On 13.12.19 14:40, Andrew Cooper wrote:
On 09/12/2019 21:49, Eslam Elnikety wrote:
+
+extern const char __builtin_intel_ucode_start[],
__builtin_intel_ucode_end[];
+extern const char __builtin_amd_ucode_start[],
__builtin_amd_ucode_end[];
+#endif
+
/* By default, ucode loading is done in NMI
On 17/12/2019 22:41, Eslam Elnikety wrote:
> On 13.12.19 14:57, Andrew Cooper wrote:
>> On 12/12/2019 22:13, Eslam Elnikety wrote:
> Second, there is often need to couple a Xen build with a minimum
> microcode patch level. Having the microcode built within the Xen
> image
> itself
On 13.12.19 14:57, Andrew Cooper wrote:
On 12/12/2019 22:13, Eslam Elnikety wrote:
Second, there is often need to couple a Xen build with a minimum
microcode patch level. Having the microcode built within the Xen image
itself is a streamlined, natural way of achieving that.
Okay, I can accept
> > For DRTM I don't think it makes much
> > difference, I believe the active microcode info is already part of the
> > measurement, so having it measured as part of the Xen blob doesn't add
> > anything.
>
> I couldn't possibly comment on timelines, but if I could, the answer
> might be "not for
On 13/12/2019 20:15, Tamas K Lengyel wrote:
>> There is also value when it comes to easier SRTM/DRTM measurements of
>> the system in question, including cases where Xen sits on a boot ROM
>> rather than on disk.
> We've explored that in the past - building things into Xen and Linux
> statically -
> There is also value when it comes to easier SRTM/DRTM measurements of
> the system in question, including cases where Xen sits on a boot ROM
> rather than on disk.
We've explored that in the past - building things into Xen and Linux
statically - and ultimately it only works if the command line
On 12/12/2019 22:13, Eslam Elnikety wrote:
>>> Second, there is often need to couple a Xen build with a minimum
>>> microcode patch level. Having the microcode built within the Xen image
>>> itself is a streamlined, natural way of achieving that.
>>
>> Okay, I can accept this as a reason, to some
On 09/12/2019 21:49, Eslam Elnikety wrote:
>>> +
>>> +extern const char __builtin_intel_ucode_start[],
>>> __builtin_intel_ucode_end[];
>>> +extern const char __builtin_amd_ucode_start[],
>>> __builtin_amd_ucode_end[];
>>> +#endif
>>> +
>>> /* By default, ucode loading is done in NMI handler */
On 12.12.2019 23:17, Eslam Elnikety wrote:
> On the "newest of everything": That's not what I intend to propose. The
> microcode provided via a scan (or for that matter) will always
> override the builtin microcode. The common case would be that the
> microcode provided via a scan (or ) is
On 11.12.19 10:54, Jan Beulich wrote:
On 11.12.2019 00:18, Eslam Elnikety wrote:
On 10.12.19 10:37, Jan Beulich wrote:
On 09.12.2019 09:41, Eslam Elnikety wrote:
--- a/docs/misc/xen-command-line.pandoc
+++ b/docs/misc/xen-command-line.pandoc
@@ -2113,7 +2113,7 @@ logic applies:
active
On 11.12.19 10:47, Jan Beulich wrote:
On 10.12.2019 23:40, Eslam Elnikety wrote:
On 10.12.19 10:21, Jan Beulich wrote:
On 09.12.2019 22:49, Eslam Elnikety wrote:
On 09.12.19 16:19, Andrew Cooper wrote:
On 09/12/2019 08:41, Eslam Elnikety wrote:
--- /dev/null
+++
On 11.12.2019 00:18, Eslam Elnikety wrote:
> On 10.12.19 10:37, Jan Beulich wrote:
>> On 09.12.2019 09:41, Eslam Elnikety wrote:
>>> --- a/docs/misc/xen-command-line.pandoc
>>> +++ b/docs/misc/xen-command-line.pandoc
>>> @@ -2113,7 +2113,7 @@ logic applies:
>>> active by default.
>>>
>>>
On 10.12.2019 23:40, Eslam Elnikety wrote:
> On 10.12.19 10:21, Jan Beulich wrote:
>> On 09.12.2019 22:49, Eslam Elnikety wrote:
>>> On 09.12.19 16:19, Andrew Cooper wrote:
On 09/12/2019 08:41, Eslam Elnikety wrote:
> --- /dev/null
> +++ b/xen/arch/x86/microcode/Makefile
> @@ -0,0
On 10.12.19 10:37, Jan Beulich wrote:
On 09.12.2019 09:41, Eslam Elnikety wrote:
--- a/docs/misc/xen-command-line.pandoc
+++ b/docs/misc/xen-command-line.pandoc
@@ -2113,7 +2113,7 @@ logic applies:
active by default.
### ucode (x86)
-> `= List of [ | scan=, nmi= ]`
+> `= List of [
On 10.12.19 10:21, Jan Beulich wrote:
On 09.12.2019 22:49, Eslam Elnikety wrote:
On 09.12.19 16:19, Andrew Cooper wrote:
On 09/12/2019 08:41, Eslam Elnikety wrote:
--- /dev/null
+++ b/xen/arch/x86/microcode/Makefile
@@ -0,0 +1,40 @@
+# Copyright (C) 2019 Amazon.com, Inc. or its affiliates.
+#
On 09.12.2019 09:41, Eslam Elnikety wrote:
> --- a/docs/misc/xen-command-line.pandoc
> +++ b/docs/misc/xen-command-line.pandoc
> @@ -2113,7 +2113,7 @@ logic applies:
> active by default.
>
> ### ucode (x86)
> -> `= List of [ | scan=, nmi= ]`
> +> `= List of [ | scan= | builtin=, nmi= ]`
On 09.12.2019 22:49, Eslam Elnikety wrote:
> On 09.12.19 16:19, Andrew Cooper wrote:
>> On 09/12/2019 08:41, Eslam Elnikety wrote:
>>> --- /dev/null
>>> +++ b/xen/arch/x86/microcode/Makefile
>>> @@ -0,0 +1,40 @@
>>> +# Copyright (C) 2019 Amazon.com, Inc. or its affiliates.
>>> +# Author: Eslam
On 09.12.19 16:19, Andrew Cooper wrote:
On 09/12/2019 08:41, Eslam Elnikety wrote:
diff --git a/docs/misc/builtin-ucode.txt b/docs/misc/builtin-ucode.txt
new file mode 100644
index 00..43bb60d3eb
Instead of introducing a new file, please extend
docs/admin-guide/microcode-loading.rst
On 09/12/2019 08:41, Eslam Elnikety wrote:
> diff --git a/docs/misc/builtin-ucode.txt b/docs/misc/builtin-ucode.txt
> new file mode 100644
> index 00..43bb60d3eb
Instead of introducing a new file, please extend
docs/admin-guide/microcode-loading.rst
I have an in-prep
Xen relies on boot modules to perform early microcode updates. This commit adds
another mode, namely "builtin" via the BUILTIN_UCODE config parameter. If set,
the Xen image itself will contain the microcode updates. Upon boot, Xen
inspects its image for microcode blobs and performs the update.
A
20 matches
Mail list logo
