Xen project Mailing List

Re: [Xen-devel] [PATCH] microcode: Scan the multiboot payloads for cpio format microcode blob. (v3.3)

To: Konrad Rzeszutek Wilk <konrad@xxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, <david.vrabel@xxxxxxxxxx>, <JBeulich@xxxxxxxx>

From: Keir Fraser <keir.xen@xxxxxxxxx>

Date: Fri, 27 Sep 2013 06:31:55 +0100

Delivery-date: Fri, 27 Sep 2013 05:32:36 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: Ac67QuCO3QLVFxw6h0ykWp5OurFnwQ==

Thread-topic: [PATCH] microcode: Scan the multiboot payloads for cpio format microcode blob. (v3.3)

Acked-by: Keir Fraser <keir@xxxxxxx> On 27/09/2013 02:09, "Konrad Rzeszutek Wilk" <konrad@xxxxxxxxxx> wrote: > <blurb from v1>: > Please see the following patch which implements a mechanism to scan > the initramfs for the format of an microcode files. This is a feature > that the Linux kernel has since v3.10 - where it searches in the > initramfs for an archive of the microcode blob. The format is documented > in the Linux tree and the commit description contains it. > > The tool to make this work is the initramfs creator. The one tool > 'dracut' has support for this via the '--early-microcode' parameter. > (See http://news.gmane.org/gmane.linux.kernel.initramfs for dracut 030 > announcement)) > > That, along with this patch, allows the Xen hypervisor to update the > microcode during bootup. Please review attached patch. > > I had also tested just using Linux how well it deals with an initramfs > composed of two cpio images. Testing revealed that it worked great > even if the kernel did not have the early cpio support build in. > David Vrabel pointed out that it b/c: > "The kernel unpacks all cpio archives it finds in the initramfs image so > the kernel doesn't have to be aware of the way tools have packed the > filesystem into different cpio archive." > > The way to use this is by the 'ucode' parameter. It has now two meanings: > [<index>|initrd] > > Which CANNOT be used together. By default this auto scanning is turned off > as Jan pointed out that: "Xen otoh has to be careful not to > mis-interpret a blob passed to a non-Linux Dom0 as a CPIO. How > good the guarding against this is in the code I'll have to check". > > The author would like to have this on by default but that can wait > till a later time when maintainer is comfortable with this being > on by default. > </blurb from v1> > > There is also the question whether the parameter should be 'cpio','initrd' > or 'scan'. As in the future the extraction of the payload could be from > a different format than the cpio (say a microcode blob with an magic > string at the start). The author believes that at that time the logic > to scan the mulitboot payloads can be expanded to also scan formats other > than cpio format. Jan (who initially raised this question) in the last review > did not comment on the choice so I think it is left to Keir (if he cares about > the distinction). > > Please apply! > > docs/misc/xen-command-line.markdown | 14 ++- > xen/arch/x86/microcode.c | 175 +++++++++++++++++++++++++++++++--- > xen/common/Makefile | 2 +- > xen/common/earlycpio.c | 151 ++++++++++++++++++++++++++++++ > xen/include/xen/earlycpio.h | 14 +++ > 5 files changed, 336 insertions(+), 20 deletions(-) > > Konrad Rzeszutek Wilk (2): > microcode: Scan the initramfs payload for microcode blob. > microcode: Check whether the microcode is correct. > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.