[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 4/4] x86/ucode: Add Kconfig option to remove microcode loading

To: Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Tue, 13 Jan 2026 16:47:00 +0000
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kIG4mSMbZSnCptsDEr0hozuhM7aJ3MO1bArNE8P9lVM=; b=FqghGb+ryAxHiamrQIny8xzFXwF4g/L3e3LzPE1UQ2vcj09s8tAGT4EGqXDLqupu6DpYnfHX+Xyw6pDZgyVhGb1Ud7I8BDLYAS8APgKcBP/cTT2jdsXKMWJdxxD8LjhO6Q3IrToM30gILjgKmdklCGSdHPbFESWcWpokldFVE/y5MrCq1Ukkb3rNxkkH/Q125zYyfd6DPVHD+iLV9QknOL1mAQ814rvJW1aQQIL0kFqy4whmlbdDDLzm1ebk60hfDn+Fip3OTKwVo815UUmGehaof/+NJ6c0iqFUWIp+NtjUPypysMnT+5AnFvbBoZdILSl+Yv1x5dcxF1sUbYREXw==
Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=FtFKjAXp9GQ2kgfrjc+EvbcwqMWEtQNVcL9mnHlvswQmNiwUcmmOEIFFXWF5DXUG6Jr16BTQiwk1ywY2wq5ufQn0wzlKOquqWtz3WhnZhjPwGL7wmRxdsO8GgIgBp6GLhti1SXzj8Qh0vzypPYAK12dZ5B34WFB9u5Ic+ouNj//ZUX7TYV65ysgM2utG+pp/GNM+UHifoYl+65w2I6Tw7CdJFxwAZTXYf4K9zUPR53sf7GykwkHX6p8N2Cobo0LisNCetPzOUth1fQjc6vsSBKJaassbLmWfEQAm2eM4JOWt9H+M1JR9coywm1ZlfLhuRPBlvlciu/FgWuJOulNLcQ==
Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 13 Jan 2026 16:47:16 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 13/01/2026 4:12 pm, Alejandro Vallejo wrote:
>>> --- a/xen/arch/x86/cpu/microcode/intel.c
>>> +++ b/xen/arch/x86/cpu/microcode/intel.c
>>> @@ -408,17 +408,20 @@ static const char __initconst intel_cpio_path[] =
>>>      "kernel/x86/microcode/GenuineIntel.bin";
>>>  
>>>  static const struct microcode_ops __initconst_cf_clobber intel_ucode_ops = 
>>> {
>>> -    .cpu_request_microcode            = cpu_request_microcode,
>>> +    .cpu_request_microcode            = 
>>> MICROCODE_OP(cpu_request_microcode),
>>>      .collect_cpu_info                 = collect_cpu_info,
>>> -    .apply_microcode                  = apply_microcode,
>>> -    .compare                          = intel_compare,
>>> -    .cpio_path                        = intel_cpio_path,
>>> +    .apply_microcode                  = MICROCODE_OP(apply_microcode),
>>> +    .compare                          = MICROCODE_OP(intel_compare),
>>> +    .cpio_path                        = MICROCODE_OP(intel_cpio_path),
>>>  };
>> While I appreciate the intention with MICROCODE_OP(), I'm not really happy
>> with function pointer members left in place just for them to be NULL
>> everywhere. What if a call site remains unguarded? With PV guests that
>> would be a privilege escalation XSA.
> I see where you're coming from, but these are already NULL if microcode
> loading is not exposed by the underlying hypervisor (if any), or is blocked by
> hardware in Intel, so arguably that worry is orthogonal to this.

Also because they're cf_clobber, the calls are turned into UDs.  We
won't follow a function pointer to 0.

~Andrew

Follow-Ups:
- Re: [PATCH v3 4/4] x86/ucode: Add Kconfig option to remove microcode loading
  - From: Jan Beulich

References:
- [PATCH v3 0/4] Add Kconfig option to remove microcode loading support
  - From: Alejandro Vallejo
- [PATCH v3 4/4] x86/ucode: Add Kconfig option to remove microcode loading
  - From: Alejandro Vallejo
- Re: [PATCH v3 4/4] x86/ucode: Add Kconfig option to remove microcode loading
  - From: Jan Beulich
- Re: [PATCH v3 4/4] x86/ucode: Add Kconfig option to remove microcode loading
  - From: Alejandro Vallejo

Prev by Date: Re: [PATCH v1 12/15] xen/riscv: introduce sbi_set_timer()
Next by Date: Re: [PATCH v1 13/15] xen/riscv: implement reprogram_timer() using SBI
Previous by thread: Re: [PATCH v3 4/4] x86/ucode: Add Kconfig option to remove microcode loading
Next by thread: Re: [PATCH v3 4/4] x86/ucode: Add Kconfig option to remove microcode loading
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.