Ensure that both the microcode data_size and total_size fields are a multiple of the dword size (4 bytes). The Intel SDM vol 3A (order code 253668-051US, June 2014) requires this to be true, and the driver code assumes it will be true.
Add a comment to the code stating that it is best if we continue to refrain from ensuring that total_size is a multiple of 1024 bytes. The reason to never add that check is non-obvious. Refuse a microcode with a revision of zero, we reserve that for the factory-provided microcode. Signed-off-by: Henrique de Moraes Holschuh <[email protected]> --- arch/x86/kernel/cpu/microcode/intel_lib.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/microcode/intel_lib.c b/arch/x86/kernel/cpu/microcode/intel_lib.c index 95c2d19..050cd4f 100644 --- a/arch/x86/kernel/cpu/microcode/intel_lib.c +++ b/arch/x86/kernel/cpu/microcode/intel_lib.c @@ -61,12 +61,22 @@ int microcode_sanity_check(void *mc, int print_err) total_size = get_totalsize(mc_header); data_size = get_datasize(mc_header); - if (data_size + MC_HEADER_SIZE > total_size) { + if ((data_size % DWSIZE) || (total_size % DWSIZE) || + (data_size + MC_HEADER_SIZE > total_size)) { if (print_err) - pr_err("error! Bad data size in microcode data file\n"); + pr_err("error! Bad data size or total size in microcode data file\n"); return -EINVAL; } + /* + * DO NOT add a check for total_size to be a multiple of 1024. + * + * While there is a requirement that total_size be a multiple of 1024 + * (Intel SDM vol 3A, section 9.11.1, table 9-6, page 9-29), it clashes + * with the "delete extended signature table" procedure described for + * the Checksum[n] field in the same table 9-6, at page 9-30). + */ + ext_table_size = total_size - (MC_HEADER_SIZE + data_size); if (ext_table_size) { if ((ext_table_size < EXT_HEADER_SIZE) @@ -84,6 +94,13 @@ int microcode_sanity_check(void *mc, int print_err) ext_sigcount = ext_header->count; } + /* check some of the metadata */ + if (mc_header->rev == 0) { /* reserved for silicon microcode */ + if (print_err) + pr_err("error! Restricted revision 0 in microcode data file\n"); + return -EINVAL; + } + /* check extended table checksum */ if (ext_table_size) { int ext_table_sum = 0; -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
