lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1407781112.3399765.151527845.7EC32D9C@webmail.messagingengine.com>
Date:	Mon, 11 Aug 2014 15:18:32 -0300
From:	Henrique de Moraes Holschuh <hmh@....eng.br>
To:	"H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
	Fenghua Yu <fenghua.yu@...el.com>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: BUG: early intel microcode update violating alignment rules

On Mon, Aug 11, 2014, at 11:51, H. Peter Anvin wrote:
> We could put a buffer in the initdata region (we really could use an
> initbss region!) or in the brk.

That sounds much better than the hideous crap I came up with.  The
buffer would need to be at least 64KiB in size to be on the safe side. 
The largest public microcode update ATM is 23KiB.

I am not sure if we might need more than 64KiB: the Intel SDM mentions
that in real mode the update data must not cross a segment boundary, and
also must not exceed a segment limit.  I am a bit rusty on real mode,
but doesn't that mean, in practice, that microcode update data size is
limited in size to 64KiB?

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ