lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 17 Oct 2017 21:25:03 +0200
From:   Pali Rohár <pali.rohar@...il.com>
To:     Mario.Limonciello@...l.com
Cc:     dvhart@...radead.org, andy.shevchenko@...il.com,
        linux-kernel@...r.kernel.org, platform-driver-x86@...r.kernel.org,
        luto@...nel.org, quasisec@...gle.com, rjw@...ysocki.net,
        mjg59@...gle.com, hch@....de, greg@...ah.com,
        gnomes@...rguk.ukuu.org.uk
Subject: Re: [PATCH v9 07/17] platform/x86: dell-smbios: only run if proper
 oem string is detected

On Tuesday 17 October 2017 19:19:02 Mario.Limonciello@...l.com wrote:
> > -----Original Message-----
> > From: Limonciello, Mario
> > Sent: Tuesday, October 17, 2017 2:11 PM
> > To: 'Pali Rohár' <pali.rohar@...il.com>
> > Cc: dvhart@...radead.org; Andy Shevchenko <andy.shevchenko@...il.com>;
> > LKML <linux-kernel@...r.kernel.org>; platform-driver-x86@...r.kernel.org; Andy
> > Lutomirski <luto@...nel.org>; quasisec@...gle.com; rjw@...ysocki.net;
> > mjg59@...gle.com; hch@....de; Greg KH <greg@...ah.com>; Alan Cox
> > <gnomes@...rguk.ukuu.org.uk>
> > Subject: RE: [PATCH v9 07/17] platform/x86: dell-smbios: only run if proper oem
> > string is detected
> > 
> > > -----Original Message-----
> > > From: Pali Rohár [mailto:pali.rohar@...il.com]
> > > Sent: Tuesday, October 17, 2017 2:04 PM
> > > To: Limonciello, Mario <Mario_Limonciello@...l.com>
> > > Cc: dvhart@...radead.org; Andy Shevchenko <andy.shevchenko@...il.com>;
> > > LKML <linux-kernel@...r.kernel.org>; platform-driver-x86@...r.kernel.org;
> > Andy
> > > Lutomirski <luto@...nel.org>; quasisec@...gle.com; rjw@...ysocki.net;
> > > mjg59@...gle.com; hch@....de; Greg KH <greg@...ah.com>; Alan Cox
> > > <gnomes@...rguk.ukuu.org.uk>
> > > Subject: Re: [PATCH v9 07/17] platform/x86: dell-smbios: only run if proper oem
> > > string is detected
> > >
> > > On Tuesday 17 October 2017 13:21:51 Mario Limonciello wrote:
> > > > The proper way to indicate that a system is a 'supported' Dell System
> > > > is by the presence of this string in OEM strings.
> > > >
> > > > Allowing the driver to load on non-Dell systems will have undefined
> > > > results.
> > > >
> > > > Signed-off-by: Mario Limonciello <mario.limonciello@...l.com>
> > > > Reviewed-by: Edward O'Callaghan <quasisec@...gle.com>
> > > > ---
> > > >  drivers/platform/x86/dell-smbios.c | 7 +++++++
> > > >  1 file changed, 7 insertions(+)
> > > >
> > > > diff --git a/drivers/platform/x86/dell-smbios.c b/drivers/platform/x86/dell-
> > > smbios.c
> > > > index e9b1ca07c872..7e779278d054 100644
> > > > --- a/drivers/platform/x86/dell-smbios.c
> > > > +++ b/drivers/platform/x86/dell-smbios.c
> > > > @@ -172,8 +172,15 @@ static void __init find_tokens(const struct dmi_header
> > > *dm, void *dummy)
> > > >
> > > >  static int __init dell_smbios_init(void)
> > > >  {
> > > > +	const struct dmi_device *valid;
> > > >  	int ret;
> > > >
> > > > +	valid = dmi_find_device(DMI_DEV_TYPE_OEM_STRING, "Dell System",
> > > NULL);
> > >
> > > Are you sure that all Dell machines have exactly this string? IIRC this
> > > smbios interface via SMM is supported by machines back to 2005... Also
> > > in other DMI tables in dell-latop there is e.g. "Dell Inc." or "Dell
> > > Computer Corporation".
> > >
> > I checked the spec and it's been there since systems 1999 onward.
> > 
> 
> Oh and it's case it's not apparent, this is from OEM strings section.  It's not
> the same as standard SMBIOS strings for system manufacturer, bios vendor
> etc.  I'm checking this one specifically because a system can be rebranded.  
> When rebranded the drivers won't load automatically, but this interface 
> should still work on a if manually loaded.

So if machine is rebranded, then this string is also changed? If string
is changed, then this patch cause our kernel driver to refuse load on
those machines...

-- 
Pali Rohár
pali.rohar@...il.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ