From: Jim Mattson <jmattson@google.com>
To: Borislav Petkov <bp@alien8.de>
Cc: dave.hansen@intel.com, linux-kernel@vger.kernel.org,
stable@kernel.org, x86@kernel.org
Subject: Re: [PATCH 1/2] x86/microcode/AMD: Load late on both threads too
Date: Wed, 16 Aug 2023 15:37:20 -0700 [thread overview]
Message-ID: <CALMp9eSbdLuUr9ZvHOA5=vvvA58S5j+cePNKxbx1RxEprRMLZQ@mail.gmail.com> (raw)
In-Reply-To: <20230816215854.GWZN1GniMWRL0GnyVh@fat_crate.local>
On Wed, Aug 16, 2023 at 2:59 PM Borislav Petkov <bp@alien8.de> wrote:
>
> On Wed, Aug 16, 2023 at 02:36:57PM -0700, Jim Mattson wrote:
> > Doesn't this render that attestation misleading, since the microcode
> > patch may not have been loaded on all logical processors?
>
> For that it doesn't matter because the microcode engine is shared
> between the two threads. The updated microcode revision is shown on any
> of the two threads so you can load on one only. And we did this for
> years.
>
> Only recently we started loading on both and we will be doing that from
> now on.
SEV-SNP is supposed to protect the guest from a malicious host. A
malicious host may not load the microcode update on both threads. As a
result, it gives me some concern when I see something like this
(https://lore.kernel.org/lkml/20230808190239.131508-1-john.allen@amd.com/):
+NOTE: For Genoa (Family=0x19 Model=0x11) and Bergamo (Family=0x19 Model=0xa0),
+either AGESA version >= 1.0.0.8 OR a kernel with the following commit is
+required:
+a32b0f0db3f3 ("x86/microcode/AMD: Load late on both threads too")
It seems problematic if the guest can't tell from the attestation
whether or not the identified microcode revision has been correctly
applied.
> What could be problematic is if it simply fails loading on some cores
> - regardless of SMT - but that would be problematic not only to SEV-SNP
> attestation but to the general system health. tglx has some patches
> which verify what has been successfully loaded where so hopefully we'll
> be verifying more in that area.
I had assumed that the SEV-SNP microcode revision attestation was for
all logical processors on the host. Are you saying that it is not?
next prev parent reply other threads:[~2023-08-16 22:38 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-05 14:13 [PATCH 1/2] x86/microcode/AMD: Load late on both threads too Borislav Petkov
2023-06-05 14:13 ` [PATCH 2/2] x86/microcode: Add a "microcode=" command line option Borislav Petkov
2023-06-08 1:55 ` Ashok Raj
2023-06-09 12:28 ` Borislav Petkov
2023-06-09 15:37 ` Ashok Raj
2023-06-12 9:06 ` Borislav Petkov
2023-06-12 9:20 ` [tip: x86/microcode] " tip-bot2 for Borislav Petkov (AMD)
2023-06-12 15:26 ` [PATCH 2/2] " Thomas Gleixner
2023-06-12 15:42 ` Borislav Petkov
2023-06-12 16:04 ` Borislav Petkov
2023-06-12 17:23 ` Thomas Gleixner
2023-06-13 8:32 ` Borislav Petkov
2023-06-07 19:36 ` [PATCH 1/2] x86/microcode/AMD: Load late on both threads too Dave Hansen
2023-06-07 20:03 ` Borislav Petkov
2023-06-07 20:15 ` Dave Hansen
2023-08-16 20:17 ` Jim Mattson
2023-08-16 21:18 ` Borislav Petkov
2023-08-16 21:23 ` Jim Mattson
2023-08-16 21:30 ` Borislav Petkov
2023-08-16 21:36 ` Jim Mattson
2023-08-16 21:58 ` Borislav Petkov
2023-08-16 22:37 ` Jim Mattson [this message]
2023-08-17 15:40 ` Borislav Petkov
2023-08-17 18:02 ` Peter Shier
2023-08-18 8:43 ` Borislav Petkov
2023-06-12 9:20 ` [tip: x86/microcode] " tip-bot2 for Borislav Petkov (AMD)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALMp9eSbdLuUr9ZvHOA5=vvvA58S5j+cePNKxbx1RxEprRMLZQ@mail.gmail.com' \
--to=jmattson@google.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).