Re: x86, microcode: BUG: microcode update that changes x86_capability

[Borislav Petkov]

On Wed, Sep 24, 2014 at 11:56:58AM -0300, Henrique de Moraes Holschuh wrote:
> I don't know about AMD, but on Intel, the time it takes to update the
> microcode on a core is anything but negligible[1], so the microcode
> version skew window still exists, and it is not small.  It is much smaller
> than it once was, but it is still there.

I think that window is unsafe but yeah, we probably should take your
empirical observation as good enough for now.

> But IMHO we still need to detect and do something smart when
> x86_capability changes due to a microcode update.
> 
> And I'd really prefer it to be "update x86_capability, warn the user and
> carry on" for anything that is not going to crash the kernel.

The problem is with hiding CPUID bits and userspace using HLE after
having detected it previously. I think we'll be on the safe side if we
reboot thus the suggestion to the user that rebooting should be done
ASAP.

-- 
Regards/Gruss,
    Boris.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/