[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH V2] x86, amd_ucode: Safeguard against #GP
On 06/02/2014 03:31 AM, Jan Beulich wrote: On 30.05.14 at 18:21, <andrew.cooper3@xxxxxxxxxx> wrote:The unhandled #GP fault certainly should be wrapped with wrmsr_safe(), and an error/warning presented to the user. In the case that a bad ucode is discovered, it should be discarded and the server allowed to boot. It is substantially more useful for the server to come up and say "I couldn't load that bit of microcode you wanted me to", than to sit in a reboot loop because you made a typo in the bootloader config, and have to get someone in the datacenter to poke the physical server.But this isn't due to a typo somewhere, but due to a corrupted microcode blob. Right, but the argument that we don't want to be stuck in the reboot loop still holds. Besides that no matter which BKDG I look at, I can't seem to find any indication of there being room for a #GP here if the MSR itself is implemented. While I don't question its presence in reality, I'd prefer if this was documented properly for a patch to recover from it to go in. Unfortunately the whole microcode patching procedure is, to put it mildly, not well documented, particularly the #GP part. We had an email exchange with an AMD HW architect and he confirmed that corrupted patch results in #GP. -boris _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |