| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Mar 2011 21:14:51 -0300 From: Henrique de Moraes Holschuh <hmh@....eng.br> To: Burt Triplett <burt@...triplett.org> Cc: linux-kernel@...r.kernel.org Subject: Re: BITS handling of CPU microcode updates On Mon, 21 Mar 2011, Burt Triplett wrote: > Sorry for the delayed response; I wanted to make sure I could give > you an answer that would agree with the Intel Software Developer's > Manual, and that ended up meaning I needed to start the process of > updating the relevant part of the SDM. :) Heh :-) > The Intel SDM correctly identifies microcode revision numbers as > signed. However, a simple signed comparison doesn't actually > capture the correct logic, nor does an unsigned comparison, though > in both cases the problem doesn't tend to come up in common cases. ... > Tools which run automatically, without explicit user action, should > not attempt to load a microcode if (X < 0) and (Z > 0). Doing so > makes life very difficult for people in those test lab environments: > they put a microcode they want to test in the BIOS or load it via > BITS, but then the OS driver automatically overrides it with the > latest production microcode. So, tools which run automatically > without explicit user action should follow this rule: > if ((Z < 0) || (Z > 0 && X > 0 && Z > X)) load_microcode(); Very well, I will send patches to fix that behaviour, as well as some other stuff I noticed that was not updated to match the recommended actions documented by the SDM and some Intel application notes. > If microcode_ctl added an option to distinguish these two cases, it > could apply the alternative logic when explicitly requested. Indeed, the userspace and internal kernel API don't support that at this time. Now, we could change them I suppose, but it doesn't look like a worthwhile effort to change the microcode core and APIs for something that would be of limited use even inside an Intel lab. Unless there is a reason to support online microcode downgrading, that is. Does it? Currently, the rare case of a microcode downgrade will only happen at the next boot. > I've started the process of getting the SDM changed to document the > logic described above, and distinguish the two different types of > microcode-loading tools. Thank you. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists