lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20170407063107.GA10451@dhcp-128-65.nay.redhat.com>
Date:   Fri, 7 Apr 2017 14:31:07 +0800
From:   Dave Young <dyoung@...hat.com>
To:     "Rafael J. Wysocki" <rafael@...nel.org>
Cc:     David Howells <dhowells@...hat.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        gnomes@...rguk.ukuu.org.uk, linux-efi@...r.kernel.org,
        Josh Boyer <jwboyer@...hat.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        ACPI Devel Maling List <linux-acpi@...r.kernel.org>,
        linux-security-module@...r.kernel.org, keyrings@...r.kernel.org,
        matthew.garrett@...ula.com
Subject: Re: [PATCH 17/24] acpi: Ignore acpi_rsdp kernel param when the
 kernel has been locked down

On 04/06/17 at 09:43pm, Rafael J. Wysocki wrote:
> On Wed, Apr 5, 2017 at 10:16 PM, David Howells <dhowells@...hat.com> wrote:
> > From: Josh Boyer <jwboyer@...hat.com>
> >
> > This option allows userspace to pass the RSDP address to the kernel, which
> > makes it possible for a user to circumvent any restrictions imposed on
> > loading modules.  Ignore the option when the kernel is locked down.
> 
> I'm not really sure here.
> 
> What exactly is the mechanism?

Actually this acpi_rsdp param is created for EFI kexec reboot in old
days when we had not supported persistent efi vm space across kexec
reboot. At that time kexec reboot runs as noefi mode, it can not find
the acpi root table thus kernel will hang early.

Now kexec can support EFI boot so this param is not necessary for most
user unless they still use efi=old_map.

> 
> Thanks,
> Rafael
> --
> To unsubscribe from this list: send the line "unsubscribe linux-efi" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ