Re: [PATCH v5 4/6] x86/microcode/AMD: Check microcode container data in the late loader

From: Borislav Petkov
Date: Tue May 01 2018 - 04:43:43 EST


On Tue, May 01, 2018 at 12:27:51AM +0200, Maciej S. Szmigiero wrote:
> 1) -EINVAL maps to a valid return value of 4294967274 bytes.
> We have a different behavior for invalid data in the container file
> (including too large lengths) than for grave errors like a failed memory
> allocation.

WTF?

> 2) This function single caller (__load_microcode_amd()) normalized any
> error that verify_and_add_patch() returned to UCODE_ERROR anyway,

So?

> 3) The existing code uses a convention that zero return value means
> 'terminate processing' for the parse_container() function in the early
> loader which normally returns a 'bytes consumed' value, as this function
> does.

parse_container() could very well change its convention to return
negative on error and positive value if the loop is supposed to skip
bytes.

--
Regards/Gruss,
Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.