tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'x86_urgent_for_v6.12_rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 fixes from Borislav Petkov:

- Prevent a certain range of pages which get marked as hypervisor-only,
to get allocated to a CoCo (SNP) guest which cannot use them and thus
fail booting

- Fix the microcode loader on AMD to pay attention to the stepping of a
patch and to handle the case where a BIOS config option splits the
machine into logical NUMA nodes per L3 cache slice

- Disable LAM from being built by default due to security concerns

* tag 'x86_urgent_for_v6.12_rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/sev: Ensure that RMP table fixups are reserved
x86/microcode/AMD: Split load_microcode_amd()
x86/microcode/AMD: Pay attention to the stepping dynamically
x86/lam: Disable ADDRESS_MASKING in most cases

Linus Torvalds ea1fda89 f69a1acc

+39 -17
+1
arch/x86/Kconfig
··· 2257 2257 config ADDRESS_MASKING 2258 2258 bool "Linear Address Masking support" 2259 2259 depends on X86_64 2260 + depends on COMPILE_TEST || !CPU_MITIGATIONS # wait for LASS 2260 2261 help 2261 2262 Linear Address Masking (LAM) modifies the checking that is applied 2262 2263 to 64-bit linear addresses, allowing software to use of the
+36 -17
arch/x86/kernel/cpu/microcode/amd.c
··· 584 584 native_rdmsr(MSR_AMD64_PATCH_LEVEL, ed->new_rev, dummy); 585 585 } 586 586 587 - static enum ucode_state load_microcode_amd(u8 family, const u8 *data, size_t size); 587 + static enum ucode_state _load_microcode_amd(u8 family, const u8 *data, size_t size); 588 588 589 589 static int __init save_microcode_in_initrd(void) 590 590 { ··· 605 605 if (!desc.mc) 606 606 return -EINVAL; 607 607 608 - ret = load_microcode_amd(x86_family(cpuid_1_eax), desc.data, desc.size); 608 + ret = _load_microcode_amd(x86_family(cpuid_1_eax), desc.data, desc.size); 609 609 if (ret > UCODE_UPDATED) 610 610 return -EINVAL; 611 611 ··· 613 613 } 614 614 early_initcall(save_microcode_in_initrd); 615 615 616 - static inline bool patch_cpus_equivalent(struct ucode_patch *p, struct ucode_patch *n) 616 + static inline bool patch_cpus_equivalent(struct ucode_patch *p, 617 + struct ucode_patch *n, 618 + bool ignore_stepping) 617 619 { 618 620 /* Zen and newer hardcode the f/m/s in the patch ID */ 619 621 if (x86_family(bsp_cpuid_1_eax) >= 0x17) { 620 622 union cpuid_1_eax p_cid = ucode_rev_to_cpuid(p->patch_id); 621 623 union cpuid_1_eax n_cid = ucode_rev_to_cpuid(n->patch_id); 622 624 623 - /* Zap stepping */ 624 - p_cid.stepping = 0; 625 - n_cid.stepping = 0; 625 + if (ignore_stepping) { 626 + p_cid.stepping = 0; 627 + n_cid.stepping = 0; 628 + } 626 629 627 630 return p_cid.full == n_cid.full; 628 631 } else { ··· 647 644 WARN_ON_ONCE(!n.patch_id); 648 645 649 646 list_for_each_entry(p, &microcode_cache, plist) 650 - if (patch_cpus_equivalent(p, &n)) 647 + if (patch_cpus_equivalent(p, &n, false)) 651 648 return p; 652 649 653 650 return NULL; 654 651 } 655 652 656 - static inline bool patch_newer(struct ucode_patch *p, struct ucode_patch *n) 653 + static inline int patch_newer(struct ucode_patch *p, struct ucode_patch *n) 657 654 { 658 655 /* Zen and newer hardcode the f/m/s in the patch ID */ 659 656 if (x86_family(bsp_cpuid_1_eax) >= 0x17) { ··· 661 658 662 659 zp.ucode_rev = p->patch_id; 663 660 zn.ucode_rev = n->patch_id; 661 + 662 + if (zn.stepping != zp.stepping) 663 + return -1; 664 664 665 665 return zn.rev > zp.rev; 666 666 } else { ··· 674 668 static void update_cache(struct ucode_patch *new_patch) 675 669 { 676 670 struct ucode_patch *p; 671 + int ret; 677 672 678 673 list_for_each_entry(p, &microcode_cache, plist) { 679 - if (patch_cpus_equivalent(p, new_patch)) { 680 - if (!patch_newer(p, new_patch)) { 674 + if (patch_cpus_equivalent(p, new_patch, true)) { 675 + ret = patch_newer(p, new_patch); 676 + if (ret < 0) 677 + continue; 678 + else if (!ret) { 681 679 /* we already have the latest patch */ 682 680 kfree(new_patch->data); 683 681 kfree(new_patch); ··· 954 944 return UCODE_OK; 955 945 } 956 946 947 + static enum ucode_state _load_microcode_amd(u8 family, const u8 *data, size_t size) 948 + { 949 + enum ucode_state ret; 950 + 951 + /* free old equiv table */ 952 + free_equiv_cpu_table(); 953 + 954 + ret = __load_microcode_amd(family, data, size); 955 + if (ret != UCODE_OK) 956 + cleanup(); 957 + 958 + return ret; 959 + } 960 + 957 961 static enum ucode_state load_microcode_amd(u8 family, const u8 *data, size_t size) 958 962 { 959 963 struct cpuinfo_x86 *c; ··· 975 951 struct ucode_patch *p; 976 952 enum ucode_state ret; 977 953 978 - /* free old equiv table */ 979 - free_equiv_cpu_table(); 980 - 981 - ret = __load_microcode_amd(family, data, size); 982 - if (ret != UCODE_OK) { 983 - cleanup(); 954 + ret = _load_microcode_amd(family, data, size); 955 + if (ret != UCODE_OK) 984 956 return ret; 985 - } 986 957 987 958 for_each_node(nid) { 988 959 cpu = cpumask_first(cpumask_of_node(nid));
+2
arch/x86/virt/svm/sev.c
··· 173 173 e820__range_update(pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED); 174 174 e820__range_update_table(e820_table_kexec, pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED); 175 175 e820__range_update_table(e820_table_firmware, pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED); 176 + if (!memblock_is_region_reserved(pa, PMD_SIZE)) 177 + memblock_reserve(pa, PMD_SIZE); 176 178 } 177 179 } 178 180