[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <45aa0f69-2523-3cba-8f41-b1351f16b78f@intel.com>
Date: Mon, 14 Nov 2022 10:13:44 -0800
From: Dave Hansen <dave.hansen@...el.com>
To: Borislav Petkov <bp@...en8.de>, Ashok Raj <ashok.raj@...el.com>
Cc: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
Thiago Macieira <thiago.macieira@...el.com>,
"Luck, Tony" <tony.luck@...el.com>,
"Joseph, Jithu" <jithu.joseph@...el.com>,
"hdegoede@...hat.com" <hdegoede@...hat.com>,
"markgross@...nel.org" <markgross@...nel.org>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mingo@...hat.com" <mingo@...hat.com>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"x86@...nel.org" <x86@...nel.org>, "hpa@...or.com" <hpa@...or.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"platform-driver-x86@...r.kernel.org"
<platform-driver-x86@...r.kernel.org>,
"patches@...ts.linux.dev" <patches@...ts.linux.dev>,
"Shankar, Ravi V" <ravi.v.shankar@...el.com>,
"Jimenez Gonzalez, Athenas" <athenas.jimenez.gonzalez@...el.com>,
"Mehta, Sohil" <sohil.mehta@...el.com>
Subject: Re: [PATCH v2 12/14] platform/x86/intel/ifs: Add current_batch sysfs
entry
On 11/13/22 07:58, Borislav Petkov wrote:
> On Sun, Nov 13, 2022 at 07:15:03AM -0800, Ashok Raj wrote:
>> Do you expect the /lib/firmware/intel/ifs_0/ to contain *ONLY* files for
>> this platform? For microcode we have everything in the public release
>> included here.
> Same as microcode, as I said further down in my mail:
>
> "And, ofcourse it would check the format of that string against family,
> model, stepping and sequence number (btw this way you drop your
> limitation of 256 for the sequence number which you don't really need
> either)."
Maybe dumb question, but what's the point of even checking the
filenames? They're meaningless.
Let's say we're on model=1,family=2,stepping=3. We try to load test #99:
01-02-03-99.scan
The kernel goes and does the sscanf() and checks "01", "02", etc...
Everything is fine. The header checks on the .scan file are OK. Life
is good. No harm no foul.
Then, some dastardly user does this:
mv 04-05-06-99.scan 01-02-03-99.scan
Taking an evil model=4,family=5,stepping=6 .scan file and trying to load
it. It will *pass* the sscanf() checks. But, will fail the metadata
checks. The kernel wasted the effort of requesting the file, but
there's no harm to anything.
So, what's the point of the sscanf() to check the *filename* other than
saving some potentially expensive request_firmware() calls?
Powered by blists - more mailing lists