Merge tag 'x86_microcode_for_v5.19_rc1' of git://git.kernel.org/pub/scm/linux/kernel...

Pull x86 microcode loader update from Borislav Petkov:

 - Make CPU vendor dependency explicit against random config build
   failures

* tag 'x86_microcode_for_v5.19_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/microcode: Add explicit CPU vendor dependency

diff --combined arch/x86/Kconfig
index 7fa8bdd0ed7e91681bc8d959b0e8de50f89761a3,7ba627c60504de231faed411576410a36820f0e9..038633abf5ab881384bdc48712d3b0f14d0109db
--- 1/arch/x86/Kconfig
--- 2/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@@ -878,21 -878,6 +878,21 @@@ config ACRN_GUES
          IOT with small footprint and real-time features. More details can be
          found in https://projectacrn.org/.
  
 +config INTEL_TDX_GUEST
 +      bool "Intel TDX (Trust Domain Extensions) - Guest Support"
 +      depends on X86_64 && CPU_SUP_INTEL
 +      depends on X86_X2APIC
 +      select ARCH_HAS_CC_PLATFORM
 +      select X86_MEM_ENCRYPT
 +      select X86_MCE
 +      help
 +        Support running as a guest under Intel TDX.  Without this support,
 +        the guest kernel can not boot or run under TDX.
 +        TDX includes memory encryption and integrity capabilities
 +        which protect the confidentiality and integrity of guest
 +        memory contents and CPU state. TDX guests are protected from
 +        some attacks from the VMM.
 +
  endif #HYPERVISOR_GUEST
  
  source "arch/x86/Kconfig.cpu"
@@@ -1328,7 -1313,7 +1328,7 @@@ config MICROCOD
  
  config MICROCODE_INTEL
        bool "Intel microcode loading support"
-       depends on MICROCODE
+       depends on CPU_SUP_INTEL && MICROCODE
        default MICROCODE
        help
          This options enables microcode patch loading support for Intel
@@@ -1340,7 -1325,7 +1340,7 @@@
  
  config MICROCODE_AMD
        bool "AMD microcode loading support"
-       depends on MICROCODE
+       depends on CPU_SUP_AMD && MICROCODE
        help
          If you select this option, microcode patch loading support for AMD
          processors will be enabled.
@@@ -1831,6 -1816,17 +1831,6 @@@ config ARCH_RANDO
          If supported, this is a high bandwidth, cryptographically
          secure hardware random number generator.
  
 -config X86_SMAP
 -      def_bool y
 -      prompt "Supervisor Mode Access Prevention" if EXPERT
 -      help
 -        Supervisor Mode Access Prevention (SMAP) is a security
 -        feature in newer Intel processors.  There is a small
 -        performance cost if this enabled and turned on; there is
 -        also a small increase in the kernel size if this is enabled.
 -
 -        If unsure, say Y.
 -
  config X86_UMIP
        def_bool y
        prompt "User Mode Instruction Prevention" if EXPERT
@@@ -1870,7 -1866,7 +1870,7 @@@ config X86_KERNEL_IB
          code with them to make this happen.
  
          In addition to building the kernel with IBT, seal all functions that
 -        are not indirect call targets, avoiding them ever becomming one.
 +        are not indirect call targets, avoiding them ever becoming one.
  
          This requires LTO like objtool runs and will slow down the build. It
          does significantly reduce the number of ENDBR instructions in the
@@@ -2842,6 -2838,13 +2842,6 @@@ config IA32_EMULATIO
          64-bit kernel. You should likely turn this on, unless you're
          100% sure that you don't have any 32-bit programs left.
  
 -config IA32_AOUT
 -      tristate "IA32 a.out support"
 -      depends on IA32_EMULATION
 -      depends on BROKEN
 -      help
 -        Support old a.out binaries in the 32bit emulation.
 -
  config X86_X32_ABI
        bool "x32 ABI for 64-bit mode"
        depends on X86_64