On 11/13/2022 3:48 AM, Borislav Petkov wrote: > > So instead of what the code does now: > > + snprintf(scan_path, sizeof(scan_path), "intel/ifs_%d/%02x-%02x-%02x-%02x.scan", > + ifsd->test_num, boot_cpu_data.x86, boot_cpu_data.x86_model, > + boot_cpu_data.x86_stepping, ifsd->cur_batch); > > It would still use the *same* scan_path - /lib/firmware/intel/ifs_0/ - > no one is proposing to give a full path name - it would only use the > filename string - 06-8f-06-00.scan, for example - instead of the "0" in > it to build that string. > > And, ofcourse it would check the format of that string against family, > model, stepping and sequence number (btw this way you drop your > limitation of 256 for the sequence number which you don't really need > either). > > And then if the format passes, it would check the headers. Do you think it is better to restrict filename input to confirm to ff-mm-ss-xy.<test> format rather than accepting any string and treating it as a file-name and trying to load it, if it is present ? (Given that, before loading, We do intel_find_matching_signature(), which validates if the signature/pf entries in header confirms to the machine we are on before loading) We did accepting file-name as input before [1] (except for validating if the filename confirms to ff-mm-ss format) > > And only if those pass too, then it would load. > [1] https://lore.kernel.org/lkml/20220710160011.995800-1-jithu.joseph@xxxxxxxxx/
