renegade-project/linux-next
2
0
Fork 0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-06 20:53:54 +08:00
Code
1a371e67dc
linux-next/arch/x86
History
Chen Yu 1a371e67dc x86/microcode/intel: Check patch signature before saving microcode for early loading 
Currently, scan_microcode() leverages microcode_matches() to check
if the microcode matches the CPU by comparing the family and model.
However, the processor stepping and flags of the microcode signature
should also be considered when saving a microcode patch for early
update.

Use find_matching_signature() in scan_microcode() and get rid of the
now-unused microcode_matches() which is a good cleanup in itself.

Complete the verification of the patch being saved for early loading in
save_microcode_patch() directly. This needs to be done there too because
save_mc_for_early() will call save_microcode_patch() too.

The second reason why this needs to be done is because the loader still
tries to support, at least hypothetically, mixed-steppings systems and
thus adds all patches to the cache that belong to the same CPU model
albeit with different steppings.

For example:

  microcode: CPU: sig=0x906ec, pf=0x2, rev=0xd6
  microcode: mc_saved[0]: sig=0x906e9, pf=0x2a, rev=0xd6, total size=0x19400, date = 2020-04-23
  microcode: mc_saved[1]: sig=0x906ea, pf=0x22, rev=0xd6, total size=0x19000, date = 2020-04-27
  microcode: mc_saved[2]: sig=0x906eb, pf=0x2, rev=0xd6, total size=0x19400, date = 2020-04-23
  microcode: mc_saved[3]: sig=0x906ec, pf=0x22, rev=0xd6, total size=0x19000, date = 2020-04-27
  microcode: mc_saved[4]: sig=0x906ed, pf=0x22, rev=0xd6, total size=0x19400, date = 2020-04-23

The patch which is being saved for early loading, however, can only be
the one which fits the CPU this runs on so do the signature verification
before saving.

 [ bp: Do signature verification in save_microcode_patch()
       and rewrite commit message. ]

Fixes: ec400ddeff ("x86/microcode_intel_early.c: Early update ucode on Intel's CPU")
Signed-off-by: Chen Yu <yu.c.chen@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: stable@vger.kernel.org
Link: https://bugzilla.kernel.org/show_bug.cgi?id=208535
Link: https://lkml.kernel.org/r/20201113015923.13960-1-yu.c.chen@intel.com
2020-11-17 10:33:18 +01:00
..
boot x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path 2020-10-29 18:06:52 +01:00
configs * A defconfig fix, from Daniel Díaz. 2020-09-20 15:06:43 -07:00
crypto crypto: x86/poly1305 - add back a needed assignment 2020-10-24 09:38:32 +11:00
entry A couple of x86 fixes which missed rc1 due to my stupidity: 2020-10-27 14:39:29 -07:00
events perf/x86/intel/uncore: Fix Add BW copypasta 2020-11-10 18:38:40 +01:00
hyperv hyperv-fixes for 5.10-rc3 2020-11-05 11:32:03 -08:00
ia32 x86: remove address space overrides using set_fs() 2020-09-08 22:21:36 -04:00
include Fixes for ARM and x86, the latter especially for old processors 2020-11-15 09:57:58 -08:00
kernel x86/microcode/intel: Check patch signature before saving microcode for early loading 2020-11-17 10:33:18 +01:00
kvm Fixes for ARM and x86, the latter especially for old processors 2020-11-15 09:57:58 -08:00
lib x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S 2020-11-04 12:30:20 +01:00
math-emu treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
mm x86/head/64: Check SEV encryption before switching to kernel page-table 2020-10-29 18:09:59 +01:00
net bpf: x64: Do not emit sub/add 0, %rsp when !stack_depth 2020-09-29 16:47:39 -07:00
oprofile
pci pci-v5.10-changes 2020-10-22 12:41:00 -07:00
platform treewide: Convert macro and uses of __section(foo) to __section("foo") 2020-10-25 14:51:49 -07:00
power Kbuild updates for v5.9 2020-08-09 14:10:26 -07:00
purgatory treewide: Convert macro and uses of __section(foo) to __section("foo") 2020-10-25 14:51:49 -07:00
ras treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
realmode x86/head/64: Don't call verify_cpu() on starting APs 2020-09-09 11:33:20 +02:00
tools x86/insn: Make inat-tables.c suitable for pre-decompression code 2020-09-07 19:45:24 +02:00
um arch/um: partially revert the conversion to __section() macro 2020-10-26 15:39:37 -07:00
video
xen treewide: Convert macro and uses of __section(foo) to __section("foo") 2020-10-25 14:51:49 -07:00
.gitignore
Kbuild
Kconfig This feature enhances the current guest memory encryption support 2020-10-14 10:21:34 -07:00
Kconfig.assembler
Kconfig.cpu treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Kconfig.debug x86, powerpc: Rename memcpy_mcsafe() to copy_mc_to_{user, kernel}() 2020-10-06 11:18:04 +02:00
Makefile x86/build: Warn on orphan section placement 2020-09-03 10:28:36 +02:00
Makefile_32.cpu
Makefile.um