Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/arch/x86 Verify checksum of the extended signature table.



details:   https://anonhg.NetBSD.org/src/rev/0306f2167463
branches:  trunk
changeset: 370073:0306f2167463
user:      msaitoh <msaitoh%NetBSD.org@localhost>
date:      Thu Sep 15 14:34:22 2022 +0000

description:
Verify checksum of the extended signature table.

diffstat:

 sys/arch/x86/include/cpu_ucode.h   |  15 +++++++--------
 sys/arch/x86/x86/cpu_ucode_intel.c |  37 +++++++++++++++++++++++++------------
 2 files changed, 32 insertions(+), 20 deletions(-)

diffs (105 lines):

diff -r 95c89f50e13a -r 0306f2167463 sys/arch/x86/include/cpu_ucode.h
--- a/sys/arch/x86/include/cpu_ucode.h  Thu Sep 15 14:25:28 2022 +0000
+++ b/sys/arch/x86/include/cpu_ucode.h  Thu Sep 15 14:34:22 2022 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cpu_ucode.h,v 1.4 2018/03/17 15:56:32 christos Exp $ */
+/* $NetBSD: cpu_ucode.h,v 1.5 2022/09/15 14:34:22 msaitoh Exp $ */
 /*
  * Copyright (c) 2012 The NetBSD Foundation, Inc.
  * All rights reserved.
@@ -69,17 +69,16 @@
        uint32_t        uh_reserved[3];
 };
 
+struct intel1_ucode_ext_table {
+       uint32_t        uet_count;
+       uint32_t        uet_checksum;
+       uint32_t        uet_reserved[3];
+};
+
 struct intel1_ucode_proc_signature {
        uint32_t        ups_signature;
        uint32_t        ups_proc_flags;
        uint32_t        ups_checksum;
 };
 
-struct intel1_ucode_ext_table {
-       uint32_t        uet_count;
-       uint32_t        uet_checksum;
-       uint32_t        uet_reserved[3];
-       struct intel1_ucode_proc_signature uet_proc_sig[1];
-};
-
 #endif
diff -r 95c89f50e13a -r 0306f2167463 sys/arch/x86/x86/cpu_ucode_intel.c
--- a/sys/arch/x86/x86/cpu_ucode_intel.c        Thu Sep 15 14:25:28 2022 +0000
+++ b/sys/arch/x86/x86/cpu_ucode_intel.c        Thu Sep 15 14:34:22 2022 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cpu_ucode_intel.c,v 1.19 2022/09/15 01:30:56 msaitoh Exp $ */
+/* $NetBSD: cpu_ucode_intel.c,v 1.20 2022/09/15 14:34:22 msaitoh Exp $ */
 
 /*
  * Copyright (c) 2012, 2019 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cpu_ucode_intel.c,v 1.19 2022/09/15 01:30:56 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cpu_ucode_intel.c,v 1.20 2022/09/15 14:34:22 msaitoh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_xen.h"
@@ -111,8 +111,10 @@
 cpu_ucode_intel_verify(struct cpu_ucode_softc *sc,
     struct intel1_ucode_header *buf)
 {
+       struct intel1_ucode_ext_table *ehdr;
        uint32_t data_size, total_size, payload_size, ext_size;
        uint32_t sum;
+       uint32_t *p;
        int i;
 
        if ((buf->uh_header_ver != 1) || (buf->uh_loader_rev != 1))
@@ -143,21 +145,32 @@
        if (payload_size > sc->sc_blobsize)
                return EINVAL;
 
-       /*
-        * Verify checksum of update data and header. Exclude extended
-        * signature.
-        */
+       /* Verify checksum of update data and header(s). */
        sum = 0;
-       for (i = 0; i < (payload_size / sizeof(uint32_t)); i++) {
-               sum += *((uint32_t *)buf + i);
-       }
+       p = (uint32_t *)buf;
+       for (i = 0; i < (payload_size / sizeof(uint32_t)); i++)
+               sum += p[i];
        if (sum != 0)
                return EINVAL;
 
-       /* Extended table size. Ignored for now. */
        ext_size = total_size - payload_size;
-       if (ext_size > 0)
-               printf("This image has extended signature table.\n");
+       if (ext_size > 0) {
+               /* This image has extended signature table. */
+               ehdr = (struct intel1_ucode_ext_table *)
+                   ((uint8_t *)buf + sizeof(struct intel1_ucode_header) +
+                       data_size);
+               payload_size =
+                   sizeof(struct intel1_ucode_ext_table) +
+                   sizeof(struct intel1_ucode_proc_signature) *
+                   ehdr->uet_count;
+                   
+               sum = 0;
+               p = (uint32_t *)ehdr;
+               for (i = 0; i < (payload_size / sizeof(uint32_t)); i++)
+                       sum += p[i];
+               if (sum != 0)
+                       return EINVAL;
+       }
 
        return 0;
 }



Home | Main Index | Thread Index | Old Index