On 11/13/22 07:58, Borislav Petkov wrote: > On Sun, Nov 13, 2022 at 07:15:03AM -0800, Ashok Raj wrote: >> Do you expect the /lib/firmware/intel/ifs_0/ to contain *ONLY* files for >> this platform? For microcode we have everything in the public release >> included here. > Same as microcode, as I said further down in my mail: > > "And, ofcourse it would check the format of that string against family, > model, stepping and sequence number (btw this way you drop your > limitation of 256 for the sequence number which you don't really need > either)." Maybe dumb question, but what's the point of even checking the filenames? They're meaningless. Let's say we're on model=1,family=2,stepping=3. We try to load test #99: 01-02-03-99.scan The kernel goes and does the sscanf() and checks "01", "02", etc... Everything is fine. The header checks on the .scan file are OK. Life is good. No harm no foul. Then, some dastardly user does this: mv 04-05-06-99.scan 01-02-03-99.scan Taking an evil model=4,family=5,stepping=6 .scan file and trying to load it. It will *pass* the sscanf() checks. But, will fail the metadata checks. The kernel wasted the effort of requesting the file, but there's no harm to anything. So, what's the point of the sscanf() to check the *filename* other than saving some potentially expensive request_firmware() calls?
