[src/netbsd-8]: src/sys Pull up following revision(s) (requested by msaitoh i...

[snj <snj%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/e84c88585e2e
branches:  netbsd-8
changeset: 851879:e84c88585e2e
user:      snj <snj%NetBSD.org@localhost>
date:      Thu Jul 26 21:02:29 2018 +0000

description:
Pull up following revision(s) (requested by msaitoh in ticket #929):
        sys/arch/x86/x86/cpu_ucode_intel.c: 1.14
        sys/kern/kern_cpu.c: 1.74
Add cpu_ucode_intel_verify() to verify microcode image. Currently, we don't
verify extended signatures'checksum. I have no any image which has extended
signature. If an extended signature found, the function shows
"This image has extended signature table." and continue.
--
Don't allocate memory and return EFTYPE if sc->sc_blobsize==0 to prevent
panic in firmware_malloc().

diffstat:

 sys/arch/x86/x86/cpu_ucode_intel.c |  77 ++++++++++++++++++++++++++++++++++++-
 sys/kern/kern_cpu.c                |   9 +++-
 2 files changed, 81 insertions(+), 5 deletions(-)

diffs (136 lines):

diff -r c0c67c10c694 -r e84c88585e2e sys/arch/x86/x86/cpu_ucode_intel.c
--- a/sys/arch/x86/x86/cpu_ucode_intel.c        Thu Jul 26 20:40:39 2018 +0000
+++ b/sys/arch/x86/x86/cpu_ucode_intel.c        Thu Jul 26 21:02:29 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cpu_ucode_intel.c,v 1.12 2017/06/01 02:45:08 chs Exp $ */
+/* $NetBSD: cpu_ucode_intel.c,v 1.12.2.1 2018/07/26 21:02:29 snj Exp $ */
 /*
  * Copyright (c) 2012 The NetBSD Foundation, Inc.
  * All rights reserved.
@@ -29,7 +29,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cpu_ucode_intel.c,v 1.12 2017/06/01 02:45:08 chs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cpu_ucode_intel.c,v 1.12.2.1 2018/07/26 21:02:29 snj Exp $");
 
 #include "opt_xen.h"
 #include "opt_cpu_ucode.h"
@@ -104,6 +104,75 @@
 }
 
 #ifndef XEN
+/* Check header version and checksum */
+static int
+cpu_ucode_intel_verify(struct intel1_ucode_header *buf)
+{
+       uint32_t data_size, total_size, payload_size, extended_table_size;
+#if 0 /* not yet */
+       struct intel1_ucode_ext_table *ext_table;
+       struct intel1_ucode_proc_signature *ext_psig;
+#endif
+       uint32_t sum;
+       int i;
+       
+       if ((buf->uh_header_ver != 1) || (buf->uh_loader_rev != 1))
+               return EINVAL;
+
+       /* Data size */
+       if (buf->uh_data_size == 0)
+               data_size = 2000;
+       else
+               data_size = buf->uh_data_size;
+
+       if ((data_size % 4) != 0) {
+               /* Wrong size */
+               return EINVAL;
+       }
+
+       /* Total size */
+       if (buf->uh_total_size == 0)
+               total_size = data_size + 48;
+       else
+               total_size = buf->uh_total_size;
+
+       if ((total_size % 1024) != 0) {
+               /* Wrong size */
+               return EINVAL;
+       }
+
+       payload_size = data_size + 48;
+
+       /* Extended table size */
+       extended_table_size = total_size - payload_size;
+
+       /*
+        * Verify checksum of update data and header
+        * (exclude extended signature).
+        */
+       sum = 0;
+       for (i = 0; i < (payload_size / sizeof(uint32_t)); i++)
+               sum += *((uint32_t *)buf + i);
+       if (sum != 0) {
+               /* Checksum mismatch */
+               return EINVAL;
+       }
+
+       if (extended_table_size == 0)
+               return 0;
+
+#if 0
+       /* Verify extended signature's checksum */
+       ext_table = (void *)buf + payload_size;
+       ext_psig = (void *)ext_table + sizeof(struct intel1_ucode_ext_table);
+       printf("ext_table = %p, extsig = %p\n", ext_table, ext_psig);
+#else
+       printf("This image has extended signature table.");
+#endif
+
+       return 0;
+}
+
 int
 cpu_ucode_intel_apply(struct cpu_ucode_softc *sc, int cpuno)
 {
@@ -119,8 +188,10 @@
                return EINVAL;
 
        uh = (struct intel1_ucode_header *)(sc->sc_blob);
-       if (uh->uh_header_ver != 1 || uh->uh_loader_rev != 1)
+       rv = cpu_ucode_intel_verify(uh);
+       if (rv != 0)
                return EINVAL;
+
        ucodetarget = uh->uh_rev;
 
        if ((uintptr_t)(sc->sc_blob) & 15) {
diff -r c0c67c10c694 -r e84c88585e2e sys/kern/kern_cpu.c
--- a/sys/kern/kern_cpu.c       Thu Jul 26 20:40:39 2018 +0000
+++ b/sys/kern/kern_cpu.c       Thu Jul 26 21:02:29 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_cpu.c,v 1.71 2015/08/29 12:24:00 maxv Exp $       */
+/*     $NetBSD: kern_cpu.c,v 1.71.10.1 2018/07/26 21:02:29 snj Exp $   */
 
 /*-
  * Copyright (c) 2007, 2008, 2009, 2010, 2012 The NetBSD Foundation, Inc.
@@ -56,7 +56,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_cpu.c,v 1.71 2015/08/29 12:24:00 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_cpu.c,v 1.71.10.1 2018/07/26 21:02:29 snj Exp $");
 
 #include "opt_cpu_ucode.h"
 #include "opt_compat_netbsd.h"
@@ -619,6 +619,11 @@
        }
 
        sc->sc_blobsize = firmware_get_size(fwh);
+       if (sc->sc_blobsize == 0) {
+               error = EFTYPE;
+               firmware_close(fwh);
+               goto err0;
+       }
        sc->sc_blob = firmware_malloc(sc->sc_blobsize);
        if (sc->sc_blob == NULL) {
                error = ENOMEM;