lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160725164602.GC11976@nazgul.tnic>
Date:	Mon, 25 Jul 2016 18:46:02 +0200
From:	Borislav Petkov <bp@...en8.de>
To:	Nicolai Stange <nicstange@...il.com>
Cc:	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] arch/x86/kernel/cpu/microcode/intel: don't store
 initrd's start

On Mon, Jul 25, 2016 at 04:16:41PM +0200, Nicolai Stange wrote:
> [    0.000000] microcode: microcode updated early to revision 0x20, date = 2016-03-16
> [    2.929972] microcode: sig=0x306c3, pf=0x10, revision=0x20
> 
> Is this a "yes"?

Yap, the "updated early" line says your microcode got updated to rev
0x20 from what was there before.

> /proc/cpuinfo shows a "microcode" value of 0x20 for all logical cores at
> least.

Which is as it should be.

> Another point: does PAGE_OFFSET_BASE exist on ARCH=i386?

Yeah, we should tie this to CONFIG_RANDOMIZE_MEMORY. IOW, here's another
version, I'll do some more hammering on it tomorrow.

It should take care of the builtin case too as there we have the
microcode in the kernel text mapping which is already relocated when we
go search for microcode blobs so no need for adjusting start then.

---
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index 6515c802346a..c5a7d74a9fa6 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -793,10 +793,10 @@ void __init load_ucode_intel_bsp(void)
 void load_ucode_intel_ap(void)
 {
 	struct ucode_blobs *blobs_p;
+	unsigned long *ptrs, start = 0;
 	struct mc_saved_data *mcs;
 	struct ucode_cpu_info uci;
 	enum ucode_state ret;
-	unsigned long *ptrs;
 
 #ifdef CONFIG_X86_32
 	mcs	= (struct mc_saved_data *)__pa_nodebug(&mc_saved_data);
@@ -815,8 +815,20 @@ void load_ucode_intel_ap(void)
 	if (!mcs->num_saved)
 		return;
 
+	if (blobs_p->valid) {
+		start = blobs_p->start;
+
+#ifdef CONFIG_RANDOMIZE_MEMORY
+		/*
+		 * Pay attention to CONFIG_RANDOMIZE_MEMORY as it shuffles
+		 * physmem mapping too and there we have the initrd.
+		 */
+		start += (PAGE_OFFSET - __PAGE_OFFSET_BASE);
+#endif
+	}
+
 	collect_cpu_info_early(&uci);
-	ret = load_microcode(mcs, ptrs, blobs_p->start, &uci);
+	ret = load_microcode(mcs, ptrs, start, &uci);
 	if (ret != UCODE_OK)
 		return;
 

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.
--

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ