lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YY5FX/sQZSkBh2vz@kroah.com>
Date:   Fri, 12 Nov 2021 11:43:43 +0100
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Richard Hughes <hughsient@...il.com>
Cc:     Andy Shevchenko <andy.shevchenko@...il.com>,
        Ard Biesheuvel <ardb@...nel.org>,
        Hans-Gert Dahmen <hans-gert.dahmen@...u.ne>,
        Mika Westerberg <mika.westerberg@...ux.intel.com>,
        Mauro Lima <mauro.lima@...ypsium.com>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Philipp Deppenwiese <philipp.deppenwiese@...u.ne>,
        "platform-driver-x86@...r.kernel.org" 
        <platform-driver-x86@...r.kernel.org>
Subject: Re: [PATCH] firmware: export x86_64 platform flash bios region via
 sysfs

On Fri, Nov 12, 2021 at 10:09:14AM +0000, Richard Hughes wrote:
> On Fri, 12 Nov 2021 at 06:52, Greg KH <gregkh@...uxfoundation.org> wrote:
> > Why don't we just export these areas to userspace and let the decoding
> > of them happen there?
> 
> Unless I'm missing something, the patch from Hans-Gert does just that:
> exposing the IFD BIOS partition that encloses the various EFI file
> volumes.

But it is not tied into the EFI subsystem at all, binding only to those
resources.  It does not do anything with any efi symbol or access
control.

Again, that's my primary complaint here, the driver HAS to be able to
tell the kernel what resource it wants to bind to and control, right now
it just "assumes" that it can have access to a chunk of memory without
any notification or checks at all, which will cause problems on systems
that do not follow that assumption.

So while you all are arguing over oddities, the main complaint here of
"this driver is not ok as-is" seems to keep being ignored for some odd
reason.

I'm going to just ignore this thread now and wait for a new patch to
review.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ