| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5048B52A.6000602@canonical.com>
Date: Thu, 06 Sep 2012 22:37:30 +0800
From: Jeremy Kerr <jeremy.kerr@...onical.com>
To: Matt Fleming <matt.fleming@...el.com>
CC: linux-kernel@...r.kernel.org, Matthew Garrett <mjg@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Matt Domsch <Matt_Domsch@...l.com>,
Peter Jones <pjones@...hat.com>
Subject: Re: [RFC,PATCH v2] efi: Add support for a UEFI variable filesystem
Hi Matt,
> I think this is the problematic chunk of code,
>
> static int efivars_unlink(struct inode *dir, struct dentry *dentry)
> {
> struct efivar_entry *var = dentry->d_inode->i_private;
> struct efivars *efivars = var->efivars;
> efi_status_t status;
>
> spin_lock(&efivars->lock);
>
> status = efivars->ops->set_variable(var->var.VariableName,
> &var->var.VendorGuid,
> 0, 0, NULL);
>
> For deleting authenticated variables Attributes, DataSize and Data need
> to be non-zero. I think DataSize == AuthInfo descriptor. Peter?
That's correct, but we can't use unlink to delete a secure variable, we
need to do a write instead, in order to provide the authentication
descriptor.
But yes, we may need to alter the efivars_file_write path so that such a
write actually results in the dentry being removed...
Cheers,
Jeremy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists