Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754380AbcCAO3Z (ORCPT <rfc822;w@1wt.eu>);
	Tue, 1 Mar 2016 09:29:25 -0500
Received: from mail.skyhub.de ([78.46.96.112]:53576 "EHLO mail.skyhub.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754353AbcCAO3X (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Tue, 1 Mar 2016 09:29:23 -0500
Date: Tue, 1 Mar 2016 15:29:18 +0100
From: Borislav Petkov <bp@alien8.de>
To: Chris Bainbridge <chris.bainbridge@gmail.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org, hmh@hmh.eng.br
Subject: Re: [PATCH v2] x86/microcode: Change checksum to u32
Message-ID: <20160301142918.GB22677@pd.tnic>
References: <1456834359-5132-1-git-send-email-chris.bainbridge@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1456834359-5132-1-git-send-email-chris.bainbridge@gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2242
Lines: 42

On Tue, Mar 01, 2016 at 12:12:39PM +0000, Chris Bainbridge wrote:
> Checksum should be unsigned 32-bit otherwise the calculation overflow
> results in undefined behaviour:
> 
> [    0.000000] ================================================================================
> [    0.000000] UBSAN: Undefined behaviour in arch/x86/kernel/cpu/microcode/intel_lib.c:105:12
> [    0.000000] signed integer overflow:
> [    0.000000] -1500151068 + -2125470173 cannot be represented in type 'int'
> [    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.5.0-rc5+ #495
> [    0.000000]  0000000000000086 0000000000000086 0000000000000000 ffffffff83203968
> [    0.000000]  ffffffff81b30952 ffffffff834c43b8 ffffffff83203998 ffffffff814fe623
> [    0.000000]  ffffffff83203980 ffffffff81bcdf2d ffffffff8339a448 ffffffff83203a08
> [    0.000000] Call Trace:
> [    0.000000]  [<ffffffff81b30952>] dump_stack+0x4e/0x6c
> [    0.000000]  [<ffffffff814fe623>] ? inotify_ioctl+0x43/0x1c0
> [    0.000000]  [<ffffffff81bcdf2d>] ubsan_epilogue+0xd/0x40
> [    0.000000]  [<ffffffff81bce2fd>] handle_overflow+0xbd/0xe0
> [    0.000000]  [<ffffffff81bce32e>] __ubsan_handle_add_overflow+0xe/0x10
> [    0.000000]  [<ffffffff81148e45>] microcode_sanity_check+0x405/0x590
> [    0.000000]  [<ffffffff8549b01b>] get_matching_model_microcode.isra.2.constprop.8+0xa5/0x345
> [    0.000000]  [<ffffffff8548615d>] ? early_idt_handler_common+0x3d/0xae
> [    0.000000]  [<ffffffff81b50962>] ? strlcpy+0x52/0xa0
> [    0.000000]  [<ffffffff81b30ce1>] ? find_cpio_data+0x371/0x510
> [    0.000000]  [<ffffffff8549b461>] load_ucode_intel_bsp+0xa1/0xe5
> [    0.000000]  [<ffffffff8549aea8>] load_ucode_bsp+0xdf/0xf3
> [    0.000000]  [<ffffffff8549aea8>] ? load_ucode_bsp+0xdf/0xf3
> [    0.000000]  [<ffffffff8548671c>] x86_64_start_kernel+0xd1/0xee
> [    0.000000] ================================================================================
> 
> Link: https://lkml.org/lkml/2016/2/27/79
> Signed-off-by: Chris Bainbridge <chris.bainbridge@gmail.com>
> ---
>  arch/x86/kernel/cpu/microcode/intel_lib.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)

Applied, thanks.

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.