From nobody Fri May  3 01:44:54 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	dmarc=pass(p=reject dis=none)  header.from=citrix.com
ARC-Seal: i=1; a=rsa-sha256; t=1603733170; cv=none;
	d=zohomail.com; s=zohoarc;
	b=nRKYc7/I0nt7x66AqHmjAQ45lHcQF70/H7a16okT2CNlPRheEhcIQnI1+4xb+Dr35SCQ5qsPnExNFhMpb8Wvexak3r/lAfy+vDv4AH75hFLakNIjHmhpqEuFyQ2qonYE2k8Lx8KdO0w0Aud5uW3CvoP9MV7yJzCKDk7jb7nAjws=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1603733170;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=nZEoyuNvEwg5ZMkmXQt0WevOzXEow84+nepf73YrTL4=;
	b=KKIrRGLqjgD5Xg74rJaF0ramnvNoQbSNLxl3XVEf2t4aWTusrh0VjTYrK41uNBEu9o8+53XFHq7asapZqKcsg+w3ioHskj7mF5FDOpo3R2kSPCec3UFS15s02O7OR5lgkKp5kkyE6UYpIcWuEL4+HBTnlvJQn98MuifEJc/YwnY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	dmarc=pass header.from=<andrew.cooper3@citrix.com> (p=reject dis=none)
 header.from=<andrew.cooper3@citrix.com>
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 1603733170782896.1495123145776;
 Mon, 26 Oct 2020 10:26:10 -0700 (PDT)
Received: from list by lists.xenproject.org with outflank-mailman.12499.32546
 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1kX6Fi-0004Nj-P0; Mon, 26 Oct 2020 17:25:50 +0000
Received: by outflank-mailman (output) from mailman id 12499.32546;
 Mon, 26 Oct 2020 17:25:50 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1kX6Fi-0004Nc-KQ; Mon, 26 Oct 2020 17:25:50 +0000
Received: by outflank-mailman (input) for mailman id 12499;
 Mon, 26 Oct 2020 17:25:49 +0000
Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]
 helo=us1-amaz-eas2.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=Dsar=EB=citrix.com=andrew.cooper3@srs-us1.protection.inumbo.net>)
 id 1kX6Fh-0004NA-MW
 for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 17:25:49 +0000
Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142])
 by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS
 id 59c0ae4d-2f47-4978-a159-0144a4da89a4;
 Mon, 26 Oct 2020 17:25:47 +0000 (UTC)
Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]
 helo=us1-amaz-eas2.inumbo.com)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from
 <SRS0=Dsar=EB=citrix.com=andrew.cooper3@srs-us1.protection.inumbo.net>)
	id 1kX6Fh-0004NA-MW
	for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 17:25:49 +0000
Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142])
	by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS
	id 59c0ae4d-2f47-4978-a159-0144a4da89a4;
	Mon, 26 Oct 2020 17:25:47 +0000 (UTC)
X-Outflank-Mailman: Message body and most headers restored to incoming version
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 59c0ae4d-2f47-4978-a159-0144a4da89a4
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=citrix.com; s=securemail; t=1603733147;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=pP9bPZd+ynQusPsRE1lR+uMStanSY8oC7KNbBWD1tII=;
  b=Uh4dyZYiCXoJg+b8OAn2ERcRImgIT943j+YsjVwht5EEnUGWA1DYN5Fq
   ORm4OGBqorTF+cD6gQicvosBbz3IeRwhKj8HrYqA+CCa2TCdPe5SKzGj8
   KGVEleTIC3wz2v/Wiv9v30sx2DT/DqNS4cfGRvF3ookQPRYzeWtaVR7c2
   M=;
Authentication-Results: esa1.hc3370-68.iphmx.com;
 dkim=none (message not signed) header.i=none
IronPort-SDR: 
 RUsuTg5n0SgumsZ62WO1pyNzSxgWv6VSNF0gBpmjjULpYbEvVn0fhZLozwiYoFH6OzFQjnPU+q
 c8PW/1DYgS8JEo08Q80+Ihob7HfZv9aJ12MqIIACSav2MbERYXFyUHaMCZXVwowpFxQtqcLGMn
 yqKiT0eC/NVTl3V48LnvuzFZZbWSKa0QUG4YY5ifplRZpNtop2o+p/oxehzxuxyoUx6ww41xmJ
 0NZJbiBrPGfgyuP2EpMW9OZv3puioYDSuWRdH//cVaaKVEcGH3KwdQ38q9HrF33JbZZG1zgnZH
 tKE=
X-SBRS: None
X-MesageID: 30138949
X-Ironport-Server: esa1.hc3370-68.iphmx.com
X-Remote-IP: 162.221.158.21
X-Policy: $RELAYED
X-IronPort-AV: E=Sophos;i="5.77,420,1596513600";
   d="scan'208";a="30138949"
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
CC: Andrew Cooper <andrew.cooper3@citrix.com>, Jan Beulich
	<JBeulich@suse.com>, =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?=
	<roger.pau@citrix.com>, Wei Liu <wl@xen.org>, Juergen Gross
	<jgross@suse.com>, Igor Druzhinin <igor.druzhinin@citrix.com>
Subject: [PATCH 1/3] x86/ucode: Break out compare_revisions() from existing
 infrastructure
Date: Mon, 26 Oct 2020 17:25:17 +0000
Message-ID: <20201026172519.17881-2-andrew.cooper3@citrix.com>
X-Mailer: git-send-email 2.11.0
In-Reply-To: <20201026172519.17881-1-andrew.cooper3@citrix.com>
References: <20201026172519.17881-1-andrew.cooper3@citrix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @citrix.com)

Drop some unnecesserily verbose pr_debug()'s on the AMD side.

No functional change.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monn=C3=A9 <roger.pau@citrix.com>
CC: Wei Liu <wl@xen.org>
CC: Juergen Gross <jgross@suse.com>
CC: Igor Druzhinin <igor.druzhinin@citrix.com>
---
 xen/arch/x86/cpu/microcode/amd.c   | 22 +++++++++++-----------
 xen/arch/x86/cpu/microcode/intel.c | 15 ++++++++++++---
 2 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/xen/arch/x86/cpu/microcode/amd.c b/xen/arch/x86/cpu/microcode/=
amd.c
index e80f7cd3e4..7d2f57c4cb 100644
--- a/xen/arch/x86/cpu/microcode/amd.c
+++ b/xen/arch/x86/cpu/microcode/amd.c
@@ -168,6 +168,15 @@ static bool check_final_patch_levels(const struct cpu_=
signature *sig)
     return false;
 }
=20
+static enum microcode_match_result compare_revisions(
+    uint32_t old_rev, uint32_t new_rev)
+{
+    if ( new_rev > old_rev )
+        return NEW_UCODE;
+
+    return OLD_UCODE;
+}
+
 static enum microcode_match_result microcode_fits(
     const struct microcode_patch *patch)
 {
@@ -178,16 +187,7 @@ static enum microcode_match_result microcode_fits(
          equiv.id  !=3D patch->processor_rev_id )
         return MIS_UCODE;
=20
-    if ( patch->patch_id <=3D sig->rev )
-    {
-        pr_debug("microcode: patch is already at required level or greater=
.\n");
-        return OLD_UCODE;
-    }
-
-    pr_debug("microcode: CPU%d found a matching microcode update with vers=
ion %#x (current=3D%#x)\n",
-             cpu, patch->patch_id, sig->rev);
-
-    return NEW_UCODE;
+    return compare_revisions(sig->rev, patch->patch_id);
 }
=20
 static enum microcode_match_result compare_header(
@@ -196,7 +196,7 @@ static enum microcode_match_result compare_header(
     if ( new->processor_rev_id !=3D old->processor_rev_id )
         return MIS_UCODE;
=20
-    return new->patch_id > old->patch_id ? NEW_UCODE : OLD_UCODE;
+    return compare_revisions(old->patch_id, new->patch_id);
 }
=20
 static enum microcode_match_result compare_patch(
diff --git a/xen/arch/x86/cpu/microcode/intel.c b/xen/arch/x86/cpu/microcod=
e/intel.c
index 72c07fcd1d..e1ccb5d232 100644
--- a/xen/arch/x86/cpu/microcode/intel.c
+++ b/xen/arch/x86/cpu/microcode/intel.c
@@ -222,6 +222,15 @@ static int microcode_sanity_check(const struct microco=
de_patch *patch)
     return 0;
 }
=20
+static enum microcode_match_result compare_revisions(
+    uint32_t old_rev, uint32_t new_rev)
+{
+    if ( new_rev > old_rev )
+        return NEW_UCODE;
+
+    return OLD_UCODE;
+}
+
 /* Check an update against the CPU signature and current update revision */
 static enum microcode_match_result microcode_update_match(
     const struct microcode_patch *mc)
@@ -245,7 +254,7 @@ static enum microcode_match_result microcode_update_mat=
ch(
     return MIS_UCODE;
=20
  found:
-    return mc->rev > cpu_sig->rev ? NEW_UCODE : OLD_UCODE;
+    return compare_revisions(cpu_sig->rev, mc->rev);
 }
=20
 static enum microcode_match_result compare_patch(
@@ -258,7 +267,7 @@ static enum microcode_match_result compare_patch(
     ASSERT(microcode_update_match(old) !=3D MIS_UCODE);
     ASSERT(microcode_update_match(new) !=3D MIS_UCODE);
=20
-    return new->rev > old->rev ? NEW_UCODE : OLD_UCODE;
+    return compare_revisions(old->rev, new->rev);
 }
=20
 static int apply_microcode(const struct microcode_patch *patch)
@@ -332,7 +341,7 @@ static struct microcode_patch *cpu_request_microcode(co=
nst void *buf,
          * one with higher revision.
          */
         if ( (microcode_update_match(mc) !=3D MIS_UCODE) &&
-             (!saved || (mc->rev > saved->rev)) )
+             (!saved || compare_revisions(saved->rev, mc->rev) =3D=3D NEW_=
UCODE) )
             saved =3D mc;
=20
         buf  +=3D blob_size;
--=20
2.11.0


From nobody Fri May  3 01:44:54 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	dmarc=pass(p=reject dis=none)  header.from=citrix.com
ARC-Seal: i=1; a=rsa-sha256; t=1603733170; cv=none;
	d=zohomail.com; s=zohoarc;
	b=XuC5gTrMIcww1g6S8pZFItUUJooXoKi/aS82Dr1qeULMS2B/dnSsVRqOCdnuG0YQ/31IxOe5qmQlGwAiyXxlwtUEWmgNkdZ+PZl7BDbR+Gq12xU7K0eGtJHc5FNqTcEJkg23gDLHfNpWw8mCL3tLRF+qG/LlAzpepzHHVvRO7zM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1603733170;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=lMGDo2tWGmCcW66JTmswfaXrfGYgSEz1+dtFVx6vTGc=;
	b=atFWvpYdAe26WiCwwNDNcAEGLofGP9ft43BK+r0Nlb/OT5eceqpqvzSxINXkluK4jEmvBg45GmB67Ekpl+hOTGl1PJ0boZTX7+HQZiDLhTDI15cJLFhlZ1lWUHIQZ90Kt7TCSppu/7FFjk1LoUo0rsN+3M7HQBB/kvRtbtT58PM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	dmarc=pass header.from=<andrew.cooper3@citrix.com> (p=reject dis=none)
 header.from=<andrew.cooper3@citrix.com>
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 1603733170887353.30430922654637;
 Mon, 26 Oct 2020 10:26:10 -0700 (PDT)
Received: from list by lists.xenproject.org with outflank-mailman.12500.32558
 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1kX6Fn-0004Qt-1d; Mon, 26 Oct 2020 17:25:55 +0000
Received: by outflank-mailman (output) from mailman id 12500.32558;
 Mon, 26 Oct 2020 17:25:55 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1kX6Fm-0004Ql-TS; Mon, 26 Oct 2020 17:25:54 +0000
Received: by outflank-mailman (input) for mailman id 12500;
 Mon, 26 Oct 2020 17:25:54 +0000
Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]
 helo=us1-amaz-eas2.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=Dsar=EB=citrix.com=andrew.cooper3@srs-us1.protection.inumbo.net>)
 id 1kX6Fm-0004NA-8Z
 for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 17:25:54 +0000
Received: from esa6.hc3370-68.iphmx.com (unknown [216.71.155.175])
 by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS
 id 392e3e4d-20cc-4b4b-9c39-092efdd340f3;
 Mon, 26 Oct 2020 17:25:48 +0000 (UTC)
Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]
 helo=us1-amaz-eas2.inumbo.com)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from
 <SRS0=Dsar=EB=citrix.com=andrew.cooper3@srs-us1.protection.inumbo.net>)
	id 1kX6Fm-0004NA-8Z
	for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 17:25:54 +0000
Received: from esa6.hc3370-68.iphmx.com (unknown [216.71.155.175])
	by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS
	id 392e3e4d-20cc-4b4b-9c39-092efdd340f3;
	Mon, 26 Oct 2020 17:25:48 +0000 (UTC)
X-Outflank-Mailman: Message body and most headers restored to incoming version
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 392e3e4d-20cc-4b4b-9c39-092efdd340f3
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=citrix.com; s=securemail; t=1603733148;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=N4NLiVkpafLkQts7MJNqLznQ4pqesNjOindufP348ms=;
  b=RnPdwy9AUT3oMlWbDGsL5uhgMgtRPT6DpYUGHaropY2CMf45K0Nw+hNE
   NTZYgQO2ErwzMvRtkzVW+8Q+jZ3cl0yr4u3NjzgwsiX9k3mo9BqNVtwOa
   lIRR9szV+INyR3QZxLT4XdelX+yFPyjFFMAPiItd3bfl0IEDVB9a856sq
   Y=;
Authentication-Results: esa6.hc3370-68.iphmx.com;
 dkim=none (message not signed) header.i=none
IronPort-SDR: 
 J99NVkgohU6w6HUzF9IbgBNlOWf42KScqzdOM8z/aI5qBup5FpJUuPGBNhU1t3/xRr6hft6CKk
 b19A6S88I6fttt4FHelpS8ers3deLh7BYL144+Up3wDy410uT1yP1NyX8JbkaIJxOm2HVTdyw2
 /Kxtp5OjDt1qM3OccRqE2xWszu6ObMx9neDN141JPTbN7YiENKXCHUQD5ghg+wjK19eX0W3+hP
 DOfUvbLVEzwqDwzcjWj4Ec/GlsB4m9zOs8LbN+JlFo7yuhXbnYlP7Xdf5h7xsYsmMkj+rn1YDd
 rjc=
X-SBRS: None
X-MesageID: 30048907
X-Ironport-Server: esa6.hc3370-68.iphmx.com
X-Remote-IP: 162.221.158.21
X-Policy: $RELAYED
X-IronPort-AV: E=Sophos;i="5.77,420,1596513600";
   d="scan'208";a="30048907"
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
CC: Andrew Cooper <andrew.cooper3@citrix.com>, Jan Beulich
	<JBeulich@suse.com>, =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?=
	<roger.pau@citrix.com>, Wei Liu <wl@xen.org>, Juergen Gross
	<jgross@suse.com>, Igor Druzhinin <igor.druzhinin@citrix.com>
Subject: [PATCH 2/3] x86/ucode/intel: Fix handling of microcode revision
Date: Mon, 26 Oct 2020 17:25:18 +0000
Message-ID: <20201026172519.17881-3-andrew.cooper3@citrix.com>
X-Mailer: git-send-email 2.11.0
In-Reply-To: <20201026172519.17881-1-andrew.cooper3@citrix.com>
References: <20201026172519.17881-1-andrew.cooper3@citrix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @citrix.com)

For Intel microcodes, the revision field is signed (as documented in the SD=
M)
and negative revisions are used for pre-production/test microcode (not
documented publicly anywhere I can spot).

Adjust the revision checking to match the algorithm presented here:

  https://software.intel.com/security-software-guidance/best-practices/micr=
ocode-update-guidance

This treats pre-production microcode as always applicable, but also product=
ion
microcode having higher precident than pre-production.  It is expected that
anyone using pre-production microcode knows what they are doing.

This is necessary to load production microcode on an SDP with pre-production
microcode embedded in firmware.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monn=C3=A9 <roger.pau@citrix.com>
CC: Wei Liu <wl@xen.org>
CC: Juergen Gross <jgross@suse.com>
CC: Igor Druzhinin <igor.druzhinin@citrix.com>

"signed" is somewhat of a problem.  The actual numbers only make sense as
sign-magnitude, and not as twos-compliement, which is why the rule is "any
debug microcode goes".

The actual upgrade/downgrade rules are quite complicated, but in general, a=
ny
change is permitted so long as the Security Version Number (embedded inside
the patch) doesn't go backwards.

---
 xen/arch/x86/cpu/microcode/intel.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/cpu/microcode/intel.c b/xen/arch/x86/cpu/microcod=
e/intel.c
index e1ccb5d232..5fa2821cdb 100644
--- a/xen/arch/x86/cpu/microcode/intel.c
+++ b/xen/arch/x86/cpu/microcode/intel.c
@@ -33,7 +33,7 @@
=20
 struct microcode_patch {
     uint32_t hdrver;
-    uint32_t rev;
+    int32_t rev;
     uint16_t year;
     uint8_t  day;
     uint8_t  month;
@@ -222,12 +222,23 @@ static int microcode_sanity_check(const struct microc=
ode_patch *patch)
     return 0;
 }
=20
+/*
+ * Production microcode has a positive revision.  Pre-production microcode=
 has
+ * a negative revision.
+ */
 static enum microcode_match_result compare_revisions(
-    uint32_t old_rev, uint32_t new_rev)
+    int32_t old_rev, int32_t new_rev)
 {
     if ( new_rev > old_rev )
         return NEW_UCODE;
=20
+    /*
+     * Treat pre-production as always applicable - anyone using pre-produc=
tion
+     * microcode knows what they are doing, and can keep any resulting pie=
ces.
+     */
+    if ( new_rev < 0 )
+        return NEW_UCODE;
+
     return OLD_UCODE;
 }
=20
--=20
2.11.0


From nobody Fri May  3 01:44:54 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	dmarc=pass(p=reject dis=none)  header.from=citrix.com
ARC-Seal: i=1; a=rsa-sha256; t=1603733181; cv=none;
	d=zohomail.com; s=zohoarc;
	b=mxmVEphOIVdqgUIHceSklS3u45WbDFOGR6AXUgUqrTzn83ETxiVZ6UDjn8ZBbWc5h6spV8qQTa/d1K+aURJTJM+HgtHLcCKSwpJGyGgmzsWhzTR7fhpcOrIOrEHJRGivv0Mh5tS6Qc9fASquAEkXjk+f63x7gwlCLQ7ZHJh2YRo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1603733181;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=FJUQVIeWaEg/8H5pA/X9X0se49dI/nMDR+ElA2rmJas=;
	b=l/wCgQJqgZy5fU5W3gYQnEWnuu72d5PMGly6efzzSXJ862rgTmyV/p6QthZvM1DmzOPGQ49/R38pGyFZqJ5qkwhpfQ/HZ8cjH9VqAbR5n8JnBGbJtZgoq6Uax7/154UtBNoV2ki8hQKeqSJnoJH8VGjAeEEnPg52ooQHz851GV0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	dmarc=pass header.from=<andrew.cooper3@citrix.com> (p=reject dis=none)
 header.from=<andrew.cooper3@citrix.com>
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 1603733181088167.08478496013174;
 Mon, 26 Oct 2020 10:26:21 -0700 (PDT)
Received: from list by lists.xenproject.org with outflank-mailman.12501.32570
 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1kX6Fr-0004Vs-F3; Mon, 26 Oct 2020 17:25:59 +0000
Received: by outflank-mailman (output) from mailman id 12501.32570;
 Mon, 26 Oct 2020 17:25:59 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1kX6Fr-0004Vh-BI; Mon, 26 Oct 2020 17:25:59 +0000
Received: by outflank-mailman (input) for mailman id 12501;
 Mon, 26 Oct 2020 17:25:57 +0000
Received: from us1-rack-iad1.inumbo.com ([172.99.69.81])
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=Dsar=EB=citrix.com=andrew.cooper3@srs-us1.protection.inumbo.net>)
 id 1kX6Fp-0004UI-R8
 for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 17:25:57 +0000
Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142])
 by us1-rack-iad1.inumbo.com (Halon) with ESMTPS
 id ba839629-3739-46e5-9838-5a6827041efd;
 Mon, 26 Oct 2020 17:25:56 +0000 (UTC)
Received: from us1-rack-iad1.inumbo.com ([172.99.69.81])
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from
 <SRS0=Dsar=EB=citrix.com=andrew.cooper3@srs-us1.protection.inumbo.net>)
	id 1kX6Fp-0004UI-R8
	for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 17:25:57 +0000
Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142])
	by us1-rack-iad1.inumbo.com (Halon) with ESMTPS
	id ba839629-3739-46e5-9838-5a6827041efd;
	Mon, 26 Oct 2020 17:25:56 +0000 (UTC)
X-Outflank-Mailman: Message body and most headers restored to incoming version
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: ba839629-3739-46e5-9838-5a6827041efd
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=citrix.com; s=securemail; t=1603733156;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=nO7Qr7V6r7ZHR8K0sMdn1GJ/DwtEeYhxjW4WWT4T3NU=;
  b=heZv7/3TLNmlMc2Pveatv6cAyO7ECJrenlRTBs0UuXo00kNAnQ6HJebA
   8iGaitDKMBCehtrJ10xvcTaRDsxXpLtbJCvH8OMo3xPr9r0bB5/+sLJyd
   FpY/0+zD23gKyQV9dKRUFg1HVJTRn0ewRkOgHwTIDtK02NSgdkRlOx0m0
   U=;
Authentication-Results: esa1.hc3370-68.iphmx.com;
 dkim=none (message not signed) header.i=none
IronPort-SDR: 
 lGVp5LQRwa7XhBUO7HSZMpI7+PjUyiPEgfU6FBq5AXzG3dTwVyujYJUgr0FBZTd/dBKNFBeJ2b
 NSe4YHuqS6BvwKY4aoXBiBuSaSNQtccJ/EAEHMpg9OQdxS1XYF6Pa3/PIoS/cuF2IiV7ugkLLU
 jkdVev3TaAlU6sPZpfGVXXZ8SsFiq35j3srlovjqsbJfPOuDA2KaiyZEPuf6XdiHSbOVykd3SZ
 yePPIoxUAr8I6m+Mu2u/YfuLZ/Q3Gj5J8DVbxpLJfkWkhhFa4eSH/imZ32/GnyQMGvA11aUSmb
 JSg=
X-SBRS: None
X-MesageID: 30138966
X-Ironport-Server: esa1.hc3370-68.iphmx.com
X-Remote-IP: 162.221.158.21
X-Policy: $RELAYED
X-IronPort-AV: E=Sophos;i="5.77,420,1596513600";
   d="scan'208";a="30138966"
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
CC: Andrew Cooper <andrew.cooper3@citrix.com>, Jan Beulich
	<JBeulich@suse.com>, =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?=
	<roger.pau@citrix.com>, Wei Liu <wl@xen.org>, Juergen Gross
	<jgross@suse.com>, Igor Druzhinin <igor.druzhinin@citrix.com>
Subject: [PATCH 3/3] x86/ucode: Introduce ucode=allow-same for testing
 purposes
Date: Mon, 26 Oct 2020 17:25:19 +0000
Message-ID: <20201026172519.17881-4-andrew.cooper3@citrix.com>
X-Mailer: git-send-email 2.11.0
In-Reply-To: <20201026172519.17881-1-andrew.cooper3@citrix.com>
References: <20201026172519.17881-1-andrew.cooper3@citrix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @citrix.com)

Many CPUs will actually reload microcode when offered the same version as
currently loaded.  This allows for easy testing of the late microcode loadi=
ng
path.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monn=C3=A9 <roger.pau@citrix.com>
CC: Wei Liu <wl@xen.org>
CC: Juergen Gross <jgross@suse.com>
CC: Igor Druzhinin <igor.druzhinin@citrix.com>

I was hoping to make this a runtime parameter, but I honestly can't figure =
out
the new HYPFS-only infrastructure is supposed to work.
---
 docs/misc/xen-command-line.pandoc    | 7 ++++++-
 xen/arch/x86/cpu/microcode/amd.c     | 3 +++
 xen/arch/x86/cpu/microcode/core.c    | 4 ++++
 xen/arch/x86/cpu/microcode/intel.c   | 3 +++
 xen/arch/x86/cpu/microcode/private.h | 2 ++
 5 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line=
.pandoc
index 4ae9391fcd..97b1cc67a4 100644
--- a/docs/misc/xen-command-line.pandoc
+++ b/docs/misc/xen-command-line.pandoc
@@ -2216,7 +2216,7 @@ logic applies:
    active by default.
=20
 ### ucode
-> `=3D List of [ <integer> | scan=3D<bool>, nmi=3D<bool> ]`
+> `=3D List of [ <integer> | scan=3D<bool>, nmi=3D<bool>, allow-same=3D<bo=
ol> ]`
=20
     Applicability: x86
     Default: `nmi`
@@ -2248,6 +2248,11 @@ precedence over `scan`.
 stop_machine context. In NMI handler, even NMIs are blocked, which is
 considered safer. The default value is `true`.
=20
+'allow-same' alters the default acceptance policy for new microcode to per=
mit
+trying to reload the same version.  Many CPUs will actually reload microco=
de
+of the same version, and this allows for easily testing of the late microc=
ode
+loading path.
+
 ### unrestricted_guest (Intel)
 > `=3D <boolean>`
=20
diff --git a/xen/arch/x86/cpu/microcode/amd.c b/xen/arch/x86/cpu/microcode/=
amd.c
index 7d2f57c4cb..5255028af7 100644
--- a/xen/arch/x86/cpu/microcode/amd.c
+++ b/xen/arch/x86/cpu/microcode/amd.c
@@ -174,6 +174,9 @@ static enum microcode_match_result compare_revisions(
     if ( new_rev > old_rev )
         return NEW_UCODE;
=20
+    if ( opt_ucode_allow_same && new_rev =3D=3D old_rev )
+        return NEW_UCODE;
+
     return OLD_UCODE;
 }
=20
diff --git a/xen/arch/x86/cpu/microcode/core.c b/xen/arch/x86/cpu/microcode=
/core.c
index 18ebc07b13..ac3ceb567c 100644
--- a/xen/arch/x86/cpu/microcode/core.c
+++ b/xen/arch/x86/cpu/microcode/core.c
@@ -95,6 +95,8 @@ static bool_t __initdata ucode_scan;
 /* By default, ucode loading is done in NMI handler */
 static bool ucode_in_nmi =3D true;
=20
+bool __read_mostly opt_ucode_allow_same;
+
 /* Protected by microcode_mutex */
 static struct microcode_patch *microcode_cache;
=20
@@ -121,6 +123,8 @@ static int __init parse_ucode(const char *s)
=20
         if ( (val =3D parse_boolean("nmi", s, ss)) >=3D 0 )
             ucode_in_nmi =3D val;
+        else if ( (val =3D parse_boolean("allow-same", s, ss)) >=3D 0 )
+            opt_ucode_allow_same =3D val;
         else if ( !ucode_mod_forced ) /* Not forced by EFI */
         {
             if ( (val =3D parse_boolean("scan", s, ss)) >=3D 0 )
diff --git a/xen/arch/x86/cpu/microcode/intel.c b/xen/arch/x86/cpu/microcod=
e/intel.c
index 5fa2821cdb..f6d01490e0 100644
--- a/xen/arch/x86/cpu/microcode/intel.c
+++ b/xen/arch/x86/cpu/microcode/intel.c
@@ -232,6 +232,9 @@ static enum microcode_match_result compare_revisions(
     if ( new_rev > old_rev )
         return NEW_UCODE;
=20
+    if ( opt_ucode_allow_same && new_rev =3D=3D old_rev )
+        return NEW_UCODE;
+
     /*
      * Treat pre-production as always applicable - anyone using pre-produc=
tion
      * microcode knows what they are doing, and can keep any resulting pie=
ces.
diff --git a/xen/arch/x86/cpu/microcode/private.h b/xen/arch/x86/cpu/microc=
ode/private.h
index 9a15cdc879..c085a10268 100644
--- a/xen/arch/x86/cpu/microcode/private.h
+++ b/xen/arch/x86/cpu/microcode/private.h
@@ -3,6 +3,8 @@
=20
 #include <asm/microcode.h>
=20
+extern bool opt_ucode_allow_same;
+
 enum microcode_match_result {
     OLD_UCODE, /* signature matched, but revision id is older or equal */
     NEW_UCODE, /* signature matched, but revision id is newer */
--=20
2.11.0