Received: by 2002:a89:2c3:0:b0:1ed:23cc:44d1 with SMTP id d3csp1014949lqs; Wed, 6 Mar 2024 04:02:00 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCU6CmQbJr0Yg/vMcpDaLhbPX9TpVaIicoAVRo0g8okcSahCULfXQxgLVEhZ9vqsRnX6xojB6+G3BQvJiOBq091SMGkW2S0ZyW/TbQ+wQg== X-Google-Smtp-Source: AGHT+IGRvKrHa9D0gjt/1KX5K8NV4mJT2PQFL+6Xk2mxdGnYSgupVY1jcNT3hE4H5I9J25CK3Tj2 X-Received: by 2002:a05:6a00:b81:b0:6e6:830:cd13 with SMTP id g1-20020a056a000b8100b006e60830cd13mr11766188pfj.23.1709726520580; Wed, 06 Mar 2024 04:02:00 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709726520; cv=pass; d=google.com; s=arc-20160816; b=LYmptV2S3RONlOck+KQfQvQokGcRdngaLEj6OV3eHJhhj7Tkk7j1tIxanSYnVrHixN FbgEwjbPB+/GWo6OWobsqV2IAT9Nt824e7l1Oh9MA9v5WPg0p0Uy5dTnblvfwUncarKV 3j5cwEmdajhYxvjsp1yJ5iseLNSylc9kqE+ztrQxafe872wDSM/AzWQaFW05h9KtliXi r0BANTzhV+eW/t38wOi3d34t8a5upbL27NwoxQiZ8omE/IJK4iOpnpVkEcvyPZft7PBv Skdbe1gN8zdnwu93E9dYLcUOAxuAURSTCvwFPaUqtfmxP2WlSqQqsIsW2r/pN2O6nBu3 89UQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:in-reply-to:subject:cc:to:date:from :dkim-signature; bh=nbKifKU5CmcBWkumDFZzM8L9WZTjiFhtAqofekIo58I=; fh=MB2Mc+sWeiHW7WKQvBn9LhdzzJjK2JKqfKxIDvRNR9M=; b=aVZpVJWOBM0l7Bzhf4L8+zmJj75xtDIKLzA7X5bLIFXLBlPF3zwmQ0km815yZmFWRe UVz9jaY8NFw9WN5W+JTerl2wswJvrTl5bqULL0NfxTRON9aJVpbUj4etU+EvPvt6z7wh Gi/1YVd/IZOzgYcsYfITrwGAaWc0UDizZbFIwHHkuDywZ00GSgO02B3Po/62/EMPR+8i Fwip3urqZ7ymiMmC/JMQ54d5KTQkoJ1ZBGqRCQrDel0g3qSCaplE/Tabv41BfinixNBS 8tfCsSYyckhamvGv5NipIaIfD3ANP81G+N1rVVrUgmfFKDRTIHYPygvpCLF/ree8iwTE 2BNw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=n3kLAhH1; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-93674-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-93674-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id r2-20020aa78442000000b006e554a719e1si11744295pfn.253.2024.03.06.04.02.00 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 Mar 2024 04:02:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-93674-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=n3kLAhH1; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-93674-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-93674-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 5E950B26A18 for ; Wed, 6 Mar 2024 09:54:26 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E91475F85B; Wed, 6 Mar 2024 09:53:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="n3kLAhH1" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8D0915FBB5; Wed, 6 Mar 2024 09:53:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.18 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709718803; cv=none; b=cpyKsBgG2XLiyM7dczc7bx6Fm+RPKKFijhgoP7ZaBvy9YPYzThxVibnByLKuGkW7L/29UI4I7N04rl6x2YOAvCcbv71kfeap4JVvU22wq/+m7255SheMDiq/WSbjeMqeKjEc3BdwUWjcl35gAGGHjRhOP8VJY/4rOtBBXFCmHBA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709718803; c=relaxed/simple; bh=io4SbbnyiNckKCLRLcGAVDLGtDr6dhrOEcERzQbK/JY=; h=From:Date:To:cc:Subject:In-Reply-To:Message-ID:References: MIME-Version:Content-Type; b=Tt95gtmLTuSgJ9UpOzyx56yg09AYHHShAa4hlcTAS/D74qLg9n4Rlx9YFHhQIrQpiHMhWOW1NOflZfeNwgXRowXwLi5Q2pYP1+TpRWJpUrdhyIG1WHIMOGy+fWHnWo/xa0N5qjYqFgiKrSBAK2aYlEt3sf69ifcqiKm+llUVRck= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=n3kLAhH1; arc=none smtp.client-ip=198.175.65.18 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1709718801; x=1741254801; h=from:date:to:cc:subject:in-reply-to:message-id: references:mime-version; bh=io4SbbnyiNckKCLRLcGAVDLGtDr6dhrOEcERzQbK/JY=; b=n3kLAhH12AH+qo7NtjkSmeRXgh4qdswYzh/Uw+vNUBqe6IC4fXWmrvei 462hSBJ/vDMwhDZ1AFEEJYK9ATYDH66GE2ET8yA/5gQFFban7FcLAMg6l DCOzsHxdsKU0VIyT213980j4ul6BFDrZaf7rmIqza/37D5vGxUaxxm5X/ 9JphC6jVswKQ5PQCMrl7KhI5EMIhNwzI0tPsziXg/TvgkTsMTAT/GYjMp 8dWzvddEFWZGbPpufoACQ/GJR3NjbdDTtSsKiR3LsgvZmBjxl6rKU7oEY dPL4hA23OrozoQfVOCLeQFU0TJQuy4ubBYna/xOg2uiJSqPPkYoFj1k+x g==; X-IronPort-AV: E=McAfee;i="6600,9927,11004"; a="4436928" X-IronPort-AV: E=Sophos;i="6.06,207,1705392000"; d="scan'208";a="4436928" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by orvoesa110.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Mar 2024 01:53:20 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,207,1705392000"; d="scan'208";a="10266716" Received: from ijarvine-desk1.ger.corp.intel.com (HELO localhost) ([10.245.244.146]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Mar 2024 01:53:19 -0800 From: =?UTF-8?q?Ilpo=20J=C3=A4rvinen?= Date: Wed, 6 Mar 2024 11:53:14 +0200 (EET) To: Shyam Sundar S K cc: Armin Wolf , Hans de Goede , platform-driver-x86@vger.kernel.org, LKML Subject: Re: [PATCH v3 0/4] platform/x86/amd/pmf: Fix policy binary handling In-Reply-To: <839a74c1-6e08-441b-a6e3-9923dfc3f303@amd.com> Message-ID: <0b614744-257b-3d4f-533e-f8bf9085f03a@linux.intel.com> References: <20240304205005.10078-1-W_Armin@gmx.de> <839a74c1-6e08-441b-a6e3-9923dfc3f303@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII On Wed, 6 Mar 2024, Shyam Sundar S K wrote: > On 3/5/2024 02:20, Armin Wolf wrote: > > This patch series fixes various issues inside the policy binary > > handling code. > > The first patch makes sure that a valid error code is returned upon > > failing to start the policy engine, while the second patch drops the > > usage of readl() on non-io memory. > > The last two patches fix a possible out-of-bounds memory access when > > parsing the policy binary header. > > > > All patches are compile-tested only. > > > > Changes since v2: > > - add patches 1 and 3 > > > > Changes since v1: > > - get the full dword instead of only 8 bits when reading the header > > - check if the policy buffer also has enough room for storing the length > > Thank you Armin. Series looks good to me. > > Reviewed-by: Shyam Sundar S K Shyam-sundar.S-k@amd.com Thanks for taking a look. Btw, you were missing <> around the address so the patchwork automation didn't catch that line. To help the patchwork to capture that tag (no need for you to do anything): Reviewed-by: Shyam Sundar S K -- i. > > Armin Wolf (4): > > platform/x86/amd/pmf: Fix return value of > > amd_pmf_start_policy_engine() > > platform/x86/amd/pmf: Do not use readl() for policy buffer access > > platform/x86/amd/pmf: Use struct for cookie header > > platform/x86/amd/pmf: Fix possible out-of-bound memory accesses