From patchwork Fri Oct 14 20:09:01 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2797
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357276wrs;
        Fri, 14 Oct 2022 13:10:10 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM4h2quKNJHs6JEhdPSwp/qgPmcgwThRp7sW8KXyRIoxu+PHY0Lpj9OkQGFyMw0orjmD3LWf
X-Received: by 2002:a17:90b:692:b0:203:6c21:b4aa with SMTP id
 m18-20020a17090b069200b002036c21b4aamr18655353pjz.227.1665778200417;
        Fri, 14 Oct 2022 13:10:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778200; cv=none;
        d=google.com; s=arc-20160816;
        b=PlI9CPEMNwLAdJT7X37c2s6HZKfXgimEJ7uIgMhnwWswhGWowHAxuWXy4FJ9fw77NW
         hF7Jk9ZBKVrd1ZEnaiT2dxm6CbemRENWdORoohR07xNt2585YJtRk45RtUGbt3I0TxZV
         rmPG+WiVBfL14Dp7H6dj58V1jNxM//fIqVVM2Ew+FcqcK+XOy+czSOhmg8196GMbr3DK
         l14s+Qe9NC0CnkrEBQr8hCbqQ6FkmgRibVap/82cgUgvn1+fNMRER3RGVgjSO6dfbIGB
         YNi8T8FGm9xrLQUTFPJQhNISOyOdXfHckWb7wLDCe4SMoENtwTKaZClKKMcyOqU46sC2
         bjVQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=Tx353/48LdKZWctA7d0vPa9X/fkax0jnmf71Ddxz40s=;
        b=QTJ9sRlky35E7+jyqWok7Ryy1JZUZJKiuaAKdu66FJyOJBv8JeOF9w8yPGcLM2yYki
         WmoGU7/Y4PGugJhXDJLCNJe/mB6fo3wnswDVWFeQL613jPlVwoW2fEXuYUhTOgwzvsvG
         q5ljIRRbFXhF9ors0/MKW7r2Ub4RuGmRs1TQoVfBZn44Gq54awgd7TqMw/GaMwG1qPe/
         fIvEvY4c7D2TrvJsRf0shVca44h3rGCo/9QPLYjtPhqVO5TjElrGi5gKn2pQ9iRlE4FQ
         ND4E9REgNwxV0CqQt99JnsQClHnEKHfJ2c9/lFoNPok/fKq/86aaKu8VXy/Onajpmzir
         9Xew==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=LRVpq6a7;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 d10-20020a056a00198a00b005633c373dcbsi3557982pfl.147.2022.10.14.13.09.47;
        Fri, 14 Oct 2022 13:10:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=LRVpq6a7;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229740AbiJNUJa (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:09:30 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43324 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230199AbiJNUJ2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:28 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9ECE21DA362
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778167; x=1697314167;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=c7e6tnykc4mVE2lOrJC5yfRma2B2qJ8DsHSzErtQPMA=;
  b=LRVpq6a7TboItEby168TF8j0almAvuDu3ppAlYb+JHrioj32F9qk6Eoz
   WL9tYrjuDeDpBlllfoNj2pOh4XSfXMbjP/QkAOH4PzbdILwsrkRdz2zgL
   9pL1msJ5p3hWgnQi5GUNamjAvVyv6nc36a875bsaKlSARwUD5Qltv7VUl
   o7yVF3Cg+I1KErNZyGnmaebTtg22ITOmHgUKA6Xd3R+k62qhHv5WWS5m3
   4A6oXkfVrGpIWjwtamyiD2eM1CJiKdR901E2sYYwEKwA1oBcwpYXb+nKT
   9uvE/ectMxeo5ll9E1it4vNLpIuizRjEHJhv8pD+/pJCWm8YNkPXjHw39
   A==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202151"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202151"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:27 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870137"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870137"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:27 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 01/13] x86/microcode/intel: Print old and new rev after early
 microcode update
Date: Fri, 14 Oct 2022 13:09:01 -0700
Message-Id: <20221014200913.14644-2-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695042088818381?=
X-GMAIL-MSGID: =?utf-8?q?1746695042088818381?=

Print the old and new versions of microcode after an early load is
complete. This is useful to know what version was loaded by BIOS before an
early microcode load.

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/kernel/cpu/microcode/intel.c | 25 +++++++++++++++----------
 1 file changed, 15 insertions(+), 10 deletions(-)

diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index 1fcbd671f1df..cf1e2c30b230 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -435,10 +435,10 @@ static bool load_builtin_intel_microcode(struct cpio_data *cp)
  * Print ucode update info.
  */
 static void
-print_ucode_info(struct ucode_cpu_info *uci, unsigned int date)
+print_ucode_info(u32 old_rev, struct ucode_cpu_info *uci, unsigned int date)
 {
-	pr_info_once("microcode updated early to revision 0x%x, date = %04x-%02x-%02x\n",
-		     uci->cpu_sig.rev,
+	pr_info_once("microcode updated early from 0x%x to revision 0x%x, date = %04x-%02x-%02x\n",
+		     old_rev, uci->cpu_sig.rev,
 		     date & 0xffff,
 		     date >> 24,
 		     (date >> 16) & 0xff);
@@ -448,6 +448,7 @@ print_ucode_info(struct ucode_cpu_info *uci, unsigned int date)
 
 static int delay_ucode_info;
 static int current_mc_date;
+static u32 early_old_rev;
 
 /*
  * Print early updated ucode info after printk works. This is delayed info dump.
@@ -458,7 +459,7 @@ void show_ucode_info_early(void)
 
 	if (delay_ucode_info) {
 		intel_cpu_collect_info(&uci);
-		print_ucode_info(&uci, current_mc_date);
+		print_ucode_info(early_old_rev, &uci, current_mc_date);
 		delay_ucode_info = 0;
 	}
 }
@@ -467,11 +468,12 @@ void show_ucode_info_early(void)
  * At this point, we can not call printk() yet. Delay printing microcode info in
  * show_ucode_info_early() until printk() works.
  */
-static void print_ucode(struct ucode_cpu_info *uci)
+static void print_ucode(u32 old_rev, struct ucode_cpu_info *uci)
 {
 	struct microcode_intel *mc;
 	int *delay_ucode_info_p;
 	int *current_mc_date_p;
+	u32 *old_rev_p;
 
 	mc = uci->mc;
 	if (!mc)
@@ -479,13 +481,15 @@ static void print_ucode(struct ucode_cpu_info *uci)
 
 	delay_ucode_info_p = (int *)__pa_nodebug(&delay_ucode_info);
 	current_mc_date_p = (int *)__pa_nodebug(&current_mc_date);
+	old_rev_p = (u32 *)__pa_nodebug(&early_old_rev);
 
 	*delay_ucode_info_p = 1;
 	*current_mc_date_p = mc->hdr.date;
+	*old_rev_p = old_rev;
 }
 #else
 
-static inline void print_ucode(struct ucode_cpu_info *uci)
+static inline void print_ucode(u32 old_rev, struct ucode_cpu_info *uci)
 {
 	struct microcode_intel *mc;
 
@@ -493,14 +497,14 @@ static inline void print_ucode(struct ucode_cpu_info *uci)
 	if (!mc)
 		return;
 
-	print_ucode_info(uci, mc->hdr.date);
+	print_ucode_info(old_rev, uci, mc->hdr.date);
 }
 #endif
 
 static int apply_microcode_early(struct ucode_cpu_info *uci, bool early)
 {
 	struct microcode_intel *mc;
-	u32 rev;
+	u32 old_rev, rev;
 
 	mc = uci->mc;
 	if (!mc)
@@ -517,6 +521,7 @@ static int apply_microcode_early(struct ucode_cpu_info *uci, bool early)
 		return UCODE_OK;
 	}
 
+	old_rev = rev;
 	/*
 	 * Writeback and invalidate caches before updating microcode to avoid
 	 * internal issues depending on what the microcode is updating.
@@ -533,9 +538,9 @@ static int apply_microcode_early(struct ucode_cpu_info *uci, bool early)
 	uci->cpu_sig.rev = rev;
 
 	if (early)
-		print_ucode(uci);
+		print_ucode(old_rev, uci);
 	else
-		print_ucode_info(uci, mc->hdr.date);
+		print_ucode_info(old_rev, uci, mc->hdr.date);
 
 	return 0;
 }

From patchwork Fri Oct 14 20:09:02 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2796
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357259wrs;
        Fri, 14 Oct 2022 13:10:09 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM6hD0vKW3B2iLGyp/Aezn5P7owZUQ/DbVD83T11M1f45sW8blJ+8E0CQopfiS2Jl8XVfe+A
X-Received: by 2002:a17:90b:1d04:b0:20b:cb40:4b3 with SMTP id
 on4-20020a17090b1d0400b0020bcb4004b3mr7388349pjb.215.1665778209107;
        Fri, 14 Oct 2022 13:10:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778209; cv=none;
        d=google.com; s=arc-20160816;
        b=B/D319bgcNBMozkcix37p82RjrvAZ31g0DOzwCyRUDuQDKfEgjEipzTdKLANZ9Ni5T
         +CRitWGjkbXB/L82qz08dDVclOjtjISUo4hDUwh3m6cWGAzGrBzROVtnnqMkXfwK3TZU
         w6F1B8x09j8eNGtntHiLXzM2yAx0aqLKbUlhiye6cT02JLhM+UC6R+ie9wvRQO27BUmk
         FSBDOiHkCo0c2omCZxrCUjnYQGOCe9SdPeTDYBT2mIo521ev1xSZPIoROzunGtWmGcsG
         6NrY56aUyRAJygx6m28R9NWfJkOVnv+74XnKrlvuiKoUQD9545I2rmrttU9UdunkEnoR
         Qhnw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=aQc1VBqdVGJ6MTV3VMPcRjGkm9Jo7QLQorNbU34xwds=;
        b=H4fLi3U9QqC/Xxd4dp17amm99gM2BoPBxA1xUvnPglJGQcylTtYQ8Cmrz3EvsN7FqC
         l2WL31GBwPlbYL6D8lVImVXD0CQUsuqowoS4BfJHOaDGCtGyp9qxoUgA+9aEKxg3+rFX
         4tx+d1MMB+j/9gLo7XmMPCr2RTmFC2lejVGl/e1IlJfEx7/THov6nI5axY/NS4uo/Pt3
         l4tyYrJfqZFPKPN8nTU06aoBD3xahdGvcTTWVOgREa5ni/zJ3Q1wqpUzi6D+i6XW11Ly
         zJjVBEO75tpWQiKKBEG8TpDKSovemsIKaTmF7fT6SOYZYZHd6dGRRPBZ4ugq6Nh9FzFw
         t8xw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=JQZy2JLs;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 c7-20020a170902d48700b0017ed3e829fcsi4297865plg.365.2022.10.14.13.09.55;
        Fri, 14 Oct 2022 13:10:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=JQZy2JLs;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230199AbiJNUJe (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:09:34 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43332 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230257AbiJNUJ2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:28 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DF3551D81A4
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778167; x=1697314167;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=TOJYUiBrUy7/gcOs7i6uVS4QO3wgYtY5qPGjrygs5kQ=;
  b=JQZy2JLs4DFfyNxmJAJZayvRAT5/IgDTZh4d4bk5KhvHB1QnnmYfat9e
   ZzYWW1Wjm0VzftriLtBucnYXcVkqMZT/sAw4p4p74PfoefeZxd8rXSmrR
   iB8lI6nob556yw3HCQVMkuIX9N2wS8cBMd9KJmnC/bdAoSPrcxnx0qRjZ
   5BJvK8Na/c65/kxXtTEvXemTQ2maujWJaSNqSn/MIGfNPoXkSUw7retbU
   lIgs+xFQo7m88/IakH2LeQujjLPMU2XoAFKgF5hpdELCkKDok08MSlmsK
   kqmlUSbouIUtzgIajEWbpNsU9W1QVMTuSvh8yRvhp37PluH1BcBFglVVm
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202152"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202152"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:27 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870141"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870141"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:27 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 02/13] x86/microcode: Do not load from filesystem for CPU hot
 add
Date: Fri, 14 Oct 2022 13:09:02 -0700
Message-Id: <20221014200913.14644-3-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695051238874495?=
X-GMAIL-MSGID: =?utf-8?q?1746695051238874495?=

When request_microcode_fw() is called, refresh_fw parameter must be set
only when late loading. Currently during CPU hotplug, the path is as
follows.

mc_device_add() -> microcode_init_cpu() ->
				request_microcode_fw(refresh_hw=true)

Consider if a new microcode file was just copied, but have not yet
performed a late load. Now adding a new CPU will result in loading that
microcode file vs the rest of the CPUs in the system would have a previous
revision of what was loaded earlier.

Moreover this doesn't need to be any different from logical cpu online
flow, microcode_update_cpu() and mc_device_add() seem to be doing the
opposite things.

Seems like there is no good use for the refresh_fw parameter in
microcode_init_cpu(), so simply drop it.

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/kernel/cpu/microcode/core.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 6a41cee242f6..e4135b4fdbc6 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -599,7 +599,7 @@ static enum ucode_state microcode_resume_cpu(int cpu)
 	return UCODE_OK;
 }
 
-static enum ucode_state microcode_init_cpu(int cpu, bool refresh_fw)
+static enum ucode_state microcode_init_cpu(int cpu)
 {
 	enum ucode_state ustate;
 	struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
@@ -614,7 +614,8 @@ static enum ucode_state microcode_init_cpu(int cpu, bool refresh_fw)
 	if (system_state != SYSTEM_RUNNING)
 		return UCODE_NFOUND;
 
-	ustate = microcode_ops->request_microcode_fw(cpu, &microcode_pdev->dev, refresh_fw);
+	ustate = microcode_ops->request_microcode_fw(cpu, &microcode_pdev->dev,
+						     false);
 	if (ustate == UCODE_NEW) {
 		pr_debug("CPU%d updated upon init\n", cpu);
 		apply_microcode_on_target(cpu);
@@ -633,7 +634,7 @@ static enum ucode_state microcode_update_cpu(int cpu)
 	if (uci->valid)
 		return microcode_resume_cpu(cpu);
 
-	return microcode_init_cpu(cpu, false);
+	return microcode_init_cpu(cpu);
 }
 
 static int mc_device_add(struct device *dev, struct subsys_interface *sif)
@@ -649,7 +650,7 @@ static int mc_device_add(struct device *dev, struct subsys_interface *sif)
 	if (err)
 		return err;
 
-	if (microcode_init_cpu(cpu, true) == UCODE_ERROR)
+	if (microcode_init_cpu(cpu) == UCODE_ERROR)
 		return -EINVAL;
 
 	return err;

From patchwork Fri Oct 14 20:09:03 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2798
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357318wrs;
        Fri, 14 Oct 2022 13:10:22 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM5ESmEqGTnMbWxePwqoUDk0ADATDoPx49x1/XWhlkpdxXW7+nPaiHLFW6SfaT25Rc2hjw9p
X-Received: by 2002:a63:101:0:b0:460:6d90:3f81 with SMTP id
 1-20020a630101000000b004606d903f81mr5697650pgb.545.1665778222150;
        Fri, 14 Oct 2022 13:10:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778222; cv=none;
        d=google.com; s=arc-20160816;
        b=rQ9vpwY4pfFl3ujUzq8+yqPj3E50q6sHY/9ZMC3IelFAx1BYcS/fJjS1JZzZnZF7jx
         nZuSfdSKZ3idDF+/9vfGDVP4rTfZzQ67+x1WflorjOcoc2TX6SmeTos6P7z+2yd3nHk9
         xBDCaB5y0AaIOQbYL1wAHELX4Xmm7eqfk1cxaOpPWHlQzWl3iOPVXjndh6fMetjIng+e
         vas9S04hrdeql8aX8HJd5qI5F6G6DzMOuuiMwKP1zjaCswV0FpGcaaWdTAVjEI/FRCBE
         48bFrAvIjo0EO3iM+qu5jHJq2tg+1Sra28iW3tD1WLOPPRXGdaFaM6dyYPqHHelY7Shj
         Kzpg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=uzy/f2Aep9UA5TZ8d+BOIvvs23zrEbC1LKeCegfJc2w=;
        b=Oo7HMuFvX9lYOGKWvXNI/DBlxN+K5TWfTRTbzsFcZco1jCPlAJKxfyUJTL9TqxgC/p
         KZdMvZTawOAFl2h21+PReENDValWKyNok+lP2bHstSRSMseO8O5RkHocHpkN1ipADUDm
         jc8/hvRF/8NMZ/6IWq7hJIlWcyp1l/KSjj7xdc81eIjAM/X4CF9/YFKCt/KbAQXOO+bi
         QRiYwCnphAKEyH4mJ6WgLVEmE+8whWmOg1kGIHkBVjt2icxw9YKyp6Rlof+Uv5XNpcOx
         viIovybWhTRsn9vTyuAykAynz5JDo1s7uIR1ZBfygZ8lr6UjU38uS9VXg2HbHG9XtO03
         1i5A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=AnvZbh29;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 m2-20020a656a02000000b00452bad3abcfsi4347458pgu.324.2022.10.14.13.10.08;
        Fri, 14 Oct 2022 13:10:22 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=AnvZbh29;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230361AbiJNUJl (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:09:41 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43360 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230220AbiJNUJ3 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:29 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4301B1D3476
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778168; x=1697314168;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=7jM/CiHxN+gWkR7IJ+ClWDUqoyWEdL8oPVI2Lk2Mu6Q=;
  b=AnvZbh29a9jr//r66CVoZLsy5b3G9dvHSQsvtHzKYdVDL4J58VpVpmVV
   4R+wE9CNYUaaSovRFR2erfjy1ORGDtdwJiBKnlAjFiB9d/kFEbLXDPFmf
   CPHH14VieePTOnvjkpDMW50SAlqO8qpkbpuII8TvrZ8QTOPzfeD0UGai0
   WfaCJuw/6UwuU/25dGr0ujKHFBeJDfDaxYpFgugiW6klF02t4UU/TcvMX
   HzcvPLYwPuWd+7xmopRaTyr83B/OlRaV9Cgd0+moVeQznlbFFhJCjbNoq
   HeLJUpAbHjz95F4zD7hljBBmuh2y8sjEqlA0QoFTZBf5aIDKxB2dlMODA
   A==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202154"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202154"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:27 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870144"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870144"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:27 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 03/13] x86/microcode/intel: Fix a hang if early loading
 microcode fails
Date: Fri, 14 Oct 2022 13:09:03 -0700
Message-Id: <20221014200913.14644-4-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695065420604611?=
X-GMAIL-MSGID: =?utf-8?q?1746695065420604611?=

When early loading of microcode fails for any reason other than the wrong
family-model-stepping, Linux can get into an infinite loop retrying the
same failed load.

A single retry is needed to handle any mixed stepping case.

Assume we have a microcode that fails to load for some reason.
load_ucode_ap() seems to retry if the loading fails. But it searches for
a new rev, but ends up finding the same copy. Hence it appears to repeat
the same load, retry loop for ever.

We can fix it as follows.

1) When the load_ucode_intel_bsp() fails, record the revision that failed.
2) In load_ucode_intel_ap() check if AP is same FMS as BP, and the code
that failed earlier isn't going to apply anyway. So use the saved
information to abort loading on AP's altogether.

load_ucode_intel_ap()
{
..
reget:
        if (!*iup) {
                patch = __load_ucode_intel(&uci);
		^^^^^ Finds the same patch every time.

                if (!patch)
                        return;

                *iup = patch;
        }

        uci.mc = *iup;

        if (apply_microcode_early(&uci, true)) {
	^^^^^^^^^^^^ apply fails
              /* Mixed-silicon system? Try to refetch the proper patch: */
              *iup = NULL;

              goto reget;
	      ^^^^^ Rince repeat.
        }

}

Fixes: 06b8534cb728 ("x86/microcode: Rework microcode loading")
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/kernel/cpu/microcode/intel.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index cf1e2c30b230..0f7e4ba05c39 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -606,6 +606,7 @@ void __init load_ucode_intel_bsp(void)
 {
 	struct microcode_intel *patch;
 	struct ucode_cpu_info uci;
+	int rev, ret;
 
 	patch = __load_ucode_intel(&uci);
 	if (!patch)
@@ -613,13 +614,18 @@ void __init load_ucode_intel_bsp(void)
 
 	uci.mc = patch;
 
-	apply_microcode_early(&uci, true);
+	ret = apply_microcode_early(&uci, true);
+	if (ret) {
+		rev = patch->hdr.rev;
+		pr_err("Revision 0x%x failed during early loading\n", rev);
+	}
 }
 
 void load_ucode_intel_ap(void)
 {
 	struct microcode_intel *patch, **iup;
 	struct ucode_cpu_info uci;
+	bool retried = false;
 
 	if (IS_ENABLED(CONFIG_X86_32))
 		iup = (struct microcode_intel **) __pa_nodebug(&intel_ucode_patch);
@@ -638,9 +644,13 @@ void load_ucode_intel_ap(void)
 	uci.mc = *iup;
 
 	if (apply_microcode_early(&uci, true)) {
+		if (retried)
+			return;
+
 		/* Mixed-silicon system? Try to refetch the proper patch: */
 		*iup = NULL;
 
+		retried = true;
 		goto reget;
 	}
 }

From patchwork Fri Oct 14 20:09:04 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2799
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357320wrs;
        Fri, 14 Oct 2022 13:10:23 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM4BWcQbvluuww18lDn0yEyqj5noY0oisc5NlpHXWYsOI0O6TCHyoEmiYxs1mrcyjOdJ1TSV
X-Received: by 2002:a17:903:11c4:b0:178:634b:1485 with SMTP id
 q4-20020a17090311c400b00178634b1485mr6693218plh.142.1665778211909;
        Fri, 14 Oct 2022 13:10:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778211; cv=none;
        d=google.com; s=arc-20160816;
        b=pcjcoYGncdrwL5DpdYYip3Z2zpSaXlWr74vwP1deFyya7hjhTE6BG90xif3HwtNy2a
         ZbmGp9LDhe4e7gVuEm2g4nYCxLmsVA3wm40tQm4VVdyGWP4hhjo8TjSMgT0IrXyUZhwW
         WWH6c9mMuuqZyO2rP3R93Qk2WZxiW1LiIxbbgYCFbGUvHSSRFtN7TMieyYPFqp93L4Oj
         7EAmQWEKfI6Z3AYXjsdt7AqkmMaycD2mARv8k7XzMJyEPGQhKqgsIZ27/HHBM3yJoTSJ
         k5YhPZBnEYz/pDSyMrxukSkdHs8ZJT6qGQWyZ6OD595VgUabHf8E1K3Q8dcTY0+Qzk0N
         Ccug==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=SZ2k81JJ7AUxb4Qx41OKa+AsZIUuezuSSTHdT+hd4Wg=;
        b=gSZY5ylWxihVIpvfMY6NJpe71ZSzfQteN6sVC1V48uGNGLciDNyTuKM/kvGfR8W1EM
         9IYCzs9uQZezZqccRTOA96wlCYCc2gKhN41pcobrUP2TqRNSyiogSwGa+3kXRi/EJy8f
         0bf+/GQZ7+yhh7fgaX+QaTrLJTvGMVoPeR+wJUCHiL19ciIqoqvv6/CkbT/U7sI9Xupj
         Dy0sS6j3YvhvbKH2YJV9HzNx3kOWJ7luTCEy7rw9e4onLGr5l5TjURgGUbf0JPkoiR80
         WZskhqriALg3zFqs5Z/obKNbb9haqLi91XPtAIcQ+yG2WvcsKGv4Owx6jpg7nbMGtlTq
         mJkQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=eb3CSEsV;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 v16-20020a631510000000b004386a1ebe70si3637583pgl.43.2022.10.14.13.09.58;
        Fri, 14 Oct 2022 13:10:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=eb3CSEsV;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230457AbiJNUJh (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:09:37 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43364 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230233AbiJNUJ3 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:29 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B44DF1DA365
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778168; x=1697314168;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=prjILCsmaaEeMhSyb/xyEwNWAEoJRilUniPUTT9n6aI=;
  b=eb3CSEsVJsgiDzIHq/kSC3YSlPnS9gk2z67DJ21BX3DNi1HeEGWnpvFB
   xiAGOY7HLhqpDc23vZfNGx+ckh60SanczgZtnd4YNeqDvmmiUZLdnvVUE
   2AIpib+oC4u0GroGNtUN5kR9SIgvI+iAOsvX6/xvmZqOTppqaPdmhf3qx
   f3CvWrpLCInTIdt7UzCGSqKvpqOTel6C2EUpzKX/X9PsKmBqfecu0hFtf
   F7s/m1+xVQUDceRi21XzolttthxhpnsqLCT6MPOM+U2bwr3D9Y5X4FWWb
   iQp+Ewy11WOO0MEGZS1U9qhhLDzFP9GDaWh4AfUdVCME51l+JOwF3GQfv
   Q==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202156"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202156"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:28 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870148"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870148"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:27 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>,
        Jacob Pan <jacob.jun.pan@linux.intel.com>
Subject: [PATCH 04/13] x86/x2apic: Support x2apic self IPI with NMI_VECTOR
Date: Fri, 14 Oct 2022 13:09:04 -0700
Message-Id: <20221014200913.14644-5-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695054347805549?=
X-GMAIL-MSGID: =?utf-8?q?1746695054347805549?=

From: Jacob Pan <jacob.jun.pan@linux.intel.com>

X2APIC architecture introduced a dedicated register for sending self-IPI.
Though highly optimized for performance, its semantics limit the delivery
mode to fixed mode.  NMI vector is not supported, this created an
inconsistent behavior between X2APIC and others.

This patch adds support for X2APIC NMI_VECTOR by fall back to the slower
ICR method.

Suggested-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Jacob Pan <jacob.jun.pan@linux.intel.com>
---
 arch/x86/kernel/apic/x2apic_phys.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/apic/x2apic_phys.c b/arch/x86/kernel/apic/x2apic_phys.c
index 6bde05a86b4e..5f533b76adf6 100644
--- a/arch/x86/kernel/apic/x2apic_phys.c
+++ b/arch/x86/kernel/apic/x2apic_phys.c
@@ -149,7 +149,11 @@ int x2apic_phys_pkg_id(int initial_apicid, int index_msb)
 
 void x2apic_send_IPI_self(int vector)
 {
-	apic_write(APIC_SELF_IPI, vector);
+	if (vector == NMI_VECTOR)
+		apic->send_IPI_mask(cpumask_of(smp_processor_id()),
+				    NMI_VECTOR);
+	else
+		apic_write(APIC_SELF_IPI, vector);
 }
 
 static struct apic apic_x2apic_phys __ro_after_init = {

From patchwork Fri Oct 14 20:09:05 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2801
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357422wrs;
        Fri, 14 Oct 2022 13:10:33 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM6B3uEJO3UL2IB3Kf2dU5ORtwaUB4N8NBYbxIoqcUSjhDUj59LyyxZoi1dIZ0nTTfLLAS8L
X-Received: by 2002:a17:90b:4a0b:b0:20c:5ac8:1e2c with SMTP id
 kk11-20020a17090b4a0b00b0020c5ac81e2cmr7523955pjb.98.1665778232886;
        Fri, 14 Oct 2022 13:10:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778232; cv=none;
        d=google.com; s=arc-20160816;
        b=oOKLv+7l9ftj0MsJN8Riem6ICS3i31YHSaBuzxc6FTqMNVQnJt6j8dQY1vhtjs5UPM
         vRewa3jeS+Jrs9OSuBmxDX9YT0p4xqG5VtZ85V9yKNVf8m/gL+9V4vG0NGZRkNwMdfoN
         eFoH5BbJhnjDAzcuDrStdQgVie8bQ7xyCkST7SCW4ogKrHHXjj4r9uZOxRxPv4k1eA6Z
         j1VmUnBTeaUyU2lCQwTTNAjaDVlpzQk57fQ5A8SsP6z7x64RliXekiYsBCpIYWD3iM8H
         KJ7i520806iF9YCI11cumMIizd3A2YOQYVeU24eZ6iOD049JbSOnp9PfUWmPzKTLnHZG
         yhng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=KkOMUOKYGE669kfcJF29gqwtV7PvJU/pFgRWe9PorHs=;
        b=X5xoVt8d3CrgssQ3Ylce0X7mkdPOc6Lec6VVVGXjv2J+NoaU7rJn986UIvXOC5EW3f
         cMiaGqHo2cfj1qKP0McuTVmLUu7yN8Ke2WmAFbJViQDBv02BU0EPpINGTvl4mg9hwAJ3
         K7qtkrbIPEFJUuAscPZM9e4q+4vW4mbEqObHL4lTqECqTNy1MsKBuq/Y1+ehxvZ/qxye
         y3NqC87ojiS87TqRwtmlggdDk4JEhiEfN6VHVrSOs6pxqf0tZgPZvWmZP9MhKGCkc8vU
         ggQ3M9vherPb69rFGd4vGJCxZ2CMJoJD8+8kzNJ9KV01n8dQYbLChotHh3sO6I0Wao1O
         FUDw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=bc4BqgjQ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 s5-20020a170902a50500b0017849d0200csi3728076plq.219.2022.10.14.13.10.18;
        Fri, 14 Oct 2022 13:10:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=bc4BqgjQ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231153AbiJNUJw (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:09:52 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43398 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230292AbiJNUJa (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:30 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0DEE31D81A4
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778169; x=1697314169;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=r+EN8Zy5jD9nAbdftcXxE+f3RqPdC2OWZt+eOaH6bY8=;
  b=bc4BqgjQ9spSPEFA78774MiC0tlPLbUqrAzITJlV0/h69IMBNq3jmEVh
   SJ5u1pFdpdpB0YI3DTR+R8Z42obnDL4k45rNhPiDO3z6/JCxnnaqirX0l
   U9QrJD11edf4f5rrEFxD0G/qmE1XxHUgoLpIh1IJSCuU/M8vSQNZFzG5y
   1XNRC3byQH+MmVD2LBc8rjc49ADGIvpSAo+oNRbQ/FAXslka8GIAtnEOw
   SAY6edzvOl2q9ssfE1O1WZ2Phxlx83JXsz1WKE9YKBh2twkvxcLG2lRuB
   EYw7qHSAENM+ubJBQ64bQBS2NVIziN8UxOzBkh5xPvTyivo1/S3el5MLV
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202158"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202158"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:28 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870151"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870151"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:28 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 05/13] x86/microcode: Place siblings in NMI loop while update
 in progress
Date: Fri, 14 Oct 2022 13:09:05 -0700
Message-Id: <20221014200913.14644-6-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695076394093283?=
X-GMAIL-MSGID: =?utf-8?q?1746695076394093283?=

Microcode updates affect the state of the running CPU. In the case of
hyperthreads, the thread initiating the update is in a known state
(performing wrmsr 0x79), but its HT sibling can be executing arbitrary
instructions.

If one of these arbitrary instruction is being patched by the update at the
same time the sibling is trying to execute from it, its using microcode in
an unstable state.

Ensuring a rendezvous of all CPUs using stop_machine() ensures that
siblings are not executing any random user space code, and stop_machine()
also masks interrupts that can be masked.

The ones that can still slip in are the exceptions. They are:

NMI entry code and NMI handlers can also execute relatively arbitrary
instructions. This is an effort to ensure NMI doesn't slip until the wrmsr
has completed.

== Solution: NMI prevention during update ==

Before the stop_machine() rendezvous, an NMI handler is registered. The
handler is placed at the beginning of all other handlers. The siblings
then kick themselves into NMI by doing a self NMI IPI.

The handler does two things:

- Informs the primary thread that it has entered the NMI handler. Only
  after all siblings of a core have entered NMI, the primary proceeds
  with wrmsr to update microcode.
- It spins until the primary CPU has completed the wrmsr and informs the
  sibling to quit the NMI loop.

Also an important thing to remember is the microcode requests for exclusive
access to the core before performing an update. This effectively pulls the
sibling into microcode control until the wrmsr has released exclusive
access. Since the sibling is not executing any instructions while the
wrmsr completes, no other exceptions will surface on the sibling CPU.

Breakpoints can be another source that can lead do taking exceptions. But
on NMI entry, the kernel seems to be save/clear/restore the breakpoint
control register (DR7). local_db_save() and local_db_restore(). This
effectively eliminates any breakpoints leading the sibling into
uncontrolled execution.

The algorithm is something like this:

After stop_machine() all threads are executing __reload_late()

hold_sibling_in_nmi()
{
	if (cpu not do_nmi_trap)
		return;

	update sibling reached NMI for primary to continue

	while (primary not done with update)
		wait;

	return;
}

exc_nmi:IDT()
{
	....
	hold_sibling_in_nmi();
	...
}

__reload_late()
{

	entry_rendezvous(&late_cpus_in);

	if (this_cpu is first_cpu in the core)
		wait for siblings to drop in NMI
		apply_microcode()
		set completion to release sibling from NMI
	else
		set sibling info to drop into NMI
		send self_IPI(NMI_VECTOR);

wait_for_siblings:

	exit_rendezvous(&late_cpus_out);
}

reload_late()
{
	register_nmi_handler()
	stop_machine(__reload_late);
	unregister_nmi_handler();
}

Suggested-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/include/asm/microcode.h       |  33 ++++++++
 arch/x86/kernel/cpu/microcode/core.c   | 101 ++++++++++++++++++++++++-
 arch/x86/kernel/cpu/microcode/nmi.c    |  72 ++++++++++++++++++
 arch/x86/kernel/nmi.c                  |   7 ++
 arch/x86/kernel/cpu/microcode/Makefile |   1 +
 5 files changed, 210 insertions(+), 4 deletions(-)
 create mode 100644 arch/x86/kernel/cpu/microcode/nmi.c

diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 7f7800e15ed0..23d25ef546a5 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -6,6 +6,33 @@
 #include <linux/earlycpio.h>
 #include <linux/initrd.h>
 
+/*
+ * Although this is a per-cpu structure, both the primary and siblings use
+ * only the primary structure to communicate.
+ *
+ * num_core_cpus	- Number of CPUs in the core
+ * callin		- Siblings set to inform primary on NMI arrival
+ * core_done		- Set by primary once microcode update has completed
+ */
+struct core_rendez {
+	int num_core_cpus;
+	atomic_t callin;
+	atomic_t core_done;
+	atomic_t failed;
+};
+
+DECLARE_PER_CPU(struct core_rendez, core_sync);
+
+/*
+ * The following structure is only used by secondary.
+ * Sets the primary per_cpu variable to be found inside the NMI handler to
+ * indicate this CPU  is supposed to drop into NMI. Its consulted in the
+ * NMI handler before entring the loop waiting for primary to finish the
+ * loading process. Once loading is complete the NMI handler clears this
+ * pointer.
+ */
+DECLARE_PER_CPU(struct core_rendez *, nmi_primary_ptr);
+
 struct ucode_patch {
 	struct list_head plist;
 	void *data;		/* Intel uses only this one */
@@ -136,4 +163,10 @@ static inline void reload_early_microcode(void)			{ }
 static inline void microcode_bsp_resume(void)			{ }
 #endif
 
+#ifdef CONFIG_MICROCODE_LATE_LOADING
+extern void hold_sibling_in_nmi(void);
+#else
+static inline void hold_sibling_in_nmi(void) { }
+#endif
+
 #endif /* _ASM_X86_MICROCODE_H */
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index e4135b4fdbc6..50652b019233 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -39,6 +39,8 @@
 #include <asm/processor.h>
 #include <asm/cmdline.h>
 #include <asm/setup.h>
+#include <asm/apic.h>
+#include <asm/mce.h>
 
 #define DRIVER_VERSION	"2.2"
 
@@ -432,6 +434,59 @@ static int __wait_for_cpus(atomic_t *t, long long timeout)
 	return 0;
 }
 
+/*
+ * This simply ensures that the self IPI with NMI to siblings is marked as
+ * handled.
+ */
+static int ucode_nmi_cb(unsigned int val, struct pt_regs *regs)
+{
+	return NMI_HANDLED;
+}
+
+/*
+ * Primary thread waits for all siblings to report that they have enterered
+ * the NMI handler
+ */
+static int __wait_for_core_siblings(struct core_rendez *rendez)
+{
+	int num_sibs = rendez->num_core_cpus - 1;
+	unsigned long long timeout = NSEC_PER_MSEC;
+	atomic_t *t = &rendez->callin;
+	int cpu = smp_processor_id();
+
+	while (atomic_read(t) < num_sibs) {
+		cpu_relax();
+		ndelay(SPINUNIT);
+		touch_nmi_watchdog();
+		timeout -= SPINUNIT;
+		if (timeout < SPINUNIT) {
+			pr_err("CPU%d timedout waiting for siblings\n", cpu);
+			atomic_inc(&rendez->failed);
+			return 1;
+		}
+	}
+	return 0;
+}
+
+static void prepare_for_nmi(void)
+{
+	int cpu, first_cpu;
+	struct core_rendez *pcpu_core;
+
+	for_each_online_cpu(cpu) {
+		first_cpu = cpumask_first(topology_sibling_cpumask(cpu));
+		if (cpu != first_cpu)
+			continue;
+
+		pcpu_core = &per_cpu(core_sync, first_cpu);
+		pcpu_core->num_core_cpus =
+		     cpumask_weight(topology_sibling_cpumask(cpu));
+		atomic_set(&pcpu_core->callin, 0);
+		atomic_set(&pcpu_core->core_done, 0);
+		atomic_set(&pcpu_core->failed, 0);
+	}
+}
+
 /*
  * Returns:
  * < 0 - on error
@@ -439,14 +494,15 @@ static int __wait_for_cpus(atomic_t *t, long long timeout)
  */
 static int __reload_late(void *info)
 {
-	int cpu = smp_processor_id();
+	int first_cpu, cpu = smp_processor_id();
+	struct core_rendez *pcpu_core;
 	enum ucode_state err;
 	int ret = 0;
 
 	/*
 	 * Wait for all CPUs to arrive. A load will not be attempted unless all
 	 * CPUs show up.
-	 * */
+	 */
 	if (__wait_for_cpus(&late_cpus_in, NSEC_PER_SEC))
 		return -1;
 
@@ -457,10 +513,32 @@ static int __reload_late(void *info)
 	 * loading attempts happen on multiple threads of an SMT core. See
 	 * below.
 	 */
-	if (cpumask_first(topology_sibling_cpumask(cpu)) == cpu)
+	first_cpu = cpumask_first(topology_sibling_cpumask(cpu));
+	pcpu_core = &per_cpu(core_sync, first_cpu);
+
+	/*
+	 * Set the CPUs that we should hold in NMI until the primary has
+	 * completed the microcode update.
+	 */
+	if (first_cpu == cpu) {
+		/*
+		 * Wait for all siblings to enter
+		 * NMI before performing the update
+		 */
+		ret = __wait_for_core_siblings(pcpu_core);
+		if (ret || atomic_read(&pcpu_core->failed)) {
+			pr_err("CPU %d core lead timeout waiting for siblings\n", cpu);
+			ret = -1;
+		}
+		pr_debug("Primary CPU %d proceeding with update\n", cpu);
 		apply_microcode_local(&err);
-	else
+		atomic_set(&pcpu_core->core_done, 1);
+	} else {
+		/* We set the per-cpu of sibling in this case */
+		this_cpu_write(nmi_primary_ptr, pcpu_core);
+		apic->send_IPI_self(NMI_VECTOR);
 		goto wait_for_siblings;
+	}
 
 	if (err >= UCODE_NFOUND) {
 		if (err == UCODE_ERROR)
@@ -496,16 +574,31 @@ static int microcode_reload_late(void)
 	pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
 	pr_err("You should switch to early loading, if possible.\n");
 
+	/*
+	 * Used for late_load entry and exit rendezvous
+	 */
 	atomic_set(&late_cpus_in,  0);
 	atomic_set(&late_cpus_out, 0);
 
+	prepare_for_nmi();
+
+	ret = register_nmi_handler(NMI_LOCAL, ucode_nmi_cb, NMI_FLAG_FIRST,
+				   "ucode_nmi");
+	if (ret) {
+		pr_err("Unable to register NMI handler\n");
+		goto done;
+	}
+
 	ret = stop_machine_cpuslocked(__reload_late, NULL, cpu_online_mask);
 	if (ret == 0)
 		microcode_check();
 
+	unregister_nmi_handler(NMI_LOCAL, "ucode_nmi");
+
 	pr_info("Reload completed, microcode revision: 0x%x -> 0x%x\n",
 		old, boot_cpu_data.microcode);
 
+done:
 	return ret;
 }
 
diff --git a/arch/x86/kernel/cpu/microcode/nmi.c b/arch/x86/kernel/cpu/microcode/nmi.c
new file mode 100644
index 000000000000..9245dd1e8c9d
--- /dev/null
+++ b/arch/x86/kernel/cpu/microcode/nmi.c
@@ -0,0 +1,72 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2022 Ashok Raj <ashok.raj@intel.com>
+ *
+ * X86 CPU microcode update NMI handler.
+ *
+ */
+
+#include <linux/kernel.h>
+#include <linux/delay.h>
+#include <linux/cpu.h>
+#include <linux/nmi.h>
+
+#include <asm/microcode.h>
+
+#define SPINUNIT	100 /* 100 nsec */
+
+DEFINE_PER_CPU(struct core_rendez, core_sync);
+DEFINE_PER_CPU(struct core_rendez *, nmi_primary_ptr);
+
+#define SPINUNIT 100 /* 100 nsec */
+
+static void delay(int ms)
+{
+	unsigned long timeout = jiffies + ((ms * HZ) / 1000);
+
+	while (time_before(jiffies, timeout))
+		cpu_relax();
+}
+
+/*
+ * Siblings wait until microcode update is completed by the primary thread.
+ */
+static int __wait_for_update(atomic_t *t)
+{
+	unsigned long long timeout = NSEC_PER_MSEC;
+
+	while (!arch_atomic_read(t)) {
+		cpu_relax();
+		delay(1);
+		//touch_nmi_watchdog();
+		timeout -= SPINUNIT;
+		if (timeout < SPINUNIT)
+			return 1;
+	}
+	return 0;
+}
+
+noinstr void hold_sibling_in_nmi(void)
+{
+	struct	 core_rendez *pcpu_core;
+	int ret = 0;
+
+	pcpu_core = this_cpu_read(nmi_primary_ptr);
+	if (likely(!pcpu_core))
+		return;
+
+	/*
+	 * Increment the callin to inform primary thread that the sibling
+	 * has arrived and parked in the NMI handler
+	 */
+	arch_atomic_inc(&pcpu_core->callin);
+
+	ret = __wait_for_update(&pcpu_core->core_done);
+	if (ret)
+		atomic_inc(&pcpu_core->failed);
+
+	/*
+	 * Clear the nmi_trap, so future NMI's won't be affected
+	 */
+	this_cpu_write(nmi_primary_ptr, NULL);
+}
diff --git a/arch/x86/kernel/nmi.c b/arch/x86/kernel/nmi.c
index cec0bfa3bc04..619afeaef07c 100644
--- a/arch/x86/kernel/nmi.c
+++ b/arch/x86/kernel/nmi.c
@@ -28,6 +28,7 @@
 #include <asm/cpu_entry_area.h>
 #include <asm/traps.h>
 #include <asm/mach_traps.h>
+#include <asm/microcode.h>
 #include <asm/nmi.h>
 #include <asm/x86_init.h>
 #include <asm/reboot.h>
@@ -505,6 +506,12 @@ DEFINE_IDTENTRY_RAW(exc_nmi)
 
 	this_cpu_write(nmi_dr7, local_db_save());
 
+	/*
+	 * If microcodeupdate is in progress, check and hold the sibling in
+	 * the NMI until primary has completed the update
+	 */
+	hold_sibling_in_nmi();
+
 	irq_state = irqentry_nmi_enter(regs);
 
 	inc_irq_stat(__nmi_count);
diff --git a/arch/x86/kernel/cpu/microcode/Makefile b/arch/x86/kernel/cpu/microcode/Makefile
index 34098d48c48f..e469990bba73 100644
--- a/arch/x86/kernel/cpu/microcode/Makefile
+++ b/arch/x86/kernel/cpu/microcode/Makefile
@@ -3,3 +3,4 @@ microcode-y				:= core.o
 obj-$(CONFIG_MICROCODE)			+= microcode.o
 microcode-$(CONFIG_MICROCODE_INTEL)	+= intel.o
 microcode-$(CONFIG_MICROCODE_AMD)	+= amd.o
+microcode-$(CONFIG_MICROCODE_LATE_LOADING) += nmi.o

From patchwork Fri Oct 14 20:09:06 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2804
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357552wrs;
        Fri, 14 Oct 2022 13:10:49 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM4vD+Qsh4BMSCZAOTGdrbCR/6kTxbhEhKj5WFn03OPbOp9MG84lrxq85z/o0ITnMxBFv9r5
X-Received: by 2002:a17:907:7e95:b0:78d:e9cf:82c7 with SMTP id
 qb21-20020a1709077e9500b0078de9cf82c7mr4916630ejc.724.1665778249668;
        Fri, 14 Oct 2022 13:10:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778249; cv=none;
        d=google.com; s=arc-20160816;
        b=Aa10NNauEbcyIvetxF2gLjh1fgqO5C4fzYOezIFJMWFU8Zfd+g0+EW41bLyZYIUNNo
         UlIULLoy7IQWbl2uu+Um1jKzqctlA4UMJO3/Lr0ysI3EoUhA7bOjdoILOGpMLx+LipPE
         yFBBZCYa6qVRfx2qAY97fWiELhCqM1X7ycaq/gKtT81XCxCtZodq2OBU0/8Wou3eW6/j
         2jY44Ip39ACYsodtnvu4URtEsEDAiRDeaeGm6GBUEAWWf+botiyL7NfTNM/MgUNECbAM
         YUtZ0tYXr/zKs7NXGM7BPXX2oulBcJXOPekUfErNl5RnGpSq8QcDyk1r5PYJmRE2ps4r
         0ybQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=lUKLC1TJCuCXwijg/+RUyue5LVt900dlvGP8AxIycpI=;
        b=VRxyp941HddY+QN/OCeXX4qgXOXIGHMFk2sRzOCI1+siFTmyf2lif1iLryZ+JnUd7n
         5O6meLY/X8efLHVnr1k9bLneWEiRcMTQzc2IvmMx9Oj9lX0YBGNqPyMHLNxzuiUCZBpQ
         VrZY2ORP4zSduhfPP7MsLoAa7paEDrJUaxmHkBWBvu3KcYaaPUtMAj6C8a1E4ely1T4N
         jxFJBGdeqQtgkYCLVNTDGCqungucakrE8Q3NV+n90jtwr0Z+ABTgeh4CxAvGcMPEZ7im
         IDrNnMzz8eriAXK8niG3Zz6iXd78YXX0zewGZnBrHK207UIU9OPaKnvEFMFSJyewW93o
         KBhA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Rvvxatx8;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 w3-20020a05640234c300b004595a90c510si3978005edc.3.2022.10.14.13.10.24;
        Fri, 14 Oct 2022 13:10:49 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Rvvxatx8;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231277AbiJNUJ6 (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:09:58 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43458 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230333AbiJNUJc (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:32 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 80B2D1DA368
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778169; x=1697314169;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=2/8WowSzv6butDgFSPKVaFoajey0RVIfNhZholFNfW4=;
  b=Rvvxatx8fCQx4aQ5B/ealI++O7ja9ObsO1MQzNZxvostvmKxp9eYUqgM
   ZnbdLi1ePjtjM+n0imaVY0juTJPaXEFyb9+zt4AviWipeLCN0WbCfO+mz
   78UdSAqlCxziOPAx0SSiu7P/EbR3nqamTwmiJCjMv7PDxCifQrOFcFqwc
   sXsneBaK3o6LFNxQ/3Lw9bW6BIMJafTjrxz+pejnFrpvKaNZv/rgu7vuG
   pYajjKNOey/iQNV9JM/0zwJvPfCqwlqCmuHvz0R7KJfG8ZQFLHOMC/Lan
   xSXzFYMFGKGJf5qEt8h/wKYuyQ6lAHVfc2p4lvnxHRnL64ChNqvkYvOQ5
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202159"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202159"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:28 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870156"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870156"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:28 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 06/13] x86/microcode: Rename refresh_fw to late_loading
Date: Fri, 14 Oct 2022 13:09:06 -0700
Message-Id: <20221014200913.14644-7-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695093455234013?=
X-GMAIL-MSGID: =?utf-8?q?1746695093455234013?=

Rename refresh_fw to late_loading to be more explicit about its purpose.

No functional change.

Suggested-by: Boris Petkov <bp@alien8.de>
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/include/asm/microcode.h      | 2 +-
 arch/x86/kernel/cpu/microcode/amd.c   | 4 ++--
 arch/x86/kernel/cpu/microcode/intel.c | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 23d25ef546a5..401213fb2e4a 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -60,7 +60,7 @@ enum ucode_state {
 
 struct microcode_ops {
 	enum ucode_state (*request_microcode_fw) (int cpu, struct device *,
-						  bool refresh_fw);
+						  bool late_loading);
 
 	void (*microcode_fini_cpu) (int cpu);
 
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 5f38dd75cbc5..c18d3f01a452 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -891,7 +891,7 @@ load_microcode_amd(bool save, u8 family, const u8 *data, size_t size)
  * These might be larger than 2K.
  */
 static enum ucode_state request_microcode_amd(int cpu, struct device *device,
-					      bool refresh_fw)
+					      bool late_loading)
 {
 	char fw_name[36] = "amd-ucode/microcode_amd.bin";
 	struct cpuinfo_x86 *c = &cpu_data(cpu);
@@ -900,7 +900,7 @@ static enum ucode_state request_microcode_amd(int cpu, struct device *device,
 	const struct firmware *fw;
 
 	/* reload ucode container only on the boot cpu */
-	if (!refresh_fw || !bsp)
+	if (!late_loading || !bsp)
 		return UCODE_OK;
 
 	if (c->x86 >= 0x15)
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index 0f7e4ba05c39..e08777ae9cc4 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -901,7 +901,7 @@ static bool is_blacklisted(unsigned int cpu)
 }
 
 static enum ucode_state request_microcode_fw(int cpu, struct device *device,
-					     bool refresh_fw)
+					     bool late_loading)
 {
 	struct cpuinfo_x86 *c = &cpu_data(cpu);
 	const struct firmware *firmware;

From patchwork Fri Oct 14 20:09:07 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2800
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357345wrs;
        Fri, 14 Oct 2022 13:10:26 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM7nnwdHXYk7svDgOyPCE4pTdBdUSb9jETeeup61mBeNRI35U78EH8ncrImncfAvcCBvEfQS
X-Received: by 2002:a17:90a:f3ca:b0:20a:d4ee:3859 with SMTP id
 ha10-20020a17090af3ca00b0020ad4ee3859mr7738682pjb.70.1665778225794;
        Fri, 14 Oct 2022 13:10:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778225; cv=none;
        d=google.com; s=arc-20160816;
        b=fqn9dZkHMx8LGyrEMoJtRpVFOX2/NvrasAEPHrHE7dAKIAXx5pDLcBUTHFFcwwXAom
         ErvE+TnHa4nsGwtu7eUIogL0JT0Z6k29DYVAt9IoVM6Who3cVdcED9I+ECZzgj/JfP2V
         I1VaK2Vvv9SZut3E4MZT423Krg0gVzUgytlzbUyn6ukBDnwIdapy2rLSktd6RQmmv+7w
         5BIQ4JEiQ9i+Gxomo6Cajl6vZTwv/lnDAX07BBf5MBFGxeq43OLWfvtwarvL8xURQ1nT
         qMwppWj1kDht2oXZ5fHKCEhI9Ez8ms++z41iy27zTb7mICt2Fq8aWNROaCxgy6J1FYXE
         HTow==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=++P6wgXl9qKHY8oLV9nh6Qjrevh+SMeG1j3am063YzI=;
        b=i4IphDAIxRaqmXLmydqicVtO+l/mvDxYbdNN4NkuA8NXw6YAXqTJDZtR88afuBuA3S
         mko0Nkr27F6rb4qxyo9CHqRStitBiVUyafDWHYUgJhk73A5KcGz2aAG2Oyd38AfoiWmj
         xR5knhUOpg6d87CrpqzTOaXZn5KbK0F58zyy6PU6HHiQwW2QXJSgdPHwKj3TXGcwsPPz
         S0lIzMV/ObMJP8e6e81o9USRwOnfyHw8fESSlt6uoPfNSGvKpU7pZ1rUL7OrECpwSak8
         isKkMIcbjD/ynKJ+WAMmW5udx5axgmQk2MmBbqVeHpJQlq16htv/Py2ld6kursTBRsCb
         zrBw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=l16FQYwf;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 q4-20020a17090a7a8400b0020388f845e9si9502772pjf.52.2022.10.14.13.10.12;
        Fri, 14 Oct 2022 13:10:25 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=l16FQYwf;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230414AbiJNUJp (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:09:45 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43400 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230295AbiJNUJa (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:30 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 83C111DA374
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778169; x=1697314169;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=1cRxN49Ycb0ZqM7NXfcXCT4mEZZNuFdDj1zsFuZk6o4=;
  b=l16FQYwfKrAUG2MOKClK7Y4JKdiDvDs7BeNUYVgwuHGjoJmFCGwG2AEA
   gHQn6dGhhLfxFG5nOvDGoaUb6/FjyvmWhXqkR6EGpTh+uYIbG9qt646uF
   YKpi4HJVf6BUmwRDrc/+1VlNsfFh2cXe4x7215Cm3dJbDu/vzrdb8GQ58
   Hiz89mW5KoJ3fdusXmxakMi0FyIJNeAfGx+7wufQc6qXImg4txS+pfEKm
   Wl822Qgl/15iUsBw2vlm4BuZYGMFpU0TDrm+v5fQsnH6A1OFbtWt+Q5Fu
   WdlxjfwGUXD2yWLlhcgXTW2YyJIEnfmSnQhsdZE82ucTaOUAUdjWoclrv
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202160"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202160"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870159"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870159"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:28 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 07/13] x86/microcode: Move late-load warning to earlier where
 kernel taint happens
Date: Fri, 14 Oct 2022 13:09:07 -0700
Message-Id: <20221014200913.14644-8-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695069190786461?=
X-GMAIL-MSGID: =?utf-8?q?1746695069190786461?=

Move where the late loading warning is being issued to earlier in the call.
This would put the warn and taint in the same function.

Just a tidy thing, no functional changes.

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/kernel/cpu/microcode/core.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 50652b019233..7a8fcb914b6a 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -571,9 +571,6 @@ static int microcode_reload_late(void)
 {
 	int old = boot_cpu_data.microcode, ret;
 
-	pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
-	pr_err("You should switch to early loading, if possible.\n");
-
 	/*
 	 * Used for late_load entry and exit rendezvous
 	 */
@@ -624,6 +621,8 @@ static ssize_t reload_store(struct device *dev,
 	if (ret)
 		goto put;
 
+	pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
+	pr_err("You should switch to early loading, if possible.\n");
 	tmp_ret = microcode_ops->request_microcode_fw(bsp, &microcode_pdev->dev, true);
 	if (tmp_ret != UCODE_NEW)
 		goto put;

From patchwork Fri Oct 14 20:09:08 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2802
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357480wrs;
        Fri, 14 Oct 2022 13:10:42 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM4NCBmIEqW2PJx0AzMeqBl6x/rVIlevm2s6U3uAHrbJcOaayYFJpRtT97OS1fEA8ERNJQJ2
X-Received: by 2002:a17:902:e5c3:b0:176:d1b9:ee33 with SMTP id
 u3-20020a170902e5c300b00176d1b9ee33mr7054998plf.122.1665778241656;
        Fri, 14 Oct 2022 13:10:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778241; cv=none;
        d=google.com; s=arc-20160816;
        b=yQ1F1M8wFEc3t/Evs9XPRMgsAZ3TsdaPmgCgGhk+wjiPBcxyGeXJhHgxrIZN4EAtv/
         biyFjsIrBpgsbSYCeAtOdz3SZJ6butPerTU767iKKD6Qy1ZzIDYJIuLqb3rs8KF91eZw
         Vqo9QaFn0GqK3l97/fi6So0T9uf942yVJzhfnkrCxRJlhhxK0/2Hz4hqXbSDdqX6r4Lj
         1NwJoMecic9dNXZw4iOSQyq3ATS/8KJUWpN5IyYNMPp0i79mKu8rYuz+BijTIev7FCp0
         LUtp3DI2xvSZl7d4zK3lrOpk3l8Jy0j2hjjjs4+grrCJDTiY++ronOr4xZqoVVDbbf0L
         1gBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=1CpODIDzW3gqS/wsuwzI0Mkb0KlcqkJMSbgRnk33jxw=;
        b=II2nE8YBllsidkeUWrTV+qwei/tRjMJq2MbFsHLxJlz00g63tAOmuU4pkszncSAQbU
         1LIZEBq5cz4Ox6Gst4VvzshgMv83XKflgSjPKVIX9EL84TOEJQ6p6GZJHtaXc9irUI1p
         fDcmL9UVNeXTppfwvtYsnYhvp8KjVQc0ZOEQIGpsEmofUeEyCnEPJG+b71pq3LGno9sX
         xDHp8aw2Mugi7AdLFZyMbVATzC1r3I4z/wxh/+4NmLWBFKpHxx2x4evekEaW/L46Gpys
         ZmcyRXLqrrwdrdfKZDGhpPDH5FONTG7n3K7QB2NVvNZgKxHk6nD8DA4m+JQuOsmWfCf0
         OdOA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=YjvKLyWE;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 l3-20020a655603000000b00434dd5dc135si3743430pgs.855.2022.10.14.13.10.27;
        Fri, 14 Oct 2022 13:10:41 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=YjvKLyWE;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231288AbiJNUKD (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:10:03 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43472 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230353AbiJNUJd (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:33 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 794F81DA379
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778170; x=1697314170;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=PfIf2Cma+MnvIuRcKLEmWaD4K88xeMCHSq0iB6JP3yE=;
  b=YjvKLyWESmBP1cwT8Z+WGnnR1OQcaTtLHhTjXt/jCwEtDGUJjI80ZiY8
   MnHSTt4u6sk4dWAeZnCn3+eV5mWr/qfcWd3fDP2LW5HpAm3Q9YCT6Xzxg
   qpM2JzJHksWldUBigvBkhY+XyvdWNbnRZ59OdeZ17B6Rnr5b7x4Q0z7Vy
   eRJwGfbt7qb6QzFEZgcojs8jx4YZx7lWIaAdxv8VaNH9vMfAOn5f6c1TQ
   IwbPN6FMzAVHXMO7ALCDhffPB9ElfWw7xVZQfomZzJaEcEsw3S6R1INCe
   HGc/UjYAmLoLnbceSiQ8txcz985G1TjjPF3intSOoc+6azTbxK6fEPoR0
   w==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202161"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202161"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870162"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870162"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:28 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 08/13] x86/microcode/intel: Add minimum required revision to
 microcode header
Date: Fri, 14 Oct 2022 13:09:08 -0700
Message-Id: <20221014200913.14644-9-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695085645085130?=
X-GMAIL-MSGID: =?utf-8?q?1746695085645085130?=

In general users don't have the necessary information to determine
whether a late loading of a new microcode version has removed any feature
(MSR, CPUID etc) between what is currently loaded and this new microcode.
To address this issue, Intel has added a "minimum required version" field
to a previously reserved field in the file header. Microcode updates
should only be applied if the current microcode version is equal
to, or greater than this minimum required version.

Thomas made some suggestions[1] on how meta-data in the microcode file
could provide Linux with information to decide if the new microcode is
suitable candidate for late loading. But even the "simpler" option#1
requires a lot of metadata and corresponding kernel code to parse it.

The proposal here is an even simpler option. Simply "OS visible features"
such as CPUID and MSRs are the only two examples. The microcode must not
change these OS visible features because they cause problems after late
loading. When microcode changes features, microcode will change the min_rev
to prevent such microcodes from being late loaded.

Pseudo code for late loading is as follows:

if header.min_required_id == 0
        This is old format microcode, block late loading
else if current_ucode_version < header.min_required_id
        Current version is too old, block late loading of this microcode.
else
        OK to proceed with late loading.

Any microcode that modifies the interface to an OS-visible feature
will set the min_version to itself. This will enforce this microcode is
not suitable for late loading unless the currently loaded revision is
greater or equal to the new microcode affecting the change.

The enforcement is not in hardware and limited to kernel loader enforcing
the requirement. It is not required for early loading of microcode to
enforce this requirement, since the new features are only
evaluated after early loading in the boot process.


Test cases covered:

1. With new kernel, attempting to load an older format microcode with the
   min_rev=0 should be blocked by kernel.

   [  210.541802] Late loading denied: Microcode header does not specify a
   required min version.

2. New microcode with a non-zero min_rev in the header, but the specified
   min_rev is greater than what is currently loaded in the CPU should be
   blocked by kernel.

   245.139828] microcode: Late loading denied: Current revision 0x8f685300 is too old to update, must be at 0xaa000050 version or higher. Use early loading instead.

3. New microcode with a min_rev < currently loaded should allow loading the
   microcode

4. Build initrd with microcode that has min_rev=0, or min_rev > currently
   loaded should permit early loading microcode from initrd.

[1] https://lore.kernel.org/linux-kernel/alpine.DEB.2.21.1909062237580.1902@nanos.tec.linutronix.de/


Tested-by: William Xie <william.xie@intel.com>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/include/asm/microcode_intel.h |  4 +++-
 arch/x86/kernel/cpu/microcode/intel.c  | 25 ++++++++++++++++++++++---
 2 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/arch/x86/include/asm/microcode_intel.h b/arch/x86/include/asm/microcode_intel.h
index 4c92cea7e4b5..bc893dd68b82 100644
--- a/arch/x86/include/asm/microcode_intel.h
+++ b/arch/x86/include/asm/microcode_intel.h
@@ -14,7 +14,9 @@ struct microcode_header_intel {
 	unsigned int            pf;
 	unsigned int            datasize;
 	unsigned int            totalsize;
-	unsigned int            reserved[3];
+	unsigned int            reserved1;
+	unsigned int		min_req_ver;
+	unsigned int		reserved3;
 };
 
 struct microcode_intel {
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index e08777ae9cc4..46edce811c69 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -163,13 +163,14 @@ static void save_microcode_patch(struct ucode_cpu_info *uci, void *data, unsigne
 		intel_ucode_patch = p->data;
 }
 
-static int microcode_sanity_check(void *mc, int print_err)
+static int microcode_sanity_check(void *mc, int print_err, bool late_loading)
 {
 	unsigned long total_size, data_size, ext_table_size;
 	struct microcode_header_intel *mc_header = mc;
 	struct extended_sigtable *ext_header = NULL;
 	u32 sum, orig_sum, ext_sigcount = 0, i;
 	struct extended_signature *ext_sig;
+	struct ucode_cpu_info uci;
 
 	total_size = get_totalsize(mc_header);
 	data_size = get_datasize(mc_header);
@@ -240,6 +241,24 @@ static int microcode_sanity_check(void *mc, int print_err)
 		return -EINVAL;
 	}
 
+	/*
+	 * When late-loading, enforce that the current revision loaded on
+	 * the CPU is equal or greater than the value specified in the
+	 * new microcode header
+	 */
+	if (late_loading) {
+		if (!mc_header->min_req_ver) {
+			pr_warn("Late loading denied: Microcode header does not specify a required min version\n");
+			return -EINVAL;
+		}
+		intel_cpu_collect_info(&uci);
+		if (uci.cpu_sig.rev < mc_header->min_req_ver) {
+			pr_warn("Late loading denied: Current revision 0x%x too old to update, must be at 0x%x or higher. Use early loading instead\n",
+				uci.cpu_sig.rev, mc_header->min_req_ver);
+			return -EINVAL;
+		}
+	}
+
 	if (!ext_table_size)
 		return 0;
 
@@ -281,7 +300,7 @@ scan_microcode(void *data, size_t size, struct ucode_cpu_info *uci, bool save)
 		mc_size = get_totalsize(mc_header);
 		if (!mc_size ||
 		    mc_size > size ||
-		    microcode_sanity_check(data, 0) < 0)
+		    microcode_sanity_check(data, 0, false) < 0)
 			break;
 
 		size -= mc_size;
@@ -835,7 +854,7 @@ static enum ucode_state generic_load_microcode(int cpu, struct iov_iter *iter)
 		memcpy(mc, &mc_header, sizeof(mc_header));
 		data = mc + sizeof(mc_header);
 		if (!copy_from_iter_full(data, data_size, iter) ||
-		    microcode_sanity_check(mc, 1) < 0) {
+		    microcode_sanity_check(mc, 1, true) < 0) {
 			break;
 		}
 

From patchwork Fri Oct 14 20:09:09 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2805
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp359220wrs;
        Fri, 14 Oct 2022 13:14:55 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM4fcrv1EN5qYjpBODB25VrhDXeUSpLNuyYCixs/d5PjE4g3jlsUxSYcB69hMN/bP+NNj7Mp
X-Received: by 2002:a17:906:6a16:b0:78d:e4b3:5365 with SMTP id
 qw22-20020a1709066a1600b0078de4b35365mr4889559ejc.107.1665778494974;
        Fri, 14 Oct 2022 13:14:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778494; cv=none;
        d=google.com; s=arc-20160816;
        b=vyXPD4MYLpqQwMA22GVK6kfvDk9Mr9RuJH7SmbiWs7UAywQUuex6b8l3bLDRl+A6es
         oaC0girKyi3w8EQwE3K4I/nDenqCXDtx2JVedRTgxv86pejjJL6wIunx4K1E2qiOYdY/
         UM7a9awKhINSKxs4yDcIdj29asegwbNEpm+s2Z6ONr5hd8TKTrNEor6LmvLXEkJqfzMC
         tZ1ypRlpU2wJYNSV9hA3ZidIgg6GuSKozedkx7QoM+TklTDOwPbX6FMN2PZZmBed+oep
         VnC03LaE0xsI12xkzkEzoSFe4J32qCeavi4LWYy3567MJg2CskfkzIHSO7ZfSPUZcAOn
         J8yw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=UrZkeJJnNQ1dzO1aPwTLB4vCMpatGe+TCsgbu+UTK5w=;
        b=IzbBk6EsFDfs9rIH0REb4r64SXl+x3srAbJKE+3/rrjffg9uJwDSXjsb68Uu5OmPC3
         xT4uGqFkNJT7++Ym5NYrvP2jT+DwrcYGnrSlbZCHQQD5RqtCIm5FaV8jBWce6BSU9tAf
         DWi816fO/7F5OzXJScgt64+1fS88Xsk8FlIxwU4Cp1GFDYKgpE+8Nmu6UB2MXXgZx5XC
         q8ofLVxfy9xu7AHAHSFD7xM111+RzJtHBLIZ8m1s+9bv6fxoAtU3KIygdct+4W6RF5MS
         rpoB/tus7r5eHoHBfMJzMsO37f6CqoY3T/4HhV3X9JN7aLBsQuUp4bbrWUg5RzwN6gnM
         mVhw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=AT0Yqrmb;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 mp30-20020a1709071b1e00b0078e27ef9510si1785918ejc.747.2022.10.14.13.14.29;
        Fri, 14 Oct 2022 13:14:54 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=AT0Yqrmb;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230417AbiJNUKT (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:10:19 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43492 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231195AbiJNUJo (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:44 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A06B81DA37C
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778173; x=1697314173;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=cFJU+EWuF6ICxOqV1eb2P+F38ins8YONFjIm4oOMQXA=;
  b=AT0Yqrmb+xWRh3xy7CfcAePGDtTa20nwZf1dxfMjd9OzRbkKfYyCGscV
   JXCnBMu2kY8HivKOBZ16i3Zdx/sJw+GkMux+wtNR6dentesPSJu624qgj
   xw4cq2hRMe4QWc88HkgSq6Pu9lgT1SwQcFNBsma9ZFOpTTeze+PWyUolx
   L8iquCFYd4MN3oyE4XXQgDfZUM5P82rMhYOoETWmE2lXAQz/YyWGXt+qQ
   dVOz/j5rnqPD0oEETvyzaUaKQNkClvTlDuXZ8KMBttAkzil9xSFbPedt2
   8T4pRXBdOMshtod5sMQa7hudhnmyw1zvRhw/iDs/JJIHSnHBymihbUbq1
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202162"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202162"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870165"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870165"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 09/13] x86/microcode: Add a generic mechanism to declare
 support for minrev
Date: Fri, 14 Oct 2022 13:09:09 -0700
Message-Id: <20221014200913.14644-10-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695351056812540?=
X-GMAIL-MSGID: =?utf-8?q?1746695351056812540?=

Intel microcode adds some meta-data to report a minimum required revision
before this new microcode can be late-loaded. There are no generic mechanism
to declare support for all vendors.

Add generic support to microcode to declare support, so the tainting and
late-loading can be permitted in those architectures that support reporting
a minrev in some form.

Late loading has added support for

- New images declaring a required minimum base version before a late-load
  is performed.
- Improved NMI handling during update to avoid sibling threads taking NMI's
  while primary is still not complete with the microcode update.

With these changes, late-loading can be re-enabled. Tainting only happens
on architectures that don't support minimum required version reporting.

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/include/asm/microcode.h      |  1 +
 arch/x86/kernel/cpu/microcode/core.c  | 14 +++++++++++---
 arch/x86/kernel/cpu/microcode/intel.c |  6 ++++++
 arch/x86/Kconfig                      |  7 ++++---
 4 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 401213fb2e4a..0c0bbc26560f 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -59,6 +59,7 @@ enum ucode_state {
 };
 
 struct microcode_ops {
+	int (*check_minrev) (void);
 	enum ucode_state (*request_microcode_fw) (int cpu, struct device *,
 						  bool late_loading);
 
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 7a8fcb914b6a..46e9c2d8fae0 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -606,6 +606,7 @@ static ssize_t reload_store(struct device *dev,
 	enum ucode_state tmp_ret = UCODE_OK;
 	int bsp = boot_cpu_data.cpu_index;
 	unsigned long val;
+	int minrev;
 	ssize_t ret = 0;
 
 	ret = kstrtoul(buf, 0, &val);
@@ -621,8 +622,14 @@ static ssize_t reload_store(struct device *dev,
 	if (ret)
 		goto put;
 
-	pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
-	pr_err("You should switch to early loading, if possible.\n");
+	if (microcode_ops->check_minrev())
+		minrev = microcode_ops->check_minrev();
+
+	if (!minrev) {
+		pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
+		pr_err("You should switch to early loading, if possible.\n");
+	}
+
 	tmp_ret = microcode_ops->request_microcode_fw(bsp, &microcode_pdev->dev, true);
 	if (tmp_ret != UCODE_NEW)
 		goto put;
@@ -637,7 +644,8 @@ static ssize_t reload_store(struct device *dev,
 	if (ret == 0)
 		ret = size;
 
-	add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
+	if (!minrev)
+		add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
 
 	return ret;
 }
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index 46edce811c69..c8ee53fcf04d 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -950,7 +950,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device,
 	return ret;
 }
 
+static int intel_check_minrev(void)
+{
+	return 1;
+}
+
 static struct microcode_ops microcode_intel_ops = {
+	.check_minrev			  = intel_check_minrev,
 	.request_microcode_fw             = request_microcode_fw,
 	.collect_cpu_info                 = collect_cpu_info,
 	.apply_microcode                  = apply_microcode_intel,
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index f9920f1341c8..a01fce1092ce 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1336,15 +1336,16 @@ config MICROCODE_AMD
 	  processors will be enabled.
 
 config MICROCODE_LATE_LOADING
-	bool "Late microcode loading (DANGEROUS)"
-	default n
+	bool "Late microcode loading"
+	default y
 	depends on MICROCODE
 	help
 	  Loading microcode late, when the system is up and executing instructions
 	  is a tricky business and should be avoided if possible. Just the sequence
 	  of synchronizing all cores and SMT threads is one fragile dance which does
 	  not guarantee that cores might not softlock after the loading. Therefore,
-	  use this at your own risk. Late loading taints the kernel too.
+	  use this at your own risk. Late loading taints the kernel, if it
+	  doesn't support a minimum required base version before an update.
 
 config X86_MSR
 	tristate "/dev/cpu/*/msr - Model-specific register support"

From patchwork Fri Oct 14 20:09:10 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2807
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp361567wrs;
        Fri, 14 Oct 2022 13:21:25 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM6B3CsaqCvP+BN8YqaBwUWtytWMP7tXwmb3iKMNuaptQ9l3rlCZ6ZPgIDC5QtKW4+Pp+Q1j
X-Received: by 2002:a17:907:1c17:b0:78d:df89:26c6 with SMTP id
 nc23-20020a1709071c1700b0078ddf8926c6mr5061836ejc.20.1665778873911;
        Fri, 14 Oct 2022 13:21:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778873; cv=none;
        d=google.com; s=arc-20160816;
        b=AdUSwJZRhbsmFEbTq5Ujw81PSIyxfPCYs1TJihYMHzHBwwREXYB3Szf1P33J4l4eZ2
         WEd01HiApaGPyUHULQPEZHaWdtvG92t6/s3Zh+ss6HQAp7CpXcYB6af5k91RQ26dSPzc
         FSecf55r3zqgwkK7Zk+SwwaD6H+kKtLlqA1zHu3DTZRHgUzgYkIZ2nm4DmszXLZMWCWz
         U47ki+YEEjkX9fy+7yf/U1um/NcGAxe9Xzn8fXcTZtI8HVckphtAF8Woa3Go46axMtOd
         HO5Ph7/MKqB2EA369M+q/vAtBGjb09o+bV087/3/Cq1mdbo3pib7urbEUWKNM0QZTGSv
         0AhA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=EcvNSf+mhGNEOEmWpy5yrgq6NvtmIIRHMHr5vJC+tTs=;
        b=yBabHjeknc6CcnczOZLGNuxqZxAAMWgd5YI10e9tffSJBS7fqnHdaJl+e1yyMP1kFb
         bzeeeTMasxTE1/7I8SA+bQZsN7aUrZ0vWzpYCmJE7D5O/iKSEK47bNLXAzMXw0920vHf
         hNfzqvGAlZLmSWv+j/hTbi8UiUL+hQk3mj+SbnbzSoOgAN7BGZP39UPLTz4F4Eyl1loP
         ppZdrrLya2zajjEc/WI5AbxrEvdOT1U95Y2XjN8qg1Qou/K5A/1UvLUVp2mlpSqJwQ4M
         U5zIBGMrtXugyBUjQuwn55Lej1ZSjUTiHLR+TLhIJql+1P7UN3MPUGAH279aIVn9JCXY
         4T4A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=npHVmWxf;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 j20-20020a1709066dd400b0077eca9fa444si2785303ejt.187.2022.10.14.13.20.48;
        Fri, 14 Oct 2022 13:21:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=npHVmWxf;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231341AbiJNUKM (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:10:12 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43480 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231140AbiJNUJl (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:41 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9F2FB31F8E
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778173; x=1697314173;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=2pjEdcguM+RaAzdUc4p+bz90Q4KG/RsiJEhTjRZleaQ=;
  b=npHVmWxfTdptITY47HoMqIntmM7g1nVijUfHg1VqaDEolGt0oKbtYJTN
   g1K+pfLj5hFMbMWojG4mOTozkHKVPi0AxjJ1h2hjyNhit9OpW1/HVlU8L
   fdLKTlDPVzU/3UA3XT3pQ58miwuEYF/WMmRgL7iBiiSIAjoJXq8SgDPkO
   C/TjI0IYNhkShJiYD6ECoIjN4TZoyY4zWsSPpfmVTbPZlMMSxUhI2agl6
   N7JItK5ldqimjAtQ9JAVMYYUZVsUjVG+QqlXeC87O/g4Q1dVZJLS46JKW
   e/SREhT00iqMtJebf1Ug9IwQWQrPRPtlVfrFJF7wBGH2ipHARi6qrrgUw
   A==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202163"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202163"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870168"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870168"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 10/13] x86/microcode/intel: Drop wbinvd() from microcode
 loading
Date: Fri, 14 Oct 2022 13:09:10 -0700
Message-Id: <20221014200913.14644-11-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695748559308791?=
X-GMAIL-MSGID: =?utf-8?q?1746695748559308791?=

Some older processors had a bad interaction when updating microcode if the
caches were dirty causing machine checks. The wbinvd() was added to
mitigate that before performing microcode updates. Now that Linux checks
for the minimum version before performing an update, those microcode
revisions can't be loaded. Remove calls to wbinvd().

Reviewed-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/kernel/cpu/microcode/intel.c | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index c8ee53fcf04d..c61aa661ac2f 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -541,11 +541,6 @@ static int apply_microcode_early(struct ucode_cpu_info *uci, bool early)
 	}
 
 	old_rev = rev;
-	/*
-	 * Writeback and invalidate caches before updating microcode to avoid
-	 * internal issues depending on what the microcode is updating.
-	 */
-	native_wbinvd();
 
 	/* write microcode via MSR 0x79 */
 	native_wrmsrl(MSR_IA32_UCODE_WRITE, (unsigned long)mc->bits);
@@ -773,12 +768,6 @@ static enum ucode_state apply_microcode_intel(int cpu)
 		goto out;
 	}
 
-	/*
-	 * Writeback and invalidate caches before updating microcode to avoid
-	 * internal issues depending on what the microcode is updating.
-	 */
-	native_wbinvd();
-
 	/* write microcode via MSR 0x79 */
 	wrmsrl(MSR_IA32_UCODE_WRITE, (unsigned long)mc->bits);
 

From patchwork Fri Oct 14 20:09:11 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2803
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp357542wrs;
        Fri, 14 Oct 2022 13:10:48 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM7oexS9sPUO/p+Xg/xnVcjSinC7lGAV7TMbP9W/UEvc51IIN5BwOM+scfh0guTcHxUM0rc9
X-Received: by 2002:a17:90b:1c0e:b0:20d:8cc5:23e5 with SMTP id
 oc14-20020a17090b1c0e00b0020d8cc523e5mr7745905pjb.111.1665778248695;
        Fri, 14 Oct 2022 13:10:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778248; cv=none;
        d=google.com; s=arc-20160816;
        b=hyqIzR8VK+an5sHWCDOabF2M7OuWsmP9wVC+fqv34nApcDp8emBKCAYO6vjLiVs+49
         lizwtAPtAi9FI53Vd2mFfp6xoaom20guZqyeT3+mcRSfK0WCMyy6K93nMuQL0TwVRF/l
         bL5iOBF8myGSi8ens67kU0L8X1RQZapWDzA8k7GcJFfsMuVNOEPu4bFi6cUrpOsJLxsE
         pEAdeuzEd/z7SVHOa+EKfIW+TNEW532elPLQJkuwDjXAlQxIqm4lJv23CwjKdpchBgD8
         lj2eu3kUBQYtjxmC9tVLvaKvOKyLJKtO67WzKqa0P1aAe6giT6uN4cpr/zAMNQH0fqoh
         bGNA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=o75IJeRTMhlr5rUrMEWn2eLwCM6VBTxC+W6u+025BGQ=;
        b=z7+4Y3vmj8z+EgQyzQKND8IMJFfXJaia/2KkpVE5UAwjCQKtm7nBBTuVvAXNBm8IJe
         n01aQfET30590g8aOMVlsrRX83o84GtBQ/uyskAQ0VUWyRIRePWK09g9gydAWk3KoE6C
         rZoWBVoTufXbFXTo/m+7/5DjWavhybF2h9C9nuVAIQy4MusUL16Ud45biPshVHk95y0O
         mO8AYUDKGEtbptwsSfkdXLqY6is1WHLq4KT0YHvYc+grygQzVW9yIQY11RDHAwEVnCcy
         DneydZURMfUELmIG8WAe13wZdpR8Y+kDQ7EqaoAHFlkeHqb/MDUVCW5g1OQW8iXgM8Hu
         bfgQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b="HlT/d2fi";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 r29-20020a63205d000000b0043bd8458031si3316912pgm.435.2022.10.14.13.10.33;
        Fri, 14 Oct 2022 13:10:48 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b="HlT/d2fi";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231315AbiJNUKI (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:10:08 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43472 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230350AbiJNUJl (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:41 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9EE8631F8D
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778173; x=1697314173;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=YFnBOmGNu42irRQ8A9ppZsDFGbe8312PDPwfzklaNps=;
  b=HlT/d2fiLCAdNMeFuTpiSKbehE4UeoIQrHiMXr6EWzg3YR6I7QjkHavE
   kYS4iJjL9H3wfOXPXwSETJlvk6ByJcj9IMKhX/wD8mTtj3VuPQekeJJ/j
   bila+OSPyfL1CL/ZrxzNzAdr3S+2K7sdG5LMu2kM78sgyRp+tv4CpXyV3
   3TlZbTdQByTSbxKzG80FZz300J61LLozJc0tLQpMXOCbnR7XnB4OKEfgu
   8hDDchlBksJ94ID+c/65TM099M1ZqJXUKuEL8fCAMDYpSlxIv1llGm1lN
   4iDP9hWvSJHB7XHhF97dIyPdIci83nRi1H42UigW4eGZcklYaxmCSYaRQ
   A==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202164"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202164"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870171"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870171"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 11/13] x86/microcode: Display revisions only when update is
 successful
Date: Fri, 14 Oct 2022 13:09:11 -0700
Message-Id: <20221014200913.14644-12-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695092582704589?=
X-GMAIL-MSGID: =?utf-8?q?1746695092582704589?=

Display the update message only when its successful

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/kernel/cpu/microcode/core.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 46e9c2d8fae0..c6cd815190b1 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -592,8 +592,9 @@ static int microcode_reload_late(void)
 
 	unregister_nmi_handler(NMI_LOCAL, "ucode_nmi");
 
-	pr_info("Reload completed, microcode revision: 0x%x -> 0x%x\n",
-		old, boot_cpu_data.microcode);
+	if (!ret)
+		pr_info("Reload completed, microcode revision: 0x%x -> 0x%x\n",
+			old, boot_cpu_data.microcode);
 
 done:
 	return ret;

From patchwork Fri Oct 14 20:09:12 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2808
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp362031wrs;
        Fri, 14 Oct 2022 13:22:58 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM4WwKEjA+VEmgUixUWpekv38jiJx0THFvL2GteuDV5UdRwxOko3Q5LxHbV4wcb7uSF4dShG
X-Received: by 2002:a17:907:3ea7:b0:78d:cb74:3d1f with SMTP id
 hs39-20020a1709073ea700b0078dcb743d1fmr4823794ejc.483.1665778978458;
        Fri, 14 Oct 2022 13:22:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778978; cv=none;
        d=google.com; s=arc-20160816;
        b=edxnDl8sY5dPJfHx0qfanikdLc0cY+GxAv4+qB8ZwjLt+OMopb6aXCbpIEmElce3eu
         gsGu5dPTOYsgx113z5rCbNNaF35g0zvuhZJLYKOW9zdPEkgwWBLwhLbinCBDfMBCdUob
         jSf+1ALMETnM9NbHSpZJA26C7JP8YazhXd812R4H+ccnCO9uxes/PFjDAFEm5uCHFfya
         +RBA3uAJlbn5iRwyOJUQQMK7urOcqunTA0yZl8yUHAwMHveLM3UJq1MyM48C1yw23qgh
         gP8cRJJNBYjb2eRVWE4Hs6/fNmVS3NMs17mJqgwtW+gSX5o2JluMAI+lUGVuuB4wVpbr
         EYDQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=uxePnAzeM2dLnav6+gyFrFRg4dw/E7trkqCaXNNohB0=;
        b=w5n+ZCvlHLX5cyCcSx448GgVqaCbSVslPV5ZPdADHng0qi0zjzFnpfNajdNDgFreO0
         bqJM69YJpyj2y9o4IO6ZHcu7UZqT8++fiXs1T1SEKP6SE5QBw6rmZcSLebIbSwsH3X4q
         v+T2OBv3fIFoWLp9cIwfyg8W107FV9Zw311X2+dAo1EjTx3hez6Mcb3KdTQ0RgS5g860
         G+nHwa1UDOkEMOHmhR4SJcsW+6jL2XXzPAf0lRop1QckgTBEjn79K6zyspzS3HqoJnSK
         p+9GZ9YT4z+pG2W1iQcKQhVLn/qtQFRX7Y9JSd1Zsf/tEFDbNlaf3jgTJVBFzOzllrLE
         glrQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=V9KTCQuz;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 e1-20020a50a681000000b0045c10a55f2fsi3172798edc.322.2022.10.14.13.22.33;
        Fri, 14 Oct 2022 13:22:58 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=V9KTCQuz;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231411AbiJNUKZ (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:10:25 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44444 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230223AbiJNUJp (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:45 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6C93460EE
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778180; x=1697314180;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=CBz/7lxJZaflX3sQlihmPqqyt+MkEvJf/otWozrj7fk=;
  b=V9KTCQuz8d9ofFEBI16HrYXUKXuVfvSanQ/KvBTH0SU2oE7ss4E92VDd
   BzTCUmh7Xhspu8WZcqQ4Fqi69sxBSpu1mXw16strCP13PMvbhQ/iEpWPk
   8sAN2quna93/ligMJAvM+FxzSVdD73MlN8CY7YL8SmKQbYGsfv051xynl
   3or7E98/0WUEot8QsXTtsw4IlDF+P9nNTAd3o7S6SlQBhjM5myRlh6u16
   MP4BA4ImxdkFHX+RTsWAIRIoHoRyx9GaYKNwT6AVYcVbVI8kpVeLF7hgL
   Dvutkg+9r59s9wX8+sGGgo+TBcxQoSPKJPGD2/jZg+sWLJhTfCMkTxqL+
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202165"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202165"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:30 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870174"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870174"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:29 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 12/13] x86/mce: Warn of a microcode update is in progress when
 MCE arrives
Date: Fri, 14 Oct 2022 13:09:12 -0700
Message-Id: <20221014200913.14644-13-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695858096088340?=
X-GMAIL-MSGID: =?utf-8?q?1746695858096088340?=

Due to the nature of microcode updates to long flow instructions, its
possible if an MCE is taken when microcode update is in progress could be
dangerous. There is nothing the kernel can do to mitigate safely.

Drop some bread crumbs to note that a MCE happened while a microcode update
is also in progress.

Suggested-by: Boris Petkov <bp@alien8.de>
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/include/asm/microcode.h     | 1 +
 arch/x86/kernel/cpu/mce/core.c       | 5 +++++
 arch/x86/kernel/cpu/microcode/core.c | 4 ++++
 3 files changed, 10 insertions(+)

diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 0c0bbc26560f..38b501d842de 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -41,6 +41,7 @@ struct ucode_patch {
 };
 
 extern struct list_head microcode_cache;
+extern int ucode_updating;
 
 struct cpu_signature {
 	unsigned int sig;
diff --git a/arch/x86/kernel/cpu/mce/core.c b/arch/x86/kernel/cpu/mce/core.c
index 2c8ec5c71712..1f05aec9880f 100644
--- a/arch/x86/kernel/cpu/mce/core.c
+++ b/arch/x86/kernel/cpu/mce/core.c
@@ -46,6 +46,7 @@
 #include <linux/hardirq.h>
 
 #include <asm/intel-family.h>
+#include <asm/microcode.h>
 #include <asm/processor.h>
 #include <asm/traps.h>
 #include <asm/tlbflush.h>
@@ -1425,6 +1426,10 @@ noinstr void do_machine_check(struct pt_regs *regs)
 	else if (unlikely(!mca_cfg.initialized))
 		return unexpected_machine_check(regs);
 
+	instrumentation_begin();
+	if (unlikely(ucode_updating))
+		pr_warn("MCE triggered while microcode update is in progress\n");
+	instrumentation_end();
 	if (mce_flags.skx_repmov_quirk && quirk_skylake_repmov())
 		goto clear;
 
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index c6cd815190b1..eb2caa74de01 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -49,6 +49,8 @@ static bool dis_ucode_ldr = true;
 
 bool initrd_gone;
 
+int ucode_updating;
+
 LIST_HEAD(microcode_cache);
 
 /*
@@ -586,7 +588,9 @@ static int microcode_reload_late(void)
 		goto done;
 	}
 
+	ucode_updating = 1;
 	ret = stop_machine_cpuslocked(__reload_late, NULL, cpu_online_mask);
+	ucode_updating = 0;
 	if (ret == 0)
 		microcode_check();
 

From patchwork Fri Oct 14 20:09:13 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashok Raj <ashok.raj@intel.com>
X-Patchwork-Id: 2806
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp359933wrs;
        Fri, 14 Oct 2022 13:16:28 -0700 (PDT)
X-Google-Smtp-Source: 
 AMsMyM5fHh5aFqRKIGyGl7QByJFu2Y2CJeRz4s0y7lwXAbrxDORXfEeaDG9DPkSZzL+d+C6acxK2
X-Received: by 2002:a17:906:5a6a:b0:78d:d25e:55de with SMTP id
 my42-20020a1709065a6a00b0078dd25e55demr4673422ejc.130.1665778587975;
        Fri, 14 Oct 2022 13:16:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665778587; cv=none;
        d=google.com; s=arc-20160816;
        b=aR+Xtt/a3QnQCskZX8T4IRkTuimOrwrU6Pas1Z9qQXJGpLROinR+zGNDyVnCer6QIz
         +wWemJKRVO2s3YwMWXHdt2kn7wSTALjo3XmKqVr5+CB9xNMJm+u4DU1mipIAh5rvVwiV
         Hm1MnMhy3hI/E3kB2tgb3GHoJH7r2LzCVO1T+ywi+ndbQLnJjWI/JxPo5dAxnd44M3eX
         GYuKEyhvxNItHY/6Wiuxh5vx1bMLKGTdCEkyvHl7niS05FnCaf+nz4Vt6WW0CRH4tqTX
         wU4wwh9bdJVFCeX7myaGD3rgGvfYe/AEAQ8CBxZ6I74pz3OYavqG9I0UFufEb3UFnh5c
         IJRA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=uk15q80pulU97WNHlukFj5tAPMN9bW03JA+GUS+J0aI=;
        b=XtF8od11Qk7lXPdbIqndAcg4Gb3RcEk2e1setzdqMXP6ElgfEeoou+EUJQ9cnfjJvQ
         RtU3HxbvkZ9QGHb+mDZBEwPBHOdIEhMgtZ9I3EMcHeFxk/Jq2im+I3HtcFeGhyqmQGX0
         V3y/34MoiS+UIV5b09F4CVPV1ANseqNsocFV5PN/sWSw8ve7w6SFuovsOFX8St5zIxBl
         G/Yq+E4ATF3CEvLu1g/R/dBJdF0CCSoOtR1lbnTiv0hcrnmPlPfHtk4EAQFUuDHY84fS
         fNfk+cmMt7kaVgyXdeIoZKjBzYpgttB8RKVWdsnCcUj5dzvPEwf4gLiskVysTfihQT9O
         vtaw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=aw5GyYd5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 i13-20020a1709064fcd00b00780def41dc4si3291147ejw.527.2022.10.14.13.16.01;
        Fri, 14 Oct 2022 13:16:27 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=aw5GyYd5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231426AbiJNUKa (ORCPT <rfc822;ouuuleilei@gmail.com> + 99 others);
        Fri, 14 Oct 2022 16:10:30 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44674 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231228AbiJNUJv (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Oct 2022 16:09:51 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6C84B60CE
        for <linux-kernel@vger.kernel.org>;
 Fri, 14 Oct 2022 13:09:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665778180; x=1697314180;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=6cM75GDPnUUJqdYjmwAm7JmYWSS9Q+SvC5L064x5New=;
  b=aw5GyYd5w+RM8KVAEsGW7aV2Y06KywkZvowfQjkYUC5p0de2hVxt5o99
   fr7hV3hBq1z6gYX/W6qNQvBLJEYxEh5Zgl79mB0XlR8mjHA6kSv4Fj1PD
   NXC/K3+ON12rzkPm88j2m0Rd7s7Gfe8UspuQk/TJIfrknrcdoGNH9oAVA
   RHDvFAn3NduSSHzk5tiN2t8FNvfuFeUNvRIy7OJQcWa0eOaIlOn5QAhUK
   TL99gsq5gjwbJbS0mj+LgOjoFXz61JunzqNiJ/cHviLhNITb8Qqj7ooYJ
   tDpg3xkOZW09bYz+i/z4KP6Qhfwx5azqXUQrkY/SL4XAx8itNmDiFtOH7
   Q==;
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="304202166"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="304202166"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:30 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10500"; a="716870177"
X-IronPort-AV: E=Sophos;i="5.95,185,1661842800";
   d="scan'208";a="716870177"
Received: from araj-ucode.jf.intel.com ([10.23.0.19])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Oct 2022 13:09:30 -0700
From: Ashok Raj <ashok.raj@intel.com>
To: Borislav Petkov <bp@alien8.de>,
        Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML Mailing List <linux-kernel@vger.kernel.org>,
        X86-kernel <x86@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Arjan van de Ven <arjan.van.de.ven@intel.com>,
        Jacob Jun Pan <jacob.jun.pan@intel.com>,
        Ashok Raj <ashok.raj@intel.com>
Subject: [PATCH 13/13] x86/microcode/intel: Add ability to update microcode
 even if rev is unchanged
Date: Fri, 14 Oct 2022 13:09:13 -0700
Message-Id: <20221014200913.14644-14-ashok.raj@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221014200913.14644-1-ashok.raj@intel.com>
References: <20221014200913.14644-1-ashok.raj@intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE,T_PDS_OTHER_BAD_TLD autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1746695448817616604?=
X-GMAIL-MSGID: =?utf-8?q?1746695448817616604?=

This comes in handy for testing without the need for a new microcode file.
It introduces a new boot parameter ucode_load_same, or it can be switched
dynamically at run time via debugfs file
/sys/kernel/debug/microcode/load_same.

NOT_FOR_INCLUSION:
Leave it to the discretion of Boris if its suitable for inclusion. It will
at least serve to validate some parts of the series without the need for a
new microcode.

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
---
 arch/x86/include/asm/microcode.h      |  2 ++
 arch/x86/kernel/cpu/microcode/amd.c   |  2 +-
 arch/x86/kernel/cpu/microcode/core.c  | 22 +++++++++++++++++-----
 arch/x86/kernel/cpu/microcode/intel.c |  4 ++--
 4 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 38b501d842de..4baca634c2f7 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -43,6 +43,8 @@ struct ucode_patch {
 extern struct list_head microcode_cache;
 extern int ucode_updating;
 
+extern bool ucode_load_same;
+
 struct cpu_signature {
 	unsigned int sig;
 	unsigned int pf;
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index c18d3f01a452..124461e2d7a1 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -694,7 +694,7 @@ static enum ucode_state apply_microcode_amd(int cpu)
 	rdmsr(MSR_AMD64_PATCH_LEVEL, rev, dummy);
 
 	/* need to apply patch? */
-	if (rev >= mc_amd->hdr.patch_id) {
+	if (rev >= mc_amd->hdr.patch_id && !ucode_load_same) {
 		ret = UCODE_OK;
 		goto out;
 	}
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index eb2caa74de01..632c7a1fcffb 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -23,6 +23,7 @@
 #include <linux/miscdevice.h>
 #include <linux/capability.h>
 #include <linux/firmware.h>
+#include <linux/debugfs.h>
 #include <linux/kernel.h>
 #include <linux/delay.h>
 #include <linux/mutex.h>
@@ -46,6 +47,7 @@
 
 static struct microcode_ops	*microcode_ops;
 static bool dis_ucode_ldr = true;
+bool ucode_load_same;
 
 bool initrd_gone;
 
@@ -542,11 +544,12 @@ static int __reload_late(void *info)
 		goto wait_for_siblings;
 	}
 
-	if (err >= UCODE_NFOUND) {
-		if (err == UCODE_ERROR)
+	if (ret || err >= UCODE_NFOUND) {
+		if (err == UCODE_ERROR ||
+		    (err == UCODE_NFOUND && !ucode_load_same)) {
 			pr_warn("Error reloading microcode on CPU %d\n", cpu);
-
-		ret = -1;
+			ret = -1;
+		}
 	}
 
 wait_for_siblings:
@@ -636,9 +639,12 @@ static ssize_t reload_store(struct device *dev,
 	}
 
 	tmp_ret = microcode_ops->request_microcode_fw(bsp, &microcode_pdev->dev, true);
-	if (tmp_ret != UCODE_NEW)
+	if (tmp_ret != UCODE_NEW && !ucode_load_same)
 		goto put;
 
+	if (tmp_ret != UCODE_NEW)
+		pr_info("Force loading ucode\n");
+
 	mutex_lock(&microcode_mutex);
 	ret = microcode_reload_late();
 	mutex_unlock(&microcode_mutex);
@@ -841,6 +847,7 @@ static const struct attribute_group cpu_root_microcode_group = {
 static int __init microcode_init(void)
 {
 	struct cpuinfo_x86 *c = &boot_cpu_data;
+	static struct dentry *dentry_ucode;
 	int error;
 
 	if (dis_ucode_ldr)
@@ -884,7 +891,12 @@ static int __init microcode_init(void)
 	cpuhp_setup_state_nocalls(CPUHP_AP_ONLINE_DYN, "x86/microcode:online",
 				  mc_cpu_online, mc_cpu_down_prep);
 
+	dentry_ucode = debugfs_create_dir("microcode", NULL);
+	debugfs_create_bool("load_same", 0644, dentry_ucode, &ucode_load_same);
+
 	pr_info("Microcode Update Driver: v%s.", DRIVER_VERSION);
+	pr_info("ucode_load_same is %s\n",
+		ucode_load_same ? "enabled" : "disabled");
 
 	return 0;
 
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index c61aa661ac2f..c9f1e6f5e53b 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -763,7 +763,7 @@ static enum ucode_state apply_microcode_intel(int cpu)
 	 * already.
 	 */
 	rev = intel_get_microcode_revision();
-	if (rev >= mc->hdr.rev) {
+	if (rev >= mc->hdr.rev && !ucode_load_same) {
 		ret = UCODE_OK;
 		goto out;
 	}
@@ -779,7 +779,7 @@ static enum ucode_state apply_microcode_intel(int cpu)
 		return UCODE_ERROR;
 	}
 
-	if (bsp && rev != prev_rev) {
+	if (bsp && (rev != prev_rev || ucode_load_same)) {
 		pr_info("updated to revision 0x%x, date = %04x-%02x-%02x\n",
 			rev,
 			mc->hdr.date & 0xffff,