Re: [PATCH] x86/microcode: Be more verbose, especially about loading errors

From: Borislav Petkov
Date: Wed Dec 06 2023 - 16:22:08 EST

Next message: Gustavo A. R. Silva: "Re: [PATCH v2] wifi: ath11k: Fix ath11k_htc_record flexible record"
Previous message: Mario Limonciello: "[PATCH v2 2/2] Input: i8042: Add a quirk for Framework 16" laptop"
In reply to: Jann Horn: "Re: [PATCH] x86/microcode: Be more verbose, especially about loading errors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Dec 06, 2023 at 09:51:58PM +0100, Jann Horn wrote:
> Ah, right. I guess that's decent for diagnostics, though I think it
> would be nice to have a more explicit message about not finding a
> microcode update, since otherwise you'd have to read the kernel
> sources to figure out that you have to check for a missing second
> line.

I keep preaching scripting something around:

$ grep microcode /proc/cpuinfo | sort | uniq -c
16 microcode : 0x800820d

We also have:

$ grep -r . /sys/devices/system/cpu/vulnerabilities/
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Retpolines, IBPB: conditional, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected
...

You could make sure that this says "no microcode" in the microcode
missing case or so and then grep that on large fleets, massage results
and dig into dmesg only on those which fail. Hopefully a small number.

> Yeah, fair, I guess that's a fairly visible indicator that something's
> wrong with microcode. (Though it doesn't tell you whether your
> microcode is just outdated or you have no microcode for the CPU
> family.)

So what you could do on AMD (probably similar on Intel too) is to fetch

git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git

scan the microcode blobs in amd-ucode/

==========================================================
| inst_cpu | err_msk | err_cmp | eq_cpu | res |
==========================================================
| 0x00800f82 | 0x00000000 | 0x00000000 | 0x8082 | 0x0000 |
| 0x00830f10 | 0x00000000 | 0x00000000 | 0x8310 | 0x0000 |
| 0x008a0f00 | 0x00000000 | 0x00000000 | 0x8a00 | 0x0000 |
| 0x00800f12 | 0x00000000 | 0x00000000 | 0x8012 | 0x0000 |
| 0x00000000 | 0x00000000 | 0x00000000 | 0x0000 | 0x0000 |
----------------------------------------------------------
ID: 0x0800820d, CPU rev ID: 0x00008082
ID: 0x0830107b, CPU rev ID: 0x00008310
ID: 0x08a00008, CPU rev ID: 0x00008a00
ID: 0x0800126e, CPU rev ID: 0x00008012

ID are the latest released patch revisions. You then compare them to the
revision on the respective machine using that CPU rev ID which can be
computed from CPUID(1).EAX (inst_cpu) using the table above. Table is
also in the blob.

In the example above my workstation has microcode revision 0x800820d and
CPUID(1).EAX on it is 0x00800f82.

So all up to date. :-)

See, easy peasy. :-P

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Gustavo A. R. Silva: "Re: [PATCH v2] wifi: ath11k: Fix ath11k_htc_record flexible record"
Previous message: Mario Limonciello: "[PATCH v2 2/2] Input: i8042: Add a quirk for Framework 16" laptop"
In reply to: Jann Horn: "Re: [PATCH] x86/microcode: Be more verbose, especially about loading errors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]