lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 7 Sep 2018 21:22:14 +0200 (CEST)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     "Prakhya, Sai Praneeth" <sai.praneeth.prakhya@...el.com>
cc:     Bhupesh Sharma <bhsharma@...hat.com>,
        "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "Neri, Ricardo" <ricardo.neri@...el.com>,
        "matt@...eblueprint.co.uk" <matt@...eblueprint.co.uk>,
        Al Stone <astone@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Ingo Molnar <mingo@...nel.org>,
        Andy Lutomirski <luto@...nel.org>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Peter Zijlstra <peterz@...radead.org>
Subject: RE: [PATCH V4 3/3] x86/efi: Introduce EFI_PAGE_FAULT_HANDLER

On Fri, 7 Sep 2018, Prakhya, Sai Praneeth wrote:
> > > So, if Thomas, Ingo, Andy, Ard and Boris are ok.. I will make it as
> > > default (i.e. without config).

Yes, that's the right thing to do.

> > Also, some distributions already have specific ways to handle buggy
> > firmwares which can be at times dependent on the underlying hardware
> > and the firmware versions.

If the distro patched their kernel to deal with buggy firmware, then:

 1) why did they not upstream it ?

 2) why should we worry about that ?

> > I would suggest that we enable this under a CONFIG for the first round
> > and once it is tested with wider variety of x86 machines which have
> > buggy or orphaned firmware and linux (and reboot) works fine with them,
> > we can drop the CONFIG option in future and enable this by default.

Sure and then nobody enables it and the affected machines still crash or
hang on reboot. The whole thing is simple enough now to make it
unconditional.

> Sounds fair to me, but, I would like to wait for someone experienced to
> make the final call.

Please get rid of that config knob. Buggy firmware exists and we better
deal with it by default.

Thanks,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ