| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 1 Jun 2013 05:41:00 +0100 From: Matthew Garrett <mjg59@...f.ucam.org> To: Russ Anderson <rja@....com> Cc: James Bottomley <James.Bottomley@...senPartnership.com>, Ingo Molnar <mingo@...nel.org>, Borislav Petkov <bp@...en8.de>, Jiri Kosina <jkosina@...e.cz>, joeyli <jlee@...e.com>, Matt Fleming <matt@...sole-pimps.org>, matt.fleming@...el.com, linux-efi@...r.kernel.org, x86@...nel.org, linux-kernel@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...ux.intel.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [regression, bisected] x86: efi: Pass boot services variable info to runtime code On Fri, May 31, 2013 at 11:20:59PM -0500, Russ Anderson wrote: > And when QueryVariableInfo reports insufficient space, don't write > and everything is fine. And then installs fail, which is why we implemented this additional code. > But when QueryVariableInfo reports insufficient space and you > write anyway, the system can get bricked. Is that the problem? No. > Some bios implementation may be "*including garbage*", but can > you definitively say ALL do? The spec explicitly says "the > implementation of variable storage is not defined in this > specification". You can't assume any form of garbage collection. No. We can't assume that. But nor can we rely upon the spec, because behaving according to the spec results in dead computers. So we're forced to write code that behaves according to reality rather than paper, which is unfortunate, but if *your* firmware behaved according to the specification then you wouldn't be seeing any problems with the current code, so I think there's a lesson for us all here. > I don't see anything in here about the OS being free to use > more nvram than QueryVariableInfo() reported as being available. > What happened to following the spec? That would be the same spec that tells you not to use physical addresses after SetVirtualAddressMap() has been called, right? Regardless, we don't use more space than QueryVariableInfo() reports as being available. We would expect that any attempt to do so would fail. But nor can we assume that we're free to use as much space as QueryVariableInfo() *does* report, because doing so results in dead computers. So instead we're forced to rely on workarounds that happen to break your broken firmware, so now we're going to have to find a different set of workarounds and hope that they don't break someone else's computer instead. > > There's a limited number of situations where the firmware can write to > > nvram, but they're basically uninteresting. Practically speaking, it's > > always via the kernel once ExitBootServices() has been called. > > How can you say "they're basically uninteresting"??? > Do you know what EVERY bios implementation does??? We have to assume that firmware doesn't behave in a pathological manner, because the alternative is to give up entirely and declare that Linux doesn't run on UEFI systems. I suspect that that would be problematic for your employers. -- Matthew Garrett | mjg59@...f.ucam.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists