lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4D547236.6080702@google.com>
Date:	Thu, 10 Feb 2011 15:18:14 -0800
From:	Mike Waychison <mikew@...gle.com>
To:	Greg KH <greg@...ah.com>, Alan Cox <alan@...rguk.ukuu.org.uk>,
	Tim Hockin <thockin@...gle.com>,
	Robert Lippert <rlippert@...gle.com>
CC:	LKML <linux-kernel@...r.kernel.org>
Subject: SMBIOS / DMI Event Logs in Linux?

Hey guys,

I need some guidance. Do either of you know of any attempts to have the 
kernel decode and display/interact with DMI type 15: System Event Log?

The event log I'm dealing with while cleaning up the "gsmi" driver 
interacts with a log that is modeled after the System Event Log.  I'm 
wondering if there is any precedent for a clean way to expose the event 
log, I'd like to use it (replacing the ioctls from my earlier patch 
series send-out).

FYI, we use OEM specific headers and descriptors, which probably doesn't 
help.

Do most folks that need access to this data rely on /dev/mem and 
dmidecode?  I'd like to avoid going that route if possible.

Lacking any better ideas though, I was thinking of something along the 
lines of the following:


$ cat /sys/firmware/gsmi/eventlog
<offset> <boot number> <recorded time> <quoted reason> <optional data>
...

with a single event log entry per line.
   <offset> would be the record number,
   <boot number> is the recorded boot number
   <recorded time> comes from each record,
   <quoted reason> is the English translation of Event Log Types from 
the DMTF standard + vendor extended types we use.
   <optional data> is space separated values associated with <quoted reason>

We also have a interfaces for clearing a fraction of the log, which I'm 
thinking is probably best expressed as a value of 0 through 100 written 
to a file, maybe /sys/firmware/gsmi/clear_eventlog ?

As well, we need to export to userland a way to append data to the log. 
  I was thinking we could write a parser to take in an entry and ensure 
it is well-formatted, but I'm a little hesitant to go this route as our 
records embed a timestamp, which I'd rather not have to figure out from 
within the kernel.  Perhaps a raw (binary) interface to write records to 
the log would suffice?  /sys/firmware/gsmi/append_to_eventlog ?

If so, does /sys/firmware/gsmi/raw_eventlog make sense too?


Thanks,

Mike Waychison
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ