Date: Fri, 02 Mar 2018 02:46:35 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 192487] cpucontrol uses unsafe procedure to detect current microcode version Message-ID: <bug-192487-8-gaMqa5sIhz@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-192487-8@https.bugs.freebsd.org/bugzilla/> References: <bug-192487-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D192487 --- Comment #1 from Stefan B. <sblachmann@gmail.com> --- (In reply to Henrique de Moraes Holschuh from comment #0) > the impact of getting garbage from MSR_BIOS_SIGN includes ... > ... incorrectly refusing to upgrade microcode. This is confirmed. As the cpucontrol program was paid work sponsored by the FreeBSD foundation= , it seems to be sacrosanct in spite of being spaghetti. Maybe this is the reason apparently nobody dares to touch it? Or even replace its identification and updating code core with a better pro= gram like cpupdate? (see below) Anyway, the fix for this issue would be to add this between line 117 and 11= 8 in intel.c: msrargs.msr =3D MSR_BIOS_SIGN; msrargs.data =3D 0; error =3D ioctl( cpufd, CPUCTL_WRMSR, &msrargs); // note: cpucontrol's error messages are stupid and=20 // do not help the user find what is wrong. if (error < 0) { WARN(0, "ioctl(%s)", dev); goto fail; } The other major issue, usage of undefined reserved bits, can lead to similar problems. (Hint: see lines 248 and 254 - there is missing some bitwise ANDing) As my opinion is that this spaghetti code should be scrapped instead of bei= ng fixed, I am not eager to take the effort to look into the Intel programmers' manual to tell you what would belong there. I wrote cpupdate, which does not have these issues, and works with the new composite Intel microcode file format. This will be the standard format aft= er Intel dropped the legacy microcode.dat and .fw format. If you want me to rework and tidy up cpupdate so it follows FreeBSD kernel coding guidelines and add some functions to make it replace the buggy/obsol= ete sections of cpucontrol, for including it in FreeBSD or HardenedBSD base, I would be willing to invest time into that. Links: https://github.com/kernschmelze/cpupdate https://forums.freebsd.org/threads/introducing-cpupdate-a-microcode-tool-fo= r-freebsd.64588 https://groups.google.com/forum/#!topic/mpc.lists.freebsd.hackers/JTtw6TNQq= ng --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-192487-8-gaMqa5sIhz>