Received: by 2002:a05:7412:31a9:b0:e2:908c:2ebd with SMTP id et41csp4797712rdb; Fri, 15 Sep 2023 12:33:15 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH0/mcGP9wy4t8RPqX0cy1KyMrflHOKbKZumO0lZ5WHxWRJy76Y8khWYIMg8iPCVKgPCoKp X-Received: by 2002:a05:6a00:1409:b0:68e:380c:6b15 with SMTP id l9-20020a056a00140900b0068e380c6b15mr2725014pfu.26.1694806395441; Fri, 15 Sep 2023 12:33:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694806395; cv=none; d=google.com; s=arc-20160816; b=SR5cZv4XgOhu5E5oj7Y7rBf7f/FVMO7L75IXcV64cLtvCoXlftHbcoyr1DIX2m6MSS 6noxDZzrajZCPxBlVaD8bx1ycRc2ASDdbl1ynryPvVZ/ihd//6AFSoKoqkdFvEIzyQll 9A8krv5NMg55Dx32emrh0+FLuWOCJvwLnl8i+Z5Zy1oByjk0SP+14cy7gxdKYn71Njuc 7RE9Uh5PqHSszCvIaSwYPmcjRCbaZsMmzRtwXfGrJh/hIOMaSLUWMNqmv+qDYz8ap7yk OuMVCICd2+sP+cH8C5Bmft6qfCp+peG2BxBtLLRtmHOvmBfF7bTkUV5ecrm0twtRGRRV GhXA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:message-id:in-reply-to :subject:cc:to:from:date:dkim-signature; bh=qOnMAtkRwAJZMeRqE+MHL/cRWZE0TZdukoYqmHc4/VA=; fh=K2GM5v+nVwO6ZuN/Z8kiBzkmUG39Q9bUAXLt7esKjHI=; b=qFDJay8TJmFGY14jueQc8rIfYy/JWQFPVlKFg8AsTR7PwxVVeNBZe3IbZrnXmUd959 0cexdYR9AedOv7t+qOynpVqGkTvTObnaPLSbwp7jSS3c1+YA+dvE6DyZQwF1EEq2ojrW p+91q8JBkwG2Mu6/u/EZaSpyRwF/76u0kqBxSafyubKj/Mnie6bN1LD4CP8Oz0VqbK4u 4eCr4Inygue+jDVHXPk9L4FIbb5KL+vtellUisrut7QAGaYOuO0xSylVYzeX9v0JYtkf A1OA3wG+ZSSJJARCzRTCohW1ecHx+L5WenShbtK6+HDSNwX3nUgbFDODU8t1+KN9P5TC D71A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="QGna7J/b"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id h184-20020a6383c1000000b00573fcb46c57si3565513pge.133.2023.09.15.12.33.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Sep 2023 12:33:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="QGna7J/b"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 14051828DE71; Fri, 15 Sep 2023 09:58:50 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229978AbjIOQ6H (ORCPT + 99 others); Fri, 15 Sep 2023 12:58:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56686 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234636AbjIOQ6E (ORCPT ); Fri, 15 Sep 2023 12:58:04 -0400 Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 53238211E; Fri, 15 Sep 2023 09:58:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1694797080; x=1726333080; h=date:from:to:cc:subject:in-reply-to:message-id: references:mime-version; bh=GJvSC4wZ70sklL2nyd+0IoJ0iYnegdWVS9yxn2Uh8vc=; b=QGna7J/b1S4ucoqkX3vogbnJNpEBVWztnFK9rSCWP50OMVoebPIvvlM3 OAcMDaenDFTCzJrSw42phVFBLVtT9W4uA+0zfMsyx5gRYjv2odcssqSq/ ASl+aeZJDFf89bu+rdUr52O8mJOyrBkDo++tdkXZnngR2Pt/bq1owGfh/ srMWXChLFK0tpP/EIb2vWgDI54EUQtcLJigMJ1QpdXfgkgSaeQxcXF2/Q AtwxndJ7Kh4uDOcWR+znLXr9xQHCLQjbqfVycL1f59380kgHLOdKxHdhK x46zPaLnhFt/uHMw77abZCUQURvkkfMpc/KYVk8da7XBw2TsmDafyogDm A==; X-IronPort-AV: E=McAfee;i="6600,9927,10834"; a="445756597" X-IronPort-AV: E=Sophos;i="6.02,149,1688454000"; d="scan'208";a="445756597" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Sep 2023 09:57:59 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10834"; a="694783038" X-IronPort-AV: E=Sophos;i="6.02,149,1688454000"; d="scan'208";a="694783038" Received: from srdoo-mobl1.ger.corp.intel.com ([10.252.38.99]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Sep 2023 09:57:55 -0700 Date: Fri, 15 Sep 2023 19:57:53 +0300 (EEST) From: =?ISO-8859-15?Q?Ilpo_J=E4rvinen?= To: Jithu Joseph cc: hdegoede@redhat.com, markgross@kernel.org, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, rostedt@goodmis.org, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, pengfei.xu@intel.com Subject: Re: [PATCH 06/10] platform/x86/intel/ifs: Validate image size In-Reply-To: <20230913183348.1349409-7-jithu.joseph@intel.com> Message-ID: References: <20230913183348.1349409-1-jithu.joseph@intel.com> <20230913183348.1349409-7-jithu.joseph@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Fri, 15 Sep 2023 09:58:50 -0700 (PDT) On Wed, 13 Sep 2023, Jithu Joseph wrote: > Perform additional validation prior to loading IFS image. > > Error out if the size of the file being loaded doesn't > match the size specified in the header. Please fix these short lines in all your patches. > Signed-off-by: Jithu Joseph > Reviewed-by: Tony Luck > Tested-by: Pengfei Xu > --- > drivers/platform/x86/intel/ifs/load.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/drivers/platform/x86/intel/ifs/load.c b/drivers/platform/x86/intel/ifs/load.c > index e8fb03dd8bcf..778a3b89a24d 100644 > --- a/drivers/platform/x86/intel/ifs/load.c > +++ b/drivers/platform/x86/intel/ifs/load.c > @@ -376,6 +376,7 @@ int ifs_load_firmware(struct device *dev) > { > const struct ifs_test_caps *test = ifs_get_test_caps(dev); > struct ifs_data *ifsd = ifs_get_data(dev); > + unsigned int expected_size; > const struct firmware *fw; > char scan_path[64]; > int ret = -EINVAL; > @@ -390,6 +391,13 @@ int ifs_load_firmware(struct device *dev) > goto done; > } > > + expected_size = ((struct microcode_header_intel *)fw->data)->totalsize; > + if (fw->size != expected_size) { > + dev_err(dev, "File size mismatch (expected %d, actual %ld). Corrupted IFS image.\n", > + expected_size, fw->size); > + return -EBADFD; > + } > + > ret = image_sanity_check(dev, (struct microcode_header_intel *)fw->data); It looks than a bit odd to add the check here and not into a function called image_sanity_check()?!? > if (ret) > goto release; > -- i.