* [Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-21 15:19 ` Mika Kuoppala 0 siblings, 0 replies; 20+ messages in thread From: Mika Kuoppala @ 2019-11-21 15:19 UTC (permalink / raw) To: intel-gfx; +Cc: igt-dev, Joonas Lahtinen Add vulnerability checker for cve-2019-0155 v2: sync, bailout early if no parser (Chris) Cc: Chris Wilson <chris@chris-wilson.co.uk> Cc: Jon Bloomfield <jon.bloomfield@intel.com> Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> --- Makefile.am | 2 +- configure.ac | 1 + cve/Makefile.am | 14 ++ cve/Makefile.sources | 5 + cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ cve/meson.build | 12 ++ meson.build | 1 + 7 files changed, 504 insertions(+), 1 deletion(-) create mode 100644 cve/Makefile.am create mode 100644 cve/Makefile.sources create mode 100644 cve/cve-2019-0155.c create mode 100644 cve/meson.build diff --git a/Makefile.am b/Makefile.am index 94250964..e139bb44 100644 --- a/Makefile.am +++ b/Makefile.am @@ -21,7 +21,7 @@ ACLOCAL_AMFLAGS = ${ACLOCAL_FLAGS} -I m4 -SUBDIRS = lib tools scripts benchmarks +SUBDIRS = lib tools scripts benchmarks cve if BUILD_TESTS SUBDIRS += tests diff --git a/configure.ac b/configure.ac index f9e4942e..23fd9f30 100644 --- a/configure.ac +++ b/configure.ac @@ -311,6 +311,7 @@ AC_CONFIG_FILES([ tools/null_state_gen/Makefile tools/registers/Makefile overlay/Makefile + cve/Makefile ]) AC_CONFIG_FILES([tools/intel_aubdump], [chmod +x tools/intel_aubdump]) diff --git a/cve/Makefile.am b/cve/Makefile.am new file mode 100644 index 00000000..b8419ecd --- /dev/null +++ b/cve/Makefile.am @@ -0,0 +1,14 @@ +include Makefile.sources + +cve_PROGRAMS = $(cve_prog_list) + +AM_CPPFLAGS = \ + -I$(top_srcdir) \ + -I$(top_srcdir)/include/drm-uapi \ + -I$(top_srcdir)/lib \ + -I$(top_srcdir)/lib/stubs/syscalls + +AM_CFLAGS = -I$(top_srcdir)/include/drm-uapi \ + $(DRM_CFLAGS) $(CWARNFLAGS) $(CAIRO_CFLAGS) $(LIBUNWIND_CFLAGS) \ + $(WERROR_CFLAGS) -D_GNU_SOURCE +LDADD = $(top_builddir)/lib/libintel_tools.la diff --git a/cve/Makefile.sources b/cve/Makefile.sources new file mode 100644 index 00000000..2b02f958 --- /dev/null +++ b/cve/Makefile.sources @@ -0,0 +1,5 @@ +cvedir=$(libexecdir)/igt-gpu-tools/cve + +cve_prog_list = \ + cve-2019-0155 + $(NULL) diff --git a/cve/cve-2019-0155.c b/cve/cve-2019-0155.c new file mode 100644 index 00000000..5f6ca60a --- /dev/null +++ b/cve/cve-2019-0155.c @@ -0,0 +1,470 @@ +/* + * Copyright © 2019 Intel Corporation + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice (including the next + * paragraph) shall be included in all copies or substantial portions of the + * Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + * + */ + +/* + * Can be compiled with: + * gcc -Wall -static -o cve-2019-0155 cve-2019-0155.c +*/ + +#define VERSION 1 +#define CHECK_WRITE_BLOCK_WITHOUT_PARSER 0 + +#include <stdio.h> +#include <string.h> +#include <stdint.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/ioctl.h> +#include <fcntl.h> +#include <errno.h> +#include <unistd.h> +#include <stdlib.h> + +#define ASSERT(x, s) do { \ + if (!(x)) { \ + printf("Failed to %s, %s (%d)\n", (s), \ + strerror(errno), errno); \ + exit(EXIT_FAILURE); \ + } \ + } while(0) + +static int do_ioctl(const int fd, const unsigned long nr, void *arg) +{ + int ret; + + do + ret = ioctl(fd, nr, arg); + while (ret == -1 && (errno == EINTR || errno == EAGAIN)); + + return ret; +} + +static int is_driver_i915(const int fd) +{ + struct _drm_version { + int version_major; + int version_minor; + int version_patchlevel; + + size_t name_len; + char *name; + size_t date_len; + char *date; + size_t desc_len; + char *desc; + } v = { 0, }; + char name[256] = { 0, }; + int ret; + + v.name_len = sizeof(name) - 1; + v.name = name; + + ret = do_ioctl(fd, _IOWR(0x40, 0x00, struct _drm_version), &v); + ASSERT(ret == 0, "get name"); + + name[v.name_len] = 0; + + return !strcmp(name, "i915"); +} + +static int cmd_parser_version(const int fd) +{ + int ret, version = 0; + struct _drm_i915_getparam_t { + int32_t param; + uint64_t value; + } q = { 28, + (uint64_t)&version }; + + ret = do_ioctl(fd, _IOWR(0x40, 0x40 + 0x06, struct _drm_i915_getparam_t), &q); + ASSERT(ret == 0, "get param"); + + return version; +} + +#define MI_INSTR(opcode, flags) (((opcode) << 23) | (flags)) +#define MI_BATCH_BUFFER_END MI_INSTR(0x0a, 0) +#define MI_LOAD_REGISTER_IMM MI_INSTR(0x22, (3-2)) + +static int is_write_blocked(const int fd) +{ + int ret; + uint32_t handle; + + struct _drm_i915_gem_execbuffer2 { + uint64_t buffers_ptr; + uint32_t buffer_count; + uint32_t batch_start_offset; + uint32_t batch_len; + uint32_t DR1; + uint32_t DR4; + uint32_t num_cliprects; + uint64_t cliprects_ptr; + uint64_t flags; + uint64_t rsvd1; + uint64_t rsvd2; + } execbuf = { 0, }; + + struct _drm_i915_gem_exec_object2 { + uint32_t handle; + uint32_t relocation_count; + uint64_t relocs_ptr; + uint64_t alignment; + uint64_t offset; + uint64_t flags; + uint64_t rsvd1; + uint64_t rsvd2; + } execobj[1] = { { 0, } }; + + struct _drm_i915_gem_create { + uint64_t size; + uint32_t handle; + uint32_t pad; + } createobj = { 0, }; + + struct _drm_i915_gem_pwrite { + uint32_t handle; + uint32_t pad; + uint64_t offset; + uint64_t size; + uint64_t data_ptr; + } pwrite = { 0, }; + + const uint32_t batch[] = { + MI_LOAD_REGISTER_IMM, + 0x2221c, + 0x0, + 0, + MI_BATCH_BUFFER_END, + }; + + createobj.handle = 0; + createobj.size = 4096; + + ret = do_ioctl(fd, _IOWR(0x40, 0x40+0x1b, struct _drm_i915_gem_create), &createobj); + ASSERT(ret == 0, "create object"); + + handle = createobj.handle; + + pwrite.handle = handle; + pwrite.size = sizeof(batch); + pwrite.data_ptr = (uintptr_t)batch; + + ret = do_ioctl(fd, _IOWR(0x40, 0x40+0x1d, struct _drm_i915_gem_pwrite), &pwrite); + ASSERT(ret == 0, "write object"); + + execobj[0].handle = handle; + + execbuf.buffers_ptr = (uintptr_t)execobj; + execbuf.buffer_count = 1; + execbuf.flags = 3; /* select blitter engine (bcs0) */ + + ret = do_ioctl(fd, _IOWR(0x40, 0x40+0x29, struct _drm_i915_gem_execbuffer2), &execbuf); + if (ret) { + if (errno == EACCES || errno == EINVAL) + return 1; + } + + return 0; +} + +#define INTEL_VGA_DEVICE(x, y) (x) + +static const uint32_t gen9_ids[] = { + + INTEL_VGA_DEVICE(0x1906, info), /* ULT GT1 */ + + INTEL_VGA_DEVICE(0x190E, info), /* ULX GT1 */ + + INTEL_VGA_DEVICE(0x1902, info), /* DT GT1 */ + INTEL_VGA_DEVICE(0x190B, info), /* Halo GT1 */ + INTEL_VGA_DEVICE(0x190A, info), /* SRV GT1 */ + + INTEL_VGA_DEVICE(0x1916, info), /* ULT GT2 */ + INTEL_VGA_DEVICE(0x1921, info), /* ULT GT2F */ + + INTEL_VGA_DEVICE(0x191E, info), /* ULX GT2 */ + + INTEL_VGA_DEVICE(0x1912, info), /* DT GT2 */ + INTEL_VGA_DEVICE(0x191B, info), /* Halo GT2 */ + INTEL_VGA_DEVICE(0x191A, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x191D, info), /* WKS GT2 */ + + INTEL_VGA_DEVICE(0x1926, info), /* ULT GT3 */ + + INTEL_VGA_DEVICE(0x1923, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x1927, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x192B, info), /* Halo GT3 */ + INTEL_VGA_DEVICE(0x192D, info), /* SRV GT3 */ + + INTEL_VGA_DEVICE(0x1932, info), /* DT GT4 */ + INTEL_VGA_DEVICE(0x193B, info), /* Halo GT4 */ + INTEL_VGA_DEVICE(0x193D, info), /* WKS GT4 */ + INTEL_VGA_DEVICE(0x192A, info), /* SRV GT4 */ + INTEL_VGA_DEVICE(0x193A, info), /* SRV GT4e */ + + INTEL_VGA_DEVICE(0x0A84, info), + INTEL_VGA_DEVICE(0x1A84, info), + INTEL_VGA_DEVICE(0x1A85, info), + INTEL_VGA_DEVICE(0x5A84, info), /* APL HD Graphics 505 */ + INTEL_VGA_DEVICE(0x5A85, info), /* APL HD Graphics 500 */ + + INTEL_VGA_DEVICE(0x3184, info), + INTEL_VGA_DEVICE(0x3185, info), + + INTEL_VGA_DEVICE(0x5906, info), /* ULT GT1 */ + INTEL_VGA_DEVICE(0x5913, info), /* ULT GT1.5 */ + + INTEL_VGA_DEVICE(0x590E, info), /* ULX GT1 */ + INTEL_VGA_DEVICE(0x5915, info), /* ULX GT1.5 */ + + INTEL_VGA_DEVICE(0x5902, info), /* DT GT1 */ + INTEL_VGA_DEVICE(0x5908, info), /* Halo GT1 */ + INTEL_VGA_DEVICE(0x590B, info), /* Halo GT1 */ + INTEL_VGA_DEVICE(0x590A, info), /* SRV GT1 */ + + INTEL_VGA_DEVICE(0x5916, info), /* ULT GT2 */ + INTEL_VGA_DEVICE(0x5921, info), /* ULT GT2F */ + + INTEL_VGA_DEVICE(0x591E, info), /* ULX GT2 */ + + INTEL_VGA_DEVICE(0x5917, info), /* Mobile GT2 */ + INTEL_VGA_DEVICE(0x5912, info), /* DT GT2 */ + INTEL_VGA_DEVICE(0x591B, info), /* Halo GT2 */ + INTEL_VGA_DEVICE(0x591A, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x591D, info), /* WKS GT2 */ + + INTEL_VGA_DEVICE(0x5926, info), /* ULT GT3 */ + + INTEL_VGA_DEVICE(0x5923, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x5927, info), /* ULT GT3 */ + + INTEL_VGA_DEVICE(0x593B, info), /* Halo GT4 */ + + INTEL_VGA_DEVICE(0x591C, info), /* ULX GT2 */ + INTEL_VGA_DEVICE(0x87C0, info), /* ULX GT2 */ + + INTEL_VGA_DEVICE(0x87CA, info), + + INTEL_VGA_DEVICE(0x9B21, info), + INTEL_VGA_DEVICE(0x9BAA, info), + INTEL_VGA_DEVICE(0x9BAB, info), + INTEL_VGA_DEVICE(0x9BAC, info), + INTEL_VGA_DEVICE(0x9BA0, info), + INTEL_VGA_DEVICE(0x9BA5, info), + INTEL_VGA_DEVICE(0x9BA8, info), + INTEL_VGA_DEVICE(0x9BA4, info), + INTEL_VGA_DEVICE(0x9BA2, info), + + INTEL_VGA_DEVICE(0x9B41, info), + INTEL_VGA_DEVICE(0x9BCA, info), + INTEL_VGA_DEVICE(0x9BCB, info), + INTEL_VGA_DEVICE(0x9BCC, info), + INTEL_VGA_DEVICE(0x9BC0, info), + INTEL_VGA_DEVICE(0x9BC5, info), + INTEL_VGA_DEVICE(0x9BC8, info), + INTEL_VGA_DEVICE(0x9BC4, info), + INTEL_VGA_DEVICE(0x9BC2, info), + INTEL_VGA_DEVICE(0x9BC6, info), + INTEL_VGA_DEVICE(0x9BE6, info), + INTEL_VGA_DEVICE(0x9BF6, info), + + INTEL_VGA_DEVICE(0x3E90, info), /* SRV GT1 */ + INTEL_VGA_DEVICE(0x3E93, info), /* SRV GT1 */ + INTEL_VGA_DEVICE(0x3E99, info), /* SRV GT1 */ + + INTEL_VGA_DEVICE(0x3E91, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x3E92, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x3E96, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x3E98, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x3E9A, info), /* SRV GT2 */ + + INTEL_VGA_DEVICE(0x3E9C, info), + + INTEL_VGA_DEVICE(0x3E9B, info), /* Halo GT2 */ + INTEL_VGA_DEVICE(0x3E94, info), /* Halo GT2 */ + + INTEL_VGA_DEVICE(0x3EA9, info), + + INTEL_VGA_DEVICE(0x3EA5, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x3EA6, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x3EA7, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x3EA8, info), /* ULT GT3 */ + + INTEL_VGA_DEVICE(0x3EA1, info), + INTEL_VGA_DEVICE(0x3EA4, info), + + INTEL_VGA_DEVICE(0x3EA0, info), + INTEL_VGA_DEVICE(0x3EA3, info), + + INTEL_VGA_DEVICE(0x3EA2, info), +}; + +static int is_platform_gen9(void) +{ + const char * const id_file = + "/sys/bus/pci/drivers/i915/0000:00:02.0/device"; + char idstr[32] = {0, }; + uint32_t id = 0; + int fd, ret, i; + + fd = open(id_file, O_RDONLY); + if (fd == -1) + return -1; + + ret = read(fd, idstr, 6); + if (ret != 6) + return -1; + + close(fd); + + idstr[6] = 0; + + id = strtol(idstr, NULL, 16); + + for (i = 0; i < sizeof(gen9_ids)/sizeof(uint32_t); i++) + if (id == gen9_ids[i]) + return 1; + + return 0; +} + +static int is_fd_safe(const int fd) +{ + int parser_version = -1; + int write_block = 0; + + parser_version = cmd_parser_version(fd); + printf(" Command parser version: %d\n", parser_version); + if (parser_version >= 10) { + printf(" Command parsing for blt engine supported\n"); + } else if (!CHECK_WRITE_BLOCK_WITHOUT_PARSER) { + printf(" There is no blitter command parser\n"); + return 0; + } + + write_block = is_write_blocked(fd); + + printf(" Unsafe write %s\n", write_block ? "blocked" : "possible!"); + + return write_block; +} + +struct stats { + int checked; + int safe; + int failed; +}; + +static void check_path(const char *path, struct stats *stats) +{ + int fd; + int is_safe; + + fd = open(path, O_RDWR); + if (fd == -1) { + if (errno != ENOENT) { + printf("Opening %s failed with %s (%d)\n", + path, strerror(errno), errno); + stats->failed++; + } + + return; + } + + if (!is_driver_i915(fd)) { + close(fd); + return; + } + + printf("Checking %s:\n", path); + + is_safe = is_fd_safe(fd); + printf(" Device %s : %s\n\n", path, is_safe ? "SAFE" : "VULNERABLE"); + if (is_safe) + stats->safe++; + + stats->checked++; + + close (fd); +} + +static int check_devices(void) +{ + const char * const cardbase = "/dev/dri/card"; + const char * const renderbase = "/dev/dri/renderD"; + char path[256]; + int i; + struct stats s = { 0, 0, 0 }; + + for (i = 0; i < 16; i++) { + sprintf(path, "%s%d", cardbase, i); + check_path(path, &s); + + sprintf(path, "%s%d", renderbase, i + 128); + check_path(path, &s); + } + + if (s.failed && !s.checked) { + printf("Failed to open devices, need root?\n"); + return -1; + } + + if (!s.checked) { + printf ("Didn't find anything to check\n"); + return -1; + } + + return s.checked == s.safe; +} + +int main(int argc, char *argv[]) +{ + int safe = 0; + int ret; + + printf("Intel cve-2019-0155 (blt mmio vulnerability) checker version %d\n\n", VERSION); + + sync(); + + ret = is_platform_gen9(); + if (ret == 0) { + safe = 1; + printf("Your platform is not affected\n"); + } else if (ret == -1) { + printf("Unable to determine platform type\n"); + } + + if (safe != 1) + safe = check_devices(); + + if (safe < 0) { + printf("Unable to determine system state due to errors\n"); + return EXIT_FAILURE; + } + + printf("\nYour system is %s against cve-2019-0155\n", safe ? "SAFE" : "VULNERABLE"); + + return safe ? EXIT_SUCCESS : EXIT_FAILURE; +} diff --git a/cve/meson.build b/cve/meson.build new file mode 100644 index 00000000..990181c6 --- /dev/null +++ b/cve/meson.build @@ -0,0 +1,12 @@ +cve_progs = [ + 'cve-2019-0155', +] + +cvedir = join_paths(libexecdir, 'cve') + +foreach prog : cve_progs + executable(prog, prog + '.c', + install : true, + install_dir : cvedir, + dependencies : igt_deps) +endforeach diff --git a/meson.build b/meson.build index 4d5003ba..27ad9567 100644 --- a/meson.build +++ b/meson.build @@ -302,6 +302,7 @@ if libdrm_intel.found() endif subdir('overlay') subdir('man') +subdir('cve') gtk_doc = dependency('gtk-doc', required : build_docs) python3 = find_program('python3', required : build_docs) -- 2.17.1 _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply related [flat|nested] 20+ messages in thread
* [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-21 15:19 ` Mika Kuoppala 0 siblings, 0 replies; 20+ messages in thread From: Mika Kuoppala @ 2019-11-21 15:19 UTC (permalink / raw) To: intel-gfx; +Cc: igt-dev, Joonas Lahtinen Add vulnerability checker for cve-2019-0155 v2: sync, bailout early if no parser (Chris) Cc: Chris Wilson <chris@chris-wilson.co.uk> Cc: Jon Bloomfield <jon.bloomfield@intel.com> Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> --- Makefile.am | 2 +- configure.ac | 1 + cve/Makefile.am | 14 ++ cve/Makefile.sources | 5 + cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ cve/meson.build | 12 ++ meson.build | 1 + 7 files changed, 504 insertions(+), 1 deletion(-) create mode 100644 cve/Makefile.am create mode 100644 cve/Makefile.sources create mode 100644 cve/cve-2019-0155.c create mode 100644 cve/meson.build diff --git a/Makefile.am b/Makefile.am index 94250964..e139bb44 100644 --- a/Makefile.am +++ b/Makefile.am @@ -21,7 +21,7 @@ ACLOCAL_AMFLAGS = ${ACLOCAL_FLAGS} -I m4 -SUBDIRS = lib tools scripts benchmarks +SUBDIRS = lib tools scripts benchmarks cve if BUILD_TESTS SUBDIRS += tests diff --git a/configure.ac b/configure.ac index f9e4942e..23fd9f30 100644 --- a/configure.ac +++ b/configure.ac @@ -311,6 +311,7 @@ AC_CONFIG_FILES([ tools/null_state_gen/Makefile tools/registers/Makefile overlay/Makefile + cve/Makefile ]) AC_CONFIG_FILES([tools/intel_aubdump], [chmod +x tools/intel_aubdump]) diff --git a/cve/Makefile.am b/cve/Makefile.am new file mode 100644 index 00000000..b8419ecd --- /dev/null +++ b/cve/Makefile.am @@ -0,0 +1,14 @@ +include Makefile.sources + +cve_PROGRAMS = $(cve_prog_list) + +AM_CPPFLAGS = \ + -I$(top_srcdir) \ + -I$(top_srcdir)/include/drm-uapi \ + -I$(top_srcdir)/lib \ + -I$(top_srcdir)/lib/stubs/syscalls + +AM_CFLAGS = -I$(top_srcdir)/include/drm-uapi \ + $(DRM_CFLAGS) $(CWARNFLAGS) $(CAIRO_CFLAGS) $(LIBUNWIND_CFLAGS) \ + $(WERROR_CFLAGS) -D_GNU_SOURCE +LDADD = $(top_builddir)/lib/libintel_tools.la diff --git a/cve/Makefile.sources b/cve/Makefile.sources new file mode 100644 index 00000000..2b02f958 --- /dev/null +++ b/cve/Makefile.sources @@ -0,0 +1,5 @@ +cvedir=$(libexecdir)/igt-gpu-tools/cve + +cve_prog_list = \ + cve-2019-0155 + $(NULL) diff --git a/cve/cve-2019-0155.c b/cve/cve-2019-0155.c new file mode 100644 index 00000000..5f6ca60a --- /dev/null +++ b/cve/cve-2019-0155.c @@ -0,0 +1,470 @@ +/* + * Copyright © 2019 Intel Corporation + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice (including the next + * paragraph) shall be included in all copies or substantial portions of the + * Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + * + */ + +/* + * Can be compiled with: + * gcc -Wall -static -o cve-2019-0155 cve-2019-0155.c +*/ + +#define VERSION 1 +#define CHECK_WRITE_BLOCK_WITHOUT_PARSER 0 + +#include <stdio.h> +#include <string.h> +#include <stdint.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/ioctl.h> +#include <fcntl.h> +#include <errno.h> +#include <unistd.h> +#include <stdlib.h> + +#define ASSERT(x, s) do { \ + if (!(x)) { \ + printf("Failed to %s, %s (%d)\n", (s), \ + strerror(errno), errno); \ + exit(EXIT_FAILURE); \ + } \ + } while(0) + +static int do_ioctl(const int fd, const unsigned long nr, void *arg) +{ + int ret; + + do + ret = ioctl(fd, nr, arg); + while (ret == -1 && (errno == EINTR || errno == EAGAIN)); + + return ret; +} + +static int is_driver_i915(const int fd) +{ + struct _drm_version { + int version_major; + int version_minor; + int version_patchlevel; + + size_t name_len; + char *name; + size_t date_len; + char *date; + size_t desc_len; + char *desc; + } v = { 0, }; + char name[256] = { 0, }; + int ret; + + v.name_len = sizeof(name) - 1; + v.name = name; + + ret = do_ioctl(fd, _IOWR(0x40, 0x00, struct _drm_version), &v); + ASSERT(ret == 0, "get name"); + + name[v.name_len] = 0; + + return !strcmp(name, "i915"); +} + +static int cmd_parser_version(const int fd) +{ + int ret, version = 0; + struct _drm_i915_getparam_t { + int32_t param; + uint64_t value; + } q = { 28, + (uint64_t)&version }; + + ret = do_ioctl(fd, _IOWR(0x40, 0x40 + 0x06, struct _drm_i915_getparam_t), &q); + ASSERT(ret == 0, "get param"); + + return version; +} + +#define MI_INSTR(opcode, flags) (((opcode) << 23) | (flags)) +#define MI_BATCH_BUFFER_END MI_INSTR(0x0a, 0) +#define MI_LOAD_REGISTER_IMM MI_INSTR(0x22, (3-2)) + +static int is_write_blocked(const int fd) +{ + int ret; + uint32_t handle; + + struct _drm_i915_gem_execbuffer2 { + uint64_t buffers_ptr; + uint32_t buffer_count; + uint32_t batch_start_offset; + uint32_t batch_len; + uint32_t DR1; + uint32_t DR4; + uint32_t num_cliprects; + uint64_t cliprects_ptr; + uint64_t flags; + uint64_t rsvd1; + uint64_t rsvd2; + } execbuf = { 0, }; + + struct _drm_i915_gem_exec_object2 { + uint32_t handle; + uint32_t relocation_count; + uint64_t relocs_ptr; + uint64_t alignment; + uint64_t offset; + uint64_t flags; + uint64_t rsvd1; + uint64_t rsvd2; + } execobj[1] = { { 0, } }; + + struct _drm_i915_gem_create { + uint64_t size; + uint32_t handle; + uint32_t pad; + } createobj = { 0, }; + + struct _drm_i915_gem_pwrite { + uint32_t handle; + uint32_t pad; + uint64_t offset; + uint64_t size; + uint64_t data_ptr; + } pwrite = { 0, }; + + const uint32_t batch[] = { + MI_LOAD_REGISTER_IMM, + 0x2221c, + 0x0, + 0, + MI_BATCH_BUFFER_END, + }; + + createobj.handle = 0; + createobj.size = 4096; + + ret = do_ioctl(fd, _IOWR(0x40, 0x40+0x1b, struct _drm_i915_gem_create), &createobj); + ASSERT(ret == 0, "create object"); + + handle = createobj.handle; + + pwrite.handle = handle; + pwrite.size = sizeof(batch); + pwrite.data_ptr = (uintptr_t)batch; + + ret = do_ioctl(fd, _IOWR(0x40, 0x40+0x1d, struct _drm_i915_gem_pwrite), &pwrite); + ASSERT(ret == 0, "write object"); + + execobj[0].handle = handle; + + execbuf.buffers_ptr = (uintptr_t)execobj; + execbuf.buffer_count = 1; + execbuf.flags = 3; /* select blitter engine (bcs0) */ + + ret = do_ioctl(fd, _IOWR(0x40, 0x40+0x29, struct _drm_i915_gem_execbuffer2), &execbuf); + if (ret) { + if (errno == EACCES || errno == EINVAL) + return 1; + } + + return 0; +} + +#define INTEL_VGA_DEVICE(x, y) (x) + +static const uint32_t gen9_ids[] = { + + INTEL_VGA_DEVICE(0x1906, info), /* ULT GT1 */ + + INTEL_VGA_DEVICE(0x190E, info), /* ULX GT1 */ + + INTEL_VGA_DEVICE(0x1902, info), /* DT GT1 */ + INTEL_VGA_DEVICE(0x190B, info), /* Halo GT1 */ + INTEL_VGA_DEVICE(0x190A, info), /* SRV GT1 */ + + INTEL_VGA_DEVICE(0x1916, info), /* ULT GT2 */ + INTEL_VGA_DEVICE(0x1921, info), /* ULT GT2F */ + + INTEL_VGA_DEVICE(0x191E, info), /* ULX GT2 */ + + INTEL_VGA_DEVICE(0x1912, info), /* DT GT2 */ + INTEL_VGA_DEVICE(0x191B, info), /* Halo GT2 */ + INTEL_VGA_DEVICE(0x191A, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x191D, info), /* WKS GT2 */ + + INTEL_VGA_DEVICE(0x1926, info), /* ULT GT3 */ + + INTEL_VGA_DEVICE(0x1923, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x1927, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x192B, info), /* Halo GT3 */ + INTEL_VGA_DEVICE(0x192D, info), /* SRV GT3 */ + + INTEL_VGA_DEVICE(0x1932, info), /* DT GT4 */ + INTEL_VGA_DEVICE(0x193B, info), /* Halo GT4 */ + INTEL_VGA_DEVICE(0x193D, info), /* WKS GT4 */ + INTEL_VGA_DEVICE(0x192A, info), /* SRV GT4 */ + INTEL_VGA_DEVICE(0x193A, info), /* SRV GT4e */ + + INTEL_VGA_DEVICE(0x0A84, info), + INTEL_VGA_DEVICE(0x1A84, info), + INTEL_VGA_DEVICE(0x1A85, info), + INTEL_VGA_DEVICE(0x5A84, info), /* APL HD Graphics 505 */ + INTEL_VGA_DEVICE(0x5A85, info), /* APL HD Graphics 500 */ + + INTEL_VGA_DEVICE(0x3184, info), + INTEL_VGA_DEVICE(0x3185, info), + + INTEL_VGA_DEVICE(0x5906, info), /* ULT GT1 */ + INTEL_VGA_DEVICE(0x5913, info), /* ULT GT1.5 */ + + INTEL_VGA_DEVICE(0x590E, info), /* ULX GT1 */ + INTEL_VGA_DEVICE(0x5915, info), /* ULX GT1.5 */ + + INTEL_VGA_DEVICE(0x5902, info), /* DT GT1 */ + INTEL_VGA_DEVICE(0x5908, info), /* Halo GT1 */ + INTEL_VGA_DEVICE(0x590B, info), /* Halo GT1 */ + INTEL_VGA_DEVICE(0x590A, info), /* SRV GT1 */ + + INTEL_VGA_DEVICE(0x5916, info), /* ULT GT2 */ + INTEL_VGA_DEVICE(0x5921, info), /* ULT GT2F */ + + INTEL_VGA_DEVICE(0x591E, info), /* ULX GT2 */ + + INTEL_VGA_DEVICE(0x5917, info), /* Mobile GT2 */ + INTEL_VGA_DEVICE(0x5912, info), /* DT GT2 */ + INTEL_VGA_DEVICE(0x591B, info), /* Halo GT2 */ + INTEL_VGA_DEVICE(0x591A, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x591D, info), /* WKS GT2 */ + + INTEL_VGA_DEVICE(0x5926, info), /* ULT GT3 */ + + INTEL_VGA_DEVICE(0x5923, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x5927, info), /* ULT GT3 */ + + INTEL_VGA_DEVICE(0x593B, info), /* Halo GT4 */ + + INTEL_VGA_DEVICE(0x591C, info), /* ULX GT2 */ + INTEL_VGA_DEVICE(0x87C0, info), /* ULX GT2 */ + + INTEL_VGA_DEVICE(0x87CA, info), + + INTEL_VGA_DEVICE(0x9B21, info), + INTEL_VGA_DEVICE(0x9BAA, info), + INTEL_VGA_DEVICE(0x9BAB, info), + INTEL_VGA_DEVICE(0x9BAC, info), + INTEL_VGA_DEVICE(0x9BA0, info), + INTEL_VGA_DEVICE(0x9BA5, info), + INTEL_VGA_DEVICE(0x9BA8, info), + INTEL_VGA_DEVICE(0x9BA4, info), + INTEL_VGA_DEVICE(0x9BA2, info), + + INTEL_VGA_DEVICE(0x9B41, info), + INTEL_VGA_DEVICE(0x9BCA, info), + INTEL_VGA_DEVICE(0x9BCB, info), + INTEL_VGA_DEVICE(0x9BCC, info), + INTEL_VGA_DEVICE(0x9BC0, info), + INTEL_VGA_DEVICE(0x9BC5, info), + INTEL_VGA_DEVICE(0x9BC8, info), + INTEL_VGA_DEVICE(0x9BC4, info), + INTEL_VGA_DEVICE(0x9BC2, info), + INTEL_VGA_DEVICE(0x9BC6, info), + INTEL_VGA_DEVICE(0x9BE6, info), + INTEL_VGA_DEVICE(0x9BF6, info), + + INTEL_VGA_DEVICE(0x3E90, info), /* SRV GT1 */ + INTEL_VGA_DEVICE(0x3E93, info), /* SRV GT1 */ + INTEL_VGA_DEVICE(0x3E99, info), /* SRV GT1 */ + + INTEL_VGA_DEVICE(0x3E91, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x3E92, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x3E96, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x3E98, info), /* SRV GT2 */ + INTEL_VGA_DEVICE(0x3E9A, info), /* SRV GT2 */ + + INTEL_VGA_DEVICE(0x3E9C, info), + + INTEL_VGA_DEVICE(0x3E9B, info), /* Halo GT2 */ + INTEL_VGA_DEVICE(0x3E94, info), /* Halo GT2 */ + + INTEL_VGA_DEVICE(0x3EA9, info), + + INTEL_VGA_DEVICE(0x3EA5, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x3EA6, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x3EA7, info), /* ULT GT3 */ + INTEL_VGA_DEVICE(0x3EA8, info), /* ULT GT3 */ + + INTEL_VGA_DEVICE(0x3EA1, info), + INTEL_VGA_DEVICE(0x3EA4, info), + + INTEL_VGA_DEVICE(0x3EA0, info), + INTEL_VGA_DEVICE(0x3EA3, info), + + INTEL_VGA_DEVICE(0x3EA2, info), +}; + +static int is_platform_gen9(void) +{ + const char * const id_file = + "/sys/bus/pci/drivers/i915/0000:00:02.0/device"; + char idstr[32] = {0, }; + uint32_t id = 0; + int fd, ret, i; + + fd = open(id_file, O_RDONLY); + if (fd == -1) + return -1; + + ret = read(fd, idstr, 6); + if (ret != 6) + return -1; + + close(fd); + + idstr[6] = 0; + + id = strtol(idstr, NULL, 16); + + for (i = 0; i < sizeof(gen9_ids)/sizeof(uint32_t); i++) + if (id == gen9_ids[i]) + return 1; + + return 0; +} + +static int is_fd_safe(const int fd) +{ + int parser_version = -1; + int write_block = 0; + + parser_version = cmd_parser_version(fd); + printf(" Command parser version: %d\n", parser_version); + if (parser_version >= 10) { + printf(" Command parsing for blt engine supported\n"); + } else if (!CHECK_WRITE_BLOCK_WITHOUT_PARSER) { + printf(" There is no blitter command parser\n"); + return 0; + } + + write_block = is_write_blocked(fd); + + printf(" Unsafe write %s\n", write_block ? "blocked" : "possible!"); + + return write_block; +} + +struct stats { + int checked; + int safe; + int failed; +}; + +static void check_path(const char *path, struct stats *stats) +{ + int fd; + int is_safe; + + fd = open(path, O_RDWR); + if (fd == -1) { + if (errno != ENOENT) { + printf("Opening %s failed with %s (%d)\n", + path, strerror(errno), errno); + stats->failed++; + } + + return; + } + + if (!is_driver_i915(fd)) { + close(fd); + return; + } + + printf("Checking %s:\n", path); + + is_safe = is_fd_safe(fd); + printf(" Device %s : %s\n\n", path, is_safe ? "SAFE" : "VULNERABLE"); + if (is_safe) + stats->safe++; + + stats->checked++; + + close (fd); +} + +static int check_devices(void) +{ + const char * const cardbase = "/dev/dri/card"; + const char * const renderbase = "/dev/dri/renderD"; + char path[256]; + int i; + struct stats s = { 0, 0, 0 }; + + for (i = 0; i < 16; i++) { + sprintf(path, "%s%d", cardbase, i); + check_path(path, &s); + + sprintf(path, "%s%d", renderbase, i + 128); + check_path(path, &s); + } + + if (s.failed && !s.checked) { + printf("Failed to open devices, need root?\n"); + return -1; + } + + if (!s.checked) { + printf ("Didn't find anything to check\n"); + return -1; + } + + return s.checked == s.safe; +} + +int main(int argc, char *argv[]) +{ + int safe = 0; + int ret; + + printf("Intel cve-2019-0155 (blt mmio vulnerability) checker version %d\n\n", VERSION); + + sync(); + + ret = is_platform_gen9(); + if (ret == 0) { + safe = 1; + printf("Your platform is not affected\n"); + } else if (ret == -1) { + printf("Unable to determine platform type\n"); + } + + if (safe != 1) + safe = check_devices(); + + if (safe < 0) { + printf("Unable to determine system state due to errors\n"); + return EXIT_FAILURE; + } + + printf("\nYour system is %s against cve-2019-0155\n", safe ? "SAFE" : "VULNERABLE"); + + return safe ? EXIT_SUCCESS : EXIT_FAILURE; +} diff --git a/cve/meson.build b/cve/meson.build new file mode 100644 index 00000000..990181c6 --- /dev/null +++ b/cve/meson.build @@ -0,0 +1,12 @@ +cve_progs = [ + 'cve-2019-0155', +] + +cvedir = join_paths(libexecdir, 'cve') + +foreach prog : cve_progs + executable(prog, prog + '.c', + install : true, + install_dir : cvedir, + dependencies : igt_deps) +endforeach diff --git a/meson.build b/meson.build index 4d5003ba..27ad9567 100644 --- a/meson.build +++ b/meson.build @@ -302,6 +302,7 @@ if libdrm_intel.found() endif subdir('overlay') subdir('man') +subdir('cve') gtk_doc = dependency('gtk-doc', required : build_docs) python3 = find_program('python3', required : build_docs) -- 2.17.1 _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: [igt-dev] [PATCH i-g-t] cve: Add checker for cve-2019-0155 2019-11-21 15:19 ` Mika Kuoppala (?) @ 2019-11-21 15:22 ` Chris Wilson -1 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-21 15:22 UTC (permalink / raw) To: Mika Kuoppala, intel-gfx; +Cc: igt-dev, Jon Bloomfield, Joonas Lahtinen Quoting Mika Kuoppala (2019-11-21 15:19:30) > +/* > + * Can be compiled with: > + * gcc -Wall -static -o cve-2019-0155 cve-2019-0155.c > +*/ -pedantic ? :) -Chris _______________________________________________ igt-dev mailing list igt-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/igt-dev ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-21 15:22 ` Chris Wilson 0 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-21 15:22 UTC (permalink / raw) To: Mika Kuoppala, intel-gfx; +Cc: igt-dev, Joonas Lahtinen Quoting Mika Kuoppala (2019-11-21 15:19:30) > +/* > + * Can be compiled with: > + * gcc -Wall -static -o cve-2019-0155 cve-2019-0155.c > +*/ -pedantic ? :) -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-21 15:22 ` Chris Wilson 0 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-21 15:22 UTC (permalink / raw) To: Mika Kuoppala, intel-gfx; +Cc: igt-dev, Joonas Lahtinen Quoting Mika Kuoppala (2019-11-21 15:19:30) > +/* > + * Can be compiled with: > + * gcc -Wall -static -o cve-2019-0155 cve-2019-0155.c > +*/ -pedantic ? :) -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [igt-dev] [PATCH i-g-t] cve: Add checker for cve-2019-0155 2019-11-21 15:22 ` Chris Wilson (?) @ 2019-11-21 15:27 ` Mika Kuoppala -1 siblings, 0 replies; 20+ messages in thread From: Mika Kuoppala @ 2019-11-21 15:27 UTC (permalink / raw) To: Chris Wilson, intel-gfx; +Cc: igt-dev, Joonas Lahtinen, Jon Bloomfield Chris Wilson <chris@chris-wilson.co.uk> writes: > Quoting Mika Kuoppala (2019-11-21 15:19:30) >> +/* >> + * Can be compiled with: >> + * gcc -Wall -static -o cve-2019-0155 cve-2019-0155.c >> +*/ > > -pedantic ? :) Seems to work if that's your thing! :) -Mika > -Chris _______________________________________________ igt-dev mailing list igt-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/igt-dev ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-21 15:27 ` Mika Kuoppala 0 siblings, 0 replies; 20+ messages in thread From: Mika Kuoppala @ 2019-11-21 15:27 UTC (permalink / raw) To: Chris Wilson, intel-gfx; +Cc: igt-dev, Joonas Lahtinen Chris Wilson <chris@chris-wilson.co.uk> writes: > Quoting Mika Kuoppala (2019-11-21 15:19:30) >> +/* >> + * Can be compiled with: >> + * gcc -Wall -static -o cve-2019-0155 cve-2019-0155.c >> +*/ > > -pedantic ? :) Seems to work if that's your thing! :) -Mika > -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-21 15:27 ` Mika Kuoppala 0 siblings, 0 replies; 20+ messages in thread From: Mika Kuoppala @ 2019-11-21 15:27 UTC (permalink / raw) To: Chris Wilson, intel-gfx; +Cc: igt-dev, Joonas Lahtinen Chris Wilson <chris@chris-wilson.co.uk> writes: > Quoting Mika Kuoppala (2019-11-21 15:19:30) >> +/* >> + * Can be compiled with: >> + * gcc -Wall -static -o cve-2019-0155 cve-2019-0155.c >> +*/ > > -pedantic ? :) Seems to work if that's your thing! :) -Mika > -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [igt-dev] [PATCH i-g-t] cve: Add checker for cve-2019-0155 2019-11-21 15:19 ` Mika Kuoppala (?) @ 2019-11-21 15:29 ` Chris Wilson -1 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-21 15:29 UTC (permalink / raw) To: Mika Kuoppala, intel-gfx; +Cc: igt-dev, Jon Bloomfield, Joonas Lahtinen Quoting Mika Kuoppala (2019-11-21 15:19:30) > +static int is_platform_gen9(void) > +{ > + const char * const id_file = > + "/sys/bus/pci/drivers/i915/0000:00:02.0/device"; I still suggest we use I915_PARAM_CHIPSET_ID to avoid reliance on sysfs here. > + char idstr[32] = {0, }; > + uint32_t id = 0; > + int fd, ret, i; > + > + fd = open(id_file, O_RDONLY); > + if (fd == -1) > + return -1; > + > + ret = read(fd, idstr, 6); > + if (ret != 6) > + return -1; > + > + close(fd); > + > + idstr[6] = 0; > + > + id = strtol(idstr, NULL, 16); > + > + for (i = 0; i < sizeof(gen9_ids)/sizeof(uint32_t); i++) sizeof(gen9_ids) / sizeof(gen9_ids[0]) > + if (id == gen9_ids[i]) > + return 1; > + > + return 0; > +} > + > +static int is_fd_safe(const int fd) > +{ > + int parser_version = -1; > + int write_block = 0; > + > + parser_version = cmd_parser_version(fd); > + printf(" Command parser version: %d\n", parser_version); > + if (parser_version >= 10) { > + printf(" Command parsing for blt engine supported\n"); > + } else if (!CHECK_WRITE_BLOCK_WITHOUT_PARSER) { > + printf(" There is no blitter command parser\n"); > + return 0; > + } > + > + write_block = is_write_blocked(fd); > + > + printf(" Unsafe write %s\n", write_block ? "blocked" : "possible!"); > + > + return write_block; > +} > + > +struct stats { > + int checked; > + int safe; > + int failed; > +}; > + > +static void check_path(const char *path, struct stats *stats) > +{ > + int fd; > + int is_safe; > + > + fd = open(path, O_RDWR); > + if (fd == -1) { > + if (errno != ENOENT) { > + printf("Opening %s failed with %s (%d)\n", > + path, strerror(errno), errno); > + stats->failed++; > + } > + > + return; > + } > + > + if (!is_driver_i915(fd)) { > + close(fd); > + return; > + } > + > + printf("Checking %s:\n", path); > + > + is_safe = is_fd_safe(fd); > + printf(" Device %s : %s\n\n", path, is_safe ? "SAFE" : "VULNERABLE"); > + if (is_safe) > + stats->safe++; I would go through and do a pass of errors => stderr, and suppressing anything else that is not "SAFE" vs "UNSAFE" (usual #define DBG tricks) -Chris _______________________________________________ igt-dev mailing list igt-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/igt-dev ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-21 15:29 ` Chris Wilson 0 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-21 15:29 UTC (permalink / raw) To: Mika Kuoppala, intel-gfx; +Cc: igt-dev, Joonas Lahtinen Quoting Mika Kuoppala (2019-11-21 15:19:30) > +static int is_platform_gen9(void) > +{ > + const char * const id_file = > + "/sys/bus/pci/drivers/i915/0000:00:02.0/device"; I still suggest we use I915_PARAM_CHIPSET_ID to avoid reliance on sysfs here. > + char idstr[32] = {0, }; > + uint32_t id = 0; > + int fd, ret, i; > + > + fd = open(id_file, O_RDONLY); > + if (fd == -1) > + return -1; > + > + ret = read(fd, idstr, 6); > + if (ret != 6) > + return -1; > + > + close(fd); > + > + idstr[6] = 0; > + > + id = strtol(idstr, NULL, 16); > + > + for (i = 0; i < sizeof(gen9_ids)/sizeof(uint32_t); i++) sizeof(gen9_ids) / sizeof(gen9_ids[0]) > + if (id == gen9_ids[i]) > + return 1; > + > + return 0; > +} > + > +static int is_fd_safe(const int fd) > +{ > + int parser_version = -1; > + int write_block = 0; > + > + parser_version = cmd_parser_version(fd); > + printf(" Command parser version: %d\n", parser_version); > + if (parser_version >= 10) { > + printf(" Command parsing for blt engine supported\n"); > + } else if (!CHECK_WRITE_BLOCK_WITHOUT_PARSER) { > + printf(" There is no blitter command parser\n"); > + return 0; > + } > + > + write_block = is_write_blocked(fd); > + > + printf(" Unsafe write %s\n", write_block ? "blocked" : "possible!"); > + > + return write_block; > +} > + > +struct stats { > + int checked; > + int safe; > + int failed; > +}; > + > +static void check_path(const char *path, struct stats *stats) > +{ > + int fd; > + int is_safe; > + > + fd = open(path, O_RDWR); > + if (fd == -1) { > + if (errno != ENOENT) { > + printf("Opening %s failed with %s (%d)\n", > + path, strerror(errno), errno); > + stats->failed++; > + } > + > + return; > + } > + > + if (!is_driver_i915(fd)) { > + close(fd); > + return; > + } > + > + printf("Checking %s:\n", path); > + > + is_safe = is_fd_safe(fd); > + printf(" Device %s : %s\n\n", path, is_safe ? "SAFE" : "VULNERABLE"); > + if (is_safe) > + stats->safe++; I would go through and do a pass of errors => stderr, and suppressing anything else that is not "SAFE" vs "UNSAFE" (usual #define DBG tricks) -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-21 15:29 ` Chris Wilson 0 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-21 15:29 UTC (permalink / raw) To: Mika Kuoppala, intel-gfx; +Cc: igt-dev, Joonas Lahtinen Quoting Mika Kuoppala (2019-11-21 15:19:30) > +static int is_platform_gen9(void) > +{ > + const char * const id_file = > + "/sys/bus/pci/drivers/i915/0000:00:02.0/device"; I still suggest we use I915_PARAM_CHIPSET_ID to avoid reliance on sysfs here. > + char idstr[32] = {0, }; > + uint32_t id = 0; > + int fd, ret, i; > + > + fd = open(id_file, O_RDONLY); > + if (fd == -1) > + return -1; > + > + ret = read(fd, idstr, 6); > + if (ret != 6) > + return -1; > + > + close(fd); > + > + idstr[6] = 0; > + > + id = strtol(idstr, NULL, 16); > + > + for (i = 0; i < sizeof(gen9_ids)/sizeof(uint32_t); i++) sizeof(gen9_ids) / sizeof(gen9_ids[0]) > + if (id == gen9_ids[i]) > + return 1; > + > + return 0; > +} > + > +static int is_fd_safe(const int fd) > +{ > + int parser_version = -1; > + int write_block = 0; > + > + parser_version = cmd_parser_version(fd); > + printf(" Command parser version: %d\n", parser_version); > + if (parser_version >= 10) { > + printf(" Command parsing for blt engine supported\n"); > + } else if (!CHECK_WRITE_BLOCK_WITHOUT_PARSER) { > + printf(" There is no blitter command parser\n"); > + return 0; > + } > + > + write_block = is_write_blocked(fd); > + > + printf(" Unsafe write %s\n", write_block ? "blocked" : "possible!"); > + > + return write_block; > +} > + > +struct stats { > + int checked; > + int safe; > + int failed; > +}; > + > +static void check_path(const char *path, struct stats *stats) > +{ > + int fd; > + int is_safe; > + > + fd = open(path, O_RDWR); > + if (fd == -1) { > + if (errno != ENOENT) { > + printf("Opening %s failed with %s (%d)\n", > + path, strerror(errno), errno); > + stats->failed++; > + } > + > + return; > + } > + > + if (!is_driver_i915(fd)) { > + close(fd); > + return; > + } > + > + printf("Checking %s:\n", path); > + > + is_safe = is_fd_safe(fd); > + printf(" Device %s : %s\n\n", path, is_safe ? "SAFE" : "VULNERABLE"); > + if (is_safe) > + stats->safe++; I would go through and do a pass of errors => stderr, and suppressing anything else that is not "SAFE" vs "UNSAFE" (usual #define DBG tricks) -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* [igt-dev] ✗ GitLab.Pipeline: warning for cve: Add checker for cve-2019-0155 2019-11-21 15:19 ` Mika Kuoppala ` (2 preceding siblings ...) (?) @ 2019-11-21 16:07 ` Patchwork -1 siblings, 0 replies; 20+ messages in thread From: Patchwork @ 2019-11-21 16:07 UTC (permalink / raw) To: Mika Kuoppala; +Cc: igt-dev == Series Details == Series: cve: Add checker for cve-2019-0155 URL : https://patchwork.freedesktop.org/series/69837/ State : warning == Summary == Did not get list of undocumented tests for this run, something is wrong! Other than that, pipeline status: FAILED. see https://gitlab.freedesktop.org/gfx-ci/igt-ci-tags/pipelines/81432 for the overview. build:tests-debian-meson-armhf has failed (https://gitlab.freedesktop.org/gfx-ci/igt-ci-tags/-/jobs/994860): [4/9] Linking target runner/igt_resume. [5/9] Linking target runner/igt_results. [6/9] Linking target runner/runner_test. [7/9] Linking target runner/runner_json_test. [8/9] Compiling C object 'cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o'. FAILED: cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o /usr/bin/arm-linux-gnueabihf-gcc -Icve/3d5d2f7@@cve-2019-0155@exe -Icve -I../cve -I../include/drm-uapi -Ilib -I../lib -I../lib/stubs/syscalls -I. -I../ -I../lib/stubs/drm -I/usr/include/cairo -I/usr/include/glib-2.0 -I/usr/lib/arm-linux-gnueabihf/glib-2.0/include -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/libdrm -I/usr/include/valgrind -I/usr/include/alsa -fdiagnostics-color=always -pipe -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Wextra -std=gnu11 -O2 -g -D_GNU_SOURCE -include config.h -D_FORTIFY_SOURCE=2 -Wbad-function-cast -Wdeclaration-after-statement -Wformat=2 -Wlogical-op -Wmissing-declarations -Wmissing-format-attribute -Wmissing-noreturn -Wmissing-prototypes -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-prototypes -Wuninitialized -Wunused -Wno-clobbered -Wno-maybe-uninitialized -Wno-missing-field-initializers -Wno-pointer-arith -Wno-sign-compare -Wno-type-limits -Wno-unused-parameter -Wno-unused-result -Werror=address -Werror=array-bounds -Werror=implicit -Werror=init-self -Werror=int-to-pointer-cast -Werror=main -Werror=missing-braces -Werror=nonnull -Werror=pointer-to-int-cast -Werror=return-type -Werror=sequence-point -Werror=trigraphs -Werror=write-strings -fno-builtin-malloc -fno-builtin-calloc -pthread -MD -MQ 'cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o' -MF 'cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o.d' -o 'cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o' -c ../cve/cve-2019-0155.c ../cve/cve-2019-0155.c: In function ‘cmd_parser_version’: ../cve/cve-2019-0155.c:98:3: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast] (uint64_t)&version }; ^ cc1: some warnings being treated as errors ninja: build stopped: subcommand failed. section_end:1574351962:build_script ^[[0Ksection_start:1574351962:after_script ^[[0Ksection_end:1574351965:after_script ^[[0Ksection_start:1574351965:upload_artifacts_on_failure ^[[0Ksection_end:1574351967:upload_artifacts_on_failure ^[[0K^[[31;1mERROR: Job failed: exit code 1 ^[[0;m build:tests-debian-meson-mips has failed (https://gitlab.freedesktop.org/gfx-ci/igt-ci-tags/-/jobs/994862): ninja: build stopped: subcommand failed. ninja: Entering directory `build' [1/349] Generating version.h with a custom command. [2/4] Linking target runner/runner_test. [3/4] Compiling C object 'cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o'. FAILED: cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o /usr/bin/mips-linux-gnu-gcc -Icve/3d5d2f7@@cve-2019-0155@exe -Icve -I../cve -I../include/drm-uapi -Ilib -I../lib -I../lib/stubs/syscalls -I. -I../ -I../lib/stubs/drm -I/usr/include/cairo -I/usr/include/glib-2.0 -I/usr/lib/mips-linux-gnu/glib-2.0/include -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/libdrm -I/usr/include/valgrind -I/usr/include/alsa -fdiagnostics-color=always -pipe -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Wextra -std=gnu11 -O2 -g -D_GNU_SOURCE -include config.h -D_FORTIFY_SOURCE=2 -Wbad-function-cast -Wdeclaration-after-statement -Wformat=2 -Wlogical-op -Wmissing-declarations -Wmissing-format-attribute -Wmissing-noreturn -Wmissing-prototypes -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-prototypes -Wuninitialized -Wunused -Wno-clobbered -Wno-maybe-uninitialized -Wno-missing-field-initializers -Wno-pointer-arith -Wno-sign-compare -Wno-type-limits -Wno-unused-parameter -Wno-unused-result -Werror=address -Werror=array-bounds -Werror=implicit -Werror=init-self -Werror=int-to-pointer-cast -Werror=main -Werror=missing-braces -Werror=nonnull -Werror=pointer-to-int-cast -Werror=return-type -Werror=sequence-point -Werror=trigraphs -Werror=write-strings -fno-builtin-malloc -fno-builtin-calloc -pthread -MD -MQ 'cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o' -MF 'cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o.d' -o 'cve/3d5d2f7@@cve-2019-0155@exe/cve-2019-0155.c.o' -c ../cve/cve-2019-0155.c ../cve/cve-2019-0155.c: In function ‘cmd_parser_version’: ../cve/cve-2019-0155.c:98:3: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast] (uint64_t)&version }; ^ cc1: some warnings being treated as errors ninja: build stopped: subcommand failed. section_end:1574352101:build_script ^[[0Ksection_start:1574352101:after_script ^[[0Ksection_end:1574352102:after_script ^[[0Ksection_start:1574352102:upload_artifacts_on_failure ^[[0Ksection_end:1574352103:upload_artifacts_on_failure ^[[0K^[[31;1mERROR: Job failed: exit code 1 ^[[0;m == Logs == For more details see: https://gitlab.freedesktop.org/gfx-ci/igt-ci-tags/pipelines/81432 _______________________________________________ igt-dev mailing list igt-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/igt-dev ^ permalink raw reply [flat|nested] 20+ messages in thread
* [igt-dev] ✓ Fi.CI.BAT: success for cve: Add checker for cve-2019-0155 2019-11-21 15:19 ` Mika Kuoppala ` (3 preceding siblings ...) (?) @ 2019-11-21 16:09 ` Patchwork -1 siblings, 0 replies; 20+ messages in thread From: Patchwork @ 2019-11-21 16:09 UTC (permalink / raw) To: Mika Kuoppala; +Cc: igt-dev == Series Details == Series: cve: Add checker for cve-2019-0155 URL : https://patchwork.freedesktop.org/series/69837/ State : success == Summary == CI Bug Log - changes from CI_DRM_7400 -> IGTPW_3743 ==================================================== Summary ------- **SUCCESS** No regressions found. External URL: https://intel-gfx-ci.01.org/tree/drm-tip/IGTPW_3743/index.html Known issues ------------ Here are the changes found in IGTPW_3743 that come from known issues: ### IGT changes ### #### Issues hit #### * igt@i915_selftest@live_blt: - fi-hsw-peppy: [PASS][1] -> [DMESG-FAIL][2] ([fdo#112147]) [1]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_7400/fi-hsw-peppy/igt@i915_selftest@live_blt.html [2]: https://intel-gfx-ci.01.org/tree/drm-tip/IGTPW_3743/fi-hsw-peppy/igt@i915_selftest@live_blt.html * igt@kms_chamelium@dp-edid-read: - fi-icl-u2: [PASS][3] -> [FAIL][4] ([fdo#106766]) [3]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_7400/fi-icl-u2/igt@kms_chamelium@dp-edid-read.html [4]: https://intel-gfx-ci.01.org/tree/drm-tip/IGTPW_3743/fi-icl-u2/igt@kms_chamelium@dp-edid-read.html #### Possible fixes #### * igt@i915_module_load@reload-no-display: - fi-skl-lmem: [DMESG-WARN][5] ([fdo#112261]) -> [PASS][6] [5]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_7400/fi-skl-lmem/igt@i915_module_load@reload-no-display.html [6]: https://intel-gfx-ci.01.org/tree/drm-tip/IGTPW_3743/fi-skl-lmem/igt@i915_module_load@reload-no-display.html * igt@kms_chamelium@dp-crc-fast: - fi-kbl-7500u: [DMESG-WARN][7] ([fdo#106107]) -> [PASS][8] [7]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_7400/fi-kbl-7500u/igt@kms_chamelium@dp-crc-fast.html [8]: https://intel-gfx-ci.01.org/tree/drm-tip/IGTPW_3743/fi-kbl-7500u/igt@kms_chamelium@dp-crc-fast.html #### Warnings #### * igt@kms_chamelium@hdmi-hpd-fast: - fi-kbl-7500u: [FAIL][9] ([fdo#111045] / [fdo#111096]) -> [FAIL][10] ([fdo#111407]) [9]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_7400/fi-kbl-7500u/igt@kms_chamelium@hdmi-hpd-fast.html [10]: https://intel-gfx-ci.01.org/tree/drm-tip/IGTPW_3743/fi-kbl-7500u/igt@kms_chamelium@hdmi-hpd-fast.html [fdo#106107]: https://bugs.freedesktop.org/show_bug.cgi?id=106107 [fdo#106766]: https://bugs.freedesktop.org/show_bug.cgi?id=106766 [fdo#111045]: https://bugs.freedesktop.org/show_bug.cgi?id=111045 [fdo#111096]: https://bugs.freedesktop.org/show_bug.cgi?id=111096 [fdo#111407]: https://bugs.freedesktop.org/show_bug.cgi?id=111407 [fdo#112147]: https://bugs.freedesktop.org/show_bug.cgi?id=112147 [fdo#112261]: https://bugs.freedesktop.org/show_bug.cgi?id=112261 Participating hosts (50 -> 44) ------------------------------ Additional (1): fi-tgl-u Missing (7): fi-ilk-m540 fi-hsw-4200u fi-byt-squawks fi-bsw-cyan fi-ctg-p8600 fi-byt-clapper fi-bdw-samus Build changes ------------- * CI: CI-20190529 -> None * IGT: IGT_5299 -> IGTPW_3743 CI-20190529: 20190529 CI_DRM_7400: 353c51b7f47ae247ea02b231dc173ba7cfdeb484 @ git://anongit.freedesktop.org/gfx-ci/linux IGTPW_3743: https://intel-gfx-ci.01.org/tree/drm-tip/IGTPW_3743/index.html IGT_5299: 65fed6a79adea14f7bef6d55530da47d7731d370 @ git://anongit.freedesktop.org/xorg/app/intel-gpu-tools == Logs == For more details see: https://intel-gfx-ci.01.org/tree/drm-tip/IGTPW_3743/index.html _______________________________________________ igt-dev mailing list igt-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/igt-dev ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155 2019-11-21 15:19 ` Mika Kuoppala @ 2019-11-22 9:14 ` Petri Latvala -1 siblings, 0 replies; 20+ messages in thread From: Petri Latvala @ 2019-11-22 9:14 UTC (permalink / raw) To: Mika Kuoppala; +Cc: igt-dev, Joonas Lahtinen, intel-gfx On Thu, Nov 21, 2019 at 05:19:30PM +0200, Mika Kuoppala wrote: > Add vulnerability checker for cve-2019-0155 > > v2: sync, bailout early if no parser (Chris) > > Cc: Chris Wilson <chris@chris-wilson.co.uk> > Cc: Jon Bloomfield <jon.bloomfield@intel.com> > Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> > References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 > References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html > Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> > --- > Makefile.am | 2 +- > configure.ac | 1 + > cve/Makefile.am | 14 ++ > cve/Makefile.sources | 5 + > cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ > cve/meson.build | 12 ++ > meson.build | 1 + Why do we need a new source directory and new install directory for this? Can't this be in tools/? -- Petri Latvala _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-22 9:14 ` Petri Latvala 0 siblings, 0 replies; 20+ messages in thread From: Petri Latvala @ 2019-11-22 9:14 UTC (permalink / raw) To: Mika Kuoppala; +Cc: igt-dev, Joonas Lahtinen, intel-gfx On Thu, Nov 21, 2019 at 05:19:30PM +0200, Mika Kuoppala wrote: > Add vulnerability checker for cve-2019-0155 > > v2: sync, bailout early if no parser (Chris) > > Cc: Chris Wilson <chris@chris-wilson.co.uk> > Cc: Jon Bloomfield <jon.bloomfield@intel.com> > Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> > References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 > References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html > Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> > --- > Makefile.am | 2 +- > configure.ac | 1 + > cve/Makefile.am | 14 ++ > cve/Makefile.sources | 5 + > cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ > cve/meson.build | 12 ++ > meson.build | 1 + Why do we need a new source directory and new install directory for this? Can't this be in tools/? -- Petri Latvala _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [igt-dev] [Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155 2019-11-22 9:14 ` Petri Latvala (?) @ 2019-11-22 9:20 ` Chris Wilson -1 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-22 9:20 UTC (permalink / raw) To: Mika Kuoppala, Petri Latvala; +Cc: igt-dev, Joonas Lahtinen, intel-gfx Quoting Petri Latvala (2019-11-22 09:14:07) > On Thu, Nov 21, 2019 at 05:19:30PM +0200, Mika Kuoppala wrote: > > Add vulnerability checker for cve-2019-0155 > > > > v2: sync, bailout early if no parser (Chris) > > > > Cc: Chris Wilson <chris@chris-wilson.co.uk> > > Cc: Jon Bloomfield <jon.bloomfield@intel.com> > > Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> > > References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 > > References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html > > Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> > > --- > > Makefile.am | 2 +- > > configure.ac | 1 + > > cve/Makefile.am | 14 ++ > > cve/Makefile.sources | 5 + > > cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ > > cve/meson.build | 12 ++ > > meson.build | 1 + > > Why do we need a new source directory and new install directory for > this? Can't this be in tools/? Because we would like to carve out a niche for these. If Google asks for a verifier for every single bug we encounter, it's going to be a huge directory. -Chris _______________________________________________ igt-dev mailing list igt-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/igt-dev ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-22 9:20 ` Chris Wilson 0 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-22 9:20 UTC (permalink / raw) To: Mika Kuoppala, Petri Latvala; +Cc: igt-dev, Joonas Lahtinen, intel-gfx Quoting Petri Latvala (2019-11-22 09:14:07) > On Thu, Nov 21, 2019 at 05:19:30PM +0200, Mika Kuoppala wrote: > > Add vulnerability checker for cve-2019-0155 > > > > v2: sync, bailout early if no parser (Chris) > > > > Cc: Chris Wilson <chris@chris-wilson.co.uk> > > Cc: Jon Bloomfield <jon.bloomfield@intel.com> > > Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> > > References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 > > References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html > > Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> > > --- > > Makefile.am | 2 +- > > configure.ac | 1 + > > cve/Makefile.am | 14 ++ > > cve/Makefile.sources | 5 + > > cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ > > cve/meson.build | 12 ++ > > meson.build | 1 + > > Why do we need a new source directory and new install directory for > this? Can't this be in tools/? Because we would like to carve out a niche for these. If Google asks for a verifier for every single bug we encounter, it's going to be a huge directory. -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-22 9:20 ` Chris Wilson 0 siblings, 0 replies; 20+ messages in thread From: Chris Wilson @ 2019-11-22 9:20 UTC (permalink / raw) To: Mika Kuoppala, Petri Latvala; +Cc: igt-dev, Joonas Lahtinen, intel-gfx Quoting Petri Latvala (2019-11-22 09:14:07) > On Thu, Nov 21, 2019 at 05:19:30PM +0200, Mika Kuoppala wrote: > > Add vulnerability checker for cve-2019-0155 > > > > v2: sync, bailout early if no parser (Chris) > > > > Cc: Chris Wilson <chris@chris-wilson.co.uk> > > Cc: Jon Bloomfield <jon.bloomfield@intel.com> > > Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> > > References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 > > References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html > > Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> > > --- > > Makefile.am | 2 +- > > configure.ac | 1 + > > cve/Makefile.am | 14 ++ > > cve/Makefile.sources | 5 + > > cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ > > cve/meson.build | 12 ++ > > meson.build | 1 + > > Why do we need a new source directory and new install directory for > this? Can't this be in tools/? Because we would like to carve out a niche for these. If Google asks for a verifier for every single bug we encounter, it's going to be a huge directory. -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Intel-gfx] [igt-dev] [PATCH i-g-t] cve: Add checker for cve-2019-0155 2019-11-22 9:20 ` Chris Wilson @ 2019-11-22 9:39 ` Petri Latvala -1 siblings, 0 replies; 20+ messages in thread From: Petri Latvala @ 2019-11-22 9:39 UTC (permalink / raw) To: Chris Wilson; +Cc: igt-dev, intel-gfx, Joonas Lahtinen On Fri, Nov 22, 2019 at 09:20:11AM +0000, Chris Wilson wrote: > Quoting Petri Latvala (2019-11-22 09:14:07) > > On Thu, Nov 21, 2019 at 05:19:30PM +0200, Mika Kuoppala wrote: > > > Add vulnerability checker for cve-2019-0155 > > > > > > v2: sync, bailout early if no parser (Chris) > > > > > > Cc: Chris Wilson <chris@chris-wilson.co.uk> > > > Cc: Jon Bloomfield <jon.bloomfield@intel.com> > > > Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> > > > References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 > > > References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html > > > Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> > > > --- > > > Makefile.am | 2 +- > > > configure.ac | 1 + > > > cve/Makefile.am | 14 ++ > > > cve/Makefile.sources | 5 + > > > cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ > > > cve/meson.build | 12 ++ > > > meson.build | 1 + > > > > Why do we need a new source directory and new install directory for > > this? Can't this be in tools/? > > Because we would like to carve out a niche for these. If Google asks for > a verifier for every single bug we encounter, it's going to be a huge > directory. Ok. -- Petri Latvala _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [igt-dev] [PATCH i-g-t] cve: Add checker for cve-2019-0155 @ 2019-11-22 9:39 ` Petri Latvala 0 siblings, 0 replies; 20+ messages in thread From: Petri Latvala @ 2019-11-22 9:39 UTC (permalink / raw) To: Chris Wilson; +Cc: igt-dev, intel-gfx, Joonas Lahtinen On Fri, Nov 22, 2019 at 09:20:11AM +0000, Chris Wilson wrote: > Quoting Petri Latvala (2019-11-22 09:14:07) > > On Thu, Nov 21, 2019 at 05:19:30PM +0200, Mika Kuoppala wrote: > > > Add vulnerability checker for cve-2019-0155 > > > > > > v2: sync, bailout early if no parser (Chris) > > > > > > Cc: Chris Wilson <chris@chris-wilson.co.uk> > > > Cc: Jon Bloomfield <jon.bloomfield@intel.com> > > > Cc: Joonas Lahtinen <joonas.lahtinen@intel.com> > > > References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 > > > References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html > > > Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com> > > > --- > > > Makefile.am | 2 +- > > > configure.ac | 1 + > > > cve/Makefile.am | 14 ++ > > > cve/Makefile.sources | 5 + > > > cve/cve-2019-0155.c | 470 +++++++++++++++++++++++++++++++++++++++++++ > > > cve/meson.build | 12 ++ > > > meson.build | 1 + > > > > Why do we need a new source directory and new install directory for > > this? Can't this be in tools/? > > Because we would like to carve out a niche for these. If Google asks for > a verifier for every single bug we encounter, it's going to be a huge > directory. Ok. -- Petri Latvala _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx ^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2019-11-22 9:39 UTC | newest] Thread overview: 20+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2019-11-21 15:19 [Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155 Mika Kuoppala 2019-11-21 15:19 ` Mika Kuoppala 2019-11-21 15:22 ` [igt-dev] " Chris Wilson 2019-11-21 15:22 ` [Intel-gfx] " Chris Wilson 2019-11-21 15:22 ` Chris Wilson 2019-11-21 15:27 ` [igt-dev] " Mika Kuoppala 2019-11-21 15:27 ` [Intel-gfx] " Mika Kuoppala 2019-11-21 15:27 ` Mika Kuoppala 2019-11-21 15:29 ` [igt-dev] " Chris Wilson 2019-11-21 15:29 ` [Intel-gfx] " Chris Wilson 2019-11-21 15:29 ` Chris Wilson 2019-11-21 16:07 ` [igt-dev] ✗ GitLab.Pipeline: warning for " Patchwork 2019-11-21 16:09 ` [igt-dev] ✓ Fi.CI.BAT: success " Patchwork 2019-11-22 9:14 ` [Intel-gfx] [PATCH i-g-t] " Petri Latvala 2019-11-22 9:14 ` Petri Latvala 2019-11-22 9:20 ` [igt-dev] [Intel-gfx] " Chris Wilson 2019-11-22 9:20 ` Chris Wilson 2019-11-22 9:20 ` Chris Wilson 2019-11-22 9:39 ` [Intel-gfx] [igt-dev] " Petri Latvala 2019-11-22 9:39 ` Petri Latvala
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.