platform/x86/intel/ifs: Add metadata support

One of the existing reserved fields in the microcode header has been allocated to indicate the size of metadata structures. The location of metadata section within microcode header is as shown below: Microcode Blob Format +----------------------+ Base |Header Version | +----------------------+ |Update revision | +----------------------+ |Date DDMMYYYY | +----------------------+ |Sig | +----------------------+ |Checksum | +----------------------+ |Loader Version | +----------------------+ |Processor Flags | +----------------------+ |Data Size | +----------------------+ |Total Size | +----------------------+ |Meta Size | +----------------------+ |Reserved | +----------------------+ |Reserved | +----------------------+ Base+48 | | | Microcode | | Data | | | +----------------------+ Base+48+data_size- | | meta_size | Meta Data | | structure(s) | | | +----------------------+ Base+48+data_size | | | Extended Signature | | Table | | | +----------------------+ Base+total_size Add an accessor function which will return a pointer to the start of a specific meta_type being queried. [ bp: Massage commit message. ] Signed-off-by: Ashok Raj <ashok.raj@intel.com> Signed-off-by: Jithu Joseph <jithu.joseph@intel.com> Signed-off-by: Borislav Petkov <bp@suse.de> Reviewed-by: Tony Luck <tony.luck@intel.com> Reviewed-by: Sohil Mehta <sohil.mehta@intel.com> Reviewed-by: Hans de Goede <hdegoede@redhat.com> Link: https://lore.kernel.org/r/20221117035935.4136738-11-jithu.joseph@intel.com

platform/x86/intel/ifs: Add metadata support
8382fee3 · Ashok Raj · Borislav Petkov · 28377e56 · 8382fee3
Commit 8382fee3 authored Nov 16, 2022 by Ashok Raj Committed by Borislav Petkov Nov 19, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 32 additions and 0 deletions

drivers/platform/x86/intel/ifs/load.c drivers/platform/x86/intel/ifs/load.c +32 -0

No files found.
--- a/drivers/platform/x86/intel/ifs/load.c
+++ b/drivers/platform/x86/intel/ifs/load.c
@@ -43,6 +43,38 @@ static const char * const scan_authentication_status[] = {
 	[2] = "Chunk authentication error. The hash of chunk did not match expected value"
 };

+#define MC_HEADER_META_TYPE_END		(0)
+
+struct metadata_header {
+	unsigned int		type;
+	unsigned int		blk_size;
+};
+
+static struct metadata_header *find_meta_data(void *ucode, unsigned int meta_type)
+{
+	struct metadata_header *meta_header;
+	unsigned long data_size, total_meta;
+	unsigned long meta_size = 0;
+
+	data_size = get_datasize(ucode);
+	total_meta = ((struct microcode_intel *)ucode)->hdr.metasize;
+	if (!total_meta)
+		return NULL;
+
+	meta_header = (ucode + MC_HEADER_SIZE + data_size) - total_meta;
+
+	while (meta_header->type != MC_HEADER_META_TYPE_END &&
+	       meta_header->blk_size &&
+	       meta_size < total_meta) {
+		meta_size += meta_header->blk_size;
+		if (meta_header->type == meta_type)
+			return meta_header;
+
+		meta_header = (void *)meta_header + meta_header->blk_size;
+	}
+	return NULL;
+}
+
 /*
 * To copy scan hashes and authenticate test chunks, the initiating cpu must point
 * to the EDX:EAX to the test image in linear address.