lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 5 Jun 2017 16:00:33 +0000
From:   Ard Biesheuvel <ard.biesheuvel@...aro.org>
To:     Ingo Molnar <mingo@...nel.org>
Cc:     "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        "H . Peter Anvin" <hpa@...or.com>,
        Jan Kiszka <jan.kiszka@...mens.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Matt Fleming <matt@...eblueprint.co.uk>
Subject: Re: [PATCH 10/13] efi/capsule: Add support for Quark security header

On 5 June 2017 at 15:50, Ingo Molnar <mingo@...nel.org> wrote:
>
> * Ard Biesheuvel <ard.biesheuvel@...aro.org> wrote:
>
>> From: Jan Kiszka <jan.kiszka@...mens.com>
>>
>> The firmware for Quark X102x prepends a security header to the capsule
>> which is needed to support the mandatory secure boot on this processor.
>> The header can be detected by checking for the "_CSH" signature and -
>> to avoid any GUID conflict - validating its size field to contain the
>> expected value. Then we need to look for the EFI header right after the
>> security header and pass the real header to __efi_capsule_setup_info.
>>
>> To be minimal invasive and maximal safe, the quirk version of
>> efi_capsule_identify_image is only effective on Quark processors.
>
> So there's no efi_capsule_identify_image() function anywhere - this wants to be
> efi_capsule_setup_info(), right?
>
> I have edited the changelog accordingly.
>

Thanks

>> +config EFI_CAPSULE_QUIRK_QUARK_CSH
>> +     boolean "Add support for Quark capsules with non-standard headers"
>> +     depends on X86 && !64BIT
>> +     select EFI_CAPSULE_LOADER
>> +     default y
>> +     help
>> +       Add support for processing Quark X1000 EFI capsules, whose header
>> +       layout deviates from the layout mandated by the UEFI specification.
>
> BTW., there's no need to further put this behind a Kconfig option: the quirk seems
> targeted enough, and the whole point of runtime quirks is so that can be applied
> safely within generic kernels. Turning them off via Kconfig seems wrong.
>

Not entirely: enabling this quirk will remove the ability to select
EFI_CAPSULE_LOADER as a module. So making it unconditional makes
EFI_CAPSULE_LOADER builtin-only for 32-bit x86. This is necessary for
the override of __weak symbols in the generic capsule code to work as
expected.

This was a compromise between allowing no capsule loader quirks at
all, and having an elaborate framework with hooks in various places
(which invariably ends up parameterizing the wrong things if you have
only one real world quirk to design your framework around).

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ