6.6-stable patches

added patches:
	x86-microcode-do-not-cache-microcode-if-it-will-not-be-used.patch

diff --git a/queue-6.6/series b/queue-6.6/series
index 0fe9380cccb87ef2e854386318e14e575c0e0649..c4c29c54f29792910a91a3fb53879e1c8962c9d3 100644 (file)
--- a/queue-6.6/series
+++ b/queue-6.6/series
@@ -128,3 +128,4 @@ arm-sun9i-smp-fix-return-code-check-of-of_property_m.patch
 x86-csum-remove-unnecessary-odd-handling.patch
 x86-csum-clean-up-csum_partial-further.patch
 drm-crtc-fix-uninitialized-variable-use.patch
+x86-microcode-do-not-cache-microcode-if-it-will-not-be-used.patch

diff --git a/queue-6.6/x86-microcode-do-not-cache-microcode-if-it-will-not-be-used.patch b/queue-6.6/x86-microcode-do-not-cache-microcode-if-it-will-not-be-used.patch
new file mode 100644 (file)
index 0000000..955152a
--- /dev/null
+++ b/queue-6.6/x86-microcode-do-not-cache-microcode-if-it-will-not-be-used.patch
@@ -0,0 +1,59 @@
+From pbonzini@redhat.com  Wed Jan 17 11:58:38 2024
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Mon, 15 Jan 2024 11:22:02 +0100
+Subject: x86/microcode: do not cache microcode if it will not be used
+To: linux-kernel@vger.kernel.org
+Cc: stable@vger.kernel.org, x86@kernel.org, Borislav Petkov <bp@suse.de>, Dave Hansen <dave.hansen@linux.intel.com>
+Message-ID: <20240115102202.1321115-1-pbonzini@redhat.com>
+
+No relevant upstream kernel due to refactoring in 6.7
+
+Builtin/initrd microcode will not be used the ucode loader is disabled.
+But currently, save_microcode_in_initrd is always performed and it
+accesses MSR_IA32_UCODE_REV even if dis_ucode_ldr is true, and in
+particular even if X86_FEATURE_HYPERVISOR is set; the TDX module does not
+implement the MSR and the result is a call trace at boot for TDX guests.
+
+Mainline Linux fixed this as part of a more complex rework of microcode
+caching that went into 6.7 (see in particular commits dd5e3e3ca6,
+"x86/microcode/intel: Simplify early loading"; and a7939f0167203,
+"x86/microcode/amd: Cache builtin/initrd microcode early").  Do the bare
+minimum in stable kernels, setting initrd_gone just like mainline Linux
+does in mark_initrd_gone().
+
+Note that save_microcode_in_initrd() is not in the microcode application
+path, which runs with paging disabled on 32-bit systems, so it can (and
+has to) use dis_ucode_ldr instead of check_loader_disabled_ap().
+
+Cc: stable@vger.kernel.org # v6.6+
+Cc: x86@kernel.org # v6.6+
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kernel/cpu/microcode/core.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/arch/x86/kernel/cpu/microcode/core.c
++++ b/arch/x86/kernel/cpu/microcode/core.c
+@@ -208,6 +208,11 @@ static int __init save_microcode_in_init
+       struct cpuinfo_x86 *c = &boot_cpu_data;
+       int ret = -EINVAL;
+ 
++      if (dis_ucode_ldr) {
++              ret = 0;
++              goto out;
++      }
++
+       switch (c->x86_vendor) {
+       case X86_VENDOR_INTEL:
+               if (c->x86 >= 6)
+@@ -221,6 +226,7 @@ static int __init save_microcode_in_init
+               break;
+       }
+ 
++out:
+       initrd_gone = true;
+ 
+       return ret;