[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen/ucode: Make Intel's microcode_sanity_check() stricter



On 13.09.2024 16:21, Andrew Cooper wrote:
> From: Demi Marie Obenour <demi@xxxxxxxxxxxxxxxxxxxxxx>
> 
> The SDM states that data size must be a multiple of 4, but Xen doesn't check
> this propery.
> 
> This is liable to cause a later failures, but should be checked explicitly.
> 
> Signed-off-by: Demi Marie Obenour <demi@xxxxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>

> --- a/xen/arch/x86/cpu/microcode/intel.c
> +++ b/xen/arch/x86/cpu/microcode/intel.c
> @@ -155,10 +155,13 @@ static int microcode_sanity_check(const struct 
> microcode_patch *patch)
>      uint32_t sum;
>  
>      /*
> -     * Total size must be a multiple of 1024 bytes.  Data size and the header
> -     * must fit within it.
> +     * The SDM states:
> +     * - Data size must be a multiple of 4.
> +     * - Total size must be a multiple of 1024 bytes.  Data size and the
> +     *   header must fit within it.
>       */
>      if ( (total_size & 1023) ||
> +         (data_size & 3) ||
>           data_size > (total_size - MC_HEADER_SIZE) )

And luckily get_totalsize() guarantees total_size > 0, for this
subtraction not to underflow. Maybe worth also mentioning in the
comment as you adjust it anyway.

Jan



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.