lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Mon, 9 May 2016 12:59:09 +0300
From:	Octavian Purdila <octavian.purdila@...el.com>
To:	Jon Masters <jcm@...hat.com>
Cc:	"Rafael J. Wysocki" <rjw@...ysocki.net>,
	Len Brown <lenb@...nel.org>,
	Matt Fleming <matt@...eblueprint.co.uk>,
	Mark Brown <broonie@...nel.org>,
	Wolfram Sang <wsa@...-dreams.de>,
	Joel Becker <jlbec@...lplan.org>,
	"linux-acpi@...r.kernel.org" <linux-acpi@...r.kernel.org>,
	linux-efi@...r.kernel.org, linux-i2c <linux-i2c@...r.kernel.org>,
	linux-spi <linux-spi@...r.kernel.org>,
	lkml <linux-kernel@...r.kernel.org>,
	Irina Tirdea <irina.tirdea@...el.com>,
	Vincent Zimmer <vincent.zimmer@...el.com>
Subject: Re: [RFC PATCH v2 07/10] efi: load SSTDs from EFI variables

On Mon, May 9, 2016 at 7:13 AM, Jon Masters <jcm@...hat.com> wrote:
> Hi Octavian,
>
> Apologies for missing this earlier, just catching up on this thread...

Hi Jon,

>
> On 04/19/2016 06:39 PM, Octavian Purdila wrote:
>
>> This patch allows SSDTs to be loaded from EFI variables. It works by
>> specifying the EFI variable name containing the SSDT to be loaded. All
>> variables with the same name (regardless of the vendor GUID) will be
>> loaded.
>
> This sounds very useful during development. However, and using EFI
> variables isn't so terrible, but I am concerned that this should be
> standardized through ASWG and at least involve certain other OS vendors
> so that the variable (GUID) can be captured somewhere. If not in the
> spec itself, then it should be captured as an external ACPI resource on
> the UEFI website with a clear pointer to the exact IDs to be used.
>
> Can you confirm that's the intention? i.e. that you're allowing a
> command line option for specifying the ID now because you intend to go
> ensure that there is a standard one that everyone will use later?
>

Yes, that is the intention. As I mentioned in the commit the long term
plan is to do the loading at the FW level (before the OS boots) using
the same mechanisms. But since this is going to take some time, I
think its worth having the option to do the loading from software for
two reason:

a) to provide a way for using this mechanism on older boards that will
not have the option to do a firmware update to get this functionality

b) to implement the software support needed in advance and have a way to test it

> I should check (but maybe you know) if the kernel is automatically
> tainted by this codepath as well?

In this version of the patch the kernel is tainted. However, note that
in future versions I intend to remove it because it was already
removed part of the initrd ACPI table upgrade patch [1].

[1] http://lkml.iu.edu/hypermail/linux/kernel/1604.1/01488.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ