[Bug 1765040] [NEW] Runtime microcode updates do not expose new features completely

Jamie Iles Wed, 18 Apr 2018 06:01:19 -0700

Public bug reported:

Unlike upstream, the artful kernel uses the scattered CPU bits
arch/x86/kernel/cpu/scattered.c to get the IBRS/IBPB CPUID bits in the
KVM CPUID ioctls().  However, these are not updated when loading new
microcode at run-time.  This means that if you boot a system with older
microcode and then use late microcode loading at boot time or later,
then the new features are not exposed to guests.  So even though the
host supports the SPEC_CTRL MSR, those bits are masked out in the guest,
even when passing through host CPU capabilities.


Upstream does not have this problem because it uses cpuid_count() which
does a raw cpuid when creating a guest rather than the scattered
features.  Two changes are needed - updating scattered features on
microcode reload and using the runtime CPU data rather than the boot
data.

Reproduced on "4.13.0-38-generic #43-Ubuntu SMP Wed Mar 14 15:20:44 UTC
2018".  Boot with original vendor microcode, apply new microcode with
"echo 1 > /sys/devices/system/cpu/microcode/reload" and then boot a
guest.  With the simple test case below in the guest, see that bits
[27:26] are not set when they are in the host.

#include <stdio.h>
#include <stdlib.h>

int main(void)
{
        unsigned int edx;

        asm volatile("mov $7, %%eax\n\t"
                     "mov $0, %%ecx\n\t"
                     "cpuid\n\t"
                     "mov %%edx, %0" : "=r"(edx) : : "%edx", "%ecx", "%ebx");

        printf("%08x\n", edx);

        return 0;
}


Two compile tested patches attached, I have not yet checked other Ubuntu 
releases.

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: Incomplete


** Tags: artful

** Attachment added: "artful patches"
   
https://bugs.launchpad.net/bugs/1765040/+attachment/5120956/+files/cpuid.tar.gz

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1765040

Title:
  Runtime microcode updates do not expose new features completely

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1765040/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1765040] [NEW] Runtime microcode updates do not expose new features completely

Reply via email to