Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp1555782rwb; Wed, 16 Nov 2022 20:55:32 -0800 (PST) X-Google-Smtp-Source: AA0mqf7dBPBXsIxPbT8oBZNgcHkhRq6DAkDxpUcYalGYqVZkk6PCc3bfuoiLnEdt0OjV/x89q7Lc X-Received: by 2002:a05:6402:1507:b0:467:6c56:df3e with SMTP id f7-20020a056402150700b004676c56df3emr680343edw.270.1668660932485; Wed, 16 Nov 2022 20:55:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668660932; cv=none; d=google.com; s=arc-20160816; b=tU6tEl/AH/eko5EvQ4HwF62KrLPhxnejcchAEz8Xog8e4a9Z9av2e3UEd7W6nslrJM ilJnPpxbLkiqSropHFS1EQwPUjAucCe9GaRh6MSTa6CLhzoUsos3E5XWEee8986wujWF spbdbgV5lH2TquOGkUXVOKw5G+hA1Hm6Y6wOixkpYiVWNh4sT1c/ctIdH/5fmriP3ZtH nYflqACipyUUW/45J7ZL5lWb8j6Eo2LHSnnG1b8M85wTMNv0XGdpIK733aiK1yXB9pXH j0m0lZPdWxbcGDAJYAc5GtwsiWmZoGtMZv+3NBzoADGuYMqHDnEL8BSfcDGqHlofrqdP 6W6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=sTYNP6z9j2rp3l5M/4FFL2GW0HN8uu9xQjdDEuVqWrI=; b=R/6gaxA5Wqa4GebmJT2877iuigNxPpiDQPVuRP1F9yW+wN2AhdLfebPwoKkvQypkEs Heoq7ZiwL8yyupXlksTlHomHp02dzA8JqB8Y02anMBawkHpTs5F+zkVI3d24chykq19G edB6JZbcP4JrS40VSmzk0uxD/r0NUZb89tX6na5F35pMP8cNw+Ii0eTCmc4Ftpr/Y86Q 6pXzGviFVBesMuxiP+w6oFJd3044B07XlY2LTFwU7WoQf7/QmOAKcnhhZseF32kzJ4XM 4o8AL9IThAQrQs7Me2Jy/LHFhnqWK260EyOMv1TDxQi87lG2bJBg3MG9jcs2XG058xyT maPg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=GZF17p93; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id cs18-20020a170906dc9200b007aee2977f40si13411550ejc.484.2022.11.16.20.55.11; Wed, 16 Nov 2022 20:55:32 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=GZF17p93; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239247AbiKQECT (ORCPT + 90 others); Wed, 16 Nov 2022 23:02:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34370 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234454AbiKQEA7 (ORCPT ); Wed, 16 Nov 2022 23:00:59 -0500 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2B1214C248; Wed, 16 Nov 2022 20:00:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668657658; x=1700193658; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=3H6t5AxADTI7uec2GmddnFXYVAjGLBJeGJq+yHqIGqY=; b=GZF17p93OAF0k848pMpmQMdMLIf58L5UGP3RfWvjLOZqoBClF2bqa654 ZO6g1RJWn8YJ/I/tgaE0JvozW+QxBJ9QoBaH2OiQG87cnAOuQE2C22h4Y QoRUulLmcBJbn2jHbfakMZvFFLt0IVjVvK0pu4wxKaR/MlZ2DydXsFXW3 hAARSoKNVCCUm/drHlAT8sweaR6z1CNDXBSlVYsqJ5EqpVf8GvIIlY950 tXsK74zmD3GHFPAAIoE3jV+qzQAL6AJ53In3jkFEzt9RuaSxG0O3vF/NI xbY5BRMUk1R3l871vuaW1EjVID7kwaCeSPKaOqlPn83+k0HCiXwuksZkE g==; X-IronPort-AV: E=McAfee;i="6500,9779,10533"; a="292455966" X-IronPort-AV: E=Sophos;i="5.96,169,1665471600"; d="scan'208";a="292455966" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Nov 2022 20:00:57 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10533"; a="590462686" X-IronPort-AV: E=Sophos;i="5.96,169,1665471600"; d="scan'208";a="590462686" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Nov 2022 20:00:57 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v3 07/16] x86/microcode/intel: Reuse microcode_sanity_check() Date: Wed, 16 Nov 2022 19:59:26 -0800 Message-Id: <20221117035935.4136738-8-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221117035935.4136738-1-jithu.joseph@intel.com> References: <20221107225323.2733518-1-jithu.joseph@intel.com> <20221117035935.4136738-1-jithu.joseph@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org IFS test image carries the same microcode header as regular Intel microcode blobs. microcode_sanity_check() can be used by IFS driver to perform sanity check of the IFS test images too. Reviewed-by: Tony Luck Reviewed-by: Ashok Raj Reviewed-by: Sohil Mehta Signed-off-by: Jithu Joseph --- arch/x86/include/asm/cpu.h | 1 + arch/x86/kernel/cpu/intel.c | 99 +++++++++++++++++++++++++ arch/x86/kernel/cpu/microcode/intel.c | 102 +------------------------- 3 files changed, 102 insertions(+), 100 deletions(-) diff --git a/arch/x86/include/asm/cpu.h b/arch/x86/include/asm/cpu.h index e853440b5c65..9e3ac95acf2d 100644 --- a/arch/x86/include/asm/cpu.h +++ b/arch/x86/include/asm/cpu.h @@ -96,5 +96,6 @@ static inline bool intel_cpu_signatures_match(unsigned int s1, unsigned int p1, extern u64 x86_read_arch_cap_msr(void); int intel_find_matching_signature(void *mc, unsigned int csig, int cpf); +int intel_microcode_sanity_check(void *mc, bool print_err); #endif /* _ASM_X86_CPU_H */ diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index b6f9210fb31a..01e73ec1d585 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -245,6 +245,105 @@ int intel_find_matching_signature(void *mc, unsigned int csig, int cpf) } EXPORT_SYMBOL_GPL(intel_find_matching_signature); +int intel_microcode_sanity_check(void *mc, bool print_err) +{ + unsigned long total_size, data_size, ext_table_size; + struct microcode_header_intel *mc_header = mc; + struct extended_sigtable *ext_header = NULL; + u32 sum, orig_sum, ext_sigcount = 0, i; + struct extended_signature *ext_sig; + + total_size = get_totalsize(mc_header); + data_size = get_datasize(mc_header); + + if (data_size + MC_HEADER_SIZE > total_size) { + if (print_err) + pr_err("Error: bad microcode data file size.\n"); + return -EINVAL; + } + + if (mc_header->ldrver != 1 || mc_header->hdrver != 1) { + if (print_err) + pr_err("Error: invalid/unknown microcode update format.\n"); + return -EINVAL; + } + + ext_table_size = total_size - (MC_HEADER_SIZE + data_size); + if (ext_table_size) { + u32 ext_table_sum = 0; + u32 *ext_tablep; + + if (ext_table_size < EXT_HEADER_SIZE || + ((ext_table_size - EXT_HEADER_SIZE) % EXT_SIGNATURE_SIZE)) { + if (print_err) + pr_err("Error: truncated extended signature table.\n"); + return -EINVAL; + } + + ext_header = mc + MC_HEADER_SIZE + data_size; + if (ext_table_size != exttable_size(ext_header)) { + if (print_err) + pr_err("Error: extended signature table size mismatch.\n"); + return -EFAULT; + } + + ext_sigcount = ext_header->count; + + /* + * Check extended table checksum: the sum of all dwords that + * comprise a valid table must be 0. + */ + ext_tablep = (u32 *)ext_header; + + i = ext_table_size / sizeof(u32); + while (i--) + ext_table_sum += ext_tablep[i]; + + if (ext_table_sum) { + if (print_err) + pr_warn("Bad extended signature table checksum, aborting.\n"); + return -EINVAL; + } + } + + /* + * Calculate the checksum of update data and header. The checksum of + * valid update data and header including the extended signature table + * must be 0. + */ + orig_sum = 0; + i = (MC_HEADER_SIZE + data_size) / sizeof(u32); + while (i--) + orig_sum += ((u32 *)mc)[i]; + + if (orig_sum) { + if (print_err) + pr_err("Bad microcode data checksum, aborting.\n"); + return -EINVAL; + } + + if (!ext_table_size) + return 0; + + /* + * Check extended signature checksum: 0 => valid. + */ + for (i = 0; i < ext_sigcount; i++) { + ext_sig = (void *)ext_header + EXT_HEADER_SIZE + + EXT_SIGNATURE_SIZE * i; + + sum = (mc_header->sig + mc_header->pf + mc_header->cksum) - + (ext_sig->sig + ext_sig->pf + ext_sig->cksum); + if (sum) { + if (print_err) + pr_err("Bad extended signature checksum, aborting.\n"); + return -EINVAL; + } + } + return 0; +} +EXPORT_SYMBOL_GPL(intel_microcode_sanity_check); + static void early_init_intel(struct cpuinfo_x86 *c) { u64 misc_enable; diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 234b163806ea..af7134073e65 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -135,104 +135,6 @@ static void save_microcode_patch(struct ucode_cpu_info *uci, void *data, unsigne intel_ucode_patch = p->data; } -static int microcode_sanity_check(void *mc, bool print_err) -{ - unsigned long total_size, data_size, ext_table_size; - struct microcode_header_intel *mc_header = mc; - struct extended_sigtable *ext_header = NULL; - u32 sum, orig_sum, ext_sigcount = 0, i; - struct extended_signature *ext_sig; - - total_size = get_totalsize(mc_header); - data_size = get_datasize(mc_header); - - if (data_size + MC_HEADER_SIZE > total_size) { - if (print_err) - pr_err("Error: bad microcode data file size.\n"); - return -EINVAL; - } - - if (mc_header->ldrver != 1 || mc_header->hdrver != 1) { - if (print_err) - pr_err("Error: invalid/unknown microcode update format.\n"); - return -EINVAL; - } - - ext_table_size = total_size - (MC_HEADER_SIZE + data_size); - if (ext_table_size) { - u32 ext_table_sum = 0; - u32 *ext_tablep; - - if ((ext_table_size < EXT_HEADER_SIZE) - || ((ext_table_size - EXT_HEADER_SIZE) % EXT_SIGNATURE_SIZE)) { - if (print_err) - pr_err("Error: truncated extended signature table.\n"); - return -EINVAL; - } - - ext_header = mc + MC_HEADER_SIZE + data_size; - if (ext_table_size != exttable_size(ext_header)) { - if (print_err) - pr_err("Error: extended signature table size mismatch.\n"); - return -EFAULT; - } - - ext_sigcount = ext_header->count; - - /* - * Check extended table checksum: the sum of all dwords that - * comprise a valid table must be 0. - */ - ext_tablep = (u32 *)ext_header; - - i = ext_table_size / sizeof(u32); - while (i--) - ext_table_sum += ext_tablep[i]; - - if (ext_table_sum) { - if (print_err) - pr_warn("Bad extended signature table checksum, aborting.\n"); - return -EINVAL; - } - } - - /* - * Calculate the checksum of update data and header. The checksum of - * valid update data and header including the extended signature table - * must be 0. - */ - orig_sum = 0; - i = (MC_HEADER_SIZE + data_size) / sizeof(u32); - while (i--) - orig_sum += ((u32 *)mc)[i]; - - if (orig_sum) { - if (print_err) - pr_err("Bad microcode data checksum, aborting.\n"); - return -EINVAL; - } - - if (!ext_table_size) - return 0; - - /* - * Check extended signature checksum: 0 => valid. - */ - for (i = 0; i < ext_sigcount; i++) { - ext_sig = (void *)ext_header + EXT_HEADER_SIZE + - EXT_SIGNATURE_SIZE * i; - - sum = (mc_header->sig + mc_header->pf + mc_header->cksum) - - (ext_sig->sig + ext_sig->pf + ext_sig->cksum); - if (sum) { - if (print_err) - pr_err("Bad extended signature checksum, aborting.\n"); - return -EINVAL; - } - } - return 0; -} - /* * Get microcode matching with BSP's model. Only CPUs with the same model as * BSP can stay in the platform. @@ -253,7 +155,7 @@ scan_microcode(void *data, size_t size, struct ucode_cpu_info *uci, bool save) mc_size = get_totalsize(mc_header); if (!mc_size || mc_size > size || - microcode_sanity_check(data, false) < 0) + intel_microcode_sanity_check(data, false) < 0) break; size -= mc_size; @@ -792,7 +694,7 @@ static enum ucode_state generic_load_microcode(int cpu, struct iov_iter *iter) memcpy(mc, &mc_header, sizeof(mc_header)); data = mc + sizeof(mc_header); if (!copy_from_iter_full(data, data_size, iter) || - microcode_sanity_check(mc, true) < 0) { + intel_microcode_sanity_check(mc, true) < 0) { break; } -- 2.25.1