From patchwork Fri Dec 16 07:28:46 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?SsO8cmdlbiBHcm/Dnw==?= X-Patchwork-Id: 88266 Delivered-To: patch@linaro.org Received: by 10.140.20.101 with SMTP id 92csp1251396qgi; Thu, 15 Dec 2016 23:29:12 -0800 (PST) X-Received: by 10.99.109.6 with SMTP id i6mr3095638pgc.139.1481873352066; Thu, 15 Dec 2016 23:29:12 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n14si6411077pfb.155.2016.12.15.23.29.11; Thu, 15 Dec 2016 23:29:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1759377AbcLPH26 (ORCPT + 25 others); Fri, 16 Dec 2016 02:28:58 -0500 Received: from mx2.suse.de ([195.135.220.15]:50691 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753341AbcLPH2t (ORCPT ); Fri, 16 Dec 2016 02:28:49 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id F4204AAC8; Fri, 16 Dec 2016 07:28:47 +0000 (UTC) Subject: Re: Can't boot as Xen dom0 due to commit fe055896 To: Borislav Petkov , Boris Ostrovsky References: <73a4d64b-b139-6579-a560-92311641d6c7@suse.com> <20161215164635.thm7ruio2ddnxszw@pd.tnic> <20161215171755.xpfuax7a6q3jofet@pd.tnic> <20161215173609.ornfok6lk5oro2pj@pd.tnic> Cc: Linux Kernel Mailing List , xen-devel From: Juergen Gross Message-ID: Date: Fri, 16 Dec 2016 08:28:46 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: <20161215173609.ornfok6lk5oro2pj@pd.tnic> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 15/12/16 18:36, Borislav Petkov wrote: > On Thu, Dec 15, 2016 at 12:27:49PM -0500, Boris Ostrovsky wrote: >> It will probably fix it but I don't think we want this: it's a >> build-time solution. Most kernels have XEN on even though they are >> booted bare-metal. > > Lemme tell you want I want: a way to detect I'm running on xen. Does > CPUID(4) work really early, at load_ucode_bsp() time? > > IOW, can I use some of the functionality hypervisor_cpuid_base() uses to > detect xen and stop loading any further? What you really need is to avoid being called on a Xen pv guest. And this is easy by using xen_domain(). Not trying to load ucode in _any_ guest is an optimization only. The attached patch works for me in dom0, bare metal and Xen HVM guest. Juergen Tested-by: Juergen Gross Acked-by: Juergen Gross >From 0b56d1f86679c5dc435ab6d96eb2f68b666271bb Mon Sep 17 00:00:00 2001 From: Juergen Gross Date: Fri, 16 Dec 2016 07:18:34 +0100 Subject: [PATCH] x86/microcode: don't try to load microcode when running as a xen pv guest As a Xen pv guest some mechanisms to do microcode loading or verification might not work. As the hypervisor is responsible for loading the microcode just skip microcode loading in case of running under Xen. Signed-off-by: Juergen Gross --- arch/x86/kernel/cpu/microcode/core.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c index 6996413..8dfc8bd 100644 --- a/arch/x86/kernel/cpu/microcode/core.c +++ b/arch/x86/kernel/cpu/microcode/core.c @@ -32,6 +32,8 @@ #include #include +#include + #include #include #include @@ -91,6 +93,9 @@ static bool __init check_loader_disabled_bsp(void) if (cmdline_find_option_bool(cmdline, option)) *res = true; + if (xen_domain()) + *res = true; + return *res; } @@ -143,6 +148,9 @@ void __init load_ucode_bsp(void) static bool check_loader_disabled_ap(void) { + if (xen_domain()) + return true; + #ifdef CONFIG_X86_32 return *((bool *)__pa_nodebug(&dis_ucode_ldr)); #else -- 2.10.2