[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 5/5] x86/ucode: Relax digest check when Entrysign is fixed in firmware

  • To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Mon, 20 Oct 2025 16:06:22 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RYOqrP2rWqbDMKyo9GU2OkPr+tthQ9fgDuo01I0j74o=; b=FKIxnNW3xtwYXtdKxdLI3QEM7gCOajmwNF750Tl6PN0Dxq3A0kUDFkbjqG132hMXogMX14cW3Ebg5jam9Y2D917SLULGtEKgGCp5B8F4XVmg0pOWMO7NLSKa+5LkJ3aZgRIT/yl/JIcPIGs4zptSI4hqTP4APwMqmZm+Iv0YDjWv/MwNn3Owr/07e7jatFpN1cpThOLOVsb3J1pyJbMe5JYJjnIyvdob99n66zo2n7pSS1xwcwMwj0JNp5FXgsy6BZOdYGK0KeJrKlRcey6EgkNMctIq7yGCLAsYjsuYYeEik9PkAR6sb3UkNN9cEfM7hccFEIWfmEoJChs5F6uJ6Q==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=NyA+gKBCv+Pqbjw3lZTolgfKiohLBLtdKv+muvfTTSERxFLpoqu7jSEi1kYGAWHEv5CgP29H/tb6v16nA20VNI44EIxdIlI+4h1gZ43j9lTFcS3woVINUFMatNoaFE+8Q7/Bt53dvHeUMhBspgI7PSU7UkVD3SbMLEaAqi4da6Mco8WEXSOqUlLFKzWojKhkTYGUudCHG1OZ3WlWaFD8mr55powdp9Z1h5C/P7WPoxtAhzwMKYDMEgdvsD7BY1Sh8lC1U4D1vcBwkDi1u7FYwpP7VX8DX+r6QV+raj6gLpYiXf63GycYLe4TAmIU46vBYDRQUYMPFU4/BxfARugyTQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Jan Beulich <JBeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Mon, 20 Oct 2025 15:06:41 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 20/10/2025 2:19 pm, Andrew Cooper wrote:
> When Entrysign has been mitigated in firwmare, it is believed to be safe to
> pass blobs to the CPU again.  This avoids us needing to update the digest
> table for new microcodes.
>
> Relax the digest check when firmware looks to be up to date, and leave behind
> a clear message when not.
>
> This is best-effort only.  If a malicious microcode has been loaded prior to
> Xen running, then all bets are off.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> ---
> CC: Jan Beulich <JBeulich@xxxxxxxx>
> CC: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>
> I need to double check the revision table.  I think I need to submit a
> correction to Linux first.

Yes. 
https://lore.kernel.org/lkml/20251020144124.2930784-1-andrew.cooper3@xxxxxxxxxx/T/#u

Also there's a general off-by-one error in the revisions, owing to a
difference in how Linux and Xen are using the boundaries.

Both fixed locally for v2.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.