lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <50BFEF09.9000408@zytor.com> Date: Wed, 05 Dec 2012 17:04:09 -0800 From: "H. Peter Anvin" <hpa@...or.com> To: Matthew Garrett <mjg59@...f.ucam.org> CC: Yinghai Lu <yinghai@...nel.org>, Bjorn Helgaas <bhelgaas@...gle.com>, linux-kernel@...r.kernel.org, linux-pci@...r.kernel.org, linux-efi@...r.kernel.org, mfleming@...el.com, dwmw2@...radead.org, "Eric W. Biederman" <ebiederm@...ssion.com> Subject: Re: Use PCI ROMs from EFI boot services On 12/05/2012 04:57 PM, Matthew Garrett wrote: > > > "H. Peter Anvin" <hpa@...or.com> wrote: > >> I don't think there is anything security-sensitive about that >> information, at least not to root. I could be wrong, of course; I >> wouldn't mind security people telling me about that. > > I don't think there's anything at present, but we'll want to pass the hibernation encryption key from the bootloader to the kernel in the near future. setup_data seems like the easiest way to do that. > And that presumably would be something that cannot be exposed to root? If so we may want to use one of the bits in the setup_data type field as a security flag, perhaps... -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists