Re: [Patch v3 Part2 1/9] x86/microcode: Taint kernel only if microcode loading was successful

From: Ashok Raj
Date: Wed Feb 01 2023 - 10:43:22 EST

Next message: Krzysztof Kozlowski: "[PATCH 1/3] arm64: dts: qcom: sm8350-hdk: align pin config node names with bindings"
Previous message: kernel test robot: "Re: [PATCH 1/9] mm: kmemleak: properly disable task stack scanning"
In reply to: Borislav Petkov: "Re: [Patch v3 Part2 1/9] x86/microcode: Taint kernel only if microcode loading was successful"
Next in thread: Ashok Raj: "Re: [Patch v3 Part2 1/9] x86/microcode: Taint kernel only if microcode loading was successful"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 01, 2023 at 01:44:31PM +0100, Borislav Petkov wrote:
> On Tue, Jan 31, 2023 at 02:54:03PM -0800, Ashok Raj wrote:
> > It's not an error, only when request_microcode() returns UCODE_ERROR, should
> > it return -EINVAL,
>
> So looking at ->request_microcode_fw(), it looks like we return
> UCODE_ERROR when something with parsing the blob has gone wrong. So I
> guess we can return something more fitting here to state that we failed
> while parsing the microcode blob from userspace: it is corrupted,
> truncated, what not.
>
> Looking at the error codes, this:
>
> #define ELIBBAD 80 /* Accessing a corrupted shared library */
>
> seems fitting as it has "corrupted" blob in the definition. EBADF sounds
> fitting too. In any case, it should be a distinct error value which
> hints at what goes wrong.

Perfect!. In the next respin, I can update this to EBADF.

Later patches when we do minrev checks, or if the current rev is higher
than the one in the directory, what error would be fitting? Currently we do
EINVAL, I can't find a suitable one for that, if you have any good
suggestions that would be awesome.

>
> > This shouldn't be noisy, but if you think this isn't needed, it can go
> > away.
>
> I think all this preemptive development - it might make sense so let's
> do it - needs to stop. If there's an *actual* real use and need for it
> sure, but let's issue a printk just because is not one of them.
>
> > When it fails due to current_rev < min_rev, Isn't it good to add indication
> > to user space that it didn't succeed? Thomas wanted these return codes, so
> > someone scripting can get a status after an attempt to load.
>
> Return codes: yes. Random, flaky, potentially overwritten in the dmesg
> ring buffer error strings - nope. Soon someone will come along and say,
> "hey, don't touch those printk formats - my tool parses them and it'll
> break if you do." Yeah, right.

No arguments there.

I'll drop the pr_warn() before taint as you suggest.

Appears we have good direction for patches 1-3.

Cheers,
Ashok

Next message: Krzysztof Kozlowski: "[PATCH 1/3] arm64: dts: qcom: sm8350-hdk: align pin config node names with bindings"
Previous message: kernel test robot: "Re: [PATCH 1/9] mm: kmemleak: properly disable task stack scanning"
In reply to: Borislav Petkov: "Re: [Patch v3 Part2 1/9] x86/microcode: Taint kernel only if microcode loading was successful"
Next in thread: Ashok Raj: "Re: [Patch v3 Part2 1/9] x86/microcode: Taint kernel only if microcode loading was successful"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]