| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 May 2016 15:55:26 +0100 From: One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk> To: Matt Fleming <matt@...eblueprint.co.uk> Cc: "Kweh, Hock Leong" <hock.leong.kweh@...el.com>, "Bryan O'Donoghue" <pure.logic@...us-software.ie>, "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Ard Biesheuvel <ard.biesheuvel@...aro.org>, joeyli <jlee@...e.com>, Borislav Petkov <bp@...en8.de>, "Ong, Boon Leong" <boon.leong.ong@...el.com>, "Ong, Kean Chai" <kean.chai.ong@...el.com> Subject: Re: [PATCH] efi/capsule: Make efi_capsule_pending() lockless On Thu, 5 May 2016 15:36:43 +0100 Matt Fleming <matt@...eblueprint.co.uk> wrote: > On Thu, 05 May, at 02:27:16PM, Kweh, Hock Leong wrote: > > > > If not mistaken, the EFI firmware will not update a partially uploaded binary due to checksum error. > > User is required to re-update the efi capsule again on the next boot up. > > Ah, so the capsule is only processed by the firmware after rebooting? > That makes sense and alleviates my concerns about rebooting while in > the middle of efi_capsule_update(). Yes - and in many cases the actions the firmware capsule update does are done in a manner which once you exit the firmware cannot be done by the OS. It acts as a way to communicate a block of (typically signed) firmware to more hardware priviliged boot firmware. Alan
Powered by blists - more mailing lists