lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20160227222928.GD5261@pd.tnic>
Date:	Sat, 27 Feb 2016 23:29:28 +0100
From:	Borislav Petkov <bp@...en8.de>
To:	Chris Bainbridge <chris.bainbridge@...il.com>
Cc:	x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/microcode: Change checksum to u32

On Sat, Feb 27, 2016 at 06:23:29PM +0000, Chris Bainbridge wrote:
>         /* calculate the checksum */
>         orig_sum = 0;
>         i = (MC_HEADER_SIZE + data_size) / DWSIZE;
>         while (i--)
>                 orig_sum += ((int *)mc)[i];

Ok, since SDM says that all fields should be treated as unsigneds when
doing the checksum verification, that cast above should be (u32 *) too.

Also, the extended table signature should be fixed to use u32s too:

	ext_tablep = (int *)ext_header;
	i = ext_table_size / sizeof(u32);
	while (i--)
		ext_table_sum += ext_tablep[i];
	...

Care to complete your patch please?

Thanks.

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ