| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Apr 2013 13:48:33 +0000 From: Matthew Garrett <matthew.garrett@...ula.com> To: Matt Fleming <matt@...sole-pimps.org> CC: "matt.fleming@...el.com" <matt.fleming@...el.com>, "ben@...adent.org.uk" <ben@...adent.org.uk>, "jwboyer@...hat.com" <jwboyer@...hat.com>, "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>, "seth.forshee@...onical.com" <seth.forshee@...onical.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "x86@...nel.org" <x86@...nel.org> Subject: Re: [PATCH 2/2] efi: Distinguish between "remaining space" and actually used space On Wed, 2013-04-03 at 14:11 +0100, Matt Fleming wrote: > This looks like something that will differ between implementations, and the > fact that it's appearing in our code is a sure sign that this isn't the way to > go. Our choices right now are: 1) Break machines that don't garbage collect on every reboot 2) Leave Samsungs (and some Lenovos?) vulnerable to bricking 3) Maintain a whitelist or blacklist that will inevitably be inadequate, either breaking otherwise working machines or risking bricking of broken ones 4) Attempt to implement something that'll work in all cases Dealing with firmware is hard. This fixes (1) without leaving us with (2), which seems like a net win. -- Matthew Garrett | mjg59@...f.ucam.org
Powered by blists - more mailing lists