Re: [PATCH v7 06/12] platform/x86/intel/ifs: Check IFS Image sanity

From: Borislav Petkov
Date: Mon May 09 2022 - 12:31:46 EST

Next message: Dimitri John Ledkov: "[PATCH] Bluetooth: btintel: Correctly declare all module firmware files."
Previous message: Greg KH: "Re: [PATCHv2] speakup: Generate speakupmap.h automatically"
In reply to: Thomas Gleixner: "Re: [PATCH v7 06/12] platform/x86/intel/ifs: Check IFS Image sanity"
Next in thread: Luck, Tony: "RE: [PATCH v7 06/12] platform/x86/intel/ifs: Check IFS Image sanity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, May 06, 2022 at 03:54:04PM -0700, Tony Luck wrote:
> From: Jithu Joseph <jithu.joseph@xxxxxxxxx>
>
> IFS image is designed specifically for a given family, model and
> stepping of the processor. Like Intel microcode header, the IFS image
> has the Processor Signature, Checksum and Processor Flags that must be
> matched with the information returned by the CPUID.

Is the checksum the only protection against people loading arbitrary IFS
images or are those things signed or encrypted, just like the microcode?

I'd hope they pass the same checks as microcode, when they get loaded,
considering the similarity of how they're handled...

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Dimitri John Ledkov: "[PATCH] Bluetooth: btintel: Correctly declare all module firmware files."
Previous message: Greg KH: "Re: [PATCHv2] speakup: Generate speakupmap.h automatically"
In reply to: Thomas Gleixner: "Re: [PATCH v7 06/12] platform/x86/intel/ifs: Check IFS Image sanity"
Next in thread: Luck, Tony: "RE: [PATCH v7 06/12] platform/x86/intel/ifs: Check IFS Image sanity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]