lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 27 Sep 2017 09:50:51 -0700
From:   Darren Hart <dvhart@...radead.org>
To:     Mario.Limonciello@...l.com
Cc:     andy.shevchenko@...il.com, pali.rohar@...il.com,
        linux-kernel@...r.kernel.org, platform-driver-x86@...r.kernel.org,
        quasisec@...gle.com
Subject: Re: [PATCH 06/12] platform/x86: dell-wmi-smbios: Add a sysfs
 interface for SMBIOS tokens

On Mon, Sep 25, 2017 at 05:31:05PM +0000, Mario.Limonciello@...l.com wrote:
> > -----Original Message-----
> > From: Andy Shevchenko [mailto:andy.shevchenko@...il.com]
> > Sent: Monday, September 25, 2017 1:04 PM
> > To: Pali Rohár <pali.rohar@...il.com>
> > Cc: Limonciello, Mario <Mario_Limonciello@...l.com>; dvhart@...radead.org;
> > LKML <linux-kernel@...r.kernel.org>; Platform Driver <platform-driver-
> > x86@...r.kernel.org>; quasisec@...gle.com
> > Subject: Re: [PATCH 06/12] platform/x86: dell-wmi-smbios: Add a sysfs interface
> > for SMBIOS tokens
> > 
> > On Mon, Sep 25, 2017 at 7:23 PM, Pali Rohár <pali.rohar@...il.com> wrote:
> > > On Thursday 21 September 2017 08:57:11 Mario Limonciello wrote:
> > >> Currently userspace tools can access system tokens via the dcdbas
> > >> kernel module and a SMI call that will cause the platform to execute
> > >> SMM code.
> > >>
> > >> With a goal in mind of deprecating the dcdbas kernel module a different
> > >> method for accessing these tokens from userspace needs to be created.
> > >>
> > >> This is intentionally marked to only be readable as root as it can
> > >> contain sensitive information about the platform's configuration.
> > >
> > > Darren, Andy, any comments? I'm not quite sure if such API is suitable
> > > for long term in kernel.
> > 
> > I would try to avoid sysfs interfaces for some particular devices.
> > Besides we are creating a character device. Would it be suitable there?
> 
> If the character device having 2 different ioctls for different needs is
> acceptable I'm happy to adjust the series to do this instead.

One piece of feedback I had re the char device was to see if we could avoid the
need for the IOCTL altogether, I'd like to have that discussion before we add
another.

> 
> > 
> > > Basically tokens are list of tuples <id, location, value> with
> > > possibility to active them, right?
> > >
> 
> I didn't add a way to activate them through this, it was only for
> reading purpose.  Activating them should be possible through the
> SMBIOS calling interface though.
> 

These are read-only as I understood it, and only with the right privileges.
Sysfs seemed appropriate for this to me.


-- 
Darren Hart
VMware Open Source Technology Center

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ