| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 12 Jun 2016 22:34:41 +0100
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: akpm@...ux-foundation.org, "Tony Luck" <tony.luck@...el.com>,
"Thomas Gleixner" <tglx@...utronix.de>,
"Peter Zijlstra" <peterz@...radead.org>,
"Henrique de Moraes Holschuh" <hmh@....eng.br>,
"Peter Kirchgeßner" <pkirchgessner@...nline.de>,
"H. Peter Anvin" <hpa@...or.com>, "Borislav Petkov" <bp@...e.de>,
"Borislav Petkov" <bp@...en8.de>, "Ingo Molnar" <mingo@...nel.org>,
"Linus Torvalds" <torvalds@...ux-foundation.org>
Subject: [PATCH 3.2 04/46] x86/microcode/amd: Do not overwrite final patch
levels
3.2.81-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Borislav Petkov <bp@...e.de>
commit 0399f73299f1b7e04de329050f7111b362b7eeb5 upstream.
A certain number of patch levels of applied microcode should not
be overwritten by the microcode loader, otherwise bad things
will happen.
Check those and abort update if the current core has one of
those final patch levels applied by the BIOS. 32-bit needs
special handling, of course.
See https://bugzilla.suse.com/show_bug.cgi?id=913996 for more
info.
Tested-by: Peter Kirchgeßner <pkirchgessner@...nline.de>
Signed-off-by: Borislav Petkov <bp@...e.de>
Cc: Borislav Petkov <bp@...en8.de>
Cc: H. Peter Anvin <hpa@...or.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Tony Luck <tony.luck@...el.com>
Link: http://lkml.kernel.org/r/1444641762-9437-7-git-send-email-bp@alien8.de
Signed-off-by: Ingo Molnar <mingo@...nel.org>
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
Cc: Henrique de Moraes Holschuh <hmh@....eng.br>
---
arch/x86/include/asm/microcode.h | 2 +-
arch/x86/kernel/cpu/microcode/amd.c | 38 +++++++++++++++++++++++++++----
arch/x86/kernel/cpu/microcode/amd_early.c | 13 ++++++++---
3 files changed, 44 insertions(+), 9 deletions(-)
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -61,5 +61,5 @@ static inline struct microcode_ops * __i
}
#endif
-extern bool check_current_patch_level(u32 *rev);
+extern bool check_current_patch_level(u32 *rev, bool early);
#endif /* _ASM_X86_MICROCODE_H */
--- a/arch/x86/kernel/microcode_amd.c
+++ b/arch/x86/kernel/microcode_amd.c
@@ -124,6 +124,16 @@ static int get_matching_microcode(int cp
}
/*
+ * Those patch levels cannot be updated to newer ones and thus should be final.
+ */
+static u32 final_levels[] = {
+ 0x01000098,
+ 0x0100009f,
+ 0x010000af,
+ 0, /* T-101 terminator */
+};
+
+/*
* Check the current patch level on this CPU.
*
* @rev: Use it to return the patch level. It is set to 0 in the case of
@@ -133,13 +143,33 @@ static int get_matching_microcode(int cp
* - true: if update should stop
* - false: otherwise
*/
-bool check_current_patch_level(u32 *rev)
+bool check_current_patch_level(u32 *rev, bool early)
{
- u32 dummy;
+ u32 lvl, dummy, i;
+ bool ret = false;
+ u32 *levels;
+
+ rdmsr(MSR_AMD64_PATCH_LEVEL, lvl, dummy);
+
+#ifdef CONFIG_X86_32
+ if (early)
+ levels = (u32 *)__pa_nodebug(&final_levels);
+ else
+#endif
+ levels = final_levels;
+
+ for (i = 0; levels[i]; i++) {
+ if (lvl == levels[i]) {
+ lvl = 0;
+ ret = true;
+ break;
+ }
+ }
- rdmsr(MSR_AMD64_PATCH_LEVEL, *rev, dummy);
+ if (rev)
+ *rev = lvl;
- return false;
+ return ret;
}
static int apply_microcode_amd(int cpu)
@@ -156,7 +186,7 @@ static int apply_microcode_amd(int cpu)
if (mc_amd == NULL)
return 0;
- if (check_current_patch_level(&rev))
+ if (check_current_patch_level(&rev, false))
return -1;
wrmsrl(MSR_AMD64_PATCH_LOADER, (u64)(long)&mc_amd->hdr.data_code);
Powered by blists - more mailing lists