Re: [Stable-review] [56/74] x86, microcode, AMD: Extend ucode sizeverification
From: Henrique de Moraes Holschuh
Date: Fri Apr 15 2011 - 19:22:25 EST
On Thu, 14 Apr 2011, Borislav Petkov wrote:
> > Good thing nothing important depends on this validation, oh wait...
> Oh wait, please don't tell me that you really think that the CPU relies
> completely on software to do its ucode validation and accepts the "good"
> ucode binary patch blindly...
If it is not a hoax, circa 2004 K8s would accept any crap that passed a
simple checksum test.
I don't trust the claims of strong crypto usage by Intel either,
especially since AFAIK Intel itself never claimed to use anything strong,
just that its microcode was "encrypted".
I sure hope real crypto is used on the more recent cores from both
vendors, though. Too bad we cannot lock down further microcode updates
until the next hard reset...
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/