| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Oct 2022 13:34:07 -0700
From: Jithu Joseph <jithu.joseph@...el.com>
To: hdegoede@...hat.com, markgross@...nel.org
Cc: tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
gregkh@...uxfoundation.org, jithu.joseph@...el.com,
ashok.raj@...el.com, tony.luck@...el.com,
linux-kernel@...r.kernel.org, platform-driver-x86@...r.kernel.org,
patches@...ts.linux.dev, ravi.v.shankar@...el.com,
thiago.macieira@...el.com, athenas.jimenez.gonzalez@...el.com
Subject: [PATCH 08/14] x86/microcode/intel: Meta-data support in microcode file
From: Ashok Raj <ashok.raj@...el.com>
Intel has made extensions to the microcode file format so that it
can also be used for In Field Scan. One of the existing reserved fields
has been allocated to indicate the size of the region in the file allocated
for metadata structures.
Microcode Format
+----------------------+ Base
|Header Version |
+----------------------+
|Update revision |
+----------------------+
|Date DDMMYYYY |
+----------------------+
|Sig |
+----------------------+
|Checksum |
+----------------------+
|Loader Version |
+----------------------+
|Processor Flags |
+----------------------+
|Data Size |
+----------------------+
|Total Size |
+----------------------+
|Meta Size |
+----------------------+
|Reserved |
+----------------------+
|Reserved |
+----------------------+ Base+48
| |
| |
| |
| |
| Microcode |
| |
| Data |
| |
| |
+----------------------+ Base+48+data_size-
| | meta_size
| Meta Data |
| |
+----------------------+ Base+48+data_size
| Extended Signature |
| Table |
| |
| |
| |
| |
| |
+----------------------+ Base+total_size
In subsequent patches IFS test image file (which reuse microcode header
format) will make use of metadata section. Though IFS is the first
consumer of this metadata within microcode file, it is expected that
this will be used for supporting upcoming microcode update
related enhancements.
Also add an accessor function which will return a pointer to the
start of a specific meta_type being queried.
Reviewed-by: Tony Luck <tony.luck@...el.com>
Signed-off-by: Ashok Raj <ashok.raj@...el.com>
Signed-off-by: Jithu Joseph <jithu.joseph@...el.com>
---
arch/x86/include/asm/microcode_intel.h | 19 +++++++++-
arch/x86/kernel/cpu/microcode/intel.c | 48 ++++++++++++++++++++++++--
2 files changed, 64 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/microcode_intel.h b/arch/x86/include/asm/microcode_intel.h
index 27eba991c6b6..dcbc377f67d1 100644
--- a/arch/x86/include/asm/microcode_intel.h
+++ b/arch/x86/include/asm/microcode_intel.h
@@ -14,7 +14,8 @@ struct microcode_header_intel {
unsigned int pf;
unsigned int datasize;
unsigned int totalsize;
- unsigned int reserved[3];
+ unsigned int metasize;
+ unsigned int reserved[2];
};
struct microcode_intel {
@@ -36,6 +37,18 @@ struct extended_sigtable {
struct extended_signature sigs[];
};
+#define META_TYPE_END (0)
+
+struct metadata_header {
+ unsigned int meta_type;
+ unsigned int meta_blk_size;
+};
+
+struct metadata_intel {
+ struct metadata_header meta_hdr;
+ unsigned int meta_bits[];
+};
+
#define DEFAULT_UCODE_DATASIZE (2000)
#define MC_HEADER_SIZE (sizeof(struct microcode_header_intel))
#define DEFAULT_UCODE_TOTALSIZE (DEFAULT_UCODE_DATASIZE + MC_HEADER_SIZE)
@@ -76,6 +89,7 @@ extern int __init save_microcode_in_initrd_intel(void);
void reload_ucode_intel(void);
int microcode_intel_find_matching_signature(void *mc, unsigned int csig, int cpf);
int microcode_intel_sanity_check(void *mc, bool print_err, int hdr_ver);
+struct metadata_header *microcode_intel_find_meta_data(void *ucode, unsigned int meta_type);
#else
static inline __init void load_ucode_intel_bsp(void) {}
static inline void load_ucode_intel_ap(void) {}
@@ -86,6 +100,9 @@ static inline int microcode_intel_find_matching_signature(void *mc, unsigned int
{ return 0; }
static inline int microcode_intel_sanity_check(void *mc, bool print_err, int hdr_ver)
{ return -EINVAL; }
+static inline struct metadata_header *microcode_intel_find_meta_data(void *ucode,
+ unsigned int meta_type)
+ { return NULL; }
#endif
#endif /* _ASM_X86_MICROCODE_INTEL_H */
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index bc3f33a25d7a..179ca345bc06 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -168,14 +168,17 @@ static void save_microcode_patch(struct ucode_cpu_info *uci, void *data, unsigne
int microcode_intel_sanity_check(void *mc, bool print_err, int hdr_ver)
{
- unsigned long total_size, data_size, ext_table_size;
+ unsigned long total_size, data_size, ext_table_size, total_meta;
struct microcode_header_intel *mc_header = mc;
struct extended_sigtable *ext_header = NULL;
u32 sum, orig_sum, ext_sigcount = 0, i;
struct extended_signature *ext_sig;
+ struct metadata_header *meta_header;
+ unsigned long meta_size = 0;
total_size = get_totalsize(mc_header);
data_size = get_datasize(mc_header);
+ total_meta = mc_header->metasize;
if (data_size + MC_HEADER_SIZE > total_size) {
if (print_err)
@@ -245,7 +248,7 @@ int microcode_intel_sanity_check(void *mc, bool print_err, int hdr_ver)
}
if (!ext_table_size)
- return 0;
+ goto check_meta;
/*
* Check extended signature checksum: 0 => valid.
@@ -262,6 +265,22 @@ int microcode_intel_sanity_check(void *mc, bool print_err, int hdr_ver)
return -EINVAL;
}
}
+
+check_meta:
+ if (!total_meta)
+ return 0;
+
+ meta_header = (mc + MC_HEADER_SIZE + data_size) - total_meta;
+ while (meta_header->meta_type != META_TYPE_END) {
+ meta_size += meta_header->meta_blk_size;
+ if (!meta_header->meta_blk_size || meta_size > total_meta) {
+ if (print_err) {
+ pr_err("Bad value for metadata size, aborting.\n");
+ return -EINVAL;
+ }
+ }
+ meta_header = (void *)meta_header + meta_header->meta_blk_size;
+ }
return 0;
}
EXPORT_SYMBOL_GPL(microcode_intel_sanity_check);
@@ -967,3 +986,28 @@ struct microcode_ops * __init init_intel_microcode(void)
return µcode_intel_ops;
}
+
+struct metadata_header *microcode_intel_find_meta_data(void *ucode, unsigned int meta_type)
+{
+ struct metadata_header *meta_header;
+ unsigned long data_size, total_meta;
+ unsigned long meta_size = 0;
+
+ data_size = get_datasize(ucode);
+ total_meta = ((struct microcode_intel *)ucode)->hdr.metasize;
+
+ if (!total_meta)
+ return NULL;
+
+ meta_header = (ucode + MC_HEADER_SIZE + data_size) - total_meta;
+
+ while ((meta_header->meta_type != META_TYPE_END) && meta_size < total_meta) {
+ meta_size += meta_header->meta_blk_size;
+ if (meta_header->meta_type == meta_type)
+ return meta_header;
+
+ meta_header = (void *)meta_header + meta_header->meta_blk_size;
+ }
+ return NULL;
+}
+EXPORT_SYMBOL_GPL(microcode_intel_find_meta_data);
--
2.25.1
Powered by blists - more mailing lists