Re: new cmdline parameter disable_cpu_features= (microcode update?)

From: Borislav Petkov
Date: Mon Jan 04 2016 - 18:17:00 EST

Next message: Kamal Mostafa: "[4.2.y-ckt stable] Patch "arm64: bpf: fix div-by-zero case" has been added to staging queue"
Previous message: Masahiro Yamada: "Re: [PATCH] drivers/bus: make uniphier-system-bus.c explicitly non-modular"
In reply to: Piotr DÄbrowski: "new cmdline parameter disable_cpu_features= (microcode update?)"
Next in thread: Piotr DÄbrowski: "Re: new cmdline parameter disable_cpu_features= (microcode update?)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 04, 2016 at 11:55:57PM +0100, Piotr DÄbrowski wrote:
> Is such thing even possible? And would it be a reasonable thing to do
> (maybe the rest of the microcode would break badly without the factory
> flags set)?

You cannot change the microcode patches - they're supplied by the CPU
vendors as is and are signed/encrypted.

In an ideal world, we should have BIOS disable options for all CPU
features which could turn out to be problematic so that the user remains
in control. Without the need to be applying microcode patches even.

--
Regards/Gruss,
Boris.

ECO tip #101: Trim your mails when you reply.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kamal Mostafa: "[4.2.y-ckt stable] Patch "arm64: bpf: fix div-by-zero case" has been added to staging queue"
Previous message: Masahiro Yamada: "Re: [PATCH] drivers/bus: make uniphier-system-bus.c explicitly non-modular"
In reply to: Piotr DÄbrowski: "new cmdline parameter disable_cpu_features= (microcode update?)"
Next in thread: Piotr DÄbrowski: "Re: new cmdline parameter disable_cpu_features= (microcode update?)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]