From nobody Tue Mar 3 03:07:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1771872679; cv=none; d=zohomail.com; s=zohoarc; b=L94Ajsarx9WTZ+qxXFrWiNUnXVGRXuBnugDrVoVI18eDq14ATB8SKoawOQcWsgsFFDrmNIJhCRkgIVoj43OLBTwQoJxYFzG8zXKviTN2oNBHsXJKN4HtEpv1P5fZTNhi0wuRNcjvw5KnzA7YR1SDUlqkchdfW4AjLlPSYzCAaE4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1771872679; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=HBMCNSa4a+AReIUFX7/nPT/pd9bL8KLMQ3ahjP9iaXY=; b=NaGTslBQ5KZ3HEHnDEyd1A5GH0Vsew7zBHwQthQw84uN+anmfmVO3hL4G/CdaCqe6NRmwV8gSPZqJqaoZJNViqTK6p+QPz5hK53l7aoiSjo2Lho38Ab57oHPGlLLpNiOdzt0pjQa9tfFpxqJgIFENBK9WvLGGi/XuEmwZ8FqcME= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 177187267918664.14153433526224; Mon, 23 Feb 2026 10:51:19 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.1239324.1540757 (Exim 4.92) (envelope-from ) id 1vub1I-0003Ax-Ht; Mon, 23 Feb 2026 18:51:00 +0000 Received: by outflank-mailman (output) from mailman id 1239324.1540757; Mon, 23 Feb 2026 18:51:00 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vub1I-0003Aq-Ds; Mon, 23 Feb 2026 18:51:00 +0000 Received: by outflank-mailman (input) for mailman id 1239324; Mon, 23 Feb 2026 18:50:59 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vub1H-0003Ah-6x for xen-devel@lists.xenproject.org; Mon, 23 Feb 2026 18:50:59 +0000 Received: from mail-wm1-x342.google.com (mail-wm1-x342.google.com [2a00:1450:4864:20::342]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 96603993-10e8-11f1-9ccf-f158ae23cfc8; Mon, 23 Feb 2026 19:50:56 +0100 (CET) Received: by mail-wm1-x342.google.com with SMTP id 5b1f17b1804b1-483abed83b6so14918335e9.0 for ; Mon, 23 Feb 2026 10:50:56 -0800 (PST) Received: from localhost.localdomain (host-92-22-18-152.as13285.net. [92.22.18.152]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-483a31b3e0dsm437506635e9.1.2026.02.23.10.50.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Feb 2026 10:50:55 -0800 (PST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 96603993-10e8-11f1-9ccf-f158ae23cfc8 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.com; s=google; t=1771872656; x=1772477456; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=HBMCNSa4a+AReIUFX7/nPT/pd9bL8KLMQ3ahjP9iaXY=; b=ZSWr8bf3ri5vbzrfni0Vx4QZ2OJYFW6coBdf8TTM4mgK6robonPpcrLQ01njC9F5bO 2IhI2DAGxsCvauFPgqAKoKvsNR6x8Ht1XD9D1EwKokAC+2I31Gx92SsuV/+wmm66PA49 4hxE4/XziekCeK0WKxfYhHIbnDkzk+01NJX3A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771872656; x=1772477456; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=HBMCNSa4a+AReIUFX7/nPT/pd9bL8KLMQ3ahjP9iaXY=; b=foEL9fatO8ldDQjEVKoFFc7wOCzqMhiumpYXJtymUZ5BUp/k4vXMAngLWmKhQgV7TF prfkLwbGL9rERnjNl3Ij2AW5XBhkU2oLY83EVnpF3p80+k3CJZ6qKU7LlQJmdTBm5M8+ xbY6HxZGnFFLl8jzcwFpAQDjYDPR987/lZShaVPse9FhboaHJQs8gfWjyR6Zyc3LVgg3 pTj2yrc4h4FxbFnusEYlcTRR68tfzIHZDj9Ua2r2vyyyAGoaFHDoVPtBZIPBNQutJATa JZOjJk6bL0KkO0RkI8vfk5Mu2a4lULQKIfizO+r+YxOMbmDAyhJbrEByOGV/17Vtc9zi Igpw== X-Gm-Message-State: AOJu0YzQMldfm0dCwLmn2YrdPFbzrRYAYtzrNJGTlQBQa/7MnJKH6fxL ix/rwtfZU9PfgKXuzYJngYQFUQwc7a2A2TTVcDPLOK0eAeLXj7lg6dWahaN9/49rCD+sgVGg99p nUL0q7rzg443x X-Gm-Gg: AZuq6aLyZ/ZtbuJiGBRrwyMQM33aStc8cxGsjGj0dzMeu7xDzsnsM6KdRZXChUXu/Uv jlUZ9yBff1WjTeQB4TjQb6njiqYJp66hxZRTilTobiznVrnkfwupqEU7THN3sX8FyTC56OWZyVZ VcLQ0A+sZHn2nNr8beZ8WR/hpCHrsC5u6TGOvcBDhb09bYdBfEl2OnUmqEyxisIflceuMgasl65 ZSvwzlKaq1xKViK/1P+aqAVb+yCNGMJrUewWSEOSXC5OlySAfWjqA4WxAK4cl8nrQ9PCO7y7jnu IMrMYBxapvRTECsuQK1njXixuX0P2gErTztyMKyRfKA+jcLHZssLBR6wn8WJmczUe0DKwmbSVm/ 4tDrLf2CKAjOpv8YrcmmNC5/RBILbYjQnyj36AqjbsWKRP8NmDcobDO/f88U+F05DsMRlPXXmCV iSPGQTi7+9S1SwPXCWQD3kSesqv81oRieSPfDLgffL9/HCdRWtsFy0IBPHcU9sjYngXhBZgk0= X-Received: by 2002:a05:600c:46c9:b0:483:a21:774c with SMTP id 5b1f17b1804b1-483a95eab7cmr164231635e9.25.1771872655776; Mon, 23 Feb 2026 10:50:55 -0800 (PST) From: Andrew Cooper To: Xen-devel Cc: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Teddy Astie Subject: [PATCH] x86/ucode: Support discrete modules being CPIO archives Date: Mon, 23 Feb 2026 18:50:54 +0000 Message-Id: <20260223185054.3598305-1-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1771872681460158500 Multiple downstream distros have tried passing discrete CPIO archives and tripped over this not working. It turns out to be easy to support, so do s= o. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Teddy Astie v2: * Docs update too. * Set opt_scan in early_microcode_load() so microcode_init_cache() operates properly --- CHANGELOG.md | 1 + docs/misc/xen-command-line.pandoc | 19 ++++++++----------- xen/arch/x86/cpu/microcode/core.c | 20 +++++++++++++++++++- 3 files changed, 28 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 18f3d10f20d2..c191e504aba9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,7 @@ The format is based on [Keep a Changelog](https://keepach= angelog.com/en/1.0.0/) - Support for Bus Lock Threshold on AMD Zen5 and later CPUs, used by Xe= n to mitigate (by rate-limiting) the system wide impact of an HVM guest misusing atomic instructions. + - Support for CPIO microcode in discrete multiboot modules. =20 ### Removed - On x86: diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line= .pandoc index c1f2def9f99c..ebdca007d26b 100644 --- a/docs/misc/xen-command-line.pandoc +++ b/docs/misc/xen-command-line.pandoc @@ -2764,23 +2764,20 @@ Controls for CPU microcode loading, available when = `CONFIG_MICROCODE_LOADING` is enabled. =20 In order to load microcode at boot, Xen needs to find a suitable update -amongst the modules provided by the bootloader. Two kinds of microcode up= date -are supported: +amongst the modules provided by the bootloader. Two formats are supported: =20 1. Raw microcode containers. The format of the container is CPU vendor specific. =20 - 2. CPIO archive. This is Linux's preferred mechanism, and involves having - the raw containers expressed as files + 2. CPIO archive, which involves having the raw containers expressed as fi= les (e.g. `kernel/x86/microcode/{GenuineIntel,AuthenticAMD}.bin`) in a CPIO - archive, typically prepended to the initrd. + archive. Linux commonly prepends this to the initrd. =20 -The `` and `scan=3D` options are mutually exclusive and sel= ect -between these two options. Further restrictions exist for booting xen.efi -(see below). +The `` and `scan=3D` options are mutually exclusive and wor= k as +follows. Further restrictions exist for booting xen.efi (see below). =20 - * The `` option nominates a specific multiboot module as a raw - container (option 1 above). Valid options start from 1 (module 0 is + * The `` option nominates a specific multiboot module as contai= ning + microcode in either format. Valid options start from 1 (module 0 is always the dom0 kernel). A negative number may be used, and will back-reference from the end of the module list. i.e. `ucode=3D-1` will nominate the final multiboot module. @@ -2794,7 +2791,7 @@ When booting xen.efi natively, the concept of multibo= ot modules doesn't exist. Instead: =20 * In the [EFI configuration file](efi.html), `ucode=3D` can be= used - to identify a file as a raw container (option 1 above). Use of this + to identify a file as containing microcode in either format. Use of t= his mechanism will disable both `` and `scan=3D`. =20 * If `ucode=3D` in the EFI configuration file is not used, it = is diff --git a/xen/arch/x86/cpu/microcode/core.c b/xen/arch/x86/cpu/microcode= /core.c index ea0b35c4991d..9b8d1e09cb98 100644 --- a/xen/arch/x86/cpu/microcode/core.c +++ b/xen/arch/x86/cpu/microcode/core.c @@ -767,6 +767,7 @@ static int __init early_microcode_load(struct boot_info= *bi) void *data =3D NULL; size_t size; const struct microcode_patch *patch; + struct cpio_data cd; int idx =3D opt_mod_idx; int rc; =20 @@ -783,7 +784,6 @@ static int __init early_microcode_load(struct boot_info= *bi) for ( idx =3D 0; idx < bi->nr_modules; ++idx ) { const struct boot_module *bm =3D &bi->mods[idx]; - struct cpio_data cd; =20 /* Search anything unclaimed or likely to be a CPIO archive. */ if ( bm->kind !=3D BOOTMOD_UNKNOWN && bm->kind !=3D BOOTMOD_RA= MDISK ) @@ -851,6 +851,24 @@ static int __init early_microcode_load(struct boot_inf= o *bi) idx, size); return -ENODEV; } + + /* + * If this blob appears to be a CPIO archive, try interpreting it = as + * one. Otherwise treat it as a raw vendor blob. + */ + cd =3D find_cpio_data(ucode_ops.cpio_path, data, size); + if ( cd.data ) + { + data =3D cd.data; + size =3D cd.size; + + /* + * (Ab)use opt_scan to inform microcode_init_cache() that + * early_mod_idx refers to a CPIO archive. + */ + opt_scan =3D true; + } + goto found; } =20 base-commit: 5eb84d6c992cf4e81936872c441b649057947442 --=20 2.39.5