Introduce --force option to xen-ucode to force skipping microcode version check, which
allows the user to update x86 microcode even if both versions are the same or downgrade.
xc_microcode_update() refactored to accept flags and utilize xenpf_microcode_update2.
Signed-off-by: Fouad Hilly <fouad.hilly@cloud.com>
---
[4]
1- Add --force to xen-ucode options.
2- Update xc_microcode_update() to accept and handle flags.
---
tools/include/xenctrl.h | 3 ++-
tools/libs/ctrl/xc_misc.c | 12 +++++++-----
tools/misc/xen-ucode.c | 14 +++++++++++---
3 files changed, 20 insertions(+), 9 deletions(-)
diff --git a/tools/include/xenctrl.h b/tools/include/xenctrl.h
index 499685594427..7fb409bc6dc4 100644
--- a/tools/include/xenctrl.h
+++ b/tools/include/xenctrl.h
@@ -1171,7 +1171,8 @@ typedef uint32_t xc_node_to_node_dist_t;
int xc_physinfo(xc_interface *xch, xc_physinfo_t *info);
int xc_cputopoinfo(xc_interface *xch, unsigned *max_cpus,
xc_cputopo_t *cputopo);
-int xc_microcode_update(xc_interface *xch, const void *buf, size_t len);
+int xc_microcode_update(xc_interface *xch, const void *buf,
+ size_t len, unsigned int flags);
int xc_get_cpu_version(xc_interface *xch, struct xenpf_pcpu_version *cpu_ver);
int xc_get_ucode_revision(xc_interface *xch,
struct xenpf_ucode_revision *ucode_rev);
diff --git a/tools/libs/ctrl/xc_misc.c b/tools/libs/ctrl/xc_misc.c
index 50282fd60dcc..6a60216bda03 100644
--- a/tools/libs/ctrl/xc_misc.c
+++ b/tools/libs/ctrl/xc_misc.c
@@ -203,11 +203,12 @@ int xc_physinfo(xc_interface *xch,
return 0;
}
-int xc_microcode_update(xc_interface *xch, const void *buf, size_t len)
+int xc_microcode_update(xc_interface *xch, const void *buf,
+ size_t len, unsigned int flags)
{
int ret;
struct xen_platform_op platform_op = {};
- DECLARE_HYPERCALL_BUFFER(struct xenpf_microcode_update, uc);
+ DECLARE_HYPERCALL_BUFFER(struct xenpf_microcode_update2, uc);
uc = xc_hypercall_buffer_alloc(xch, uc, len);
if ( uc == NULL )
@@ -215,9 +216,10 @@ int xc_microcode_update(xc_interface *xch, const void *buf, size_t len)
memcpy(uc, buf, len);
- platform_op.cmd = XENPF_microcode_update;
- platform_op.u.microcode.length = len;
- set_xen_guest_handle(platform_op.u.microcode.data, uc);
+ platform_op.cmd = XENPF_microcode_update2;
+ platform_op.u.microcode2.length = len;
+ platform_op.u.microcode2.flags = flags;
+ set_xen_guest_handle(platform_op.u.microcode2.data, uc);
ret = do_platform_op(xch, &platform_op);
diff --git a/tools/misc/xen-ucode.c b/tools/misc/xen-ucode.c
index 6f9dd2a7e431..b878edf2399a 100644
--- a/tools/misc/xen-ucode.c
+++ b/tools/misc/xen-ucode.c
@@ -13,6 +13,8 @@
#include <xenctrl.h>
#include <getopt.h>
+#include <xen/platform.h>
+
static xc_interface *xch;
static const char intel_id[] = "GenuineIntel";
@@ -24,7 +26,8 @@ static void usage(FILE *stream, const char *name)
"Usage: %s [microcode file] [options]\n"
"options:\n"
" -h, --help display this help and exit\n"
- " -s, --show-cpu-info show CPU information and exit\n",
+ " -s, --show-cpu-info show CPU information and exit\n"
+ " -f, --force force to skip microcode version check\n",
name, name);
}
@@ -89,10 +92,12 @@ int main(int argc, char *argv[])
size_t len;
struct stat st;
int opt;
+ uint32_t ucode_flags = 0;
static const struct option options[] = {
{"help", no_argument, NULL, 'h'},
{"show-cpu-info", no_argument, NULL, 's'},
+ {"force", no_argument, NULL, 'f'},
{NULL, no_argument, NULL, 0}
};
@@ -104,7 +109,7 @@ int main(int argc, char *argv[])
exit(1);
}
- while ( (opt = getopt_long(argc, argv, "hs", options, NULL)) != -1 )
+ while ( (opt = getopt_long(argc, argv, "hsf", options, NULL)) != -1 )
{
switch (opt)
{
@@ -114,6 +119,9 @@ int main(int argc, char *argv[])
case 's':
show_curr_cpu(stdout);
exit(EXIT_SUCCESS);
+ case 'f':
+ ucode_flags = XENPF_UCODE_FORCE;
+ break;
default:
goto ext_err;
}
@@ -147,7 +155,7 @@ int main(int argc, char *argv[])
}
errno = 0;
- ret = xc_microcode_update(xch, buf, len);
+ ret = xc_microcode_update(xch, buf, len, ucode_flags);
if ( ret == -1 && errno == EEXIST )
printf("Microcode already up to date\n");
else if ( ret )
--
2.42.0On 28/05/2024 4:29 pm, Fouad Hilly wrote: > Introduce --force option to xen-ucode to force skipping microcode version check, which > allows the user to update x86 microcode even if both versions are the same or downgrade. > xc_microcode_update() refactored to accept flags and utilize xenpf_microcode_update2. > > Signed-off-by: Fouad Hilly <fouad.hilly@cloud.com> I think it would be better to stop the subject at "... to xen-ucode". The commit message itself covers what has changed. > diff --git a/tools/misc/xen-ucode.c b/tools/misc/xen-ucode.c > index 6f9dd2a7e431..b878edf2399a 100644 > --- a/tools/misc/xen-ucode.c > +++ b/tools/misc/xen-ucode.c > @@ -13,6 +13,8 @@ > #include <xenctrl.h> > #include <getopt.h> > > +#include <xen/platform.h> > + > static xc_interface *xch; > > static const char intel_id[] = "GenuineIntel"; > @@ -24,7 +26,8 @@ static void usage(FILE *stream, const char *name) > "Usage: %s [microcode file] [options]\n" > "options:\n" > " -h, --help display this help and exit\n" > - " -s, --show-cpu-info show CPU information and exit\n", > + " -s, --show-cpu-info show CPU information and exit\n" > + " -f, --force force to skip microcode version check\n", I'd phrase this as "skip certain checks; do not use unless you know exactly what you are doing" which makes it very clear that people get to keep all pieces if they try this. Otherwise (and subject to the style cleanup in the previous patch), Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
© 2016 - 2024 Red Hat, Inc.