linux.git/arch/x86/kernel/cpu/microcode/amd.c, branch v5.1 Linux kernel source tree x86/microcode/amd: Don't falsely trick the late loading mechanism 2019-01-31T15:54:32+00:00 Thomas Lendacky Thomas.Lendacky@amd.com 2019-01-31T14:33:06+00:00 912139cfbfa6a2bc1da052314d2c29338dae1f6a The load_microcode_amd() function searches for microcode patches and attempts to apply a microcode patch if it is of different level than the currently installed level. While the processor won't actually load a level that is less than what is already installed, the logic wrongly returns UCODE_NEW thus signaling to its caller reload_store() that a late loading should be attempted. If the file-system contains an older microcode revision than what is currently running, such a late microcode reload can result in these misleading messages: x86/CPU: CPU features have changed after loading microcode, but might not take effect. x86/CPU: Please consider either early loading through initrd/built-in or a potential BIOS update. These messages were issued on a system where SME/SEV are not enabled by the BIOS (MSR C001_0010[23] = 0b) because during boot, early_detect_mem_encrypt() is called and cleared the SME and SEV features in this case. However, after the wrong late load attempt, get_cpu_cap() is called and reloads the SME and SEV feature bits, resulting in the messages. Update the microcode level check to not attempt microcode loading if the current level is greater than(!) and not only equal to the current patch level. [ bp: massage commit message. ] Fixes: 2613f36ed965 ("x86/microcode: Attempt late loading only when new microcode is present") Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: x86-ml <x86@kernel.org> Link: https://lkml.kernel.org/r/154894518427.9406.8246222496874202773.stgit@tlendack-t1.amdoffice.net 
The load_microcode_amd() function searches for microcode patches and
attempts to apply a microcode patch if it is of different level than the
currently installed level.

While the processor won't actually load a level that is less than
what is already installed, the logic wrongly returns UCODE_NEW thus
signaling to its caller reload_store() that a late loading should be
attempted.

If the file-system contains an older microcode revision than what is
currently running, such a late microcode reload can result in these
misleading messages:

  x86/CPU: CPU features have changed after loading microcode, but might not take effect.
  x86/CPU: Please consider either early loading through initrd/built-in or a potential BIOS update.

These messages were issued on a system where SME/SEV are not
enabled by the BIOS (MSR C001_0010[23] = 0b) because during boot,
early_detect_mem_encrypt() is called and cleared the SME and SEV
features in this case.

However, after the wrong late load attempt, get_cpu_cap() is called and
reloads the SME and SEV feature bits, resulting in the messages.

Update the microcode level check to not attempt microcode loading if the
current level is greater than(!) and not only equal to the current patch
level.

 [ bp: massage commit message. ]

Fixes: 2613f36ed965 ("x86/microcode: Attempt late loading only when new microcode is present")
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/154894518427.9406.8246222496874202773.stgit@tlendack-t1.amdoffice.net
x86/microcode/AMD: Update copyright 2018-11-19T09:55:12+00:00 Borislav Petkov bp@suse.de 2018-10-20T13:04:52+00:00 2ffcbce39ea1e355eed8c6527308624f366f1c58 Adjust copyright. Signed-off-by: Borislav Petkov <bp@suse.de> Cc: x86@kernel.org Link: https://lkml.kernel.org/r/20181107170218.7596-17-bp@alien8.de 
Adjust copyright.

Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
Link: https://lkml.kernel.org/r/20181107170218.7596-17-bp@alien8.de
x86/microcode/AMD: Check the equivalence table size when scanning it 2018-11-19T09:55:12+00:00 Maciej S. Szmigiero mail@maciej.szmigiero.name 2018-09-13T10:01:52+00:00 413c89154c6759cbd5e17febd04c187470613173 Currently, the code scanning the CPU equivalence table read from a microcode container file assumes that it actually contains a terminating zero entry. Check also the size of this table to make sure that no reads past its end happen, in case there's no terminating zero entry at the end of the table. [ bp: Adjust to new changes. ] Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: x86@kernel.org Link: https://lkml.kernel.org/r/20181107170218.7596-16-bp@alien8.de 
Currently, the code scanning the CPU equivalence table read from a
microcode container file assumes that it actually contains a terminating
zero entry.

Check also the size of this table to make sure that no reads past its
end happen, in case there's no terminating zero entry at the end of the
table.

 [ bp: Adjust to new changes. ]

Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
Link: https://lkml.kernel.org/r/20181107170218.7596-16-bp@alien8.de
x86/microcode/AMD: Convert CPU equivalence table variable into a struct 2018-11-19T09:55:12+00:00 Maciej S. Szmigiero mail@maciej.szmigiero.name 2018-09-13T09:45:42+00:00 39cd7c17f9bc3fe3737dacd4225eeabe56df197c Convert the CPU equivalence table into a proper struct in preparation for tracking also the size of this table. [ bp: Have functions deal with struct equiv_cpu_table pointers only. Rediff. ] Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: x86@kernel.org Link: https://lkml.kernel.org/r/20181107170218.7596-15-bp@alien8.de 
Convert the CPU equivalence table into a proper struct in preparation
for tracking also the size of this table.

 [ bp: Have functions deal with struct equiv_cpu_table pointers only. Rediff. ]

Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
Link: https://lkml.kernel.org/r/20181107170218.7596-15-bp@alien8.de
x86/microcode/AMD: Check microcode container data in the late loader 2018-11-19T09:55:11+00:00 Maciej S. Szmigiero mail@maciej.szmigiero.name 2018-09-13T06:49:22+00:00 38673f623dfcaa03921aa5704ade176cd584c886 Convert the late loading path to use the newly introduced microcode container data checking functions as it was previously done for the early loader. [ bp: Keep header length addition in install_equiv_cpu_table() and rediff. ] Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: x86@kernel.org Link: https://lkml.kernel.org/r/20181107170218.7596-14-bp@alien8.de 
Convert the late loading path to use the newly introduced microcode
container data checking functions as it was previously done for the
early loader.

[ bp: Keep header length addition in install_equiv_cpu_table() and rediff. ]

Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
Link: https://lkml.kernel.org/r/20181107170218.7596-14-bp@alien8.de
x86/microcode/AMD: Fix container size's type 2018-11-19T09:55:06+00:00 Borislav Petkov bp@suse.de 2018-09-12T16:50:23+00:00 72dc571a3a77081112944fe0c2dbff614114b04a Make it size_t everywhere as this is what we get from cpio. [ bp: Fix a smatch warning. ] Originally-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name> Reported-by: kbuild test robot <lkp@intel.com> Signed-off-by: Borislav Petkov <bp@suse.de> Link: https://lkml.kernel.org/r/20181107170218.7596-13-bp@alien8.de 
Make it size_t everywhere as this is what we get from cpio.

 [ bp: Fix a smatch warning. ]

Originally-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Reported-by: kbuild test robot <lkp@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20181107170218.7596-13-bp@alien8.de
x86/microcode/AMD: Convert early parser to the new verification routines 2018-11-19T09:51:06+00:00 Borislav Petkov bp@suse.de 2018-09-12T16:33:34+00:00 c45e80358cb3c61eaf6f5d35af86c6a874935bd0 Now that they have the required functionality, use them to verify the equivalence table and each patch, thus making parse_container() more readable. Originally-by: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: x86@kernel.org Link: https://lkml.kernel.org/r/20181107170218.7596-12-bp@alien8.de 
Now that they have the required functionality, use them to verify the
equivalence table and each patch, thus making parse_container() more
readable.

Originally-by: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
Link: https://lkml.kernel.org/r/20181107170218.7596-12-bp@alien8.de
x86/microcode/AMD: Change verify_patch()'s return value 2018-11-19T09:51:06+00:00 Borislav Petkov bp@suse.de 2018-10-19T12:27:24+00:00 d430a305b7f8127d992e79e90b6fac00f99d23b3 Have it return 0 on success, positive value when the current patch should be skipped and negative on error. Signed-off-by: Borislav Petkov <bp@suse.de> Cc: x86@kernel.org Link: https://lkml.kernel.org/r/20181107170218.7596-11-bp@alien8.de 
Have it return 0 on success, positive value when the current patch
should be skipped and negative on error.

Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
Link: https://lkml.kernel.org/r/20181107170218.7596-11-bp@alien8.de
x86/microcode/AMD: Move chipset-specific check into verify_patch() 2018-11-19T09:51:06+00:00 Borislav Petkov bp@suse.de 2018-10-19T12:09:39+00:00 c79570205ba6064bd756f531e6d9d0b498a191d6 ... where it belongs. No functional changes. Signed-off-by: Borislav Petkov <bp@suse.de> Cc: x86@kernel.org https://lkml.kernel.org/r/20181107170218.7596-10-bp@alien8.de 
... where it belongs.

No functional changes.

Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
https://lkml.kernel.org/r/20181107170218.7596-10-bp@alien8.de
x86/microcode/AMD: Move patch family check to verify_patch() 2018-11-19T09:51:05+00:00 Borislav Petkov bp@suse.de 2018-07-26T04:50:44+00:00 51776fb805fe4f248f264c1783c286ae60552e9a ... where all the microcode patch verification is being concentrated. Signed-off-by: Borislav Petkov <bp@suse.de> Cc: x86@kernel.org Link: https://lkml.kernel.org/r/20181107170218.7596-9-bp@alien8.de 
... where all the microcode patch verification is being concentrated.

Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
Link: https://lkml.kernel.org/r/20181107170218.7596-9-bp@alien8.de