kvm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 1/2] x86/speculation: Correct Speculation Control microcode blacklist again
@ 2018-02-12 15:27 David Woodhouse
  2018-02-12 15:27 ` [PATCH 2/2] x86/speculation: Support "Enhanced IBRS" on future CPUs David Woodhouse
  0 siblings, 1 reply; 18+ messages in thread
From: David Woodhouse @ 2018-02-12 15:27 UTC (permalink / raw)
  To: tglx, x86, kvm, torvalds, pbonzini, linux-kernel,
	arjan.van.de.ven, dave.hansen

Arjan points out that the Intel document only clears the 0xc2 microcode
on *some* parts with CPUID 506E3 (INTEL_FAM6_SKYLAKE_DESKTOP stepping 3).
For the Skylake H/S platform it's OK but for Skylake E3 which has the
same CPUID it isn't (yet) cleared.

So removing it from the blacklist was premature. Put it back for now.

Also, Arjan assures me that the 0x84 microcode for Kaby Lake which was
featured in one of the early revisions of the Intel document was never
released to the public, and won't be until/unless it is also validated
as safe. So those can change to 0x80 which is what all *other* versions
of the doc have identified.

Once the retrospective testing of existing public microcodes is done, we
should be back into a mode where new microcodes are only released in
batches and we shouldn't even need to update the blacklist for those
anyway, so this tweaking of the list isn't expected to be a thing which
keeps happening.

Requested-by: Arjan van de Ven <arjan.van.de.ven@intel.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
 arch/x86/kernel/cpu/intel.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index f73b814..ef796f1 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -116,13 +116,14 @@ struct sku_microcode {
 	u32 microcode;
 };
 static const struct sku_microcode spectre_bad_microcodes[] = {
-	{ INTEL_FAM6_KABYLAKE_DESKTOP,	0x0B,	0x84 },
-	{ INTEL_FAM6_KABYLAKE_DESKTOP,	0x0A,	0x84 },
-	{ INTEL_FAM6_KABYLAKE_DESKTOP,	0x09,	0x84 },
-	{ INTEL_FAM6_KABYLAKE_MOBILE,	0x0A,	0x84 },
-	{ INTEL_FAM6_KABYLAKE_MOBILE,	0x09,	0x84 },
+	{ INTEL_FAM6_KABYLAKE_DESKTOP,	0x0B,	0x80 },
+	{ INTEL_FAM6_KABYLAKE_DESKTOP,	0x0A,	0x80 },
+	{ INTEL_FAM6_KABYLAKE_DESKTOP,	0x09,	0x80 },
+	{ INTEL_FAM6_KABYLAKE_MOBILE,	0x0A,	0x80 },
+	{ INTEL_FAM6_KABYLAKE_MOBILE,	0x09,	0x80 },
 	{ INTEL_FAM6_SKYLAKE_X,		0x03,	0x0100013e },
 	{ INTEL_FAM6_SKYLAKE_X,		0x04,	0x0200003c },
+	{ INTEL_FAM6_SKYLAKE_DESKTOP,	0x03,	0xc2 },
 	{ INTEL_FAM6_BROADWELL_CORE,	0x04,	0x28 },
 	{ INTEL_FAM6_BROADWELL_GT3E,	0x01,	0x1b },
 	{ INTEL_FAM6_BROADWELL_XEON_D,	0x02,	0x14 },
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 18+ messages in thread

end of thread, other threads:[~2018-02-16 12:10 UTC | newest]

Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-02-12 15:27 [PATCH 1/2] x86/speculation: Correct Speculation Control microcode blacklist again David Woodhouse
2018-02-12 15:27 ` [PATCH 2/2] x86/speculation: Support "Enhanced IBRS" on future CPUs David Woodhouse
2018-02-13  7:47   ` Ingo Molnar
2018-02-13  8:12     ` David Woodhouse
2018-02-13  8:02   ` Paolo Bonzini
2018-02-13  8:15     ` David Woodhouse
2018-02-13  9:58       ` Paolo Bonzini
2018-02-13 10:21         ` David Woodhouse
2018-02-13 10:36           ` David Woodhouse
2018-02-13 10:41             ` Paolo Bonzini
2018-02-13 10:53               ` David Woodhouse
2018-02-13 10:55                 ` Paolo Bonzini
2018-02-16  9:58               ` David Woodhouse
2018-02-16 10:08                 ` Paolo Bonzini
2018-02-16 10:21                   ` David Woodhouse
2018-02-16 11:04                     ` Paolo Bonzini
2018-02-16 12:10                       ` David Woodhouse
2018-02-15 15:21     ` Pavel Machek

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).