[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] x86/ucode/amd: Move verify_patch_size() into get_ucode_from_buffer_amd()
commit 98eb0c994ca828da7f38f0ee04c57a0ae24068a5 Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Mon Mar 30 18:10:50 2020 +0100 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Wed Apr 1 14:00:12 2020 +0100 x86/ucode/amd: Move verify_patch_size() into get_ucode_from_buffer_amd() We only stash the microcode blob size so it can be audited in microcode_fits(). However, the patch size check depends only on the CPU family. Move the check earlier to when we are parsing the container, which avoids caching bad microcode in the first place, and allows us to avoid storing the size at all. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> --- xen/arch/x86/cpu/microcode/amd.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/xen/arch/x86/cpu/microcode/amd.c b/xen/arch/x86/cpu/microcode/amd.c index 9417ff2d3a..9ea92f6005 100644 --- a/xen/arch/x86/cpu/microcode/amd.c +++ b/xen/arch/x86/cpu/microcode/amd.c @@ -60,7 +60,6 @@ struct __packed microcode_header_amd { struct microcode_patch { struct microcode_header_amd *mpb; - size_t mpb_size; }; /* Temporary, until the microcode_* structure are disentangled. */ @@ -184,12 +183,6 @@ static enum microcode_match_result microcode_fits( equiv.id != mc_header->processor_rev_id ) return MIS_UCODE; - if ( !verify_patch_size(mc_amd->mpb_size) ) - { - pr_debug("microcode: patch size mismatch\n"); - return MIS_UCODE; - } - if ( mc_header->patch_id <= sig->rev ) { pr_debug("microcode: patch is already at required level or greater.\n"); @@ -318,10 +311,15 @@ static int get_ucode_from_buffer_amd( return -EINVAL; } + if ( !verify_patch_size(mpbuf->len) ) + { + printk(XENLOG_ERR "microcode: patch size mismatch\n"); + return -EINVAL; + } + mc_amd->mpb = xmemdup_bytes(mpbuf->data, mpbuf->len); if ( !mc_amd->mpb ) return -ENOMEM; - mc_amd->mpb_size = mpbuf->len; pr_debug("microcode: CPU%d size %zu, block size %u offset %zu equivID %#x rev %#x\n", smp_processor_id(), bufsize, mpbuf->len, *offset, @@ -439,7 +437,7 @@ static struct microcode_patch *cpu_request_microcode(const void *buf, struct microcode_amd *mc_amd; struct microcode_header_amd *saved = NULL; struct microcode_patch *patch = NULL; - size_t offset = 0, saved_size = 0; + size_t offset = 0; int error = 0; unsigned int cpu = smp_processor_id(); const struct cpu_signature *sig = &per_cpu(cpu_sig, cpu); @@ -515,7 +513,6 @@ static struct microcode_patch *cpu_request_microcode(const void *buf, { xfree(saved); saved = mc_amd->mpb; - saved_size = mc_amd->mpb_size; } else { @@ -554,7 +551,6 @@ static struct microcode_patch *cpu_request_microcode(const void *buf, if ( saved ) { mc_amd->mpb = saved; - mc_amd->mpb_size = saved_size; patch = mc_amd; } else -- generated by git-patchbot for /home/xen/git/xen.git#master _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |