| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 May 2014 14:01:35 -0300
From: Henrique de Moraes Holschuh <hmh@....eng.br>
To: linux-kernel@...r.kernel.org, Burt Triplett <burt@...triplett.org>,
Fengguang Wu <fengguang.wu@...el.com>,
"H. Peter Anvin" <hpa@...ux.intel.com>
Subject: Re: Intel microcode extended signature table support in Linux/BITS
PING?
On Fri, 21 Feb 2014, Henrique de Moraes Holschuh wrote:
> I am directing this question to you hoping one of you can either address it
> directly, or forward it internally at Intel.
>
> We have code in the Linux kernel to support microcode extended signature
> tables which has never been tested as far as I know, as there are no public
> test vectors of microcode update containers with extended signature tables.
>
> IMHO, untested kernel code is never a good thing, and useless untested
> kernel code is even worse.
>
> So, the first question would be whether microcode extended signature tables
> are ever going to be used by Intel?
>
> If that code is going to remain unused, we probably should remove support
> for Intel microcode extended signatures from Linux.
>
> Anyway, there is an incompatibility between the code in Linux and also in
> Intel BITS, and what is documented in the SDM (IntelĀ® 64 and IA-32
> Architectures Software Developer Manual).
>
> So, for the second question, could someone at Intel please clarify the
> following point?
>
> In the IntelĀ® 64 and IA-32 Architectures Software Developer Manual (SDM) vol
> 3A page 9-30, table 9-6, last row, the description of the extended signature
> table checksum ("Checksum[n]" in table 9-6) makes it clear one is supposed
> to strip out the extended signature table entirely from the microcode
> container when one applies the extended signature to the main microcode
> header.
>
> However, this removal of the extended signature table also implies in a
> change of the "Total Size" field of the main microcode header (table 9-6).
> Therefore, the "CheckSum[n]" field of table 9-6 has to take into account
> this change in the "Total Size" field.
>
> Two public implementations of extended microcode signature table support
> (Linux kernel and Intel BITS) do NOT take into account the required change
> to "Total Size" in order to strip the extended microcode signature table,
> and thus will not validate microcode with extended signature tables that
> follow the SDM.
>
> So, which is correct: the code in Linux and BITS, or the text of the SDM?
>
> As a sidenote, the way the SDM documents the extended signature table
> implies no extra padding can be added after the extended signature table.
>
> Such padding would be required to satisfy the SDM requirement that "Total
> Size" be a multiple of 1024, unless the padding is done inside the microcode
> opaque data itself (payload). This seems suboptimal, as it ties the
> container strongly to the payload/opaque data... maybe the multiple-of-1024
> requirement for Total Size is superfluous for variable-size microcode
> containers?
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists