| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Apr 2016 11:20:26 -0400 From: Josh Boyer <jwboyer@...oraproject.org> To: Môshe van der Sterre <me@...he.nl> Cc: Matt Fleming <matt@...eblueprint.co.uk>, "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>, "Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>, Josh Triplett <josh@...htriplett.org> Subject: Re: [PATCH] x86/efi-bgrt: Switch all pr_err() to pr_debug() for invalid BGRT On Wed, Apr 27, 2016 at 10:57 AM, Môshe van der Sterre <me@...he.nl> wrote: > > On 04/27/2016 03:56 PM, Josh Boyer wrote: >> >> On Wed, Apr 27, 2016 at 9:26 AM, Môshe van der Sterre <me@...he.nl> wrote: >>> >>> (additionally CC-ing Josh Triplett) >> >> Thanks for doing so. I completely forgot. >> >>> On 04/27/2016 02:50 PM, Josh Boyer wrote: >>>> >>>> The promise of pretty boot splashes from firmware via BGRT was at >>>> best only that; a promise. The kernel diligently checks to make >>>> sure the BGRT data firmware gives it is valid, and dutifully warns >>>> the user when it isn't. However, it does so via the pr_err log >>>> level which seems unnecessary. The user cannot do anything about >>>> this and there really isn't an error on the part of Linux to >>>> correct. >>>> >>>> This lowers the log level by using pr_debug instead. Users will >>>> no longer have their boot process uglified by the kernel reminding >>>> us that firmware can and often is broken. Ironic, considering >>>> BGRT is supposed to make boot pretty to begin with. >>> >>> Hi Josh Boyer, >>> >>> Are you seeing these errors somewhere? I recently fixed the error >>> "Ignoring >> >> We have a user that reports seeing: >> >> "Ignoring BGRT: Invalid version 0 (expected 1)" >> >> on a Lenovo T430 machine. We've had a few other scattered reports on >> various machine types since BGRT went into the kernel as well. > > Ok. With this information, I think pr_debug is indeed better. >>> >>> BGRT: invalid status 0 (expected 1)" because Linux apparently interpreted >>> that part of the specification differently than others. >>> If that's the error you are seeing, perhaps your problem is already >>> solved >>> in recent kernels? (fixed in commit 66dbe99) >>> >>> Personally I agree that BGRT messages should not annoy actual users of >>> production firmwares. >>> However I also agree with the previous consensus that these checks (for >>> actual spec violations) should remain pr_err unless some production >>> firmware >>> is triggering them. What do you think? >> >> Production firmware is literally the only firmware end users will ever >> see. I don't see much point in leaving scary error messages in the >> kernel to complain about things the user has no chance of fixing or in >> almost all cases even reporting to people who could fix it. > > In principle I can understand the wish to show big scary error messages to > firmware developers doing it wrong. Yes, that is theoretically possible. However, my best guess is that firmware developers aren't typically testing with Linux distributions during firmware development. They test with Windows, which is why we see warnings in Linux that Windows doesn't show. By then the firmware is in production and it is too late. We see this in lots of areas, which is why we have weird quirks for devices all over the kernel, but I don't think there's value in doing quirk mechanisms around BGRT. josh
Powered by blists - more mailing lists