* [PATCH] x86: Add a "x86" ELF note namespace
[not found] ` <20231122115826.GAZV3s4krKXI002KQ0@fat_crate.local>
@ 2023-11-22 13:24 ` Borislav Petkov
2023-11-22 14:07 ` Borislav Petkov
[not found] ` <e1ca042c-de1d-4fe3-ad69-51d147b1fe0b@leemhuis.info>
1 sibling, 1 reply; 3+ messages in thread
From: Borislav Petkov @ 2023-11-22 13:24 UTC (permalink / raw)
To: Linux regressions mailing list
Cc: lukas.bulwahn, dave.hansen, hpa, kernel-janitors, linux-kernel,
mingo, tglx, x86, initramfs
On Wed, Nov 22, 2023 at 12:58:26PM +0100, Borislav Petkov wrote:
> On Wed, Nov 22, 2023 at 10:15:42AM +0100, Linux regression tracking (Thorsten Leemhuis) wrote:
> > [1] unless you fiddle with things obviously internal; not sure if this
> > case would qualify for him, but somehow I doubt it -- but I might be
> > wrong there.
>
> Well, think about it - by that logic, if CONFIG_* items are an ABI, we
> will never ever be able to change any of them. Now that would be awful.
>
> > Any progress on this?
>
> We're thinking...
Turns out this is easier than I think and people have solved this
problem already - all I need to do is use it. Wonderful.
Lemme Cc initramfs@vger.kernel.org as an FYI and see whether dracut
folks would have any comments about this.
---
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Wed, 22 Nov 2023 13:59:40 +0100
Add a "x86" ELF note namespace to put ELF note structures with which to
communicate in a ABI-compliant manner what a kernel image supports.
Also, add the first note type of this - X86_ELFNOTE_MICROCODE - which
denotes that microcode support is built into the kernel image and thus
initrd-generating tools like dracut can parse the ELF .notes section for
this.
$ readelf -n vmlinux
Displaying notes found in: .notes
Owner Data size Description
...
x86 0x00000004 Unknown note type: (0x00000000)
description data: 01 00 00 00
^^^^^^^^^^^^^^
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
---
arch/x86/include/uapi/elfnote.h | 18 ++++++++++++++++++
arch/x86/kernel/cpu/microcode/core.c | 5 +++++
2 files changed, 23 insertions(+)
create mode 100644 arch/x86/include/uapi/elfnote.h
diff --git a/arch/x86/include/uapi/elfnote.h b/arch/x86/include/uapi/elfnote.h
new file mode 100644
index 000000000000..bef26c4944e8
--- /dev/null
+++ b/arch/x86/include/uapi/elfnote.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
+#ifndef _X86_UAPI_ELFNOTE_H_
+#define _X86_UAPI_ELFNOTE_H_
+
+/*
+ * "x86" namespaced ELF note structures to communicate features
+ * supported by the kernel binary to external utilities which need that
+ * info in order to do additional preparatory work based on the target
+ * kernel image.
+ */
+
+/*
+ * Used by the microcode loader to communicate support to external
+ * initrd generators like dracut.
+ */
+#define X86_ELFNOTE_MICROCODE 0
+
+#endif /* _X86_UAPI_ELFNOTE_H_ */
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 232026a239a6..f35444bafbbc 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -24,6 +24,7 @@
#include <linux/capability.h>
#include <linux/firmware.h>
#include <linux/cpumask.h>
+#include <linux/elfnote.h>
#include <linux/kernel.h>
#include <linux/delay.h>
#include <linux/mutex.h>
@@ -32,6 +33,8 @@
#include <linux/fs.h>
#include <linux/mm.h>
+#include <uapi/elfnote.h>
+
#include <asm/apic.h>
#include <asm/cpu_device_id.h>
#include <asm/perf_event.h>
@@ -859,3 +862,5 @@ static int __init microcode_init(void)
}
late_initcall(microcode_init);
+
+ELFNOTE32("x86", X86_ELFNOTE_MICROCODE, CONFIG_MICROCODE);
--
2.42.0.rc0.25.ga82fb66fed25
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] x86: Add a "x86" ELF note namespace
2023-11-22 13:24 ` [PATCH] x86: Add a "x86" ELF note namespace Borislav Petkov
@ 2023-11-22 14:07 ` Borislav Petkov
0 siblings, 0 replies; 3+ messages in thread
From: Borislav Petkov @ 2023-11-22 14:07 UTC (permalink / raw)
To: Linux regressions mailing list
Cc: lukas.bulwahn, dave.hansen, hpa, kernel-janitors, linux-kernel,
mingo, tglx, x86, initramfs
On Wed, Nov 22, 2023 at 02:24:43PM +0100, Borislav Petkov wrote:
> Displaying notes found in: .notes
> Owner Data size Description
> ...
> x86 0x00000004 Unknown note type: (0x00000000)
> description data: 01 00 00 00
> ^^^^^^^^^^^^^^
Note to self: since this is a u32, the next version should define that
only the 1st bit is valid and the rest are reserved. So that they can be
used as a bitfield in case something more needs to be communicated in
the future and we don't waste a whole u32 just for one bit of
information...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [regression] microcode files missing in initramfs imgages from dracut (was Re: [PATCH] x86: Clean up remaining references to CONFIG_MICROCODE_AMD)
[not found] ` <CAHk-=wh03jMZRAxHFTkv0h9dZ6TmiqukzcHd4RTx7ijia_prsg@mail.gmail.com>
@ 2023-11-22 21:35 ` Borislav Petkov
0 siblings, 0 replies; 3+ messages in thread
From: Borislav Petkov @ 2023-11-22 21:35 UTC (permalink / raw)
To: Linus Torvalds
Cc: Linux regressions mailing list, lukas.bulwahn, dave.hansen, hpa,
kernel-janitors, linux-kernel, mingo, tglx, x86, initramfs
Lemme add initramfs@vger.kernel.org to Cc again. I hope that's the
correct ML dracut folks use.
On Wed, Nov 22, 2023 at 01:08:41PM -0800, Linus Torvalds wrote:
> Yes, I agree that it's not optimal, but I would hate to have some odd
> "let's add another ELF note" churn too, for (presumably) increasingly
> obscure reasons.
Right, my angle with the ELF note is that it is at least something well
establshed and other things use it too (Xen, BUILD_SALT, other arches
too).
> It looks like dracut has been doing this forever, and in fact back in
> 2015 apparently had the exact same issue (that never made it to kernel
> developers, or at least not to me), when the kernel
> CONFIG_MICROCODE_xyz_EARLY config went away, and became just
> CONFIG_MICROCODE_xyz.
Yap, that was me. I merged the early loader because it didn't make any
sense to have a separate thing.
> The whole "check kernel config" in dracut seems to go back to 2014, so
> it's been that way for almost a decade by now.
>
> Honestly, I think the right approach may be to just remove the check
> again from dracut entirely - the intent seems to be to make the initrd
> smaller when people don't support microcode updates, but does that
> ever actually *happen*?
That thought also crossed my mind. With the mitigations sh*te, you
basically must build in microcode. Lemme cook up a dracut patch for this
tomorrow and see what happens.
> There are dracut command lines, like "--early-microcode" and
> "--no-early-microcode", so people who really want to save space could
> just force it that way. Doing the CONFIG_xyz check seems broken.
Yap, exactly.
> I guess we on the kernel side could help with "make install" etc, but
> we've (intentionally) tried to insulate us from distros having
> distro-specific installkernel scripts, so we don't really haev a good
> way to pass information down to the installkernel side.
>
> It *would* make sense if we just had some actual arguments we might
> pass down. Right now we just do
>
> exec "${file}" "${KERNELRELEASE}" "${KBUILD_IMAGE}" System.map
> "${INSTALL_PATH}"
>
> so basically the only argument we pass down is that INSTALL_PATH
> (which is just "/boot" by default).
Right, and on debian they run initramfs-tools as part of
a post-installation step at the end of /sbin/installkernel which could
then pass in more configuration info.
Yap, that could be one way to do it. We could document it in
scripts/install.sh or somewhere more prominent so that tools can look it
up.
Yap, all better ideas than parsing .config.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-11-22 21:35 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20230825141226.13566-1-lukas.bulwahn@gmail.com>
[not found] ` <c67bd324-cec0-4fe4-b3b1-fc1d1e4f2967@leemhuis.info>
[not found] ` <20231112181036.GBZVEVHIIj/Oos1cx4@fat_crate.local>
[not found] ` <0e9cbe6f-ac6c-47f2-b663-a22568799eca@leemhuis.info>
[not found] ` <20231122115826.GAZV3s4krKXI002KQ0@fat_crate.local>
2023-11-22 13:24 ` [PATCH] x86: Add a "x86" ELF note namespace Borislav Petkov
2023-11-22 14:07 ` Borislav Petkov
[not found] ` <e1ca042c-de1d-4fe3-ad69-51d147b1fe0b@leemhuis.info>
[not found] ` <20231122155758.GEZV4lBgtZyzsP5Z4V@fat_crate.local>
[not found] ` <CAHk-=wiV+NM+jLKbSj_Ej9RaXpu4akWV03G_wXyTSHZhArq1tg@mail.gmail.com>
[not found] ` <20231122205135.GGZV5p157mBi6RYUNs@fat_crate.local>
[not found] ` <CAHk-=wh03jMZRAxHFTkv0h9dZ6TmiqukzcHd4RTx7ijia_prsg@mail.gmail.com>
2023-11-22 21:35 ` [regression] microcode files missing in initramfs imgages from dracut (was Re: [PATCH] x86: Clean up remaining references to CONFIG_MICROCODE_AMD) Borislav Petkov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).