[PATCH v2 0/4] Prevent attempting updates known to fail

[Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>]

  [This series spun out of a previous patch with the same name, with this
   series adding more related enhancements. Kept as v2 to preserve the
   linkage with previous suggestions.]

v2:
  * Removed a redundant check
  * Ignore microcode interface if the revision is -1
  * Perform the DIS_MCU_LOAD checks during init rather than apply time


Under certain conditions a CPU may not be able to perform microcode updates
even if hardware exists to that effect. In particular:

 * If Xen runs under certain hypervisors they won't allow microcode
   updates, and will signal this fact by reporting a microcode revision of
   -1.
 * If the DIS_MCU_LOAD bit is set, which is expected in some baremetal
   clouds where the owner may not trust the tenant, then the CPU is not
   capable of loading new microcode.

This series adds logic so that in both of these cases we don't needlessly
attempt updates that are not going to succeed. Patch summary:

Patch 1 removes a redundant family check in the Intel init path.

Patch 2 moves an early read of MSR_ARCH_CAPS from tsx_init() back to
        immediately after the early microcode load.

Patch 3 Recognizes microcode revision of -1 as a hint meaning "don't use the
        microcode interface".

Patch 4 Adds support for DIS_MCU_LOAD during init time.

Alejandro Vallejo (4):
  x86/microcode: Remove Intel's family check on early_microcode_init()
  x86: Read MSR_ARCH_CAPS after early_microcode_init()
  x86/microcode: Ignore microcode loading interface for revision = -1
  x86/microcode: Prevent attempting updates if DIS_MCU_LOAD is set

 xen/arch/x86/cpu/microcode/core.c     | 79 +++++++++++++++++++++++++--
 xen/arch/x86/include/asm/cpufeature.h |  1 +
 xen/arch/x86/include/asm/msr-index.h  |  5 ++
 xen/arch/x86/tsx.c                    | 15 +----
 4 files changed, 82 insertions(+), 18 deletions(-)

-- 
2.34.1