[PATCH for-4.14] docs/ucode: Extend runtime microcode loading documentation

[PATCH for-4.14] docs/ucode: Extend runtime microcode loading documentation

[Andrew Cooper]

Extend the disclaimer about runtime loading.  While we've done our best to
make the mechaism reliable, the safety of late loading does ultimately depend
on the contents of the blobs.

Extend the xen-ucode portion with examples of how to use it.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: George Dunlap <George.Dunlap@eu.citrix.com>
CC: Ian Jackson <ian.jackson@citrix.com>
CC: Jan Beulich <JBeulich@suse.com>
CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Wei Liu <wl@xen.org>
CC: Julien Grall <julien@xen.org>
CC: Paul Durrant <paul@xen.org>
---
 docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst
index 5f0f661a2e..8cd5d0351b 100644
--- a/docs/admin-guide/microcode-loading.rst
+++ b/docs/admin-guide/microcode-loading.rst
@@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable
 file.  Xen will stop searching at the first match.
 
 
-Run time microcode loading
---------------------------
+Runtime microcode loading
+-------------------------
 
 .. warning::
 
@@ -113,7 +113,23 @@ Run time microcode loading
    or at boot time.  Not all microcode updates (or parts thereof) can be
    applied at runtime.
 
-The ``xen-ucode`` utility can be used to initiate a runtime microcode load.
+   Given the proprietry nature of microcode, we are unable to make any claim
+   that a runtime microcode is risk-free.  Any runtime microcode loading needs
+   adequate testing on a dev instance before being rolled out to production
+   systems.
+
+The ``xen-ucode`` utility can be used to initiate a runtime microcode load::
+
+  [root@host ~]# xen-ucode
+  xen-ucode: Xen microcode updating tool
+  Usage: xen-ucode <microcode blob>
+  [root@host ~]#
+
+e.g. With a Linux dom0 on a Haswell system::
+
+  [root@host ~]# xen-ucode /lib/firmware/intel-ucode/06-3c-03
+  [root@host ~]#
+
 It will pass the blob to Xen, which will check to see whether the blob is
 correct for the processor, and newer than the running microcode.
 
-- 
2.11.0

RE: [PATCH for-4.14] docs/ucode: Extend runtime microcode loading documentation

[Paul Durrant]

> -----Original Message-----
> From: Andrew Cooper <andrew.cooper3@citrix.com>
> Sent: 01 June 2020 14:40
> To: Xen-devel <xen-devel@lists.xenproject.org>
> Cc: Andrew Cooper <andrew.cooper3@citrix.com>; George Dunlap <George.Dunlap@eu.citrix.com>; Ian
> Jackson <ian.jackson@citrix.com>; Jan Beulich <JBeulich@suse.com>; Konrad Rzeszutek Wilk
> <konrad.wilk@oracle.com>; Stefano Stabellini <sstabellini@kernel.org>; Wei Liu <wl@xen.org>; Julien
> Grall <julien@xen.org>; Paul Durrant <paul@xen.org>
> Subject: [PATCH for-4.14] docs/ucode: Extend runtime microcode loading documentation
> 
> Extend the disclaimer about runtime loading.  While we've done our best to
> make the mechaism reliable, the safety of late loading does ultimately depend
> on the contents of the blobs.
> 
> Extend the xen-ucode portion with examples of how to use it.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> ---
> CC: George Dunlap <George.Dunlap@eu.citrix.com>
> CC: Ian Jackson <ian.jackson@citrix.com>
> CC: Jan Beulich <JBeulich@suse.com>
> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Wei Liu <wl@xen.org>
> CC: Julien Grall <julien@xen.org>
> CC: Paul Durrant <paul@xen.org>
> ---
>  docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++---
>  1 file changed, 19 insertions(+), 3 deletions(-)
> 
> diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst
> index 5f0f661a2e..8cd5d0351b 100644
> --- a/docs/admin-guide/microcode-loading.rst
> +++ b/docs/admin-guide/microcode-loading.rst
> @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable
>  file.  Xen will stop searching at the first match.
> 
> 
> -Run time microcode loading
> ---------------------------
> +Runtime microcode loading
> +-------------------------
> 
>  .. warning::
> 
> @@ -113,7 +113,23 @@ Run time microcode loading
>     or at boot time.  Not all microcode updates (or parts thereof) can be
>     applied at runtime.
> 
> -The ``xen-ucode`` utility can be used to initiate a runtime microcode load.
> +   Given the proprietry nature of microcode, we are unable to make any claim

s/proprietry/proprietary

with that fixed this is...

Release-acked-by: Paul Durrant <paul@xen.org>

> +   that a runtime microcode is risk-free.  Any runtime microcode loading needs
> +   adequate testing on a dev instance before being rolled out to production
> +   systems.
> +
> +The ``xen-ucode`` utility can be used to initiate a runtime microcode load::
> +
> +  [root@host ~]# xen-ucode
> +  xen-ucode: Xen microcode updating tool
> +  Usage: xen-ucode <microcode blob>
> +  [root@host ~]#
> +
> +e.g. With a Linux dom0 on a Haswell system::
> +
> +  [root@host ~]# xen-ucode /lib/firmware/intel-ucode/06-3c-03
> +  [root@host ~]#
> +
>  It will pass the blob to Xen, which will check to see whether the blob is
>  correct for the processor, and newer than the running microcode.
> 
> --
> 2.11.0

Re: [PATCH for-4.14] docs/ucode: Extend runtime microcode loading documentation

[Roger Pau Monné]

On Mon, Jun 01, 2020 at 02:40:25PM +0100, Andrew Cooper wrote:
> Extend the disclaimer about runtime loading.  While we've done our best to
> make the mechaism reliable, the safety of late loading does ultimately depend
> on the contents of the blobs.
> 
> Extend the xen-ucode portion with examples of how to use it.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>

> ---
> CC: George Dunlap <George.Dunlap@eu.citrix.com>
> CC: Ian Jackson <ian.jackson@citrix.com>
> CC: Jan Beulich <JBeulich@suse.com>
> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Wei Liu <wl@xen.org>
> CC: Julien Grall <julien@xen.org>
> CC: Paul Durrant <paul@xen.org>
> ---
>  docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++---
>  1 file changed, 19 insertions(+), 3 deletions(-)
> 
> diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst
> index 5f0f661a2e..8cd5d0351b 100644
> --- a/docs/admin-guide/microcode-loading.rst
> +++ b/docs/admin-guide/microcode-loading.rst
> @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable
>  file.  Xen will stop searching at the first match.
>  
>  
> -Run time microcode loading
> ---------------------------
> +Runtime microcode loading
> +-------------------------
>  
>  .. warning::
>  
> @@ -113,7 +113,23 @@ Run time microcode loading
>     or at boot time.  Not all microcode updates (or parts thereof) can be
>     applied at runtime.
>  
> -The ``xen-ucode`` utility can be used to initiate a runtime microcode load.
> +   Given the proprietry nature of microcode, we are unable to make any claim
> +   that a runtime microcode is risk-free.  Any runtime microcode loading needs
> +   adequate testing on a dev instance before being rolled out to production
> +   systems.
> +
> +The ``xen-ucode`` utility can be used to initiate a runtime microcode load::
> +
> +  [root@host ~]# xen-ucode
> +  xen-ucode: Xen microcode updating tool
> +  Usage: xen-ucode <microcode blob>
> +  [root@host ~]#
> +
> +e.g. With a Linux dom0 on a Haswell system::
> +
> +  [root@host ~]# xen-ucode /lib/firmware/intel-ucode/06-3c-03

Could you expand a bit on the nomenclature used here?

I assume it's something like <fam>-<model>-<version> but might be good
to provide people a hint to know how to find the appropriate blob for
their system if possible.

Thanks, Roger.

Re: [PATCH for-4.14] docs/ucode: Extend runtime microcode loading documentation

[Andrew Cooper]

On 01/06/2020 17:51, Roger Pau Monné wrote:
>
> On Mon, Jun 01, 2020 at 02:40:25PM +0100, Andrew Cooper wrote:
>> Extend the disclaimer about runtime loading.  While we've done our best to
>> make the mechaism reliable, the safety of late loading does ultimately depend
>> on the contents of the blobs.
>>
>> Extend the xen-ucode portion with examples of how to use it.
>>
>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>

Thanks,

>
>> ---
>> CC: George Dunlap <George.Dunlap@eu.citrix.com>
>> CC: Ian Jackson <ian.jackson@citrix.com>
>> CC: Jan Beulich <JBeulich@suse.com>
>> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>> CC: Stefano Stabellini <sstabellini@kernel.org>
>> CC: Wei Liu <wl@xen.org>
>> CC: Julien Grall <julien@xen.org>
>> CC: Paul Durrant <paul@xen.org>
>> ---
>>  docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++---
>>  1 file changed, 19 insertions(+), 3 deletions(-)
>>
>> diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst
>> index 5f0f661a2e..8cd5d0351b 100644
>> --- a/docs/admin-guide/microcode-loading.rst
>> +++ b/docs/admin-guide/microcode-loading.rst
>> @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable
>>  file.  Xen will stop searching at the first match.
>>  
>>  
>> -Run time microcode loading
>> ---------------------------
>> +Runtime microcode loading
>> +-------------------------
>>  
>>  .. warning::
>>  
>> @@ -113,7 +113,23 @@ Run time microcode loading
>>     or at boot time.  Not all microcode updates (or parts thereof) can be
>>     applied at runtime.
>>  
>> -The ``xen-ucode`` utility can be used to initiate a runtime microcode load.
>> +   Given the proprietry nature of microcode, we are unable to make any claim
>> +   that a runtime microcode is risk-free.  Any runtime microcode loading needs
>> +   adequate testing on a dev instance before being rolled out to production
>> +   systems.
>> +
>> +The ``xen-ucode`` utility can be used to initiate a runtime microcode load::
>> +
>> +  [root@host ~]# xen-ucode
>> +  xen-ucode: Xen microcode updating tool
>> +  Usage: xen-ucode <microcode blob>
>> +  [root@host ~]#
>> +
>> +e.g. With a Linux dom0 on a Haswell system::
>> +
>> +  [root@host ~]# xen-ucode /lib/firmware/intel-ucode/06-3c-03
> Could you expand a bit on the nomenclature used here?
>
> I assume it's something like <fam>-<model>-<version> but might be good
> to provide people a hint to know how to find the appropriate blob for
> their system if possible.

It is $FAMILY-$MODEL-$STEPPING.  Currently only a single version of each
microcode is installed at once by the microcode_ctl package.

However, its infeasible to cater to all setup's/situations here.  Within
linux, you could clone
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/ or
use the slightly older single monolithic microcode.dat.

And that is before you start considering non-Intel systems, or other
ways of packaging microcode.

I'm open to suggestions for how to make this clearer, but we definitely
can't do an exhaustive list of places you might find microcode.

~Andrew

Re: [PATCH for-4.14] docs/ucode: Extend runtime microcode loading documentation

[Jan Beulich]

On 01.06.2020 15:40, Andrew Cooper wrote:
> Extend the disclaimer about runtime loading.  While we've done our best to
> make the mechaism reliable, the safety of late loading does ultimately depend
> on the contents of the blobs.
> 
> Extend the xen-ucode portion with examples of how to use it.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> ---
> CC: George Dunlap <George.Dunlap@eu.citrix.com>
> CC: Ian Jackson <ian.jackson@citrix.com>
> CC: Jan Beulich <JBeulich@suse.com>
> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Wei Liu <wl@xen.org>
> CC: Julien Grall <julien@xen.org>
> CC: Paul Durrant <paul@xen.org>
> ---
>  docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++---
>  1 file changed, 19 insertions(+), 3 deletions(-)
> 
> diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst
> index 5f0f661a2e..8cd5d0351b 100644
> --- a/docs/admin-guide/microcode-loading.rst
> +++ b/docs/admin-guide/microcode-loading.rst
> @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable
>  file.  Xen will stop searching at the first match.
>  
>  
> -Run time microcode loading
> ---------------------------
> +Runtime microcode loading
> +-------------------------
>  
>  .. warning::
>  
> @@ -113,7 +113,23 @@ Run time microcode loading
>     or at boot time.  Not all microcode updates (or parts thereof) can be
>     applied at runtime.
>  
> -The ``xen-ucode`` utility can be used to initiate a runtime microcode load.
> +   Given the proprietry nature of microcode, we are unable to make any claim
> +   that a runtime microcode is risk-free.  Any runtime microcode loading needs

"that runtime microcode loading is risk-free" (or some such, including
the word "load")? Then
Reviewed-by: Jan Beulich <jbeulich@suse.com>

Jan