[Bug 192487] New: cpucontrol uses unsafe procedure to detect current microcode version

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Thu Aug 7 19:07:15 UTC 2014


            Bug ID: 192487
           Summary: cpucontrol uses unsafe procedure to detect current
                    microcode version
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Many People
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: hmh+freebsd at hmh.eng.br

The Intel SDM, vol 3A, section, defines a procedure that should be
followed to ensure a valid response from the System Processor when it is
queried about the running microcode revision.

The userspace cpucontrol utility fails to follow this procedure. cpucontrol
fails to pre-init MSR 0x8B (MSR_BIOS_SIGN) with zero and issue a cpuid(1),
before it can get valid data from that same MSR.

Please refer to example 9-9 in the Intel SDM vol 3A page 9-36.

I have no idea how important this procedure is on current Intel processors, but
the impact of getting garbage from MSR_BIOS_SIGN includes either incorrectly
downgrading, or incorrectly refusing to upgrade microcode.

The bug is in file: usr.sbin/cpucontrol/intel.c

You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list