# Commit 8752ad83e79754f8109457cff796e5f86f644348
# Date 2024-09-24 18:57:38 +0100
# Author Demi Marie Obenour <demi@invisiblethingslab.com>
# Committer Andrew Cooper <andrew.cooper3@citrix.com>
xen/ucode: Make Intel's microcode_sanity_check() stricter

The SDM states that data size must be a multiple of 4, but Xen doesn't check
this propery.

This is liable to cause a later failures, but should be checked explicitly.

Signed-off-by: Demi Marie Obenour <demi@invisiblethingslab.com>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/arch/x86/microcode_intel.c
+++ b/xen/arch/x86/microcode_intel.c
@@ -147,12 +147,20 @@ static int microcode_sanity_check(void *
     unsigned int ext_sigcount = 0, i;
     uint32_t sum, orig_sum;
 
+    /*
+     * The SDM states:
+     * - Data size must be a multiple of 4.
+     * - Total size must be a multiple of 1024 bytes.  Data size and the
+     *   header must fit within it.
+     */
     total_size = get_totalsize(mc_header);
     data_size = get_datasize(mc_header);
-    if ( (data_size + MC_HEADER_SIZE) > total_size )
+    if ( (total_size & 1023) ||
+         (data_size & 3) ||
+         data_size > (total_size - MC_HEADER_SIZE) )
     {
         printk(KERN_ERR "microcode: error! "
-               "Bad data size in microcode data file\n");
+               "Bad size in microcode data file\n");
         return -EINVAL;
     }