From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=chen.a.chen@intel.com; receiver=edk2-devel@lists.01.org Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id F1D6720886F46 for ; Sun, 17 Feb 2019 21:53:38 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Feb 2019 21:53:37 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,383,1544515200"; d="scan'208";a="125232758" Received: from chenche4.ccr.corp.intel.com ([10.239.9.12]) by fmsmga008.fm.intel.com with ESMTP; 17 Feb 2019 21:53:36 -0800 From: Chen A Chen To: edk2-devel@lists.01.org Cc: Chen A Chen , Ray Ni , Eric Dong Date: Mon, 18 Feb 2019 13:53:30 +0800 Message-Id: <20190218055330.13448-1-chen.a.chen@intel.com> X-Mailer: git-send-email 2.16.2.windows.1 Subject: [PATCH] UefiCpuPkg/Microcode: Fix incorrect checksum issue for extended table X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Feb 2019 05:53:39 -0000 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020 The following Microcode payload format is define in SDM spec. Payload: |MicrocodeHeader|MicrocodeBinary|ExtendedHeader|ExtendedTable|. When we verify the CheckSum32 with ExtendedTable, we should use the fields of ExtendedTable to replace corresponding fields in MicrocodeHeader, and then calculate the CheckSum32 with MicrocodeHeader+MicrocodeBinary. This patch already verified on ICL platform. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chen A Chen Cc: Ray Ni Cc: Eric Dong --- UefiCpuPkg/Library/MpInitLib/Microcode.c | 38 ++++++++++++++++++++++++-------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c b/UefiCpuPkg/Library/MpInitLib/Microcode.c index d84344c6f5..38880cdbec 100644 --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c @@ -57,6 +57,7 @@ MicrocodeDetect ( UINT32 LatestRevision; UINTN TotalSize; UINT32 CheckSum32; + UINT32 InCompleteCheckSum32; BOOLEAN CorrectMicrocode; VOID *MicrocodeData; MSR_IA32_PLATFORM_ID_REGISTER PlatformIdMsr; @@ -121,6 +122,26 @@ MicrocodeDetect ( MicrocodeData = NULL; MicrocodeEnd = (UINTN) (CpuMpData->MicrocodePatchAddress + CpuMpData->MicrocodePatchRegionSize); MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (UINTN) CpuMpData->MicrocodePatchAddress; + + // + // To avoid double calculate checksum32 value. + // Save the CheckSum32 of the common parts in advance. + // + if (MicrocodeEntryPoint->DataSize == 0) { + InCompleteCheckSum32 = CalculateSum32 ( + (UINT32 *) MicrocodeEntryPoint, + sizeof (CPU_MICROCODE_HEADER) + 2000 + ); + } else { + InCompleteCheckSum32 = CalculateSum32 ( + (UINT32 *) MicrocodeEntryPoint, + sizeof (CPU_MICROCODE_HEADER) + MicrocodeEntryPoint->DataSize + ); + } + InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorSignature.Uint32; + InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags; + InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum; + do { // // Check if the microcode is for the Cpu and the version is newer @@ -137,14 +158,10 @@ MicrocodeDetect ( MicrocodeEntryPoint->UpdateRevision > LatestRevision && (MicrocodeEntryPoint->ProcessorFlags & (1 << PlatformId)) ) { - if (MicrocodeEntryPoint->DataSize == 0) { - CheckSum32 = CalculateSum32 ((UINT32 *) MicrocodeEntryPoint, 2048); - } else { - CheckSum32 = CalculateSum32 ( - (UINT32 *) MicrocodeEntryPoint, - MicrocodeEntryPoint->DataSize + sizeof (CPU_MICROCODE_HEADER) - ); - } + CheckSum32 = InCompleteCheckSum32; + CheckSum32 += MicrocodeEntryPoint->ProcessorSignature.Uint32; + CheckSum32 += MicrocodeEntryPoint->ProcessorFlags; + CheckSum32 += MicrocodeEntryPoint->Checksum; if (CheckSum32 == 0) { CorrectMicrocode = TRUE; ProcessorFlags = MicrocodeEntryPoint->ProcessorFlags; @@ -171,7 +188,10 @@ MicrocodeDetect ( ExtendedTableCount = ExtendedTableHeader->ExtendedSignatureCount; ExtendedTable = (CPU_MICROCODE_EXTENDED_TABLE *) (ExtendedTableHeader + 1); for (Index = 0; Index < ExtendedTableCount; Index ++) { - CheckSum32 = CalculateSum32 ((UINT32 *) ExtendedTable, sizeof(CPU_MICROCODE_EXTENDED_TABLE)); + CheckSum32 = InCompleteCheckSum32; + CheckSum32 += ExtendedTable->ProcessorSignature.Uint32; + CheckSum32 += ExtendedTable->ProcessorFlag; + CheckSum32 += ExtendedTable->Checksum; if (CheckSum32 == 0) { // // Verify Header -- 2.16.2.windows.1