| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Aug 2014 12:45:14 -0300
From: Henrique de Moraes Holschuh <hmh@....eng.br>
To: Borislav Petkov <bp@...en8.de>
Cc: linux-kernel@...r.kernel.org, H Peter Anvin <hpa@...or.com>
Subject: Re: [PATCH 7/8] x86, microcode, intel: forbid some incorrect metadata
On Fri, 08 Aug 2014, Borislav Petkov wrote:
> On Fri, Aug 08, 2014 at 10:50:57AM -0300, Henrique de Moraes Holschuh wrote:
> > On Fri, 08 Aug 2014, Borislav Petkov wrote:
> > > If someone tries to load a microcode blob which has been split and so
> > > on, then we should refuse loading. We want to accept microcode from the
> > > vendor and nothing else glued together.
> >
> > I don't quite get why we should refuse microcode
>
> Because the blob from the official location passes internal validation, I'd
> strongly assume. Everything else doesn't.
>
> > that has been split by userspace when the Intel SDM explicitly states
> > that tools can do that if there is a need,
>
> Where?
Intel SDM vol 3A, last row of table 9-6, page 9-30:
"Used by utility software to decompose a microcode update into
multiple microcode updates where each of the new updates is
constructed without the optional Extended Processor Signature
Table."
Not that there is any such utility in use as far as I know (and as I said,
iucode-tool doesn't do it either, and I won't add it unless it is absolutely
required).
But, as I said, I don't care about this one anymore because I don't believe
it will have any pratical effects...
> You can't just assume that just because implementations are faulty there
> - they should adhere to the SDM and it is authoritative. If the extended
> signatures are really needed at some point, implementations will have to
> be fixed.
... exactly because just about every implementation WILL have to be fixed,
which means someone @intel will show up around here with a patch.
> > I will respin the patch without the %1024 comment. Note that I never
> > *removed* any test, we never tested for %1024 in the first place
>
> And I'm saying we should if we're loading the official blob.
I will add a patch doing that.
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists