From 309a506f88c18e1b7b2a46e46d9575d1b1e987f9 Mon Sep 17 00:00:00 2001 From: Borislav Petkov Date: Wed, 25 May 2022 18:12:31 +0200 Subject: [PATCH] x86/microcode: Taint and warn on late loading mainline inclusion from mainline-v5.19-rc1 commit d23d33ea0fcdc4bbb484990bf53867f99c63ccab category: feature feature: Backport Intel In Field Scan(IFS) multi-blob images support bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I6L337 CVE: N/A Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ commit/?id=d23d33ea0fcdc4bbb484990bf53867f99c63ccab Intel-SIG: commit d23d33ea0fcd ("x86/microcode: Taint and warn on late loading") ------------------------------------- x86/microcode: Taint and warn on late loading Warn before it is attempted and taint the kernel. Late loading microcode can lead to malfunction of the kernel when the microcode update changes behaviour. There is no way for the kernel to determine whether its safe or not. Signed-off-by: Borislav Petkov Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/r/20220525161232.14924-4-bp@alien8.de Signed-off-by: Aichun Shi --- arch/x86/kernel/cpu/microcode/core.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c index e9398f01c3ba..51099f4a0e98 100644 --- a/arch/x86/kernel/cpu/microcode/core.c +++ b/arch/x86/kernel/cpu/microcode/core.c @@ -510,6 +510,9 @@ static int microcode_reload_late(void) { int ret; + pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n"); + pr_err("You should switch to early loading, if possible.\n"); + atomic_set(&late_cpus_in, 0); atomic_set(&late_cpus_out, 0); @@ -558,6 +561,8 @@ static ssize_t reload_store(struct device *dev, if (ret == 0) ret = size; + add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK); + return ret; } -- GitLab