lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 23 Dec 2018 13:51:38 +0100
From:   Borislav Petkov <bp@...e.de>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     x86-ml <x86@...nel.org>, lkml <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] x86/microcode updates for 4.21

Hi Linus,

please pull the latest x86-microcode-for-linus tree from:

  git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86-microcode-for-linus


This update contains work started by Maciej to make the microcode
container verification more robust against all kinds of corruption and
also unify verification paths between early and late loading.

The result is a set of verification routines which validate the
microcode blobs before loading it on the CPU. In addition, the code is a
lot more streamlined and unified.

In the process, some of the aspects of patch handling and loading were
simplified.

All provided by Maciej S. Szmigiero and Borislav Petkov.

Thanks,
Boris.

------------------>

The following changes since commit 9ff01193a20d391e8dbce4403dd5ef87c7eaaca6:

  Linux 4.20-rc3 (2018-11-18 13:33:44 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86-microcode-for-linus

for you to fetch changes up to 2ffcbce39ea1e355eed8c6527308624f366f1c58:

  x86/microcode/AMD: Update copyright (2018-11-19 10:55:12 +0100)

----------------------------------------------------------------
Borislav Petkov (11):
      x86/microcode/AMD: Move verify_patch_size() up in the file
      x86/microcode/AMD: Clean up per-family patch size checks
      x86/microcode/AMD: Cleanup verify_patch_size() more
      x86/microcode/AMD: Concentrate patch verification
      x86/microcode/AMD: Simplify patch family detection
      x86/microcode/AMD: Move patch family check to verify_patch()
      x86/microcode/AMD: Move chipset-specific check into verify_patch()
      x86/microcode/AMD: Change verify_patch()'s return value
      x86/microcode/AMD: Convert early parser to the new verification routines
      x86/microcode/AMD: Fix container size's type
      x86/microcode/AMD: Update copyright

Maciej S. Szmigiero (5):
      x86/microcode/AMD: Subtract SECTION_HDR_SIZE from file leftover length
      x86/microcode/AMD: Add microcode container verification
      x86/microcode/AMD: Check microcode container data in the late loader
      x86/microcode/AMD: Convert CPU equivalence table variable into a struct
      x86/microcode/AMD: Check the equivalence table size when scanning it

 arch/x86/kernel/cpu/microcode/amd.c | 470 +++++++++++++++++++++++-------------
 1 file changed, 308 insertions(+), 162 deletions(-)

-- 
Regards/Gruss,
    Boris.

SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ