You are reading the document correctly.
The implementation of this project will
1. verify the 32-bit unsigned checksum
2. verify that microcode is intended for the target CPU
before attempting to apply the microcode.
The checksum algorithm is very weak and I think it is only in place to
filter out the most obvious hacks/mistakes. The true and most vigorous
authentication is done by hardware.
Thanks,
Sherry
On Mon, Jun 18, 2007 at 03:25:34PM -0400, Bill Sommerfeld wrote:
> On Mon, 2007-06-18 at 13:40 -0500, Nicolas Williams wrote:
> > Are the algorithms used by Intel public? If not then that's an
> > additional reason to do our own signing.
>
> They're not. Starting from:
> http://developer.intel.com/products/processor/manuals/index.htm
>
> I found:
>
> "Intel 64 and IA-32 Architectures Software Developer's Manual
> Volume 3A: System Programming Guide"
>
> see section 9.11 of:
>
> http://developer.intel.com/design/processor/manuals/253668.pdf
>
> assuming I'm reading this correctly, intel recommends that (a) software
> using this interface verify that the microcode blob checksums correctly
> (using a sum of the blob interpreted as an array of 32-bit integers)
> before attempting the load, and (b) software verify that the the
> microcode blob is for the CPU that's running.
>
> The document also states that the CPU will do additional tests before
> accepting the blob but says nothing about what they are or how strong
> they are.
>
> BTW, to make it easier to find, I put a copy of this PDF into the case
> directory as "ia32-sdm-3A.pdf".
>
> - Bill
