From nobody Thu May 7 16:16:41 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 02861C433F5 for ; Tue, 24 May 2022 18:53:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240466AbiEXSxp (ORCPT ); Tue, 24 May 2022 14:53:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43950 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234121AbiEXSxh (ORCPT ); Tue, 24 May 2022 14:53:37 -0400 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0B42D5798A for ; Tue, 24 May 2022 11:53:33 -0700 (PDT) Received: from zn.tnic (p200300ea974657c6329c23fffea6a903.dip0.t-ipconnect.de [IPv6:2003:ea:9746:57c6:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 2F3A81EC0575; Tue, 24 May 2022 20:53:31 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1653418411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=E+TdOuNjF7WGNyon6haxmg5aXIog4wU2LGWC4mw0n8U=; b=gOdg2FDcA1ocYGErgKcsb+hsuHS2UtGzvtyGVK9Kp5GhfbTFRStKRzfxxnffjz6/bhkfyp ThxCwOVpeSLO/bbpKclVZz7TDHGFNYK23DKprRFHT4PsrElbE64/naSN6hL298l6IXx8m6 Xq74X3wm+b6Wgltz+8Z+U1MTwe8JrAM= From: Borislav Petkov To: X86 ML Cc: LKML Subject: [RFC PATCH 1/3] x86/microcode: Rip out the OLD_INTERFACE Date: Tue, 24 May 2022 20:53:22 +0200 Message-Id: <20220524185324.28395-2-bp@alien8.de> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220524185324.28395-1-bp@alien8.de> References: <20220524185324.28395-1-bp@alien8.de> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Borislav Petkov Everything should be using the early initrd loading by now. Signed-off-by: Borislav Petkov --- arch/x86/Kconfig | 12 ---- arch/x86/kernel/cpu/microcode/core.c | 100 --------------------------- 2 files changed, 112 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 2e8f6fd28e59..1c0da2dbfb26 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1345,18 +1345,6 @@ config MICROCODE_AMD If you select this option, microcode patch loading support for AMD processors will be enabled. =20 -config MICROCODE_OLD_INTERFACE - bool "Ancient loading interface (DEPRECATED)" - default n - depends on MICROCODE - help - DO NOT USE THIS! This is the ancient /dev/cpu/microcode interface - which was used by userspace tools like iucode_tool and microcode.ctl. - It is inadequate because it runs too late to be able to properly - load microcode on a machine and it needs special tools. Instead, you - should've switched to the early loading method with the initrd or - builtin microcode by now: Documentation/x86/microcode.rst - config X86_MSR tristate "/dev/cpu/*/msr - Model-specific register support" help diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/mic= rocode/core.c index 239ff5fcec6a..b72c4134f289 100644 --- a/arch/x86/kernel/cpu/microcode/core.c +++ b/arch/x86/kernel/cpu/microcode/core.c @@ -373,98 +373,6 @@ static int apply_microcode_on_target(int cpu) return ret; } =20 -#ifdef CONFIG_MICROCODE_OLD_INTERFACE -static int do_microcode_update(const void __user *buf, size_t size) -{ - int error =3D 0; - int cpu; - - for_each_online_cpu(cpu) { - struct ucode_cpu_info *uci =3D ucode_cpu_info + cpu; - enum ucode_state ustate; - - if (!uci->valid) - continue; - - ustate =3D microcode_ops->request_microcode_user(cpu, buf, size); - if (ustate =3D=3D UCODE_ERROR) { - error =3D -1; - break; - } else if (ustate =3D=3D UCODE_NEW) { - apply_microcode_on_target(cpu); - } - } - - return error; -} - -static int microcode_open(struct inode *inode, struct file *file) -{ - return capable(CAP_SYS_RAWIO) ? stream_open(inode, file) : -EPERM; -} - -static ssize_t microcode_write(struct file *file, const char __user *buf, - size_t len, loff_t *ppos) -{ - ssize_t ret =3D -EINVAL; - unsigned long nr_pages =3D totalram_pages(); - - if ((len >> PAGE_SHIFT) > nr_pages) { - pr_err("too much data (max %ld pages)\n", nr_pages); - return ret; - } - - cpus_read_lock(); - mutex_lock(µcode_mutex); - - if (do_microcode_update(buf, len) =3D=3D 0) - ret =3D (ssize_t)len; - - if (ret > 0) - perf_check_microcode(); - - mutex_unlock(µcode_mutex); - cpus_read_unlock(); - - return ret; -} - -static const struct file_operations microcode_fops =3D { - .owner =3D THIS_MODULE, - .write =3D microcode_write, - .open =3D microcode_open, - .llseek =3D no_llseek, -}; - -static struct miscdevice microcode_dev =3D { - .minor =3D MICROCODE_MINOR, - .name =3D "microcode", - .nodename =3D "cpu/microcode", - .fops =3D µcode_fops, -}; - -static int __init microcode_dev_init(void) -{ - int error; - - error =3D misc_register(µcode_dev); - if (error) { - pr_err("can't misc_register on minor=3D%d\n", MICROCODE_MINOR); - return error; - } - - return 0; -} - -static void __exit microcode_dev_exit(void) -{ - misc_deregister(µcode_dev); -} -#else -#define microcode_dev_init() 0 -#define microcode_dev_exit() do { } while (0) -#endif - /* fake device for request_firmware */ static struct platform_device *microcode_pdev; =20 @@ -856,10 +764,6 @@ static int __init microcode_init(void) goto out_driver; } =20 - error =3D microcode_dev_init(); - if (error) - goto out_ucode_group; - register_syscore_ops(&mc_syscore_ops); cpuhp_setup_state_nocalls(CPUHP_AP_MICROCODE_LOADER, "x86/microcode:start= ing", mc_cpu_starting, NULL); @@ -870,10 +774,6 @@ static int __init microcode_init(void) =20 return 0; =20 - out_ucode_group: - sysfs_remove_group(&cpu_subsys.dev_root->kobj, - &cpu_root_microcode_group); - out_driver: cpus_read_lock(); mutex_lock(µcode_mutex); --=20 2.35.1 From nobody Thu May 7 16:16:41 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D9DB0C433EF for ; Tue, 24 May 2022 18:53:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240478AbiEXSxt (ORCPT ); Tue, 24 May 2022 14:53:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43952 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240453AbiEXSxh (ORCPT ); Tue, 24 May 2022 14:53:37 -0400 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4D47C579B7 for ; Tue, 24 May 2022 11:53:33 -0700 (PDT) Received: from zn.tnic (p200300ea974657c6329c23fffea6a903.dip0.t-ipconnect.de [IPv6:2003:ea:9746:57c6:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id A35F91EC0606; Tue, 24 May 2022 20:53:31 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1653418411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cMu/m7XioOOCsVwbHfYOStEmXft/WwJngRwU6UZOBwU=; b=grJSdpytBd+r3vWvC97ogxu3EwIh3D2kB3i8TLwC3bW58BtOZmcGE1g1I3gNduCXqzEBBi 9WDuBWnKlCvbgFDB6aysHSuNwEvpmTpXpVJ3wNoEBx3HFZsLfL1vNNWAdQimGeiGSFvaqP q7RjSSzNukd/1M0GdtDBB95O7NkQ4Hk= From: Borislav Petkov To: X86 ML Cc: LKML , Peter Zijlstra Subject: [RFC PATCH 2/3] x86/microcode: Default-disable late loading Date: Tue, 24 May 2022 20:53:23 +0200 Message-Id: <20220524185324.28395-3-bp@alien8.de> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220524185324.28395-1-bp@alien8.de> References: <20220524185324.28395-1-bp@alien8.de> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Borislav Petkov It is dangerous and it should not be used anyway - there's a nice early loading already. Requested-by: Peter Zijlstra (Intel) Signed-off-by: Borislav Petkov --- arch/x86/Kconfig | 11 +++++++++++ arch/x86/kernel/cpu/common.c | 2 ++ arch/x86/kernel/cpu/microcode/core.c | 7 ++++++- 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 1c0da2dbfb26..33891b82fb65 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1345,6 +1345,17 @@ config MICROCODE_AMD If you select this option, microcode patch loading support for AMD processors will be enabled. =20 +config MICROCODE_LATE_LOADING + bool "Late microcode loading (DANGEROUS)" + default n + depends on MICROCODE + help + Loading microcode late, when the system is up and executing instructions + is a tricky business and should be avoided if possible. Just the sequen= ce + of synchronizing all cores and SMT threads is one fragile dance which d= oes + not guarantee that cores might not softlock after the loading. Therefor= e, + use this at your own risk. Late loading taints the kernel too. + config X86_MSR tristate "/dev/cpu/*/msr - Model-specific register support" help diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 2e9142797c99..c296cb1c0113 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -2222,6 +2222,7 @@ void cpu_init_secondary(void) } #endif =20 +#ifdef CONFIG_MICROCODE_LATE_LOADING /* * The microcode loader calls this upon late microcode load to recheck fea= tures, * only when microcode has been updated. Caller holds microcode_mutex and = CPU @@ -2251,6 +2252,7 @@ void microcode_check(void) pr_warn("x86/CPU: CPU features have changed after loading microcode, but = might not take effect.\n"); pr_warn("x86/CPU: Please consider either early loading through initrd/bui= lt-in or a potential BIOS update.\n"); } +#endif =20 /* * Invoked from core CPU hotplug code after hotplug operations diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/mic= rocode/core.c index b72c4134f289..c717db6b6856 100644 --- a/arch/x86/kernel/cpu/microcode/core.c +++ b/arch/x86/kernel/cpu/microcode/core.c @@ -376,6 +376,7 @@ static int apply_microcode_on_target(int cpu) /* fake device for request_firmware */ static struct platform_device *microcode_pdev; =20 +#ifdef CONFIG_MICROCODE_LATE_LOADING /* * Late loading dance. Why the heavy-handed stomp_machine effort? * @@ -543,6 +544,9 @@ static ssize_t reload_store(struct device *dev, return ret; } =20 +static DEVICE_ATTR_WO(reload); +#endif + static ssize_t version_show(struct device *dev, struct device_attribute *attr, char *buf) { @@ -559,7 +563,6 @@ static ssize_t pf_show(struct device *dev, return sprintf(buf, "0x%x\n", uci->cpu_sig.pf); } =20 -static DEVICE_ATTR_WO(reload); static DEVICE_ATTR(version, 0444, version_show, NULL); static DEVICE_ATTR(processor_flags, 0444, pf_show, NULL); =20 @@ -712,7 +715,9 @@ static int mc_cpu_down_prep(unsigned int cpu) } =20 static struct attribute *cpu_root_microcode_attrs[] =3D { +#ifdef CONFIG_MICROCODE_LATE_LOADING &dev_attr_reload.attr, +#endif NULL }; =20 --=20 2.35.1 From nobody Thu May 7 16:16:41 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CBB96C433F5 for ; Tue, 24 May 2022 18:53:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240486AbiEXSxt (ORCPT ); Tue, 24 May 2022 14:53:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43954 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240460AbiEXSxh (ORCPT ); Tue, 24 May 2022 14:53:37 -0400 Received: from mail.skyhub.de (mail.skyhub.de [5.9.137.197]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 85A9857B01 for ; Tue, 24 May 2022 11:53:33 -0700 (PDT) Received: from zn.tnic (p200300ea974657c6329c23fffea6a903.dip0.t-ipconnect.de [IPv6:2003:ea:9746:57c6:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 22FE81EC0622; Tue, 24 May 2022 20:53:32 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1653418412; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2M9QqqRLgX47depXRiMTQ6cBUd+HXGc9LcO2mQh+QJw=; b=SmoLtmPmAbF13I1yW9wrv0Q5YztH/n6IHFGKodaR7ouySLSF1qc4J87FrytACnl2rt1Bjo vBaomNdkeCq8Du2G1gBXSLtAx18DTBvW7AN4Bd0cyEHg5jGZUXLfhYuuHZXUmdQw00DIfq TMibL4vCNCKDJVm0M40jzZCVFChWi+Y= From: Borislav Petkov To: X86 ML Cc: LKML Subject: [RFC PATCH 3/3] x86/microcode: Taint and warn on late loading Date: Tue, 24 May 2022 20:53:24 +0200 Message-Id: <20220524185324.28395-4-bp@alien8.de> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220524185324.28395-1-bp@alien8.de> References: <20220524185324.28395-1-bp@alien8.de> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Borislav Petkov Warn when done and taint the kernel. Signed-off-by: Borislav Petkov --- arch/x86/kernel/cpu/microcode/core.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/mic= rocode/core.c index c717db6b6856..f7ded2facaa0 100644 --- a/arch/x86/kernel/cpu/microcode/core.c +++ b/arch/x86/kernel/cpu/microcode/core.c @@ -501,6 +501,8 @@ static int microcode_reload_late(void) microcode_check(); =20 pr_info("Reload completed, microcode revision: 0x%x\n", boot_cpu_data.mic= rocode); + pr_err("However, late loading is dangerous and it taints the kernel.\n" + "You should switch to early loading, if possible.\n"); =20 return ret; } @@ -541,6 +543,8 @@ static ssize_t reload_store(struct device *dev, if (ret =3D=3D 0) ret =3D size; =20 + add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK); + return ret; } =20 --=20 2.35.1 From nobody Thu May 7 16:16:41 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48E15C433EF for ; Wed, 25 May 2022 13:56:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242812AbiEYN4N (ORCPT ); Wed, 25 May 2022 09:56:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50074 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229555AbiEYN4I (ORCPT ); Wed, 25 May 2022 09:56:08 -0400 Received: from mail.skyhub.de (mail.skyhub.de [5.9.137.197]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9DBEB8AE4A for ; Wed, 25 May 2022 06:56:03 -0700 (PDT) Received: from zn.tnic (p200300ea97465795329c23fffea6a903.dip0.t-ipconnect.de [IPv6:2003:ea:9746:5795:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 2D5411EC064C; Wed, 25 May 2022 15:55:58 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1653486958; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=RST4dh8t+hX/JhPHQNoOfLjLfAPVxCOqSiSb2TTlSF4=; b=O4cEM2JjmeIFIigPuE5BI9738GQ+xaMWwJil9+wWYH9Vpe+G74PCNAvvPwe20GeH9NAlj1 50GgLTAp/e/oZZ34PzG/51hYw0OpsCMYWpRqF1DFbP9Gg4ag7ke9Xrp6djF+7xqwd9XGDJ vRrPzySY4acOnCMO+5aMfTiEAeN1BLo= Date: Wed, 25 May 2022 15:55:54 +0200 From: Borislav Petkov To: Peter Zijlstra Cc: X86 ML , LKML Subject: [PATCH 4/3] x86/microcode: Remove unnecessary perf callback default-disable late loading Message-ID: References: <20220524185324.28395-1-bp@alien8.de> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20220524185324.28395-1-bp@alien8.de> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Borislav Petkov c93dc84cbe32 ("perf/x86: Add a microcode revision check for SNB-PEBS") checks whether the microcode revision has fixed PEBS issues. This can happen either: 1. At PEBS init time, where the early microcode has been loaded already 2. During late loading, in the microcode_check() callback. So remove the unnecessary call in the microcode loader init routine. Signed-off-by: Borislav Petkov --- arch/x86/kernel/cpu/microcode/core.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/mic= rocode/core.c index 801b44ac3851..ad57e0e4d674 100644 --- a/arch/x86/kernel/cpu/microcode/core.c +++ b/arch/x86/kernel/cpu/microcode/core.c @@ -756,10 +756,7 @@ static int __init microcode_init(void) =20 cpus_read_lock(); mutex_lock(µcode_mutex); - error =3D subsys_interface_register(&mc_cpu_interface); - if (!error) - perf_check_microcode(); mutex_unlock(µcode_mutex); cpus_read_unlock(); =20 --=20 2.35.1 --=20 Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette