x86/microcode: Check CPU capabilities after late microcode update correctly
stable inclusion from stable-v5.10.173 commit 511e27e5fdd658e6cb06b4947fb0d3ac76163776 category: feature bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I873BU CVE: N/A Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=511e27e5fdd658e6cb06b4947fb0d3ac76163776 ------------------------------------- Intel-SIG: commit 511e27e5fdd6 x86/microcode: Check CPU capabilities after late microcode update correctly. Backport x86/microcode related patches from 5.10.173 upstream. ------------------------------------- [ Upstream commit c0dd9245 ] The kernel caches each CPU's feature bits at boot in an x86_capability[] structure. However, the capabilities in the BSP's copy can be turned off as a result of certain command line parameters or configuration restrictions, for example the SGX bit. This can cause a mismatch when comparing the values before and after the microcode update. Another example is X86_FEATURE_SRBDS_CTRL which gets added only after microcode update: ^^^ and which proves for a gazillionth time that late loading is a bad bad idea. microcode_check() is called after an update to report any previously cached CPUID bits which might have changed due to the update. Therefore, store the cached CPU caps before the update and compare them with the CPU caps after the microcode update has succeeded. Thus, the comparison is done between the CPUID *hardware* bits before and after the upgrade instead of using the cached, possibly runtime modified values in BSP's boot_cpu_data copy. As a result, false warnings about CPUID bits changes are avoided. [ bp: - Massage. - Add SRBDS_CTRL example. - Add kernel-doc. - Incorporate forgotten review feedback from dhansen. ] Fixes: 1008c52c ("x86/CPU: Add a microcode loader callback") Signed-off-by:Ashok Raj <ashok.raj@intel.com> Signed-off-by:
Loading
Please sign in to comment