From: Thomas Gleixner <tglx@linutronix.de>
To: Borislav Petkov <bp@alien8.de>
Cc: Kevin Koster <lkml@ombertech.com>,
Oerg866 <oerg866@googlemail.com>,
linux-kernel@vger.kernel.org, Ingo Molnar <mingo@redhat.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>
Subject: Re: [PATCH -v2] x86/microcode: Consolidate the loader enablement checking
Date: Fri, 02 May 2025 21:15:19 +0200 [thread overview]
Message-ID: <87zffuomd4.ffs@tglx> (raw)
In-Reply-To: <20250502162210.GCaBTxMhdUT_Iw3_bj@fat_crate.local>
On Fri, May 02 2025 at 18:22, Borislav Petkov wrote:
> On Wed, Apr 30, 2025 at 09:16:56PM +0200, Thomas Gleixner wrote:
>> This return here is confusing at best. The only valid return value is
>> 'false' according to the above logic, because nothing modifies
>> dis_ucode_ldr and that must be false according to the top-most check,
>> no?
>
> You mean the return value is the build-time dis_ucode_ldr value which is true.
> Well, *was* true, keep on reading.
>
> I.e., the loader was default-disabled unless we decide it is ok to turn it on.
>
> Now that I look at it, this double-negation looks gross:
>
> disable:
> dis_ucode_ldr = true;
>
> "disable the disable loader". Pfff.
Indeed and it's all confusing because at the top of the function you
have:
if (dis_ucode_ldr)
return true;
That means, that dis_ucode_ldr must be false when it reaches
return dis_ucode_ldr;
in your original patch, no?
>> Something like the delta patch below makes it way more obvious and gets
>> rid of the ugly gotos as well.
>
> Almost. When we *enable* the loader, we must set dis_ucode_ldr to false. IOW,
> we must write dis_ucode_ldr to the newly detected value because
> load_ucode_ap() checks it because it can't call microcode_loader_disabled()
> because of this:
>
> /*
> * Can't use microcode_loader_disabled() here - .init section
> * hell. It doesn't have to either - the BSP variant must've
> * parsed cmdline already anyway.
> */
>
>
> IOW, yours a bit modified. Still untested ofc.
>
> ---
> diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
> index 7771755481ed..652198805ee3 100644
> --- a/arch/x86/kernel/cpu/microcode/core.c
> +++ b/arch/x86/kernel/cpu/microcode/core.c
> @@ -42,7 +42,7 @@
> #include "internal.h"
>
> static struct microcode_ops *microcode_ops;
> -static bool dis_ucode_ldr = true;
> +static bool dis_ucode_ldr = false;
>
> bool force_minrev = IS_ENABLED(CONFIG_MICROCODE_LATE_FORCE_MINREV);
> module_param(force_minrev, bool, S_IRUSR | S_IWUSR);
> @@ -84,6 +84,9 @@ static bool amd_check_current_patch_level(void)
> u32 lvl, dummy, i;
> u32 *levels;
>
> + if (x86_cpuid_vendor() != X86_VENDOR_AMD)
> + return false;
> +
> native_rdmsr(MSR_AMD64_PATCH_LEVEL, lvl, dummy);
>
> levels = final_levels;
> @@ -100,27 +103,28 @@ bool __init microcode_loader_disabled(void)
> if (dis_ucode_ldr)
> return true;
>
> - if (!have_cpuid_p())
> - goto disable;
> -
> /*
> - * CPUID(1).ECX[31]: reserved for hypervisor use. This is still not
> - * completely accurate as xen pv guests don't see that CPUID bit set but
> - * that's good enough as they don't land on the BSP path anyway.
> + * Disable when:
> + *
> + * 1) The CPU does not support CPUID
> + *
> + * 2) Bit 31 in CPUID[1]:ECX is clear
> + * The bit is reserved for hypervisor use. This is still not
> + * completely accurate as XEN PV guests don't see that CPUID bit
> + * set, but that's good enough as they don't land on the BSP
> + * path anyway.
> + *
> + * 3) Certain AMD patch levels are not allowed to be
> + * overwritten.
> */
> - if (native_cpuid_ecx(1) & BIT(31))
> - goto disable;
> -
> - if (x86_cpuid_vendor() == X86_VENDOR_AMD) {
> - if (amd_check_current_patch_level())
> - goto disable;
> - }
> + if (!have_cpuid_p() ||
> + native_cpuid_ecx(1) & BIT(31) ||
> + amd_check_current_patch_level())
> + dis_ucode_ldr = true;
> + else
> + dis_ucode_ldr = false;
This still does not make any sense, because if dis_ucode_ldr == true
when this function is called then the first check immediately returns.
So dis_ucode_ldr _IS_ false when this code is reached, no?
Thanks,
tglx
next prev parent reply other threads:[~2025-05-02 19:15 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-19 6:29 [PATCH] x86/microcode: Fix crashes on early 486 CPUs due to usage of 'cpuid' Oerg866
2024-10-19 9:49 ` Borislav Petkov
2024-10-19 14:06 ` Oerg866
2025-04-05 2:03 ` Kevin Koster
2025-04-05 9:32 ` Borislav Petkov
2025-04-05 20:33 ` H. Peter Anvin
2025-04-05 20:50 ` Borislav Petkov
2025-04-05 21:03 ` Borislav Petkov
2025-04-06 6:40 ` Kevin Koster
2025-04-06 7:46 ` Kevin Koster
2025-04-06 19:02 ` Borislav Petkov
2025-04-06 23:58 ` Kevin Koster
2025-04-07 10:29 ` Borislav Petkov
2025-04-07 14:21 ` Kevin Koster
2025-04-07 13:55 ` Borislav Petkov
2025-04-07 14:28 ` Oerg866
2025-04-08 10:37 ` Maciej W. Rozycki
2025-04-08 17:22 ` [PATCH] x86/microcode: Consolidate the loader enablement Borislav Petkov
2025-04-09 7:51 ` Kevin Koster
2025-04-10 11:53 ` Thomas Gleixner
2025-04-11 11:07 ` Borislav Petkov
2025-04-14 9:59 ` [PATCH -v2] x86/microcode: Consolidate the loader enablement checking Borislav Petkov
2025-04-14 10:48 ` Ingo Molnar
2025-04-14 11:26 ` Borislav Petkov
2025-05-03 10:51 ` David Laight
2025-04-30 19:16 ` Thomas Gleixner
2025-05-02 16:22 ` Borislav Petkov
2025-05-02 19:15 ` Thomas Gleixner [this message]
2025-04-07 14:38 ` [PATCH] x86/microcode: Fix crashes on early 486 CPUs due to usage of 'cpuid' H. Peter Anvin
2025-04-07 23:20 ` Kevin Koster
2025-04-07 18:10 ` David Laight
2025-04-07 14:36 ` H. Peter Anvin
2025-04-08 10:16 ` Maciej W. Rozycki
2025-04-08 10:31 ` Borislav Petkov
2025-04-08 12:29 ` Maciej W. Rozycki
2025-04-08 17:28 ` Borislav Petkov
2025-04-06 16:49 ` H. Peter Anvin
2025-05-03 15:14 ` [tip: x86/urgent] x86/microcode: Consolidate the loader enablement checking tip-bot2 for Borislav Petkov (AMD)
2025-05-04 6:14 ` Ingo Molnar
2025-05-05 5:15 ` [PATCH] x86/microcode: Add microcode_loader_disabled() storage class for the !CONFIG_MICROCODE case Ingo Molnar
2025-05-05 5:32 ` [tip: x86/microcode] " tip-bot2 for Ingo Molnar
2025-05-05 7:27 ` tip-bot2 for Ingo Molnar
2025-05-05 7:47 ` [PATCH] " Borislav Petkov
2025-05-06 10:57 ` Ingo Molnar
2025-05-06 12:19 ` Borislav Petkov
2025-05-06 10:44 ` [tip: x86/urgent] x86/microcode: Consolidate the loader enablement checking tip-bot2 for Borislav Petkov (AMD)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zffuomd4.ffs@tglx \
--to=tglx@linutronix.de \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lkml@ombertech.com \
--cc=mingo@redhat.com \
--cc=oerg866@googlemail.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.