lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+5PVA51UZL3zkYgLAimnXcYQwNJ4h+zCqEt0XRp2UEHaV302g@mail.gmail.com>
Date:	Wed, 27 Apr 2016 11:20:26 -0400
From:	Josh Boyer <jwboyer@...oraproject.org>
To:	Môshe van der Sterre <me@...he.nl>
Cc:	Matt Fleming <matt@...eblueprint.co.uk>,
	"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
	"Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>,
	Josh Triplett <josh@...htriplett.org>
Subject: Re: [PATCH] x86/efi-bgrt: Switch all pr_err() to pr_debug() for
 invalid BGRT

On Wed, Apr 27, 2016 at 10:57 AM, Môshe van der Sterre <me@...he.nl> wrote:
>
> On 04/27/2016 03:56 PM, Josh Boyer wrote:
>>
>> On Wed, Apr 27, 2016 at 9:26 AM, Môshe van der Sterre <me@...he.nl> wrote:
>>>
>>> (additionally CC-ing Josh Triplett)
>>
>> Thanks for doing so.  I completely forgot.
>>
>>> On 04/27/2016 02:50 PM, Josh Boyer wrote:
>>>>
>>>> The promise of pretty boot splashes from firmware via BGRT was at
>>>> best only that; a promise.  The kernel diligently checks to make
>>>> sure the BGRT data firmware gives it is valid, and dutifully warns
>>>> the user when it isn't.  However, it does so via the pr_err log
>>>> level which seems unnecessary.  The user cannot do anything about
>>>> this and there really isn't an error on the part of Linux to
>>>> correct.
>>>>
>>>> This lowers the log level by using pr_debug instead.  Users will
>>>> no longer have their boot process uglified by the kernel reminding
>>>> us that firmware can and often is broken.  Ironic, considering
>>>> BGRT is supposed to make boot pretty to begin with.
>>>
>>> Hi Josh Boyer,
>>>
>>> Are you seeing these errors somewhere? I recently fixed the error
>>> "Ignoring
>>
>> We have a user that reports seeing:
>>
>> "Ignoring BGRT: Invalid version 0 (expected 1)"
>>
>> on a Lenovo T430 machine.  We've had a few other scattered reports on
>> various machine types since BGRT went into the kernel as well.
>
> Ok. With this information, I think pr_debug is indeed better.
>>>
>>> BGRT: invalid status 0 (expected 1)" because Linux apparently interpreted
>>> that part of the specification differently than others.
>>> If that's the error you are seeing, perhaps your problem is already
>>> solved
>>> in recent kernels? (fixed in commit 66dbe99)
>>>
>>> Personally I agree that BGRT messages should not annoy actual users of
>>> production firmwares.
>>> However I also agree with the previous consensus that these checks (for
>>> actual spec violations) should remain pr_err unless some production
>>> firmware
>>> is triggering them. What do you think?
>>
>> Production firmware is literally the only firmware end users will ever
>> see.  I don't see much point in leaving scary error messages in the
>> kernel to complain about things the user has no chance of fixing or in
>> almost all cases even reporting to people who could fix it.
>
> In principle I can understand the wish to show big scary error messages to
> firmware developers doing it wrong.

Yes, that is theoretically possible.  However, my best guess is that
firmware developers aren't typically testing with Linux distributions
during firmware development.  They test with Windows, which is why we
see warnings in Linux that Windows doesn't show.  By then the firmware
is in production and it is too late.

We see this in lots of areas, which is why we have weird quirks for
devices all over the kernel, but I don't think there's value in doing
quirk mechanisms around BGRT.

josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ