VXTfUju2zLK7ndu0jgicppWwhVaU4Ez4GHw uBmKBfCqwL8WqshHtLhRUD8ekSvsPjLZ6RoT8XYmqU9BaEQx4a2wBY2Ndc4gH7/Y5ZPr SokA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=I+8f5Vls; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id az13-20020a170907904d00b0087bd412d783si10458446ejc.771.2023.01.30.13.43.51; Mon, 30 Jan 2023 13:44:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=I+8f5Vls; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231476AbjA3Vki (ORCPT + 99 others); Mon, 30 Jan 2023 16:40:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57526 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230073AbjA3Vk1 (ORCPT ); Mon, 30 Jan 2023 16:40:27 -0500 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4995B3A848 for ; Mon, 30 Jan 2023 13:40:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1675114818; x=1706650818; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=iIQEszT1vO2aPTOWcm3Liobv4FND6X8rf9yqm6IiYKw=; b=I+8f5VlsB2TvnSZiS98a+BmZ65dKJr1JcSuBd5jDeJNHAt7F7qCqWoJN 1azwrfnwbVgvaR0EeP+por4b2eLJ9l2pl3creRONjdx9sMOklzmWnZOa4 44OWR+Q6p253THgFQMmjZwKe0csNiXwjblyP4xWpF0mbnIzTZcfL+ovk1 Bk32EHpv0EVKaNyTE4i43ripob/b8oLgjyFPtAjCbNzc9A4fab2FJP8vF 9/2LWnhTphtZqRQ2GUC/u8NSHAM3yF6sY7VjAyvtzte7k5AUpxIvH/FSU uPFCzRzPpg2bl8KoGJzErnnfk/EehDWekekb9GSogsSZaRhrHbtJoSoew Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10606"; a="328955574" X-IronPort-AV: E=Sophos;i="5.97,259,1669104000"; d="scan'208";a="328955574" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Jan 2023 13:40:13 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10606"; a="696571882" X-IronPort-AV: E=Sophos;i="5.97,259,1669104000"; d="scan'208";a="696571882" Received: from araj-ucode.jf.intel.com ([10.23.0.19]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Jan 2023 13:40:13 -0800 From: Ashok Raj To: Borislav Petkov , Thomas Gleixner Cc: Ashok Raj , LKML , x86 , Ingo Molnar , Tony Luck , Dave Hansen , Alison Schofield , Reinette Chatre , Tom Lendacky , Stefan Talpalaru , David Woodhouse , Benjamin Herrenschmidt , Jonathan Corbet , "Rafael J . Wysocki" , Peter Zilstra , Andy Lutomirski , Andrew Cooper Subject: [Patch v3 Part2 9/9] x86/microcode: Provide an option to override minrev enforcement Date: Mon, 30 Jan 2023 13:39:55 -0800 Message-Id: <20230130213955.6046-10-ashok.raj@intel.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20230130213955.6046-1-ashok.raj@intel.com> References: <20230130213955.6046-1-ashok.raj@intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1756485444361101216?= X-GMAIL-MSGID: =?utf-8?q?1756485444361101216?= Minimum Required Revision (minrev) is enforced strictly. All new patches will have a minrev that is not zero. But there might be a transition time for some that need this enforcement to be relaxed. When the override is enabled, the kernel will be tainted. Provide a debugfs variable to override the minrev enforcement. Signed-off-by: Ashok Raj Cc: LKML Cc: x86 Cc: Ingo Molnar Cc: Tony Luck Cc: Dave Hansen Cc: Alison Schofield Cc: Reinette Chatre Cc: Thomas Gleixner (Intel) Cc: Tom Lendacky Cc: Stefan Talpalaru Cc: David Woodhouse Cc: Benjamin Herrenschmidt Cc: Jonathan Corbet Cc: Rafael J. Wysocki Cc: Peter Zilstra (Intel) Cc: Andy Lutomirski Cc: Andrew Cooper --- arch/x86/include/asm/microcode.h | 2 ++ arch/x86/kernel/cpu/microcode/core.c | 15 +++++++++++++-- arch/x86/kernel/cpu/microcode/intel.c | 8 ++++++++ 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h index 3d48143e84a9..d82f22d50ebd 100644 --- a/arch/x86/include/asm/microcode.h +++ b/arch/x86/include/asm/microcode.h @@ -16,6 +16,8 @@ struct ucode_patch { extern struct list_head microcode_cache; +extern bool override_minrev; + struct cpu_signature { unsigned int sig; unsigned int pf; diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c index be5d70396b79..dbcccbd46ab8 100644 --- a/arch/x86/kernel/cpu/microcode/core.c +++ b/arch/x86/kernel/cpu/microcode/core.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include #include @@ -43,7 +44,9 @@ #define DRIVER_VERSION "2.2" static struct microcode_ops *microcode_ops; +static struct dentry *dentry_ucode; static bool dis_ucode_ldr = true; +bool override_minrev; bool initrd_gone; @@ -494,7 +497,11 @@ static ssize_t reload_store(struct device *dev, pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n"); pr_err("You should switch to early loading, if possible.\n"); ret = -EINVAL; - goto put; + + if (!override_minrev) + goto put; + + pr_info("Overriding minrev\n"); } tmp_ret = microcode_ops->request_microcode_fw(bsp, µcode_pdev->dev); @@ -519,7 +526,7 @@ static ssize_t reload_store(struct device *dev, */ if (load_ret == 0) { ret = size; - if (!safe_late_load) { + if (!safe_late_load || override_minrev) { add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK); pr_warn("Microcode late loading tainted the kernel\n"); } @@ -692,7 +699,11 @@ static int __init microcode_init(void) cpuhp_setup_state_nocalls(CPUHP_AP_ONLINE_DYN, "x86/microcode:online", mc_cpu_online, mc_cpu_down_prep); + dentry_ucode = debugfs_create_dir("microcode", NULL); + debugfs_create_bool("override_minrev", 0644, dentry_ucode, &override_minrev); + pr_info("Microcode Update Driver: v%s.", DRIVER_VERSION); + pr_info("Override minrev %s\n", override_minrev ? "enabled" : "disabled"); return 0; diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 601c586be7b6..ec5a29ebee8e 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -139,6 +139,14 @@ static int is_lateload_safe(struct microcode_header_intel *mc_header) { struct ucode_cpu_info uci; + /* + * If minrev is bypassed via debugfs, then allow late-load. + */ + if (override_minrev) { + pr_info("Bypassing minrev enforcement via debugfs\n"); + return 0; + } + /* * When late-loading, ensure the header declares a minimum revision * required to perform a late-load.