Re: [PATCH v2] x86/microcode/AMD: check microcode file sanity before loading it
From: Maciej S. Szmigiero
Date: Mon Mar 12 2018 - 09:32:38 EST
On 12.03.2018 14:06, Borislav Petkov wrote:
> On Mon, Mar 12, 2018 at 01:56:59PM +0100, Maciej S. Szmigiero wrote:
(..)
>> Since the maximum entry count in current microcode files is 18 the
>
> Where did you dream up that 18?
"microcode_amd.bin" in linux-firmware.
>> Also, looking in the past, there probably won't be more than 256 AMD CPU
>> types in one CPU family.
>
> Wrong.
There is no problem raising this value in that (future) case.
As I wrote previously, currently the maximum used count is 18.
> The only limitation on the equivalence table size we have is the 32-bit
> unsigned length field at offset 8 in the equivalence table header.
Not really, since even in the existing code CONTAINER_HDR_SZ (12) gets
added to this size, then the sum is cast to a (signed) int.
If this value is negative then the file get rejected.
>> This limit is an absolute upper cap of a patch size.
>
> More dreamt up crap.
>
> See verify_patch_size() for the actual patch sizes.
>
It can be changed to the current maximum across sizes for particular
families, but then the limit will need to be raised when adding a new
family (if it uses a larger patch).
Maciej