lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 26 Sep 2019 16:46:58 +0100
From:   Ross Lagerwall <ross.lagerwall@...rix.com>
To:     Ard Biesheuvel <ard.biesheuvel@...aro.org>
CC:     linux-efi <linux-efi@...r.kernel.org>,
        Darren Hart <dvhart@...radead.org>,
        Andy Shevchenko <andy@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>,
        the arch/x86 maintainers <x86@...nel.org>,
        <platform-driver-x86@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Sai Praneeth <sai.praneeth.prakhya@...el.com>
Subject: Re: [PATCH] x86/efi: Don't require non-blocking EFI callbacks

On 9/26/19 4:29 PM, Ard Biesheuvel wrote:
> On Thu, 26 Sep 2019 at 16:12, Ross Lagerwall <ross.lagerwall@...rix.com> wrote:
>>
>> If a backend does not implement non-blocking EFI operations, it implies
>> that the normal operations are non-blocking.
> 
> Is that documented anywhere?

Sort of. From commit 6d80dba1c9fe "efi: Provide a non-blocking 
SetVariable() operation"

"""
Introduce ->set_variable_nonblocking() for this use case. It is an
optional EFI backend operation, and need only be implemented by those
backends that usually acquire locks to serialize access to EFI
variables, as is the case for virt_efi_set_variable() where we now grab
the EFI runtime spinlock.
"""

> 
>> Instead of crashing
>> dereferencing a NULL pointer, fallback to the normal operations since it
>> is safe to do so.
>>
> 
> I agree that crashing is never the right thing to do, but I wonder
> whether we shouldn't just bail instead. If the provided default
> operation is non-blocking, the platform can populate the function
> pointer with a reference to the default implementation.

If you would prefer it that platforms are always required to implement 
the non-blocking functions, then I will just send a simple patch fixing 
up the Xen implementation.

Thanks,
-- 
Ross Lagerwall

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ