[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen staging] x86/amd: Stop updating the Zenbleed mitigation dynamically

commit 5cd1ac15756ed7d9175685a3d16fc23fc86b3db4
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Nov 25 17:09:48 2025 +0000
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Thu Nov 27 18:22:20 2025 +0000

    x86/amd: Stop updating the Zenbleed mitigation dynamically
    
    This was potentially helpful when the chickenbit was the only mitigation and
    microcode had not been released, but that was two years ago.
    
    Zenbleed microcode has been avaialble since December 2023, and the 
subsequent
    Entrysign signature vulnerability means that firmware updates block 
OS-loading
    and more OS-loadable microcode will be produced for Zen2.
    
    i.e. the Zenbleed fix is not going to appear at runtime these days.
    
    No practical change.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
---
 xen/arch/x86/cpu/amd.c               | 2 +-
 xen/arch/x86/cpu/microcode/amd.c     | 2 --
 xen/arch/x86/include/asm/processor.h | 2 --
 3 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/xen/arch/x86/cpu/amd.c b/xen/arch/x86/cpu/amd.c
index 9b02e1ba67..f7c23c3291 100644
--- a/xen/arch/x86/cpu/amd.c
+++ b/xen/arch/x86/cpu/amd.c
@@ -979,7 +979,7 @@ void __init detect_zen2_null_seg_behaviour(void)
 
 }
 
-void amd_check_zenbleed(void)
+static void amd_check_zenbleed(void)
 {
        const struct cpu_signature *sig = &this_cpu(cpu_sig);
        unsigned int good_rev;
diff --git a/xen/arch/x86/cpu/microcode/amd.c b/xen/arch/x86/cpu/microcode/amd.c
index 4a7573c885..e7ae1e8023 100644
--- a/xen/arch/x86/cpu/microcode/amd.c
+++ b/xen/arch/x86/cpu/microcode/amd.c
@@ -380,8 +380,6 @@ static int cf_check apply_microcode(const struct 
microcode_patch *patch,
            "microcode: CPU%u updated from revision %#x to %#x, date = 
%04x-%02x-%02x\n",
            cpu, old_rev, rev, patch->year, patch->month, patch->day);
 
-    amd_check_zenbleed();
-
     return 0;
 }
 
diff --git a/xen/arch/x86/include/asm/processor.h 
b/xen/arch/x86/include/asm/processor.h
index 1342241742..2e087c6257 100644
--- a/xen/arch/x86/include/asm/processor.h
+++ b/xen/arch/x86/include/asm/processor.h
@@ -435,8 +435,6 @@ enum ap_boot_method {
 };
 extern enum ap_boot_method ap_boot_method;
 
-void amd_check_zenbleed(void);
-
 #endif /* !__ASSEMBLY__ */
 
 #endif /* __ASM_X86_PROCESSOR_H */
--
generated by git-patchbot for /home/xen/git/xen.git#staging

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.