lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 17 Oct 2017 19:29:08 +0000
From:   <Mario.Limonciello@...l.com>
To:     <pali.rohar@...il.com>
CC:     <dvhart@...radead.org>, <andy.shevchenko@...il.com>,
        <linux-kernel@...r.kernel.org>,
        <platform-driver-x86@...r.kernel.org>, <luto@...nel.org>,
        <quasisec@...gle.com>, <rjw@...ysocki.net>, <mjg59@...gle.com>,
        <hch@....de>, <greg@...ah.com>, <gnomes@...rguk.ukuu.org.uk>
Subject: RE: [PATCH v9 07/17] platform/x86: dell-smbios: only run if proper
 oem string is detected

> -----Original Message-----
> From: Pali Rohár [mailto:pali.rohar@...il.com]
> Sent: Tuesday, October 17, 2017 2:25 PM
> To: Limonciello, Mario <Mario_Limonciello@...l.com>
> Cc: dvhart@...radead.org; andy.shevchenko@...il.com; linux-
> kernel@...r.kernel.org; platform-driver-x86@...r.kernel.org; luto@...nel.org;
> quasisec@...gle.com; rjw@...ysocki.net; mjg59@...gle.com; hch@....de;
> greg@...ah.com; gnomes@...rguk.ukuu.org.uk
> Subject: Re: [PATCH v9 07/17] platform/x86: dell-smbios: only run if proper oem
> string is detected
> 
> On Tuesday 17 October 2017 19:19:02 Mario.Limonciello@...l.com wrote:
> > > -----Original Message-----
> > > From: Limonciello, Mario
> > > Sent: Tuesday, October 17, 2017 2:11 PM
> > > To: 'Pali Rohár' <pali.rohar@...il.com>
> > > Cc: dvhart@...radead.org; Andy Shevchenko <andy.shevchenko@...il.com>;
> > > LKML <linux-kernel@...r.kernel.org>; platform-driver-x86@...r.kernel.org;
> Andy
> > > Lutomirski <luto@...nel.org>; quasisec@...gle.com; rjw@...ysocki.net;
> > > mjg59@...gle.com; hch@....de; Greg KH <greg@...ah.com>; Alan Cox
> > > <gnomes@...rguk.ukuu.org.uk>
> > > Subject: RE: [PATCH v9 07/17] platform/x86: dell-smbios: only run if proper
> oem
> > > string is detected
> > >
> > > > -----Original Message-----
> > > > From: Pali Rohár [mailto:pali.rohar@...il.com]
> > > > Sent: Tuesday, October 17, 2017 2:04 PM
> > > > To: Limonciello, Mario <Mario_Limonciello@...l.com>
> > > > Cc: dvhart@...radead.org; Andy Shevchenko <andy.shevchenko@...il.com>;
> > > > LKML <linux-kernel@...r.kernel.org>; platform-driver-x86@...r.kernel.org;
> > > Andy
> > > > Lutomirski <luto@...nel.org>; quasisec@...gle.com; rjw@...ysocki.net;
> > > > mjg59@...gle.com; hch@....de; Greg KH <greg@...ah.com>; Alan Cox
> > > > <gnomes@...rguk.ukuu.org.uk>
> > > > Subject: Re: [PATCH v9 07/17] platform/x86: dell-smbios: only run if proper
> oem
> > > > string is detected
> > > >
> > > > On Tuesday 17 October 2017 13:21:51 Mario Limonciello wrote:
> > > > > The proper way to indicate that a system is a 'supported' Dell System
> > > > > is by the presence of this string in OEM strings.
> > > > >
> > > > > Allowing the driver to load on non-Dell systems will have undefined
> > > > > results.
> > > > >
> > > > > Signed-off-by: Mario Limonciello <mario.limonciello@...l.com>
> > > > > Reviewed-by: Edward O'Callaghan <quasisec@...gle.com>
> > > > > ---
> > > > >  drivers/platform/x86/dell-smbios.c | 7 +++++++
> > > > >  1 file changed, 7 insertions(+)
> > > > >
> > > > > diff --git a/drivers/platform/x86/dell-smbios.c b/drivers/platform/x86/dell-
> > > > smbios.c
> > > > > index e9b1ca07c872..7e779278d054 100644
> > > > > --- a/drivers/platform/x86/dell-smbios.c
> > > > > +++ b/drivers/platform/x86/dell-smbios.c
> > > > > @@ -172,8 +172,15 @@ static void __init find_tokens(const struct
> dmi_header
> > > > *dm, void *dummy)
> > > > >
> > > > >  static int __init dell_smbios_init(void)
> > > > >  {
> > > > > +	const struct dmi_device *valid;
> > > > >  	int ret;
> > > > >
> > > > > +	valid = dmi_find_device(DMI_DEV_TYPE_OEM_STRING, "Dell
> System",
> > > > NULL);
> > > >
> > > > Are you sure that all Dell machines have exactly this string? IIRC this
> > > > smbios interface via SMM is supported by machines back to 2005... Also
> > > > in other DMI tables in dell-latop there is e.g. "Dell Inc." or "Dell
> > > > Computer Corporation".
> > > >
> > > I checked the spec and it's been there since systems 1999 onward.
> > >
> >
> > Oh and it's case it's not apparent, this is from OEM strings section.  It's not
> > the same as standard SMBIOS strings for system manufacturer, bios vendor
> > etc.  I'm checking this one specifically because a system can be rebranded.
> > When rebranded the drivers won't load automatically, but this interface
> > should still work on a if manually loaded.
> 
> So if machine is rebranded, then this string is also changed? If string
> is changed, then this patch cause our kernel driver to refuse load on
> those machines...
> 

No, this is the only string that you can use to tell it's still a Dell system
when it's been rebranded, that's why it's the proper thing to use in this
driver.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ