| Message ID | 20200601134025.24142-1-andrew.cooper3@citrix.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [for-4.14] docs/ucode: Extend runtime microcode loading documentation | expand |
> -----Original Message----- > From: Andrew Cooper <andrew.cooper3@citrix.com> > Sent: 01 June 2020 14:40 > To: Xen-devel <xen-devel@lists.xenproject.org> > Cc: Andrew Cooper <andrew.cooper3@citrix.com>; George Dunlap <George.Dunlap@eu.citrix.com>; Ian > Jackson <ian.jackson@citrix.com>; Jan Beulich <JBeulich@suse.com>; Konrad Rzeszutek Wilk > <konrad.wilk@oracle.com>; Stefano Stabellini <sstabellini@kernel.org>; Wei Liu <wl@xen.org>; Julien > Grall <julien@xen.org>; Paul Durrant <paul@xen.org> > Subject: [PATCH for-4.14] docs/ucode: Extend runtime microcode loading documentation > > Extend the disclaimer about runtime loading. While we've done our best to > make the mechaism reliable, the safety of late loading does ultimately depend > on the contents of the blobs. > > Extend the xen-ucode portion with examples of how to use it. > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> > --- > CC: George Dunlap <George.Dunlap@eu.citrix.com> > CC: Ian Jackson <ian.jackson@citrix.com> > CC: Jan Beulich <JBeulich@suse.com> > CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > CC: Stefano Stabellini <sstabellini@kernel.org> > CC: Wei Liu <wl@xen.org> > CC: Julien Grall <julien@xen.org> > CC: Paul Durrant <paul@xen.org> > --- > docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++--- > 1 file changed, 19 insertions(+), 3 deletions(-) > > diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst > index 5f0f661a2e..8cd5d0351b 100644 > --- a/docs/admin-guide/microcode-loading.rst > +++ b/docs/admin-guide/microcode-loading.rst > @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable > file. Xen will stop searching at the first match. > > > -Run time microcode loading > --------------------------- > +Runtime microcode loading > +------------------------- > > .. warning:: > > @@ -113,7 +113,23 @@ Run time microcode loading > or at boot time. Not all microcode updates (or parts thereof) can be > applied at runtime. > > -The ``xen-ucode`` utility can be used to initiate a runtime microcode load. > + Given the proprietry nature of microcode, we are unable to make any claim s/proprietry/proprietary with that fixed this is... Release-acked-by: Paul Durrant <paul@xen.org> > + that a runtime microcode is risk-free. Any runtime microcode loading needs > + adequate testing on a dev instance before being rolled out to production > + systems. > + > +The ``xen-ucode`` utility can be used to initiate a runtime microcode load:: > + > + [root@host ~]# xen-ucode > + xen-ucode: Xen microcode updating tool > + Usage: xen-ucode <microcode blob> > + [root@host ~]# > + > +e.g. With a Linux dom0 on a Haswell system:: > + > + [root@host ~]# xen-ucode /lib/firmware/intel-ucode/06-3c-03 > + [root@host ~]# > + > It will pass the blob to Xen, which will check to see whether the blob is > correct for the processor, and newer than the running microcode. > > -- > 2.11.0
On Mon, Jun 01, 2020 at 02:40:25PM +0100, Andrew Cooper wrote: > Extend the disclaimer about runtime loading. While we've done our best to > make the mechaism reliable, the safety of late loading does ultimately depend > on the contents of the blobs. > > Extend the xen-ucode portion with examples of how to use it. > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Roger Pau Monné <roger.pau@citrix.com> > --- > CC: George Dunlap <George.Dunlap@eu.citrix.com> > CC: Ian Jackson <ian.jackson@citrix.com> > CC: Jan Beulich <JBeulich@suse.com> > CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > CC: Stefano Stabellini <sstabellini@kernel.org> > CC: Wei Liu <wl@xen.org> > CC: Julien Grall <julien@xen.org> > CC: Paul Durrant <paul@xen.org> > --- > docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++--- > 1 file changed, 19 insertions(+), 3 deletions(-) > > diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst > index 5f0f661a2e..8cd5d0351b 100644 > --- a/docs/admin-guide/microcode-loading.rst > +++ b/docs/admin-guide/microcode-loading.rst > @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable > file. Xen will stop searching at the first match. > > > -Run time microcode loading > --------------------------- > +Runtime microcode loading > +------------------------- > > .. warning:: > > @@ -113,7 +113,23 @@ Run time microcode loading > or at boot time. Not all microcode updates (or parts thereof) can be > applied at runtime. > > -The ``xen-ucode`` utility can be used to initiate a runtime microcode load. > + Given the proprietry nature of microcode, we are unable to make any claim > + that a runtime microcode is risk-free. Any runtime microcode loading needs > + adequate testing on a dev instance before being rolled out to production > + systems. > + > +The ``xen-ucode`` utility can be used to initiate a runtime microcode load:: > + > + [root@host ~]# xen-ucode > + xen-ucode: Xen microcode updating tool > + Usage: xen-ucode <microcode blob> > + [root@host ~]# > + > +e.g. With a Linux dom0 on a Haswell system:: > + > + [root@host ~]# xen-ucode /lib/firmware/intel-ucode/06-3c-03 Could you expand a bit on the nomenclature used here? I assume it's something like <fam>-<model>-<version> but might be good to provide people a hint to know how to find the appropriate blob for their system if possible. Thanks, Roger.
On 01/06/2020 17:51, Roger Pau Monné wrote: > > On Mon, Jun 01, 2020 at 02:40:25PM +0100, Andrew Cooper wrote: >> Extend the disclaimer about runtime loading. While we've done our best to >> make the mechaism reliable, the safety of late loading does ultimately depend >> on the contents of the blobs. >> >> Extend the xen-ucode portion with examples of how to use it. >> >> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> > Reviewed-by: Roger Pau Monné <roger.pau@citrix.com> Thanks, > >> --- >> CC: George Dunlap <George.Dunlap@eu.citrix.com> >> CC: Ian Jackson <ian.jackson@citrix.com> >> CC: Jan Beulich <JBeulich@suse.com> >> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> >> CC: Stefano Stabellini <sstabellini@kernel.org> >> CC: Wei Liu <wl@xen.org> >> CC: Julien Grall <julien@xen.org> >> CC: Paul Durrant <paul@xen.org> >> --- >> docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++--- >> 1 file changed, 19 insertions(+), 3 deletions(-) >> >> diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst >> index 5f0f661a2e..8cd5d0351b 100644 >> --- a/docs/admin-guide/microcode-loading.rst >> +++ b/docs/admin-guide/microcode-loading.rst >> @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable >> file. Xen will stop searching at the first match. >> >> >> -Run time microcode loading >> --------------------------- >> +Runtime microcode loading >> +------------------------- >> >> .. warning:: >> >> @@ -113,7 +113,23 @@ Run time microcode loading >> or at boot time. Not all microcode updates (or parts thereof) can be >> applied at runtime. >> >> -The ``xen-ucode`` utility can be used to initiate a runtime microcode load. >> + Given the proprietry nature of microcode, we are unable to make any claim >> + that a runtime microcode is risk-free. Any runtime microcode loading needs >> + adequate testing on a dev instance before being rolled out to production >> + systems. >> + >> +The ``xen-ucode`` utility can be used to initiate a runtime microcode load:: >> + >> + [root@host ~]# xen-ucode >> + xen-ucode: Xen microcode updating tool >> + Usage: xen-ucode <microcode blob> >> + [root@host ~]# >> + >> +e.g. With a Linux dom0 on a Haswell system:: >> + >> + [root@host ~]# xen-ucode /lib/firmware/intel-ucode/06-3c-03 > Could you expand a bit on the nomenclature used here? > > I assume it's something like <fam>-<model>-<version> but might be good > to provide people a hint to know how to find the appropriate blob for > their system if possible. It is $FAMILY-$MODEL-$STEPPING. Currently only a single version of each microcode is installed at once by the microcode_ctl package. However, its infeasible to cater to all setup's/situations here. Within linux, you could clone https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/ or use the slightly older single monolithic microcode.dat. And that is before you start considering non-Intel systems, or other ways of packaging microcode. I'm open to suggestions for how to make this clearer, but we definitely can't do an exhaustive list of places you might find microcode. ~Andrew
On 01.06.2020 15:40, Andrew Cooper wrote: > Extend the disclaimer about runtime loading. While we've done our best to > make the mechaism reliable, the safety of late loading does ultimately depend > on the contents of the blobs. > > Extend the xen-ucode portion with examples of how to use it. > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> > --- > CC: George Dunlap <George.Dunlap@eu.citrix.com> > CC: Ian Jackson <ian.jackson@citrix.com> > CC: Jan Beulich <JBeulich@suse.com> > CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > CC: Stefano Stabellini <sstabellini@kernel.org> > CC: Wei Liu <wl@xen.org> > CC: Julien Grall <julien@xen.org> > CC: Paul Durrant <paul@xen.org> > --- > docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++--- > 1 file changed, 19 insertions(+), 3 deletions(-) > > diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst > index 5f0f661a2e..8cd5d0351b 100644 > --- a/docs/admin-guide/microcode-loading.rst > +++ b/docs/admin-guide/microcode-loading.rst > @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable > file. Xen will stop searching at the first match. > > > -Run time microcode loading > --------------------------- > +Runtime microcode loading > +------------------------- > > .. warning:: > > @@ -113,7 +113,23 @@ Run time microcode loading > or at boot time. Not all microcode updates (or parts thereof) can be > applied at runtime. > > -The ``xen-ucode`` utility can be used to initiate a runtime microcode load. > + Given the proprietry nature of microcode, we are unable to make any claim > + that a runtime microcode is risk-free. Any runtime microcode loading needs "that runtime microcode loading is risk-free" (or some such, including the word "load")? Then Reviewed-by: Jan Beulich <jbeulich@suse.com> Jan
diff --git a/docs/admin-guide/microcode-loading.rst b/docs/admin-guide/microcode-loading.rst index 5f0f661a2e..8cd5d0351b 100644 --- a/docs/admin-guide/microcode-loading.rst +++ b/docs/admin-guide/microcode-loading.rst @@ -104,8 +104,8 @@ modules to find any CPIO archives, and search the archive for the applicable file. Xen will stop searching at the first match. -Run time microcode loading --------------------------- +Runtime microcode loading +------------------------- .. warning:: @@ -113,7 +113,23 @@ Run time microcode loading or at boot time. Not all microcode updates (or parts thereof) can be applied at runtime. -The ``xen-ucode`` utility can be used to initiate a runtime microcode load. + Given the proprietry nature of microcode, we are unable to make any claim + that a runtime microcode is risk-free. Any runtime microcode loading needs + adequate testing on a dev instance before being rolled out to production + systems. + +The ``xen-ucode`` utility can be used to initiate a runtime microcode load:: + + [root@host ~]# xen-ucode + xen-ucode: Xen microcode updating tool + Usage: xen-ucode <microcode blob> + [root@host ~]# + +e.g. With a Linux dom0 on a Haswell system:: + + [root@host ~]# xen-ucode /lib/firmware/intel-ucode/06-3c-03 + [root@host ~]# + It will pass the blob to Xen, which will check to see whether the blob is correct for the processor, and newer than the running microcode.
Extend the disclaimer about runtime loading. While we've done our best to make the mechaism reliable, the safety of late loading does ultimately depend on the contents of the blobs. Extend the xen-ucode portion with examples of how to use it. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> --- CC: George Dunlap <George.Dunlap@eu.citrix.com> CC: Ian Jackson <ian.jackson@citrix.com> CC: Jan Beulich <JBeulich@suse.com> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> CC: Stefano Stabellini <sstabellini@kernel.org> CC: Wei Liu <wl@xen.org> CC: Julien Grall <julien@xen.org> CC: Paul Durrant <paul@xen.org> --- docs/admin-guide/microcode-loading.rst | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-)