lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Yh/Tt50Y8ubGNwS6@agluck-desk3.sc.intel.com>
Date:   Wed, 2 Mar 2022 12:29:43 -0800
From:   "Luck, Tony" <tony.luck@...el.com>
To:     Andy Lutomirski <luto@...nel.org>
Cc:     Jithu Joseph <jithu.joseph@...el.com>, hdegoede@...hat.com,
        markgross@...nel.org, Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        the arch/x86 maintainers <x86@...nel.org>,
        "H. Peter Anvin" <hpa@...or.com>, Jonathan Corbet <corbet@....net>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Raj Ashok <ashok.raj@...el.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        linux-doc@...r.kernel.org, platform-driver-x86@...r.kernel.org,
        patches@...ts.linux.dev,
        "Shankar, Ravi V" <ravi.v.shankar@...el.com>
Subject: Re: [RFC 00/10] Introduce In Field Scan driver

On Wed, Mar 02, 2022 at 05:59:59AM -0800, Andy Lutomirski wrote:
> > /sys/devices/system/cpu/ifs/reload
> >   Writing "1" to this file will reload the tests from
> >   /lib/firmware/intel/ifs/{ff-mm-ss}.scan
> 
> IMO this interface is wrong.  /lib/firmware is for firmware (or
> ucode, etc) files that should be provided by a distribution and loaded,
> as needed, by a driver so the hardware can function.  This is not at
> all what IFS does. For IFS, an administrator wants to run a specific
> test, and the test blob is part of the instruction to run the test.
> The distribution should not be involved, and this should work even on
> systems where /lib/firmware is immutable.

"so the hardware can function"

Data center customers want to know which aging systems in their
data centers are not functioning correctly. So this is not just
a random test that people might run when they suspect they have
a problem. It is expected that every core will run this test
periodically (period dependent on paranoia level of the system
owner ... maybe daily ... perhaps even more often).

This is so that the data centre can function.

> 
> So either the blob should be written to a file in sysfs or it should
> be supplied by write or ioctl to a device node.

I don't see the drive to create a new mechanism for the kernel
to load from a file when the firmware loader already exists.

If the problem is just immuatbility of /lib ... then make
an immutable symlink from /lib/firmware/intel/ifs to some
other place in the file system (which is what some OS
vendors already do for microcode).

-Tony

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ