From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <prvs=878fc0913=Andrew.Cooper3@citrix.com>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 13 Dec
  2018 15:20:11 -0000
Received: from smtp.eu.citrix.com ([185.25.65.24])
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <prvs=878fc0913=Andrew.Cooper3@citrix.com>)
	id 1gXSmX-0002nW-Ew
	for speck@linutronix.de; Thu, 13 Dec 2018 16:20:10 +0100
Subject: [MODERATED] Re: [PATCH v2 2/8] MDSv2 1
References: <cover.1544464266.git.ak@linux.intel.com>
 <d464217bf6889e56c7db9318bf2b94704fa2d1a9.1544464266.git.ak@linux.intel.com>
 <nycvar.YFH.7.76.1812102347060.17216@cbobk.fhfr.pm>
 <87784B01-00DE-4E4E-AF13-7CEFC9903019@oracle.com>
 <20181211100335.GB25994@zn.tnic> <20181212213147.GR9077@char.us.oracle.com>
 <20181212221731.GF6696@zn.tnic> <20181212224046.GF7946@char.us.oracle.com>
 <20181212224553.GG6696@zn.tnic>
From: Andrew Cooper <andrew.cooper3@citrix.com>
Message-ID: <e35752c2-490c-0609-b7c2-4dd14bc625f8@citrix.com>
Date: Thu, 13 Dec 2018 07:15:29 -0800
MIME-Version: 1.0
In-Reply-To: <20181212224553.GG6696@zn.tnic>
Content-Type: multipart/mixed; boundary="VghsLv4diZl1Yrer3gWtWaXqc0UjLtlO6"; protected-headers="v1"
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

--VghsLv4diZl1Yrer3gWtWaXqc0UjLtlO6
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-GB

On 12/12/2018 14:45, speck for Borislav Petkov wrote:
> On Wed, Dec 12, 2018 at 05:40:47PM -0500, speck for Konrad Rzeszutek Wi=
lk wrote:
>> That is easy - "cloud" - you know $X billion market where everybody de=
cides
>> that 99.99999% is needed which means you can only reboot for 1 second.=

> And clowd doesn't reboot machines to update kernels?

No - not if they can possibly avoid it.

> And clowd gets guarantees from CPU vendor that live microcode upgrade
> works fine every time even while the core executes instructions and wit=
h
> any microcode revision being upgraded to?

Within the constraints of "quiesce the system with stop_machine()", yes.


I've got some customers to have said in no uncertain terms that they
want to reboot to get mitigations for these forthcoming issues.=C2=A0 Sai=
d
customers are large enough that Intel is currently engaged, and have
tentatively said that it is fine to load ucode in parallel on every core
during stop machine, rather than serially.=C2=A0 I'm expecting Intel to
propose this change in Linux as well as Xen.

I personally think everyone should reboot and call it done, but at the
end of the day, I'm beholden to my customers, and they really really do
want late load microcode to work.

~Andrew


--VghsLv4diZl1Yrer3gWtWaXqc0UjLtlO6--