On Fri, 22 Sep 2023, Jithu Joseph wrote:
> Perform additional validation prior to loading IFS image.
>
> Error out if the size of the file being loaded doesn't match the size
> specified in the header.
>
> Signed-off-by: Jithu Joseph <jithu.joseph@xxxxxxxxx>
> Reviewed-by: Tony Luck <tony.luck@xxxxxxxxx>
> Tested-by: Pengfei Xu <pengfei.xu@xxxxxxxxx>
> ---
> drivers/platform/x86/intel/ifs/load.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/drivers/platform/x86/intel/ifs/load.c b/drivers/platform/x86/intel/ifs/load.c
> index 6b827247945b..b09106034fac 100644
> --- a/drivers/platform/x86/intel/ifs/load.c
> +++ b/drivers/platform/x86/intel/ifs/load.c
> @@ -375,6 +375,7 @@ int ifs_load_firmware(struct device *dev)
> {
> const struct ifs_test_caps *test = ifs_get_test_caps(dev);
> struct ifs_data *ifsd = ifs_get_data(dev);
> + unsigned int expected_size;
> const struct firmware *fw;
> char scan_path[64];
> int ret = -EINVAL;
> @@ -389,6 +390,13 @@ int ifs_load_firmware(struct device *dev)
> goto done;
> }
>
> + expected_size = ((struct microcode_header_intel *)fw->data)->totalsize;
> + if (fw->size != expected_size) {
> + dev_err(dev, "File size mismatch (expected %d, actual %ld). Corrupted IFS image.\n",
> + expected_size, fw->size);
> + return -EBADFD;
I don't think this error code is best suited for what occurred. I guess
returning just -EINVAL would be fine.
--
i.
> + }
> +
> ret = image_sanity_check(dev, (struct microcode_header_intel *)fw->data);
> if (ret)
> goto release;
>
