Commit 8382fee3 authored Nov 16, 2022 by Ashok Raj Committed by Borislav Petkov Nov 19, 2022

platform/x86/intel/ifs: Add metadata support



One of the existing reserved fields in the microcode header has been
allocated to indicate the size of metadata structures.

The location of metadata section within microcode header is as shown
below:

    Microcode Blob Format
   +----------------------+  Base
   |Header Version        |
   +----------------------+
   |Update revision       |
   +----------------------+
   |Date DDMMYYYY         |
   +----------------------+
   |Sig                   |
   +----------------------+
   |Checksum              |
   +----------------------+
   |Loader Version        |
   +----------------------+
   |Processor Flags       |
   +----------------------+
   |Data Size             |
   +----------------------+
   |Total Size            |
   +----------------------+
   |Meta Size             |
   +----------------------+
   |Reserved              |
   +----------------------+
   |Reserved              |
   +----------------------+  Base+48
   |                      |
   |    Microcode         |
   |     Data             |
   |                      |
   +----------------------+  Base+48+data_size-
   |                      |     meta_size
   |   Meta Data          |
   |   structure(s)       |
   |                      |
   +----------------------+  Base+48+data_size
   |                      |
   |   Extended Signature |
   |        Table         |
   |                      |
   +----------------------+  Base+total_size

Add an accessor function which will return a pointer to the start of a
specific meta_type being queried.

  [ bp: Massage commit message. ]

Signed-off-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Jithu Joseph <jithu.joseph@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Sohil Mehta <sohil.mehta@intel.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20221117035935.4136738-11-jithu.joseph@intel.com

parent 28377e56

drivers/platform/x86/intel/ifs/load.c

+32 −0

Original line number	Diff line number	Diff line
		@@ -43,6 +43,38 @@ static const char * const scan_authentication_status[] = {
		[2] = "Chunk authentication error. The hash of chunk did not match expected value"
		};

		#define MC_HEADER_META_TYPE_END (0)

		struct metadata_header {
		unsigned int type;
		unsigned int blk_size;
		};

		static struct metadata_header find_meta_data(void ucode, unsigned int meta_type)
		{
		struct metadata_header *meta_header;
		unsigned long data_size, total_meta;
		unsigned long meta_size = 0;

		data_size = get_datasize(ucode);
		total_meta = ((struct microcode_intel *)ucode)->hdr.metasize;
		if (!total_meta)
		return NULL;

		meta_header = (ucode + MC_HEADER_SIZE + data_size) - total_meta;

		while (meta_header->type != MC_HEADER_META_TYPE_END &&
		meta_header->blk_size &&
		meta_size < total_meta) {
		meta_size += meta_header->blk_size;
		if (meta_header->type == meta_type)
		return meta_header;

		meta_header = (void *)meta_header + meta_header->blk_size;
		}
		return NULL;
		}

		/*
		* To copy scan hashes and authenticate test chunks, the initiating cpu must point
		* to the EDX:EAX to the test image in linear address.