Commit 0345b375 authored by Borislav Petkov's avatar Borislav Petkov Committed by Aichun Shi
Browse files

x86/microcode: Default-disable late loading 

stable inclusion
from stable-v5.10.173
commit e6230806681fa25b7a3829c021d5b33d68c9bd09
category: feature
bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I873BU
CVE: N/A
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e6230806681fa25b7a3829c021d5b33d68c9bd09



-------------------------------------

Intel-SIG: commit e6230806681f x86/microcode: Default-disable late loading.
Backport x86/microcode related patches from 5.10.173 upstream.

-------------------------------------

[ Upstream commit a77a94f8 ]

It is dangerous and it should not be used anyway - there's a nice early
loading already.

Requested-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20220525161232.14924-3-bp@alien8.de


Stable-dep-of: c0dd9245 ("x86/microcode: Check CPU capabilities after late microcode update correctly")
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
[ Aichun Shi: amend commit log ]
Signed-off-by: default avatarAichun Shi <aichun.shi@intel.com>
parent e427a81b

arch/x86/Kconfig

+11 −0
Original line number Diff line number Diff line
@@ -1357,6 +1357,17 @@ config MICROCODE_OLD_INTERFACE 
	  should've switched to the early loading method with the initrd or

	  builtin microcode by now: Documentation/x86/microcode.rst



config MICROCODE_LATE_LOADING

	bool "Late microcode loading (DANGEROUS)"

	default n

	depends on MICROCODE

	help

	  Loading microcode late, when the system is up and executing instructions

	  is a tricky business and should be avoided if possible. Just the sequence

	  of synchronizing all cores and SMT threads is one fragile dance which does

	  not guarantee that cores might not softlock after the loading. Therefore,

	  use this at your own risk. Late loading taints the kernel too.



config X86_MSR

	tristate "/dev/cpu/*/msr - Model-specific register support"

	help

arch/x86/kernel/cpu/common.c

+2 −0
Original line number Diff line number Diff line
@@ -2163,6 +2163,7 @@ void cpu_init_secondary(void) 
}

#endif



#ifdef CONFIG_MICROCODE_LATE_LOADING

/*

 * The microcode loader calls this upon late microcode load to recheck features,

 * only when microcode has been updated. Caller holds microcode_mutex and CPU
@@ -2193,6 +2194,7 @@ void microcode_check(void) 
	pr_warn("x86/CPU: CPU features have changed after loading microcode, but might not take effect.\n");

	pr_warn("x86/CPU: Please consider either early loading through initrd/built-in or a potential BIOS update.\n");

}

#endif



/*

 * Invoked from core CPU hotplug code after hotplug operations

arch/x86/kernel/cpu/microcode/core.c

+6 −1
Original line number Diff line number Diff line
@@ -503,6 +503,7 @@ static void __exit microcode_dev_exit(void) 
/* fake device for request_firmware */

static struct platform_device	*microcode_pdev;



#ifdef CONFIG_MICROCODE_LATE_LOADING

/*

 * Late loading dance. Why the heavy-handed stomp_machine effort?

 *
@@ -671,6 +672,9 @@ static ssize_t reload_store(struct device *dev, 
	return ret;

}



static DEVICE_ATTR_WO(reload);

#endif



static ssize_t version_show(struct device *dev,

			struct device_attribute *attr, char *buf)

{
@@ -687,7 +691,6 @@ static ssize_t pf_show(struct device *dev, 
	return sprintf(buf, "0x%x\n", uci->cpu_sig.pf);

}



static DEVICE_ATTR_WO(reload);

static DEVICE_ATTR(version, 0444, version_show, NULL);

static DEVICE_ATTR(processor_flags, 0444, pf_show, NULL);
@@ -840,7 +843,9 @@ static int mc_cpu_down_prep(unsigned int cpu) 
}



static struct attribute *cpu_root_microcode_attrs[] = {

#ifdef CONFIG_MICROCODE_LATE_LOADING

	&dev_attr_reload.attr,

#endif

	NULL

};