lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <201606190044.21035@pali>
Date:	Sun, 19 Jun 2016 00:44:20 +0200
From:	Pali Rohár <pali.rohar@...il.com>
To:	Leon Yu <leon@...nyu.net>
Cc:	Guenter Roeck <linux@...ck-us.net>,
	Jean Delvare <jdelvare@...e.com>,
	Jan C Peters <jcpeters89@...il.com>,
	Thorsten Leemhuis <fedora@...mhuis.info>,
	David Santamaría Rogado <howl.nsp@...il.com>,
	Peter Saunderson <peteasa@...il.com>,
	Tolga Cakir <cevelnet@...il.com>,
	"Austin S. Hemmelgarn" <ahferroin7@...il.com>,
	Mario_Limonciello@...l.com,
	Gabriele Mazzotta <gabriele.mzt@...il.com>,
	Michał Kępień <kernel@...pniu.pl>,
	Dakota Whipple <dakotajaywhipple@...il.com>,
	linux-hwmon@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/6] dell-smm-hwmon fixes

Thanks for testing! It took too long, but bugs in vendor SMM code are 
hard to detect and probably impossible to fix. So I would call this 
patch just as "workaround" and not proper bug fix...

On Saturday 18 June 2016 23:58:19 Leon Yu wrote:
> Just installed on "Inspiron 580", appears to have fixed the problem.
> 
> On Sat, Jun 18, 2016 at 12:54 PM, Guenter Roeck <linux@...ck-us.net>
> wrote:
> > On 06/18/2016 08:26 AM, Pali Rohár wrote:
> >> On Saturday 18 June 2016 17:13:59 Guenter Roeck wrote:
> >>> On 06/17/2016 03:54 PM, Pali Rohár wrote:
> >>>> I'm sending all my dell-smm-hwmon patches in one series, because
> >>>> due to changes in code other patches depends on previous.
> >>>> 
> >>>> First two patches fixes problem with old /proc/i8k file. Second
> >>>> is security fix and should be backported to all stable kernels
> >>>> (that problem was there always). I tested i8kctl tool (from
> >>>> i8kutils package) that it still works with these patches.
> >>>> Without root access for those security operations just showes
> >>>> '?' or '-1'.
> >>>> 
> >>>> Third and fourth patches try to fix problem on machines with
> >>>> broken SMM/BIOS when calling function fan_type().
> >>>> 
> >>>> Fifth is new feature and last sixth useful for debugging.
> >>>> 
> >>>> Pali Rohár (6):
> >>>>     hwmon: (dell-smm) Fail in ioctl I8K_BIOS_VERSION when bios
> >>>>     version is
> >>>>     
> >>>>       not a number
> >>>>     
> >>>>     hwmon: (dell-smm) Restrict fan control and serial number to
> >>>>     
> >>>>       CAP_SYS_ADMIN by default
> >>>>     
> >>>>     hwmon: (dell-smm) Disallow fan_type() calls on broken
> >>>>     machines hwmon: (dell-smm) Cache fan_type() calls and
> >>>>     change fan detection hwmon: (dell-smm) Detect fan with
> >>>>     index=2 hwmon: (dell-smm) In debug mode log duration of SMM
> >>>>     calls
> >>>>    
> >>>>    drivers/hwmon/dell-smm-hwmon.c |  122
> >>>>    ++++++++++++++++++++++++++++++++-------- 1 file changed, 99
> >>>>    insertions(+), 23 deletions(-)
> >>> 
> >>> Pali,
> >>> 
> >>> You asked for additional testing, so I am not sure what you
> >>> expect me to do.
> >>> 
> >>> Which of the patches can/should I apply now ?
> >>> 
> >>> Guenter
> >> 
> >> Test 3/6 and 4/6 patches on affected Dell machines. I CCed all
> >> people who tried to debug those bugs, so need confirmation from
> >> them that after applying 3/6 and 4/6 patches, erratic fan
> >> behaviour is not there...
> >> 
> >> But because those two patches depends on previous, it is needed to
> >> test whole series...
> >> 
> >> This doesn't tell me which patches to apply now. The first two ?
> > 
> > Guenter

-- 
Pali Rohár
pali.rohar@...il.com

Download attachment "signature.asc " of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ