From: Borislav Petkov <[email protected]>
Ok,
I think I've dreamt of a simple solution to the early microcode
application deal with suspend-to-RAM. The commit message of patch 2
should explain it in more detail. Patch 1 is a fix for 32-bit when the
ramdisk is being relocated.
I'm still testing but it seems to work.
Borislav Petkov (2):
x86/microcode: Look for the initrd at the proper address on 32-bit
x86/microcode/intel: Save pointer to ucode patch for early AP loading
arch/x86/kernel/cpu/microcode/core.c | 12 ++++++++++++
arch/x86/kernel/cpu/microcode/intel.c | 25 +++++++++++++++++++++----
2 files changed, 33 insertions(+), 4 deletions(-)
--
2.13.0
From: Borislav Petkov <[email protected]>
Normally, when the initrd is gone, we can't search it for microcode
blobs to apply anymore. For that we need to stash away the patch in our
own storage.
And save_microcode_in_initrd_intel() looks like the proper place to
do that from. So in order for early loading to work, invalidate the
intel_ucode_patch pointer to the patch *before* scanning the initrd one
last time.
If the scanning code finds a microcode patch, it will assign that
pointer again, this time with our own storage's address.
This way, early microcode application during resume-from-RAM works too,
even after the initrd is long gone.
Signed-off-by: Borislav Petkov <[email protected]>
---
arch/x86/kernel/cpu/microcode/intel.c | 25 +++++++++++++++++++++----
1 file changed, 21 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index f522415bf9e5..d525a0bd7d28 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -166,7 +166,7 @@ static struct ucode_patch *__alloc_microcode_buf(void *data, unsigned int size)
static void save_microcode_patch(void *data, unsigned int size)
{
struct microcode_header_intel *mc_hdr, *mc_saved_hdr;
- struct ucode_patch *iter, *tmp, *p;
+ struct ucode_patch *iter, *tmp, *p = NULL;
bool prev_found = false;
unsigned int sig, pf;
@@ -202,6 +202,18 @@ static void save_microcode_patch(void *data, unsigned int size)
else
list_add_tail(&p->plist, µcode_cache);
}
+
+ /*
+ * Save for early loading. On 32-bit, that needs to be a physical
+ * address as the APs are running from physical addresses, before
+ * paging has been enabled.
+ */
+ if (p) {
+ if (IS_ENABLED(CONFIG_X86_32))
+ intel_ucode_patch = (struct microcode_intel *)__pa_nodebug(p->data);
+ else
+ intel_ucode_patch = p->data;
+ }
}
static int microcode_sanity_check(void *mc, int print_err)
@@ -607,6 +619,14 @@ int __init save_microcode_in_initrd_intel(void)
struct ucode_cpu_info uci;
struct cpio_data cp;
+ /*
+ * initrd is going away, clear patch ptr. We will scan the microcode one
+ * last time before jettisoning and save a patch, if found. Then we will
+ * update that pointer too, with a stable patch address to use when
+ * resuming the cores.
+ */
+ intel_ucode_patch = NULL;
+
if (!load_builtin_intel_microcode(&cp))
cp = find_microcode_in_initrd(ucode_path, false);
@@ -619,9 +639,6 @@ int __init save_microcode_in_initrd_intel(void)
show_saved_mc();
- /* initrd is going away, clear patch ptr. */
- intel_ucode_patch = NULL;
-
return 0;
}
--
2.13.0
From: Borislav Petkov <[email protected]>
Early during boot, the BSP finds the ramdisk's position from boot_params
but by the time the APs get to boot, the BSP has continued in the mean
time and has potentially managed to relocate that ramdisk.
And in that case, the APs need to find the ramdisk at its new position,
in *physical* memory as they're running before paging has been enabled.
Thus, get the updated physical location of the ramdisk which is in the
relocated_ramdisk variable.
Signed-off-by: Borislav Petkov <[email protected]>
---
arch/x86/kernel/cpu/microcode/core.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index e53d3c909840..053e5cd1dce0 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -290,6 +290,18 @@ struct cpio_data find_microcode_in_initrd(const char *path, bool use_pa)
return (struct cpio_data){ NULL, 0, "" };
if (initrd_start)
start = initrd_start;
+ } else {
+ /*
+ * The picture on 32-bit is a bit different: we need to get
+ * the *physical* address to which the ramdisk was relocated,
+ * i.e., relocated_ramdisk (not initrd_start) and since we're
+ * running from physical addresses, we need to access
+ * relocated_ramdisk through its *physical* address.
+ */
+ u64 *rr = (u64 *)__pa_nodebug(&relocated_ramdisk);
+
+ if (*rr)
+ start = *rr;
}
return find_cpio_data(path, (void *)start, size, NULL);
--
2.13.0
On Mon, 12 Jun 2017, Borislav Petkov wrote:
> I think I've dreamt of a simple solution to the early microcode
> application deal with suspend-to-RAM. The commit message of patch 2
> should explain it in more detail. Patch 1 is a fix for 32-bit when the
> ramdisk is being relocated.
>
> I'm still testing but it seems to work.
And it ended up being really simple, too. Thank you very much,
Borislav!
--
Henrique Holschuh
Boris,
On Mon, Jun 12, 2017 at 07:58:52PM +0200, Borislav Petkov wrote:
> From: Borislav Petkov <[email protected]>
>
> Ok,
>
> I think I've dreamt of a simple solution to the early microcode
> application deal with suspend-to-RAM. The commit message of patch 2
> should explain it in more detail. Patch 1 is a fix for 32-bit when the
> ramdisk is being relocated.
>
> I'm still testing but it seems to work.
Nice job; works fine here.
Best,
Dominik
On Tue, Jun 13, 2017 at 07:55:34AM +0200, Dominik Brodowski wrote:
> Nice job; works fine here.
Thanks for testing, I'll add your Tested-by.
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.