From patchwork Thu Sep 12 07:22:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chao Gao X-Patchwork-Id: 11142485 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E982A1599 for ; Thu, 12 Sep 2019 07:20:51 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CF03821479 for ; Thu, 12 Sep 2019 07:20:51 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CF03821479 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8JNI-0001PZ-Kq; Thu, 12 Sep 2019 07:18:40 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8JNH-0001PN-3f for xen-devel@lists.xenproject.org; Thu, 12 Sep 2019 07:18:39 +0000 X-Inumbo-ID: 8730777e-d52d-11e9-978d-bc764e2007e4 Received: from mga01.intel.com (unknown [192.55.52.88]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 8730777e-d52d-11e9-978d-bc764e2007e4; Thu, 12 Sep 2019 07:18:33 +0000 (UTC) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 12 Sep 2019 00:18:32 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,492,1559545200"; d="scan'208";a="189906197" Received: from gao-cwp.sh.intel.com ([10.239.159.26]) by orsmga006.jf.intel.com with ESMTP; 12 Sep 2019 00:18:30 -0700 From: Chao Gao To: xen-devel@lists.xenproject.org Date: Thu, 12 Sep 2019 15:22:14 +0800 Message-Id: <1568272949-1086-2-git-send-email-chao.gao@intel.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1568272949-1086-1-git-send-email-chao.gao@intel.com> References: <1568272949-1086-1-git-send-email-chao.gao@intel.com> Subject: [Xen-devel] [PATCH v10 01/16] microcode/intel: extend microcode_update_match() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Sergey Dyasli , Ashok Raj , Wei Liu , Andrew Cooper , Jan Beulich , Chao Gao , =?utf-8?q?R?= =?utf-8?q?oger_Pau_Monn=C3=A9?= MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" to a more generic function. So that it can be used alone to check an update against the CPU signature and current update revision. Note that enum microcode_match_result will be used in common code (aka microcode.c), it has been placed in the common header. And constifying the parameter of microcode_sanity_check() such that it can be called by microcode_update_match(). Signed-off-by: Chao Gao Reviewed-by: Jan Beulich --- Changes in v10: - Drop RBs - assert that microcode passed to microcode_update_match() would pass sanity check. Constify the parameter of microcode_sanity_check() Changes in v9: - microcode_update_match() doesn't accept (sig, pf, rev) any longer. Hence, it won't be used to compare two arbitrary updates. - rewrite patch description Changes in v8: - make sure enough room for an extended header and signature array Changes in v6: - eliminate unnecessary type casting in microcode_update_match - check if a patch has an extend header Changes in v5: - constify the extended_signature - use named enum type for the return value of microcode_update_match --- xen/arch/x86/microcode_intel.c | 75 ++++++++++++++++++++++------------------- xen/include/asm-x86/microcode.h | 6 ++++ 2 files changed, 47 insertions(+), 34 deletions(-) diff --git a/xen/arch/x86/microcode_intel.c b/xen/arch/x86/microcode_intel.c index 22fdeca..1a3ffa5 100644 --- a/xen/arch/x86/microcode_intel.c +++ b/xen/arch/x86/microcode_intel.c @@ -134,21 +134,11 @@ static int collect_cpu_info(unsigned int cpu_num, struct cpu_signature *csig) return 0; } -static inline int microcode_update_match( - unsigned int cpu_num, const struct microcode_header_intel *mc_header, - int sig, int pf) +static int microcode_sanity_check(const void *mc) { - struct ucode_cpu_info *uci = &per_cpu(ucode_cpu_info, cpu_num); - - return (sigmatch(sig, uci->cpu_sig.sig, pf, uci->cpu_sig.pf) && - (mc_header->rev > uci->cpu_sig.rev)); -} - -static int microcode_sanity_check(void *mc) -{ - struct microcode_header_intel *mc_header = mc; - struct extended_sigtable *ext_header = NULL; - struct extended_signature *ext_sig; + const struct microcode_header_intel *mc_header = mc; + const struct extended_sigtable *ext_header = NULL; + const struct extended_signature *ext_sig; unsigned long total_size, data_size, ext_table_size; unsigned int ext_sigcount = 0, i; uint32_t sum, orig_sum; @@ -234,6 +224,42 @@ static int microcode_sanity_check(void *mc) return 0; } +/* Check an update against the CPU signature and current update revision */ +static enum microcode_match_result microcode_update_match( + const struct microcode_header_intel *mc_header, unsigned int cpu) +{ + const struct extended_sigtable *ext_header; + const struct extended_signature *ext_sig; + unsigned int i; + struct ucode_cpu_info *uci = &per_cpu(ucode_cpu_info, cpu); + unsigned int sig = uci->cpu_sig.sig; + unsigned int pf = uci->cpu_sig.pf; + unsigned int rev = uci->cpu_sig.rev; + unsigned long data_size = get_datasize(mc_header); + const void *end = (const void *)mc_header + get_totalsize(mc_header); + + ASSERT(!microcode_sanity_check(mc_header)); + if ( sigmatch(sig, mc_header->sig, pf, mc_header->pf) ) + return (mc_header->rev > rev) ? NEW_UCODE : OLD_UCODE; + + ext_header = (const void *)(mc_header + 1) + data_size; + ext_sig = (const void *)(ext_header + 1); + + /* + * Make sure there is enough space to hold an extended header and enough + * array elements. + */ + if ( (end < (const void *)ext_sig) || + (end < (const void *)(ext_sig + ext_header->count)) ) + return MIS_UCODE; + + for ( i = 0; i < ext_header->count; i++ ) + if ( sigmatch(sig, ext_sig[i].sig, pf, ext_sig[i].pf) ) + return (mc_header->rev > rev) ? NEW_UCODE : OLD_UCODE; + + return MIS_UCODE; +} + /* * return 0 - no update found * return 1 - found update @@ -243,31 +269,12 @@ static int get_matching_microcode(const void *mc, unsigned int cpu) { struct ucode_cpu_info *uci = &per_cpu(ucode_cpu_info, cpu); const struct microcode_header_intel *mc_header = mc; - const struct extended_sigtable *ext_header; unsigned long total_size = get_totalsize(mc_header); - int ext_sigcount, i; - struct extended_signature *ext_sig; void *new_mc; - if ( microcode_update_match(cpu, mc_header, - mc_header->sig, mc_header->pf) ) - goto find; - - if ( total_size <= (get_datasize(mc_header) + MC_HEADER_SIZE) ) + if ( microcode_update_match(mc, cpu) != NEW_UCODE ) return 0; - ext_header = mc + get_datasize(mc_header) + MC_HEADER_SIZE; - ext_sigcount = ext_header->count; - ext_sig = (void *)ext_header + EXT_HEADER_SIZE; - for ( i = 0; i < ext_sigcount; i++ ) - { - if ( microcode_update_match(cpu, mc_header, - ext_sig->sig, ext_sig->pf) ) - goto find; - ext_sig++; - } - return 0; - find: pr_debug("microcode: CPU%d found a matching microcode update with" " version %#x (current=%#x)\n", cpu, mc_header->rev, uci->cpu_sig.rev); diff --git a/xen/include/asm-x86/microcode.h b/xen/include/asm-x86/microcode.h index 23ea954..882f560 100644 --- a/xen/include/asm-x86/microcode.h +++ b/xen/include/asm-x86/microcode.h @@ -3,6 +3,12 @@ #include +enum microcode_match_result { + OLD_UCODE, /* signature matched, but revision id is older or equal */ + NEW_UCODE, /* signature matched, but revision id is newer */ + MIS_UCODE, /* signature mismatched */ +}; + struct cpu_signature; struct ucode_cpu_info;