lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 9 Nov 2021 12:25:48 +0100
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Philipp Deppenwiese <philipp.deppenwiese@...u.ne>
Cc:     Hans-Gert Dahmen <hans-gert.dahmen@...u.ne>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "mauro.lima@...ypsium.com" <mauro.lima@...ypsium.com>,
        "hughsient@...il.com" <hughsient@...il.com>,
        "platform-driver-x86@...r.kernel.org" 
        <platform-driver-x86@...r.kernel.org>
Subject: Re: [PATCH] firmware: export x86_64 platform flash bios region via
 sysfs

A: http://en.wikipedia.org/wiki/Top_post
Q: Were do I find info about this thing called top-posting?
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?

A: No.
Q: Should I include quotations after my reply?

http://daringfireball.net/2007/07/on_top


On Tue, Nov 09, 2021 at 11:30:06AM +0100, Philipp Deppenwiese wrote:
> Hi Greg,
> 
> sorry for the previous html email, totally forgot kernel ml was plain
> text only.

It's also interleaved responses :)

> Just some feedback regarding the use case for the interface. As you may
> know the firmware (BIOS/UEFI/coreboot) is growing massively in the last
> few years. So we have now 32MB of firmware on a normal x86 system. The
> interface shall be used as safe and secure method to get the first 16MB
> read-only copy of the firmware. The interface from Intel is read-only so
> we shouldn't introduce any security issues here.

The problem is this driver will "bind" to any device it is loaded on,
which is not ok.  It must only work on hardware that it is known to work
on, as remember, Linux runs on hundreds of thousands of different
platforms and types of hardware.

> Aside from us there is fwupd.org and another company which are
> interested in the interface as well. We have added Richard from Redhat
> to the CC. We use the interface mainly for firmware analysis and TPM PCR
> pre-calculation features in our SaaS product.
> 
> I hope that resolves your questions :). Let me know if you want to
> discuss more.

Given a lack of documentation as to what this interface would be used
for, that needs to be resolved, along with links to userspace code that
uses this new api.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ