Under certain conditions a CPU may not be able to perform microcode updates
even if hardware exists to that effect. In particular:
* If Xen runs under certain hypervisors they won't allow microcode
updates, and will signal this fact by reporting a microcode revision of
-1.
* If the DIS_MCU_LOAD bit is set, which is expected in some baremetal
clouds where the owner may not trust the tenant, then the CPU is not
capable of loading new microcode.
This series adds logic so that in both of these cases we don't needlessly
attempt updates that are not going to succeed. Patch summary:
Patch 1 Introduces the logic to print the microcode revision if at all
possible
Patch 2 Ignores microcode facilities when the current microcode revision is -1
Patch 3 Moves the MSR_ARCH_CAPS read in tsx_init() to early_cpu_init() and
early_microcode_init()
Patch 4 Adds the logic to detect microcode updates being disabled on Intel.
Alejandro Vallejo (4):
x86/microcode: Allow reading microcode revision even if it can't be
updated
x86/microcode: Ignore microcode loading interface for revision = -1
x86: Read MSR_ARCH_CAPS immediately after early_microcode_init()
x86/microcode: Disable microcode update handler if DIS_MCU_UPDATE is
set
xen/arch/x86/cpu/common.c | 23 ++++++++++++------
xen/arch/x86/cpu/microcode/core.c | 35 ++++++++++++++++++++++-----
xen/arch/x86/cpu/microcode/intel.c | 13 ++++++++++
xen/arch/x86/cpu/microcode/private.h | 7 ++++++
xen/arch/x86/include/asm/cpufeature.h | 1 +
xen/arch/x86/include/asm/msr-index.h | 5 ++++
xen/arch/x86/setup.c | 2 +-
xen/arch/x86/tsx.c | 16 +++---------
8 files changed, 75 insertions(+), 27 deletions(-)
--
2.34.1