| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180215182208.35003-1-joe.konno@linux.intel.com>
Date: Thu, 15 Feb 2018 10:22:06 -0800
From: Joe Konno <joe.konno@...ux.intel.com>
To: linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: ard.biesheuvel@...aro.org, matthew.garrett@...ula.com,
jk@...abs.org, ak@...ux.intel.com, tony.luck@...el.com
Subject: [PATCH 0/2] efivars: reading variables can generate SMIs
From: Joe Konno <joe.konno@...el.com>
It was pointed out that normal, unprivileged users reading certain EFI
variables (through efivarfs) can generate SMIs. Given these nodes are created
with 0644 permissions, normal users could generate a lot of SMIs. By
restricting permissions a bit (patch 1), we can make it harder for normal users
to generate spurious SMIs.
A normal user could generate lots of SMIs by reading the efivarfs in a trivial
loop:
```
while true; do
cat /sys/firmware/efi/evivars/* > /dev/null
done
```
Patch 1 in this series limits read and write permissions on efivarfs to the
owner/superuser. Group and world cannot access.
Patch 2 is for consistency and hygiene. If we restrict permissions for either
efivarfs or efi/vars, the other interface should get the same treatment.
Joe Konno (2):
fs/efivarfs: restrict inode permissions
efi: restrict top-level attribute permissions
drivers/firmware/efi/efi.c | 10 ++++++----
fs/efivarfs/super.c | 4 ++--
2 files changed, 8 insertions(+), 6 deletions(-)
--
2.14.1
Powered by blists - more mailing lists