Re: x86, microcode: BUG: microcode update that changes x86_capability
From: Borislav Petkov
Date: Thu Sep 25 2014 - 04:57:26 EST
On Wed, Sep 24, 2014 at 02:45:57PM -0300, Henrique de Moraes Holschuh wrote:
> On Wed, 24 Sep 2014, Andy Lutomirski wrote:
> > On Wed, Sep 24, 2014 at 7:56 AM, Henrique de Moraes Holschuh
> > <hmh@xxxxxxxxxx> wrote:
> > > And I'd really prefer it to be "update x86_capability, warn the user and
> > > carry on" for anything that is not going to crash the kernel. Several
> > > distros will really want this backported to -stable, as the older kernels
> > > cannot do early microcode updates.
> > >
> >
> > I'm trying to see if Intel is willing to document any additional
> > controls for the TSX bits in this ucode. No word yet, but I might
> > hear something soon.
>
> If they do document it, please make sure to ask what will happen in the
> following situation:
>
> Assume there is a newer release of Intel microcode for these
> processors, i.e. newer than the microcodes in the 2014-09-13 release.
> IOW assume there are at least two public microcode updates in which the
> Intel TSX feature has been disabled by default, but can be enabled by
> the BIOS/UEFI.
>
> 1. BIOS/UEFI has recent microcode (which has the Intel TSX on/off
> switch), but it is not the latest microcode, and installed this
> update on the processor.
>
> 2. BIOS/UEFI has *enabled* Intel TSX on user request.
>
> 3. Microcode is updated to the latest microcode by the operating
> system, newer than the one in BIOS/UEFI.
>
> After step 3, will Intel TSX be enabled, or disabled ?
>
> Or, to be more explicit: will future microcode updates preserve Intel TSX
> enabled/disabled state, or will they always reset it to disabled?
Well, you boot with the microcode in the BIOS so you will be able to
enable/disable TSX initially. When you apply the microcode patch to
disable TSX, this will remain the case until next reboot, where you
start with the same BIOS which has older microcode version. And will need to
apply the microcode again.
Unless you update your BIOS which will also hide the TSX enable/disable
switch too, presumably.
--
Regards/Gruss,
Boris.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/