Re: [PATCH 8/8] x86, microcode, intel: defend apply_microcode_intel with BUG_ON

From: Borislav Petkov
Date: Fri Nov 07 2014 - 15:05:16 EST


On Mon, Sep 08, 2014 at 02:37:54PM -0300, Henrique de Moraes Holschuh wrote:
> Microcode updates that requires an unknown loader should never reach the
> apply_* functions (the code should have rejected it earlier). Likewise
> for an unknown microcode header layout.
>
> Signed-off-by: Henrique de Moraes Holschuh <hmh@xxxxxxxxxx>
> ---
> arch/x86/kernel/cpu/microcode/intel.c | 2 ++
> arch/x86/kernel/cpu/microcode/intel_early.c | 2 ++
> 2 files changed, 4 insertions(+)
>
> diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
> index 40caef1..439681f 100644
> --- a/arch/x86/kernel/cpu/microcode/intel.c
> +++ b/arch/x86/kernel/cpu/microcode/intel.c
> @@ -157,6 +157,8 @@ static int apply_microcode_intel(int cpu)
> if (mc_intel == NULL)
> return 0;
>
> + BUG_ON(mc_intel->hdr.hdrver != 1 || mc_intel->hdr.ldrver != 1);
> +
> /* Intel SDM vol 3A section 9.11.6, page 9-34 */
> if (WARN_ONCE((unsigned long)(mc_intel->bits) % 16,
> "microcode data incorrectly aligned"))
> diff --git a/arch/x86/kernel/cpu/microcode/intel_early.c b/arch/x86/kernel/cpu/microcode/intel_early.c
> index 994c59b..095db11 100644
> --- a/arch/x86/kernel/cpu/microcode/intel_early.c
> +++ b/arch/x86/kernel/cpu/microcode/intel_early.c
> @@ -671,6 +671,8 @@ static int apply_microcode_early(struct mc_saved_data *mc_saved_data,
> if (mc_intel == NULL)
> return 0;
>
> + BUG_ON(mc_intel->hdr.hdrver != 1 || mc_intel->hdr.ldrver != 1);
> +
> mcu_data = mc_intel->bits;
> aligned_mcu_data = mc_intel->bits;

Both not needed, because we're running all microcode through
microcode_sanity_check() first which already does that check.

--
Regards/Gruss,
Boris.

Sent from a fat crate under my desk. Formatting is fine.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/