lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <201210231605.q9NG51KW022791@filesys1.fc.hp.com>
Date:	Tue, 23 Oct 2012 10:05:01 -0600 (MDT)
From:	Randy Wright <rwright@...esys1.fc.hp.com>
To:	mjg@...hat.com (Matthew Garrett)
Cc:	rwright@...com, linux-kernel@...r.kernel.org, tmac@...com,
	hpa@...or.com, mjg59@...f.ucam.org
Subject: Re: [PATCH RFC] function probe_roms accessing improper addresses

Hi Matthew,
 
You made some interesting suggestions:

> 1) Declare that any x86 hardware supported by Linux *must* support 
> probing in this address region

On the first: one way to be compliant with such a requirement would be 
to design systems that implement softfail in this particular region.   
What about a system that hardfails, but on which the resulting machine
check can be handled by the kernel machine check handler?  Would
appropriate re-ordering of the kernel initialization code to support
such systems be acceptable?

Also, let me mention a possible amendment to your first idea: what if
the mandate that probing be supported were qualified by some attribute
that could be indicated in the UEFI environment?  For example: instead
of just a hole in the UEFI memory map, what if this range was
specifically present and typed as EfiUnusableMemory?  Another idea for
UEFI systems - but one requiring a UEFI specification change - might be
adding a UEFI variable that if present, indicates any area not
explicitly included and typed in the UEFI memory map (including the
legacy adapter region) must be explicitly avoided by an OS.

> 2) Don't call probe_roms() by default, but leave it up to the graphics 
> drivers. If they can get the rom by any other means then don't call it.

One the second idea: there are a quite a lot of video drivers in the kernel
source tree.  Do you have a suggestion for how to evaluate which ones 
rely on the setup performed by probe_roms?

-- 
Randy Wright            Hewlett-Packard Company
Phone: (970) 898-0998   Mail: rwright@...com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ