lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CALCETrUEVKePqm2EsKsL8B4YLFDBf+1=4YHB5W-5ViS5MFBf2g@mail.gmail.com>
Date:	Tue, 10 Mar 2015 10:31:09 -0700
From:	Andy Lutomirski <luto@...capital.net>
To:	Peter Jones <pjones@...hat.com>
Cc:	Matt Fleming <matt@...sole-pimps.org>,
	"Kweh, Hock Leong" <hock.leong.kweh@...el.com>,
	Sam Protsenko <semen.protsenko@...aro.org>,
	Ming Lei <ming.lei@...onical.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"Ong, Boon Leong" <boon.leong.ong@...el.com>,
	LKML <linux-kernel@...r.kernel.org>,
	"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>
Subject: Re: Re: [PATCH v2 3/3] efi: Capsule update with user helper interface

On Tue, Mar 10, 2015 at 10:26 AM, Peter Jones <pjones@...hat.com> wrote:
> On Tue, Mar 10, 2015 at 08:51:59AM -0700, Andy Lutomirski wrote:
>> On Tue, Mar 10, 2015 at 8:40 AM, Peter Jones <pjones@...hat.com> wrote:
>> >
>> >> >> So, for the sysfs interface, let's not allow loading from /lib. Let's
>> >> >> not require a userland tool. Let's just do,
>> >> >>
>> >> >>   # echo /path/to/my/awesome/capsule.bin > /sys/../capsule
>> >> >
>> >> >>
>> >> >> and be done with it.
>> >> >>
>> >> >> Hmmm?
>> >> >
>> >> > I assume you're implying a) the capsule header with the guid is embedded
>> >> > in the .bin there already, and b) one contiguous write(2) with error
>> >> > reporting coming through something like vars.c's efi_status_to_err()?
>> >> >
>> >> > If so, yes, I prefer this API.
>> >> >
>> >>
>> >> Is using a char device really so bad?  I have a "simple_char" that
>> >> makes this really easy that's pending review.
>> >
>> > As long as there's straightforward propagation of the EFI_STATUS return
>> > from UpdateCapsule() back, sysfs file vs char device makes very little
>> > difference to me.  Either way it's open(), write(), close().  Using the
>> > runtime firmware upload interface designed for wifi and scsi devices is
>> > the part I don't really like.
>> >
>>
>> I'm not 100% happy with write(2) (which is all we have in sysfs) for
>> two reasons:
>>
>> 1. If we write a file name, eww.  That's more complicated, requires
>> temporary files, has annoying mount namespace issues, etc.
>>
>> 2. If we write the full contents, we need to do it in a single call to
>> write.  That means that we can't use cat, which mostly defeats the
>> purpose.  In fact, using cat could be actively harmful.
>
> So if what we wind up with is:
>
> fd = open("/sys/.../capsule", O_RDWR);
> write(fd, buf, size/N);
> ...
> write(fd, buf + M*size/N, size/N);
> close(fd);
>
> You're suggesting the error code would post on close()?  My worry about
> that is that I imagine a lot less code in the wild checks the error code
> on close() than on write() - though gnu cat does do so on both.  But
> there are other questions still - will it post on fdatasync()?  On
> fsync()?

Cat, for example, doesn't check any of the above, which is why I don't
like this approach.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ