x86/microcode: Prepare for minimal revision check
mainline inclusion from mainline-v6.7-rc1 commit 9407bda845dd19756e276d4f3abc15a20777ba45 category: feature bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I8XRMW CVE: NA -------------------------------- Applying microcode late can be fatal for the running kernel when the update changes functionality which is in use already in a non-compatible way, e.g. by removing a CPUID bit. There is no way for admins which do not have access to the vendors deep technical support to decide whether late loading of such a microcode is safe or not. Intel has added a new field to the microcode header which tells the minimal microcode revision which is required to be active in the CPU in order to be safe. Provide infrastructure for handling this in the core code and a command line switch which allows to enforce it. If the update is considered safe the kernel is not tainted and the annoying warning message not emitted. If it's enforced and the currently loaded microcode revision is not safe for late loading then the load is aborted. Intel-SIG: commit 9407bda845dd x86/microcode: Prepare for minimal revision check. Microcode restructuring backport. Signed-off-by:Thomas Gleixner <tglx@linutronix.de> Signed-off-by:
Loading
Please sign in to comment