[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 00/16] x86/cpu: Cleanup for NX adjustments

  • To: Teddy Astie <teddy.astie@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Tue, 27 Jan 2026 12:29:37 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xCqeW2PG1CNelc+bIOFyIOxjTQxwbgoeXzGtvuBIEdw=; b=ESJx1q5u3puiS8aBZE0Wu1R9OPUTHsDlcaHp5k0TXFLvxDii9Gad7l08+VylvbCOePGTbdtsrNSVhEQokhpCMF6d/Qf17NbYzuvvwWlcGgz2a/uUwmU5JaehOh9wn1neDWRHbGNS2MxFypCz6kOmSgQS3ibXcMRepl7zV1r1b7O0WiGfd28AWy16XGwhpmVK1nsDQbSAPwsvrq8w0LRqXQZXuVmQbhzpFjKqpMxQ5XTZKhKojNok05ZuLAOV8UmjTvAmeMTowXsv2ZyzlU7Tczq6fnN9SXgZIqiCNLFzOTUFe6dT6n4nAaPekEiqyNXe1sDqk7aweTcrdzpJr4+z+w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=xYEzkae1r8C2d/f2cV+NgZ938icvnoNZnpHieWBx9vDIUAlQnpAMcOplF4aiEQa8qIZ6NpBDe6NkNYgN2g5sGgdHBdCIUCFiBZ/qRsgQL2F9KpmgNDGQbebip/CEpH/kgzEMlJhNF1BAyEneVrRpKg9nZGihld/8ooLJPRK5QCYzqXcmpoZxYU6V/oTWoE2+EVUnZg+SZtFcc9XD7KroypxhClw/Rq2JXnvgBSk5aMs+m95KnRjR40QcY1Poyuic5MTQjU2hoNtissjIgfVjmrA1dMxMr9N+Xb8rMhXdXmydUy6NoUd0NQJ4Dk9O84R/+gv5gaQvtSVoxXToeLXqzQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Julian Vetter <julian.vetter@xxxxxxxxxx>
  • Delivery-date: Tue, 27 Jan 2026 12:30:05 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 27/01/2026 12:09 pm, Teddy Astie wrote:
> Le 27/01/2026 à 12:39, Andrew Cooper a écrit :
>> On 27/01/2026 11:23 am, Teddy Astie wrote:
>>> Le 26/01/2026 à 18:56, Andrew Cooper a écrit :
>>>> I was hoping this to be a patch or two, but it got out of hand...
>>>>
>>>> https://gitlab.com/xen-project/hardware/xen-staging/-/pipelines/2287078891
>>>> https://gitlab.com/xen-project/hardware/xen-staging/-/commits/andrew/nx
>>>>
>>>> The branch has one extra patch to fake up the firmware settings being set 
>>>> to
>>>> Gitlab CI, not included in this series.
>>>>
>>>> Julien: This ought to suitable to rebase your cleanup on to.  In the end, I
>>>> did the AMD adjustment mostly because I needed it to test the correctness 
>>>> of
>>>> the prior cleanup.
>>>>
>>>> The final 4 patches are tangential cleanup which I've kept out of the prior
>>>> work in case we wish to backport it.  Everything prior is relevant to
>>>> untangling, and mostly for the benefit of the AMD side.
>>>>
>>>> The early patches are hopefully non-controvertial.  Later patches are a 
>>>> little
>>>> more RFC, and in need of further testing.
>>>>
>>>> <snip>
>>>>
>>> Tested on a Intel machine with "DEP" disabled, and "Require NX support"
>>> disabled, I get a pagefault in hpet code
>>  From above:
>>
>>> Julien: This ought to suitable to rebase your cleanup on to.
>> This is cleanup only.  I've not got the bugfixes for EFI boot yet, so
>> the behaviour you see is still expected for now.
>>
>> Although, thinking about it, it might be better if I try to merge the
>> two series, so everyone can test the end result.
>>
>> Thoughts?
>>
> +1
>
>>>> (XEN) Xen version 4.22-unstable (tsnake41@(none)) (gcc (Alpine 15.2.0) 
>>>> 15.2.0) debug=y Tue Jan 27 12:06:46 CET 2026
>>>> (XEN) Latest ChangeSet: Mon Jan 26 17:53:45 2026 +0000 git:6491616ddd
>>>> (XEN) build-id: 035024497a4cadebf9e5a2ded61f63ac
>>>> (XEN) re-enabled NX (Execute Disable) protection
>>>> (XEN) CPU Vendor: Intel, Family 6 (0x6), Model 60 (0x3c), Stepping 3 (raw 
>>>> 000306c3)
>>>> (XEN) BSP microcode revision: 0x0000001a
>>>> (XEN) microcode: Bad data in container
>>>> (XEN) Microcode: Parse error -22
>> As a tangent, what's going on here?
>>
>> This is the first time I've seen the error outside of my own testing.
>> Is it a container you expect to be good, or some leftovers on a test
>> machine?
>>
> I'm trying to load a Intel ucode (taken from Alpine Linux intel-ucode 
> package) using `ucode=intel-ucode.img` in xen.cfg (UEFI direct boot).
>
> Many distros ship microcode in a single CPIO image with e.g 
> "kernel/x86/microcode/GenuineIntel.bin" in it.

Ah, that's a known thing that doesn't work and has never been
addressed.  People have been complaining for years, but not on xen-devel.

It's also the subject of a documentation fix that is still pending (and
now needs yet another rebase). 
https://lore.kernel.org/xen-devel/20251215153245.2675388-1-andrew.cooper3@xxxxxxxxxx

Now that the ucode boot module handling is clean, we can probably try
both a CPIO and raw probe when given a fixed module.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.