From: Ashok Raj <ashok.raj@intel.com>
Date: Wed, 28 Feb 2018 10:28:43 +0000 (+0100)
Subject: x86/microcode: Do not upload microcode if CPUs are offline
X-Git-Tag: v4.1.12-124.31.3~553
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=eb9dd6f83aeda5e90e13a5e91f8f4d845dee943e;p=users%2Fjedix%2Flinux-maple.git

x86/microcode: Do not upload microcode if CPUs are offline

Avoid loading microcode if any of the CPUs are offline, and issue a
warning. Having different microcode revisions on the system at any time
is outright dangerous.

[ Borislav: Massage changelog. ]

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Tom Lendacky <thomas.lendacky@amd.com>
Tested-by: Ashok Raj <ashok.raj@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Arjan Van De Ven <arjan.van.de.ven@intel.com>
Link: http://lkml.kernel.org/r/1519352533-15992-4-git-send-email-ashok.raj@intel.com
Link: https://lkml.kernel.org/r/20180228102846.13447-5-bp@alien8.de

(cherry picked from commit 30ec26da9967d0d785abc24073129a34c3211777)

Needed for the next cherry-picked commit "x86/microcode: Allow late microcode loading with SMT disabled".

Orabug: 28488808
CVE: CVE-2018-3620

Signed-off-by: Mihai Carabas <mihai.carabas@oracle.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>

Conflicts:
	arch/x86/kernel/cpu/microcode/core.c
Contextual

Signed-off-by: Brian Maly <brian.maly@oracle.com>
---

diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 3979734ab94b..ec3b574b0a5e 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -285,6 +285,16 @@ MODULE_ALIAS("devname:cpu/microcode");
 /* fake device for request_firmware */
 static struct platform_device	*microcode_pdev;
 
+static int check_online_cpus(void)
+{
+	if (num_online_cpus() == num_present_cpus())
+		return 0;
+
+	pr_err("Not all CPUs online, aborting microcode update.\n");
+
+	return -EINVAL;
+}
+
 static int reload_for_cpu(int cpu)
 {
 	struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
@@ -319,6 +329,11 @@ static ssize_t reload_store(struct device *dev,
 		return size;
 
 	get_online_cpus();
+
+	ret = check_online_cpus();
+	if (ret)
+		goto put;
+
 	mutex_lock(&microcode_mutex);
 	for_each_online_cpu(cpu) {
 		tmp_ret = reload_for_cpu(cpu);
@@ -336,6 +351,8 @@ static ssize_t reload_store(struct device *dev,
 	}
 
 	mutex_unlock(&microcode_mutex);
+
+put:
 	put_online_cpus();
 
 	if (!ret)