From owner-freebsd-bugs@freebsd.org  Fri Mar  2 02:46:38 2018
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id D9D67F408BC
 for <freebsd-bugs@mailman.ysv.freebsd.org>;
 Fri,  2 Mar 2018 02:46:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.ysv.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 7043D86ECD
 for <freebsd-bugs@FreeBSD.org>; Fri,  2 Mar 2018 02:46:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 7BE4F11371
 for <freebsd-bugs@FreeBSD.org>; Fri,  2 Mar 2018 02:46:36 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w222kaxY048332
 for <freebsd-bugs@FreeBSD.org>; Fri, 2 Mar 2018 02:46:36 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w222kaCj048330
 for freebsd-bugs@FreeBSD.org; Fri, 2 Mar 2018 02:46:36 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: freebsd-bugs@FreeBSD.org
Subject: [Bug 192487] cpucontrol uses unsafe procedure to detect current
 microcode version
Date: Fri, 02 Mar 2018 02:46:35 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: sblachmann@gmail.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-192487-8-gaMqa5sIhz@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-192487-8@https.bugs.freebsd.org/bugzilla/>
References: <bug-192487-8@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Mar 2018 02:46:38 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D192487

--- Comment #1 from Stefan B. <sblachmann@gmail.com> ---
(In reply to Henrique de Moraes Holschuh from comment #0)

> the impact of getting garbage from MSR_BIOS_SIGN includes ...
> ... incorrectly refusing to upgrade microcode.

This is confirmed.

As the cpucontrol program was paid work sponsored by the FreeBSD foundation=
, it
seems to be sacrosanct in spite of being spaghetti.
Maybe this is the reason apparently nobody dares to touch it?
Or even replace its identification and updating code core with a better pro=
gram
like cpupdate? (see below)

Anyway, the fix for this issue would be to add this between line 117 and 11=
8 in
intel.c:

   msrargs.msr =3D MSR_BIOS_SIGN;
   msrargs.data =3D 0;
   error =3D ioctl( cpufd, CPUCTL_WRMSR, &msrargs);
   // note: cpucontrol's error messages are stupid and=20
   //       do not help the user find what is wrong.
   if (error < 0) {
     WARN(0, "ioctl(%s)", dev);
     goto fail;
   }

The other major issue, usage of undefined reserved bits, can lead to similar
problems.
(Hint: see lines 248 and 254 - there is missing some bitwise ANDing)
As my opinion is that this spaghetti code should be scrapped instead of bei=
ng
fixed, I am not eager to take the effort to look into the Intel programmers'
manual to tell you what would belong there.

I wrote cpupdate, which does not have these issues, and works with the new
composite Intel microcode file format. This will be the standard format aft=
er
Intel dropped the legacy microcode.dat and .fw format.

If you want me to rework and tidy up cpupdate so it follows FreeBSD kernel
coding guidelines and add some functions to make it replace the buggy/obsol=
ete
sections of cpucontrol, for including it in FreeBSD or HardenedBSD base, I
would be willing to invest time into that.


Links:
https://github.com/kernschmelze/cpupdate
https://forums.freebsd.org/threads/introducing-cpupdate-a-microcode-tool-fo=
r-freebsd.64588
https://groups.google.com/forum/#!topic/mpc.lists.freebsd.hackers/JTtw6TNQq=
ng

--=20
You are receiving this mail because:
You are the assignee for the bug.=