[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] misc/xenmicrocode: Upload /lib/firmware/<some blob> to the hypervisor

On 27/01/2015 23:17, Borislav Petkov wrote:
> On Tue, Jan 27, 2015 at 10:26:00PM +0000, Andrew Cooper wrote:
>> I am not convinced of the safely of permitting microcode updates at
>> runtime.  We have seen in the past that having mismatched microcode on
>> different halfs of an AMD cluster causes system crashes when non-root
> What kind of CPU mix are we talking about here?
> And how is microcode on those machines supposed to be updated,
> regardless of OS, i.e. how does the platform vendor do those updates?

There was a thread on xen-devel but I cant currently find it in the

To the best of my memory,  it was a 4 core APU system where the BIOS had
updated the microcode on cpu 0 but left 1-3 at a lower patch level. 
Every time the reporter tried creating an HVM guest (i.e. entering SVM
non-root mode), the system reset.

The instability was sorted by ensuring each core was at the same
microcode level.

As Xen updates microcode one cpu at a time from 0, it could easily
create a similar situation if microcode is updated after VMs have been
started.  Come to think of it, this is also an impending problem for PVH
dom0 systems.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.