lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 11 Aug 2014 11:48:25 -0700
From:	"H. Peter Anvin" <>
To:	Henrique de Moraes Holschuh <>,
	Borislav Petkov <>,
	Fenghua Yu <>
Subject: Re: BUG: early intel microcode update violating alignment rules

I don't think so.  I wouldn't count on that in the long run.

I'm having some discussions about this integrally at the moment.

On August 11, 2014 11:18:32 AM PDT, Henrique de Moraes Holschuh <> wrote:
>On Mon, Aug 11, 2014, at 11:51, H. Peter Anvin wrote:
>> We could put a buffer in the initdata region (we really could use an
>> initbss region!) or in the brk.
>That sounds much better than the hideous crap I came up with.  The
>buffer would need to be at least 64KiB in size to be on the safe side. 
>The largest public microcode update ATM is 23KiB.
>I am not sure if we might need more than 64KiB: the Intel SDM mentions
>that in real mode the update data must not cross a segment boundary,
>also must not exceed a segment limit.  I am a bit rusty on real mode,
>but doesn't that mean, in practice, that microcode update data size is
>limited in size to 64KiB?

Sent from my mobile phone.  Please pardon brevity and lack of formatting.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists