From: Markus Trippelsdorf <markus@trippelsdorf.de>
To: Borislav Petkov <bp@suse.de>
Cc: "Måns Rullgård" <mans@mansr.com>, "Thomas Voegtle" <tv@lio96.de>,
linux-kernel@vger.kernel.org
Subject: Re: x86/microcode update on systems without INITRD
Date: Fri, 8 Jan 2016 13:16:01 +0100 [thread overview]
Message-ID: <20160108121601.GC320@x4> (raw)
In-Reply-To: <20160108120812.GF14673@pd.tnic>
On 2016.01.08 at 13:08 +0100, Borislav Petkov wrote:
> On Fri, Jan 08, 2016 at 11:46:28AM +0000, Måns Rullgård wrote:
> > How is an initrd different from a real filesystem as seen by the
> > microcode update driver?
>
> For starters, initrd is available much earlier, even before paging is
> enabled on 32-bit, for example. See find_cpio_data().
>
> > The objection against removing the dependency was that updating
> > microcode "late" isn't safe. I don't see how turning on BLK_DEV_INITRD
> > stops anyone doing those allegedly unsafe updates anyway.
>
> No one is stopping anyone from doing late updates. It is a valid use
> case, and we have to support it. And late updates are not necessarily
> unsafe, per se.
>
> Lemme put it this way: it is a lot less unproblematic to do early
> updates. Mind you, there's no 100% guarantee that early updates would
> always work either. It all depends on what the microcode patch does. But
> they do work 99,9999999...% of the time. :)
>
> IOW, I haven't heard of an early update breaking the machine. But it is
> possible.
>
> So the *general* flow should be that people enable BLK_DEV_INITRD,
> put the microcode in there and it gets updated as early as possible.
> This is what the distros do and it is the most tested path. The other
> possibilities are there too, but only for cases where initrd is out of
> the question.
But you take the choice away from people like me, who don't need initrd
at all. BLK_DEV_INITRD is a superfluous dependency in this case, because
microcode update works perfectly well without it.
--
Markus
next prev parent reply other threads:[~2016-01-08 12:16 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-19 21:43 x86/microcode update on systems without INITRD Markus Trippelsdorf
2015-11-19 21:55 ` Borislav Petkov
2015-11-19 22:58 ` Borislav Petkov
2015-11-20 7:19 ` Markus Trippelsdorf
2015-11-20 8:27 ` Borislav Petkov
2015-11-20 8:33 ` Markus Trippelsdorf
2015-11-20 8:48 ` Borislav Petkov
2015-11-20 11:24 ` [PATCH] x86/microcode: Initialize the driver late when facilities are up Borislav Petkov
2015-11-23 16:28 ` [tip:x86/urgent] " tip-bot for Borislav Petkov
2016-01-07 12:12 ` x86/microcode update on systems without INITRD Thomas Voegtle
2016-01-07 12:18 ` Borislav Petkov
2016-01-07 12:36 ` Thomas Voegtle
2016-01-07 12:41 ` Markus Trippelsdorf
2016-01-08 9:33 ` Thomas Voegtle
2016-01-08 12:18 ` Mike Keehan
2016-01-08 12:20 ` Markus Trippelsdorf
2016-01-08 10:59 ` Borislav Petkov
2016-01-08 11:18 ` Måns Rullgård
2016-01-08 11:36 ` Borislav Petkov
2016-01-08 11:46 ` Måns Rullgård
2016-01-08 12:08 ` Borislav Petkov
2016-01-08 12:16 ` Markus Trippelsdorf [this message]
2016-01-08 12:27 ` Borislav Petkov
2016-01-08 12:28 ` Måns Rullgård
2016-01-08 12:48 ` Michal Marek
2016-01-08 13:37 ` Borislav Petkov
2016-01-08 14:48 ` Michal Marek
2016-01-11 19:43 ` Borislav Petkov
2016-01-11 20:29 ` Måns Rullgård
2016-01-11 20:59 ` Borislav Petkov
2016-01-11 21:04 ` Måns Rullgård
2016-01-11 21:17 ` Borislav Petkov
2016-01-14 18:43 ` [RFC PATCH] x86/kconfig: Sanity-check config file during oldconfig Borislav Petkov
2016-01-18 13:36 ` Thomas Voegtle
2016-01-18 14:06 ` Borislav Petkov
2016-01-18 14:11 ` Måns Rullgård
2016-01-18 14:28 ` Borislav Petkov
2016-01-18 14:41 ` Borislav Petkov
2016-01-18 14:51 ` Måns Rullgård
2016-01-18 15:39 ` Borislav Petkov
2016-01-18 15:42 ` Måns Rullgård
2016-01-19 8:20 ` [RFC] CONFIG_FORCE_MINIMALLY_SANE_CONFIG=y (was: Re: [RFC PATCH] x86/kconfig: Sanity-check config file during oldconfig) Ingo Molnar
2016-01-19 8:40 ` Markus Trippelsdorf
2016-01-19 8:54 ` Ingo Molnar
2016-01-19 9:45 ` Borislav Petkov
2016-01-19 9:01 ` Peter Zijlstra
2016-01-19 9:14 ` Ingo Molnar
2016-01-19 9:43 ` Borislav Petkov
2016-01-19 9:57 ` [RFC] CONFIG_FORCE_MINIMALLY_SANE_CONFIG=y Michal Marek
2016-01-19 10:30 ` [RFC] CONFIG_GENERIC_BOOTABLE_CONFIG=y Ingo Molnar
2016-01-19 17:22 ` Linus Torvalds
2016-01-19 17:52 ` Austin S. Hemmelgarn
2016-01-19 12:29 ` [RFC] CONFIG_FORCE_MINIMALLY_SANE_CONFIG=y Måns Rullgård
2016-01-19 12:43 ` Michal Marek
2016-01-19 12:57 ` Måns Rullgård
2016-01-21 22:06 ` [RFC] CONFIG_FORCE_MINIMALLY_SANE_CONFIG=y (was: Re: [RFC PATCH] x86/kconfig: Sanity-check config file during oldconfig) Kirill A. Shutemov
2016-03-09 13:08 ` Ingo Molnar
2016-01-08 12:18 ` x86/microcode update on systems without INITRD Måns Rullgård
2016-01-19 17:43 ` Borislav Petkov
2016-01-20 9:14 ` Thomas Voegtle
2016-01-20 11:15 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160108121601.GC320@x4 \
--to=markus@trippelsdorf.de \
--cc=bp@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mans@mansr.com \
--cc=tv@lio96.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).