AMD CPUs Are Safe For Late-Loading Microcode, Will No Longer Taint The Linux Kernel

Written by Michael Larabel in AMD on 11 April 2023 at 12:00 PM EDT. 8 Comments
AMD
Intel processors should have any CPU microcode updates loaded early during the Linux boot process to avoid various known issues. When "late loading" CPU microcode after the system is up and running, various issues can happen on Intel processors that led them to mark the Linux kernel as tainted under such conditions. Tainting the kernel also happened when late-loading microcode on AMD CPUs but now that's been deemed unnecessary and late-loading CPU microcode on AMD processors is reportedly safe.

Late loading of CPU microcode on Intel processors has been called "dangerous" due to synchronization issues on CPUs with SMT / Hyper Threading, the potential for disappearing model specific registers (MSRs) with updated microcode, machine check handling issues, and interrupt handling issues.
"Late loading is done when the system is fully operational and running real workloads. Late loading behavior depends on what the base patch on the CPU is before upgrading to the new patch.

This is true for Intel CPUs.

Consider, for example, a CPU has patch level 1 and the update is to patch level 3.

Between patch1 and patch3, patch2 might have deprecated a software-visible feature.

This is unacceptable if software is even potentially using that feature. For instance, say MSR_X is no longer available after an update, accessing that MSR will cause a #GP fault.

Basically there is no way to declare a new microcode update suitable for late-loading. This is another one of the problems that caused late loading to be not enabled by default."

The Linux kernel microcode documentation lays out all of the details on late-loading for those interested.

AMD CPU with Linux late-loading microcode.


Sent out today by Borislav Petkov of AMD is a declaration that microcode late-loading is safe on AMD systems and to no longer taint the Linux kernel in such an event.
"Late loading on AMD does not have the concurrency issues described above: when loading is attempted on T0, the T1 is quiesced and does not execute instructions. Therefore, even if a higher priority interrupt or a fault happens, the whole core will see it either before the microcode patch has been applied or after. In either case, T0 and T1 will have the same microcode revision and nothing intermediate."

So with this pending patch, the CPU microcode updating on late-loading will only trigger a kernel taint for non-AMD systems. Ideally though all CPU microcode updates should be early-loaded during boot time.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week