Received: by 10.223.176.5 with SMTP id f5csp691527wra; Wed, 7 Feb 2018 06:04:17 -0800 (PST) X-Google-Smtp-Source: AH8x2273pNZf9nJRNYrhq5/aQgtxah/BgaBsXwqgi1ZByVAVHaWbkP9WQIk1BuAwxkd24+2ny2T5 X-Received: by 2002:a17:902:50e:: with SMTP id 14-v6mr6124414plf.360.1518012257671; Wed, 07 Feb 2018 06:04:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518012257; cv=none; d=google.com; s=arc-20160816; b=vOgD4qesv1PxxaD2ve28tjxN3maWEI7wZ9urBKwudr2qbPDIoqWZBmjlTrA+GTukRJ OVqkGzLfl1yQsBNv+RVQmLw+qvSmAtwN/yonAiQVXy+MwqARUIaWw4fFlKhva43pEyJs bm9ShBJ3CNhCZ7IaTakHkISsQGaZITjEVG7nukrKuNrcGL5ODW/4HcyHVPvjhdD9gv08 EZzeUQj5etp/6vWNf0hGBnSVRw2KaKlMNO9JUX4QrCo95fSi1eEkqf/H1dtz1GBlRVdo Z0P1XjleCbAym8BTwiPBWL5htsRUBAIZHTDa3pdEceNt0g6m11SoIF2TILrqUfUjOaBp dM+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id :arc-authentication-results; bh=plBJMMZ7SdwPxoCtS9R8YZ7FfjGYjNJCtwTL3i2Sfp4=; b=xLx4EJGglfq2eE6urzlKuhxaTidSCJuo4MpDZjWjG5NPtKEfrZq3ixrFEMxwkgdIah pFjTfwxbzl8ZQlmzlX7UQPtPBShW31MKKZ8Jbah1g/YOy0WAiAyFQxS4R2vJaHKP1zdC P3vfh/9H3dR/qGO4LZ9JrgQuVpgBRqcNLOaIADRYwCRPVHXudI/p3Yny0hCA9MUkLJEF achTRh8Cww/VzKJFM7XglnJYFTqvS64qTL5NNcZX+XUU62PGccYPmj0V/NRD98HS55LP IqezLgYtrPIWJw9PYp0lWp3BbkumkxupT7WxHgd9ndGYbAShL+tds8VaiKf3Rj2Wva5V oQUA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p14-v6si1131970pli.114.2018.02.07.06.03.56; Wed, 07 Feb 2018 06:04:17 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754201AbeBGOCS (ORCPT + 99 others); Wed, 7 Feb 2018 09:02:18 -0500 Received: from mail-wm0-f49.google.com ([74.125.82.49]:36487 "EHLO mail-wm0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753763AbeBGOCR (ORCPT ); Wed, 7 Feb 2018 09:02:17 -0500 Received: by mail-wm0-f49.google.com with SMTP id f3so3541632wmc.1 for ; Wed, 07 Feb 2018 06:02:16 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:mime-version:content-transfer-encoding; bh=plBJMMZ7SdwPxoCtS9R8YZ7FfjGYjNJCtwTL3i2Sfp4=; b=OAOK0PFqiKkALNGI124Ek3Y0ZNKFWAIN3S6Xh+kNJ5kcMaF5Ftf6yg/NhXDEn4BDOq tkYkrtUsOkpIYPzwrXw0g1qqnb4F3RW5in2wCNe/rmrQXc12ZwNcTrevBaSnuFmz8MYz D4uqnlEBC+nZSWHigC2OJVQJIs00npJsJRPs7NFbBPxYifsp90KSrth0HH13N3ZmoGs4 Oerk4GqVx0yf61wbRgZ7m5+kc+LA7bHhQTVFeaAkPuBcAY+mMNcg9zzvHv0sSc1kHceA ygbUlxaVq5hWkmeEthJZBKpU4nNbW2OE7aMm9ACPSpAHJ/sntcR7NBeHy1TbhLpdYODd GYkA== X-Gm-Message-State: APf1xPCjNT3tRIEE1PoMvRGnqieb2cEbZLNpngjgCDklDvCWhFlvdcpH 55pd5GZ+E7ltmJHmw67wJHz/ahCFWYc= X-Received: by 10.28.237.23 with SMTP id l23mr5062180wmh.113.1518012135168; Wed, 07 Feb 2018 06:02:15 -0800 (PST) Received: from skozina-ntb ([213.175.37.12]) by smtp.gmail.com with ESMTPSA id 77sm2775091wmt.37.2018.02.07.06.02.14 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 07 Feb 2018 06:02:14 -0800 (PST) Message-ID: <1518012133.13585.13.camel@redhat.com> Subject: Re: [PATCH] x86/microcode/intel: print previous microcode revision during early update From: Stanislav Kozina To: Borislav Petkov , Petr Oros Cc: Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , x86@kernel.org, linux-kernel@vger.kernel.org Date: Wed, 07 Feb 2018 15:02:13 +0100 In-Reply-To: <20180126144918.7jiaezmdhjsiman5@pd.tnic> References: <20180126103451.16863-1-poros@redhat.com> <20180126104109.slxxoq4vkqytqjxd@pd.tnic> <1516967135.2801.1.camel@redhat.com> <20180126115800.bvqrzik2f3hmmiah@pd.tnic> <1516974600.2801.10.camel@redhat.com> <20180126144918.7jiaezmdhjsiman5@pd.tnic> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.26.2 (3.26.2-1.fc27) Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello Borislav, On Fri, 2018-01-26 at 15:49 +0100, Borislav Petkov wrote: > On Fri, Jan 26, 2018 at 02:50:00PM +0100, Petr Oros wrote: > > But what in production? Edit boot params, restart server, grep > > /proc/cpuinfo and > > restart again? Why i can not read it just from dmesg? > > Because you don't need the previous revision. > > You only *happen* to need it now but that is being addressed too with > the blacklisting. And when you have broken microcode, it will say: Although Spectre might be the most visible CPU issue, it's not the only one. What if some issue causes failure during early microcode update? What if the issue triggers only on update from a certain microcode version? We should be transparent about what microcode version we update from and to. The double reboot with "dis_ucode_ldr" argument requires to schedule a full system reboot just to figure out what version has been provided by the system firmware. > + pr_warn("Intel Spectre v2 broken microcode detected; > disabling SPEC_CTRL\n"); > > and if you have microcode which doesn't have IBRS, there won't be > "spec_ctrl" in /proc/cpuinfo. > > I don't want people to start paying attention to microcode > revision numbers with the gazillion different revisions and > family/model/steppings out there and the crazy confusion that will > ensue > from this. The current microcode version is already printed in the dmesg. Many people do care what revision they are running and what provided this revision. It is the most important information on triaging CPU issues, especially if anything goes awry. I would appreciate if you could pull this patch in. Thank you, -Stanislav