Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability

From: Dave Hansen
Date: Tue Nov 12 2024 - 12:18:30 EST

Next message: Przemek Kitszel: "Re: [PATCH v2 1/4] Revert "igb: Disable threaded IRQ for igb_msix_other""
Previous message: Jens Axboe: "Re: [PATCH 12/16] ext4: add RWF_UNCACHED write support"
In reply to: Andrew Cooper: "Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability"
Next in thread: Alex Murray: "Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/8/24 15:36, Andrew Cooper wrote:
>> You can't practically run old microcode and consider a system secure
>> these days. So, let's call old microcode what it is: a vulnerability.
>
> The list becomes stale 4 times a year, so you need to identify when it's
> out of date, and whatever that something is has to be strong enough to
> cause distros to backport too. Perhaps a date in the header, so you can
> at least report "status vulnerable, metadata out of date".

I don't want to get too fancy about this. I'm assuming that mainline
and the stable kernels will be regularly fed new metadata. The only way
to have out-of-date metadata should be by running an out-of-date kernel
in which case you have bigger problems on your hands.

> Also, you want to identify EOL CPUs. Just because they're on the most
> recent published ucode doesn't mean they're not vulnerable.

That's a good idea too. But I think it deserves a separate discussion
and separate patch.

> Under some hypervisors, you get fed the revision 0x7fffffff. Others
> might tell you the truth, or it may be the truth from when you booted.
> For this, probably best to say "consult your hypervisor".

Good point. We should probably just say "unknown" when running as a
guest, or just not have the sysfs file at all.

> Failure to publish information, or not publishing fixes for in-support
> parts should be considered a vulnerability. (*ahem*, AMD)
>
> Or you could just simplify the whole path to "yes". It's true, even if
> people don't know.

This series answers the question:

Has the vendor published a newer OS-loadable microcode than you
are running right now?

It doesn't seek to answer the question:

Is the microcode that you are running right now vulnerable to
anything (that the kernel knows about)?

I think the first question is quite answerable in a pretty factual way.
The second question is much hardware. It's worth answering for sure ...
with another patch. :)

Next message: Przemek Kitszel: "Re: [PATCH v2 1/4] Revert "igb: Disable threaded IRQ for igb_msix_other""
Previous message: Jens Axboe: "Re: [PATCH 12/16] ext4: add RWF_UNCACHED write support"
In reply to: Andrew Cooper: "Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability"
Next in thread: Alex Murray: "Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]