Re: RFC: cpu microcode loading support

To: Christoph Egger <Christoph_Egger%gmx.de@localhost>
Subject: Re: RFC: cpu microcode loading support
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Fri, 16 Dec 2011 11:12:05 -0500

On Fri, Dec 16, 2011 at 04:17:50PM +0100, Christoph Egger wrote:
> On 12/15/11 18:43, Christoph Egger wrote:
>
> kauth(9) is implemented as requested from tls@ and also
> uses xc_broadcast(9) to automatically apply the ucode patch on all cpus.

Thanks!

Maybe I am missing this by looking at the patch out of context, but it
looks like we're allowing microcode update if "isroot" without reference
to securelevel.  It seems to me this operation should be allowed only at
securelevel < 1.  Am I misreading this or is an additional check required?

Thor

Follow-Ups:
- Re: RFC: cpu microcode loading support
  - From: Christoph Egger

References:
- RFC: cpu microcode loading support
  - From: Christoph Egger
- Re: RFC: cpu microcode loading support
  - From: Christoph Egger

Prev by Date: Re: RFC: cpu microcode loading support
Next by Date: Re: RFC: cpu microcode loading support
Previous by Thread: Re: RFC: cpu microcode loading support
Next by Thread: Re: RFC: cpu microcode loading support
Indexes:

Home | Main Index | Thread Index | Old Index