Commit 41b1af69 authored Nov 16, 2022 by Ashok Raj Committed by Aichun Shi Mar 17, 2023

platform/x86/intel/ifs: Add metadata support

mainline inclusion
from mainline-v6.2-rc1
commit 8382fee3
category: feature
feature: Backport Intel In Field Scan(IFS) multi-blob images support
bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I6L337
CVE: N/A
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/


commit/?id=8382fee3

Intel-SIG: commit 8382fee3 ("platform/x86/intel/ifs: Add metadata support")

-------------------------------------

platform/x86/intel/ifs: Add metadata support

One of the existing reserved fields in the microcode header has been
allocated to indicate the size of metadata structures.

The location of metadata section within microcode header is as shown
below:

    Microcode Blob Format
   +----------------------+  Base
   |Header Version        |
   +----------------------+
   |Update revision       |
   +----------------------+
   |Date DDMMYYYY         |
   +----------------------+
   |Sig                   |
   +----------------------+
   |Checksum              |
   +----------------------+
   |Loader Version        |
   +----------------------+
   |Processor Flags       |
   +----------------------+
   |Data Size             |
   +----------------------+
   |Total Size            |
   +----------------------+
   |Meta Size             |
   +----------------------+
   |Reserved              |
   +----------------------+
   |Reserved              |
   +----------------------+  Base+48
   |                      |
   |    Microcode         |
   |     Data             |
   |                      |
   +----------------------+  Base+48+data_size-
   |                      |     meta_size
   |   Meta Data          |
   |   structure(s)       |
   |                      |
   +----------------------+  Base+48+data_size
   |                      |
   |   Extended Signature |
   |        Table         |
   |                      |
   +----------------------+  Base+total_size

Add an accessor function which will return a pointer to the start of a
specific meta_type being queried.

  [ bp: Massage commit message. ]

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Jithu Joseph <jithu.joseph@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Sohil Mehta <sohil.mehta@intel.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20221117035935.4136738-11-jithu.joseph@intel.com


Signed-off-by: Aichun Shi <aichun.shi@intel.com>

parent 9d718162

drivers/platform/x86/intel/ifs/load.c

+32 −0

Original line number	Diff line number	Diff line
		@@ -43,6 +43,38 @@ static const char * const scan_authentication_status[] = {
		[2] = "Chunk authentication error. The hash of chunk did not match expected value"
		};

		#define MC_HEADER_META_TYPE_END (0)

		struct metadata_header {
		unsigned int type;
		unsigned int blk_size;
		};

		static struct metadata_header find_meta_data(void ucode, unsigned int meta_type)
		{
		struct metadata_header *meta_header;
		unsigned long data_size, total_meta;
		unsigned long meta_size = 0;

		data_size = get_datasize(ucode);
		total_meta = ((struct microcode_intel *)ucode)->hdr.metasize;
		if (!total_meta)
		return NULL;

		meta_header = (ucode + MC_HEADER_SIZE + data_size) - total_meta;

		while (meta_header->type != MC_HEADER_META_TYPE_END &&
		meta_header->blk_size &&
		meta_size < total_meta) {
		meta_size += meta_header->blk_size;
		if (meta_header->type == meta_type)
		return meta_header;

		meta_header = (void *)meta_header + meta_header->blk_size;
		}
		return NULL;
		}

		/*
		* To copy scan hashes and authenticate test chunks, the initiating cpu must point
		* to the EDX:EAX to the test image in linear address.