On Fri, Sep 25, 2015 at 05:36:37PM +0300, Jani Nikula wrote: > On Wed, 16 Sep 2015, yu.dai@xxxxxxxxx wrote: > > From: Alex Dai <yu.dai@xxxxxxxxx> > > > > By using information from GuC css header, we can eliminate some > > hard code w.r.t size of some components of firmware. > > There's a catch here. You can't trust any of the firmware blob > contents. None at all. It's all malicious user input as far as the > kernel is concerned, and we don't have the means to check the signature. > > I like the use of the __packed struct here, and I like making this more > dynamic. But you have to check the bounds for everything you use from > the css header. I'm on the fence about that one really - on real systems firmware is tightly locked down and there's patches to auth firmware signatures too afaik. It's blobs we upload to the hw, it could do anything after all ... -Daniel -- Daniel Vetter Software Engineer, Intel Corporation http://blog.ffwll.ch _______________________________________________ Intel-gfx mailing list Intel-gfx@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/intel-gfx
