lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20241115164315.GAZzd6I2nyRR5h7D-v@fat_crate.local>
Date: Fri, 15 Nov 2024 17:43:15 +0100
From: Borislav Petkov <bp@...en8.de>
To: Nikolay Borisov <nik.borisov@...e.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/3] x86/microcode/AMD: Make __verify_patch_size() return
 bool

On Thu, Nov 14, 2024 at 04:47:04PM +0100, Borislav Petkov wrote:
> On Thu, Nov 14, 2024 at 04:40:50PM +0200, Nikolay Borisov wrote:
> > Right, the important bit here is that max_size is not really max_size but,
> 
> I take that back and this really is max_size. I went back and looked. These
> are the patches for the older families:
> 
> Patch 00: type 1, size:  960
> Patch 01: type 1, size:  960
> Patch 02: type 1, size:  960
> Patch 03: type 1, size:  960
> Patch 04: type 1, size:  960
> Patch 05: type 1, size:  960
> Patch 06: type 1, size:  960
> Patch 07: type 1, size:  960
> Patch 08: type 1, size:  512
> Patch 09: type 1, size:  960
> Patch 10: type 1, size: 1568
> Patch 11: type 1, size: 1568
> 
> Lemme go and look in detail again, just to be sure.

IOW the below. Which is basically equivalent to what we have now but converted
to return bool. Oh well.

static bool __verify_patch_size(u32 sh_psize, size_t buf_size)
{
        u8 family = x86_family(bsp_cpuid_1_eax);
        u32 max_size;

        if (family >= 0x15)
                goto ret;

#define F1XH_MPB_MAX_SIZE 2048
#define F14H_MPB_MAX_SIZE 1824

        switch (family) {
        case 0x10 ... 0x12:
                max_size = F1XH_MPB_MAX_SIZE;
                break;
        case 0x14:
                max_size = F14H_MPB_MAX_SIZE;
                break;
        default:
                WARN(1, "%s: WTF family: 0x%x\n", __func__, family);
                return false;
        }

        if (sh_psize > max_size)
                return false;

ret:
        /* Working with the whole buffer so < is ok. */
        return sh_psize <= buf_size;
}

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ