lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKv+Gu9C=7h6aVgG5tZO5BQZtHUBLF60USZNjavd22Pax6XGoQ@mail.gmail.com>
Date:	Sun, 1 May 2016 10:03:55 +0200
From:	Ard Biesheuvel <ard.biesheuvel@...aro.org>
To:	Ingo Molnar <mingo@...nel.org>
Cc:	jeremy.compostella@...el.com, stefan.stanacar@...el.com,
	Matt Fleming <matt@...eblueprint.co.uk>,
	Peter Zijlstra <peterz@...radead.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"tglx@...utronix.de" <tglx@...utronix.de>,
	"hpa@...or.com" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
	linux-tip-commits@...r.kernel.org
Subject: Re: [tip:efi/core] efibc: Add EFI Bootloader Control module

On 29 April 2016 at 11:53, Ingo Molnar <mingo@...nel.org> wrote:
>
> * tip-bot for Compostella, Jeremy <tipbot@...or.com> wrote:
>
>> Commit-ID:  06f7d4a1618dbb086e738c93cd1ef416ab01027d
>> Gitweb:     http://git.kernel.org/tip/06f7d4a1618dbb086e738c93cd1ef416ab01027d
>> Author:     Compostella, Jeremy <jeremy.compostella@...el.com>
>> AuthorDate: Mon, 25 Apr 2016 21:06:57 +0100
>> Committer:  Ingo Molnar <mingo@...nel.org>
>> CommitDate: Thu, 28 Apr 2016 11:34:02 +0200
>>
>> efibc: Add EFI Bootloader Control module
>>
>> This module installs a reboot callback, such that if reboot() is invoked
>> with a string argument NNN, "NNN" is copied to the "LoaderEntryOneShot"
>> EFI variable, to be read by the bootloader.
>

Apologies for only mentioning this now, but I wonder why we need this
in the kernel in the first place? The UEFI spec defines 'BootNext' as
the way to set the boot entry for the next boot only, and this could
also be set from userland. (i.e., the agent that knows how to invoke
reboot with this particular string argument could simply set the EFI
variable from userspace)

As far as reboot/shutdown is concerned, there is a ResetSystem()
runtime service which reboots via the UEFI firmware, which seems like
a better place to record the reboot/shutdown value.

So what bootloader is this exactly that requires this?

Thanks,
Ard.


>>  drivers/firmware/efi/Kconfig  |  15 +++++++
>>  drivers/firmware/efi/Makefile |   1 +
>>  drivers/firmware/efi/efibc.c  | 101 ++++++++++++++++++++++++++++++++++++++++++
>>  include/linux/efi.h           |   4 ++
>>  4 files changed, 121 insertions(+)
>
> So this bloated things a bit on 32-bit x86 allyesconfig kernels, we now have this
> new warning:
>
>   drivers/firmware/efi/efibc.c:53:1: warning: the frame size of 2256 bytes is larger than 1024 bytes [-Wframe-larger-than=]
>
> 2K of stack use for a function is quite excessive, can we improve the stack
> footprint of this code?
>
> Thanks,
>
>         Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ