lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 11 Aug 2014 16:00:57 +0200
From:	Borislav Petkov <>
To:	Henrique de Moraes Holschuh <>
Cc:	H Peter Anvin <>, Fenghua Yu <>,
Subject: Re: BUG: early intel microcode update violating alignment rules

On Mon, Aug 11, 2014 at 10:16:13AM -0300, Henrique de Moraes Holschuh wrote:
> On Mon, 11 Aug 2014, Borislav Petkov wrote:
> > On Sat, Aug 09, 2014 at 08:19:11PM -0300, Henrique de Moraes Holschuh wrote:
> > > Is there a way to fix this in the kernel for the BSP?
> > 
> > I think you're looking at this the wrong way around. :-) The thing that
> > needs fixing is the SDM since some CPUs seem to accept 16-byte unaligned
> > microcode just fine.
> I often wonder how much of the Intel SDM is really a fairy tale...  it
> certainly has enough legends from times long past inside ;-)  But just like
> old stories, should you forget all about them, they sometimes grow fangs
> back and get you when you're least prepared.
> Now, seriously, we're neither aligning the thing, nor checking any of it for
> alignment, so userspace can mess with us at will.  Unless it is trying to be
> actively malicious, we'll get 4-byte alignment out of userspace for the data
> inside the early initramfs (assuming the use of the common cpio tools: GNU
> cpio and GNU pax), but that's it.
> I can easily propose fixes to reject incorrectly aligned data (and will do
> so), but you *really* don't want to know the kind of crap I came up with to
> try to align the microcode update for the BSP: Standard Lovecraftian Mythos
> Safety Procedures apply!  So I am turning to you for ideas...

It seems to me you're looking for issues where there are none. We simply
have to ask Intel people what's with the 16-byte alignment and fix
the SDM, apparently. If the processor accepts the non-16-byte-aligned
update, why do you care?


Sent from a fat crate under my desk. Formatting is fine.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists