lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 10 Mar 2015 08:26:40 -0700
From:	Andy Lutomirski <luto@...capital.net>
To:	Peter Jones <pjones@...hat.com>
Cc:	Matt Fleming <matt@...sole-pimps.org>,
	"Kweh, Hock Leong" <hock.leong.kweh@...el.com>,
	Sam Protsenko <semen.protsenko@...aro.org>,
	Ming Lei <ming.lei@...onical.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"Ong, Boon Leong" <boon.leong.ong@...el.com>,
	LKML <linux-kernel@...r.kernel.org>,
	"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>
Subject: Re: Re: [PATCH v2 3/3] efi: Capsule update with user helper interface

On Tue, Mar 10, 2015 at 8:21 AM, Peter Jones <pjones@...hat.com> wrote:
> On Tue, Mar 10, 2015 at 12:26:52PM +0000, Matt Fleming wrote:
>> On Fri, 06 Mar, at 04:39:12PM, Peter Jones wrote:
>> >
>> > So again: do we really need or want to do this?
>>
>> One thing that we totally lose the ability to do is use the capsule
>> interface for things *other* than firmware updates, e.g.
>>
>>  https://lkml.org/lkml/2013/10/16/327
>>
>> Also, requiring embedded or custom OS to include fwupdate into their
>> existing boot solutions is a bit heavy handed when literally all they
>> want to do is cat a binary blob to a sysfs file.
>>
>> I don't see why we can't have both solutions.
>
> Yeah - we clearly need a kernel interface for some embedded devices, and
> it'd be better for every vendor to not implement it themselves.
>
>> Another thing is that ESRT isn't going to be supported by every
>> platform.
>
> Yeah - though I think you're *mostly* talking about the same platforms
> as above.
>
>> So, for the sysfs interface, let's not allow loading from /lib. Let's
>> not require a userland tool. Let's just do,
>>
>>   # echo /path/to/my/awesome/capsule.bin > /sys/../capsule
>
>>
>> and be done with it.
>>
>> Hmmm?
>
> I assume you're implying a) the capsule header with the guid is embedded
> in the .bin there already, and b) one contiguous write(2) with error
> reporting coming through something like vars.c's efi_status_to_err()?
>
> If so, yes, I prefer this API.
>

Is using a char device really so bad?  I have a "simple_char" that
makes this really easy that's pending review.

--Andy

> --
>         Peter



-- 
Andy Lutomirski
AMA Capital Management, LLC
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ