Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp3656518ybz;
        Mon, 4 May 2020 07:17:26 -0700 (PDT)
X-Google-Smtp-Source: APiQypI5QfTwpjy5pPao78OAtjlE/d2+cN3JNujJ905zfNA5mR+QvjiKfrtAVhIEu1HSBXEzV6KD
X-Received: by 2002:a50:e70a:: with SMTP id a10mr15549495edn.124.1588601846059;
        Mon, 04 May 2020 07:17:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1588601846; cv=none;
        d=google.com; s=arc-20160816;
        b=HzFQKEQKNFx+DhR6x18YXJ3qpbGZgvyN6el+GMIWEi8AaKaUb5UVxBTG0vF7HTpVph
         k2IiY2cfTFa0xWla4jAhEBLolyVPMS7f8n76dIn+ZDemcYUfiHL/d/b6wvAfO1vvAMyM
         eLIMGeK1zlkV3do9IdUu4u2xunR7K0b5xl3EjhwKwXmylDOoNxsnur7LAIlUefmTe4Va
         sB7dF5mJdyDnpipzbRxDa1fYlyYtElCSA4mGO8lbZRlkxT0yuunkmEOssdYJ6TJin7g4
         7nVZy4cMxc4TThYIZjqwpO5P5GSG7bBdptbnoeN2n5WNaOUPSZqGDNERGCyFbX2zeD6L
         wEWw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=jqNEJeClk0fD3e9raI/nN92sfg9dR537GZRqBqcLJMU=;
        b=QLXa5xe0aP2NdVB9t8bkoarT1IutDgpgzPJtu0TmVMku46GqY7xl6zQqYlT3vg/kvd
         1DtXxnvIDvC9zidE+qhzy9IWgYhhLwE5jEhK09ApEWONHTPVrHdWwvt2DT6rHAkoZo96
         p9zabvpHeS7mtU1baDu+j9dl3KzTlmsUtOjzHTNIZVvSISNL8+V+Lh9tGR4g5qZDRCnZ
         TwNPVtALoue+U8HlFcLMlXGxd2J0J4Ay1SFe8ahtnpMH7rfX+n9OpH4mSRuPBot81CL3
         1zF434VavXQhm0xBI6OzyVyYsGUV6SKzso69hCdvyw7rZAUo2rKE73k6mHPGkFkyHvCV
         Klyg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@alien8.de header.s=dkim header.b=m86nvddW;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id 8si7632503ejx.280.2020.05.04.07.17.01;
        Mon, 04 May 2020 07:17:26 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@alien8.de header.s=dkim header.b=m86nvddW;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729024AbgEDOMM (ORCPT <rfc822;austinkernel.kim@gmail.com>
        + 99 others); Mon, 4 May 2020 10:12:12 -0400
Received: from mail.skyhub.de ([5.9.137.197]:34186 "EHLO mail.skyhub.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729000AbgEDOMM (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 4 May 2020 10:12:12 -0400
Received: from zn.tnic (p200300EC2F08AF0065867C3890225131.dip0.t-ipconnect.de [IPv6:2003:ec:2f08:af00:6586:7c38:9022:5131])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id CAD3A1EC02D7;
        Mon,  4 May 2020 16:12:10 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim;
        t=1588601530;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:in-reply-to:in-reply-to:  references:references;
        bh=jqNEJeClk0fD3e9raI/nN92sfg9dR537GZRqBqcLJMU=;
        b=m86nvddWot3EcYIXIrl17FsHoISKOLptDLfan4QVUUiG7bhNat43J1orvnyYDl6GCm5Xte
        aELeaeg6LRRPzrBFX7C3O4WxlEHhHA9M9ZF5nQ4KXURyWL6KoeABSI+nWTzWLwEgtLJzLb
        KKHnE+PG3BlKy5efln71RhRmQVJ0xWU=
Date:   Mon, 4 May 2020 16:12:11 +0200
From:   Borislav Petkov <bp@alien8.de>
To:     Mihai Carabas <mihai.carabas@oracle.com>
Cc:     linux-kernel@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, x86@kernel.org,
        "H. Peter Anvin" <hpa@zytor.com>, Jonathan Corbet <corbet@lwn.net>,
        linux-doc@vger.kernel.org
Subject: Re: [PATCH RFC 1/3] x86: microcode: intel: read microcode metadata
 file
Message-ID: <20200504141211.GG15046@zn.tnic>
References: <1587972479-10971-1-git-send-email-mihai.carabas@oracle.com>
 <1587972479-10971-2-git-send-email-mihai.carabas@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1587972479-10971-2-git-send-email-mihai.carabas@oracle.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

> Subject: Re: [PATCH RFC 1/3] x86: microcode: intel: read microcode metadata file

For the future, do:

git log <file I'm changing under arch/x86/>

to figure out what commit title prefix to use for the tip tree.

On Mon, Apr 27, 2020 at 10:27:57AM +0300, Mihai Carabas wrote:
> Try to read the microcode metadata file in order to see what features
> are added or remove by the new microcode blob. If the metadata file
> does not exists passthrough normal loading with a warning message.

So this file must be signed by the microcode vendors and that signature
then must be verified by the loader before we even look at the metadata.
We don't trust luserspace.

Also, I don't like it being a separate file - it could just as well be
appended to the microcode blob and parsed properly by the loader.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette