lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 20 Mar 2020 20:37:54 +0800
From:   Daniel Drake <drake@...lessm.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Jian-Hong Pan <jian-hong@...lessm.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>,
        "H . Peter Anvin" <hpa@...or.com>,
        Ard Biesheuvel <ardb@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Anton Vorontsov <anton@...msg.org>,
        Colin Cross <ccross@...roid.com>,
        Tony Luck <tony.luck@...el.com>, x86@...nel.org,
        Linux Kernel <linux-kernel@...r.kernel.org>,
        linux-efi@...r.kernel.org,
        Linux Upstreaming Team <linux@...lessm.com>
Subject: Re: [PATCH] Revert "x86/reboot, efi: Use EFI reboot for Acer
 TravelMate X514-51T"

On Thu, Mar 12, 2020 at 6:46 PM Borislav Petkov <bp@...en8.de> wrote:
> How do you know *everyone* affected will update their BIOS?
>
> And what's the downside of keeping it?

It could indeed be kept without user-visible downside, and that would
be the normal case for quirks that work around BIOS bugs.

But I had two reasons for suggesting that Jian-Hong should send this
revert patch, which may be worth some consideration:

 1. This was working around a BIOS bug truly separate from Linux to
the point where it was a little questionable for Linux to put a quirk
in place. The original bug was that after Linux completed executing
the reboot code, the machine would reboot, the BIOS would start
loading, and then crash well before loading the OS. Presumably
crashing on some state that Linux left that was not reset in the
machine's reboot stage. The vendor later found the issue (something
TPM-related) and fixed the BIOS to avoid the crash.
 2. We normally receive these units before they go into mass
production, so there's a decent chance that production versions
already include this BIOS fix.

Based on that I was considering that the patch could be reverted for
cleanliness/ At the same time, I do not have strong feelings on this,
no issues if the quirk is left in place.

Daniel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ