lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 12 Nov 2022 17:26:28 +0100
From:   Borislav Petkov <bp@...en8.de>
To:     Jithu Joseph <jithu.joseph@...el.com>
Cc:     hdegoede@...hat.com, markgross@...nel.org, tglx@...utronix.de,
        mingo@...hat.com, dave.hansen@...ux.intel.com, x86@...nel.org,
        hpa@...or.com, gregkh@...uxfoundation.org, ashok.raj@...el.com,
        tony.luck@...el.com, linux-kernel@...r.kernel.org,
        platform-driver-x86@...r.kernel.org, patches@...ts.linux.dev,
        ravi.v.shankar@...el.com, thiago.macieira@...el.com,
        athenas.jimenez.gonzalez@...el.com, sohil.mehta@...el.com
Subject: Re: [PATCH v2 12/14] platform/x86/intel/ifs: Add current_batch sysfs
 entry

On Mon, Nov 07, 2022 at 02:53:21PM -0800, Jithu Joseph wrote:
> Initial implementation assumed a single IFS test image file with a
> fixed name ff-mm-ss.scan. (where ff, mm, ss refers to family, model
> and stepping  of the core)
> 
> Subsequently, it became evident that supporting more than one
> test image file is needed to provide more comprehensive
> test coverage. (Test coverage in this scenario refers to testing
> more transistors in the core to identify faults)
> 
> The other alternative of increasing the size of a single scan test image
> file would not work as the  upper bound is limited by the size of memory
> area reserved by BIOS for loading IFS test image.
> 
> Introduce "current_batch" file which accepts a number. Writing a
> number to the current_batch file would load the test image file by name
> ff-mm-ss-<xy>.scan, where <xy> is the number written to the
> "current_batch" file in hex. Range check of the input is done to verify
> it not greater than 0xff.

Dunno - sounds silly to me. Means one needs to go and look up which
files are there and echo those batch numbers into sysfs and so on.

What I would do is make it real trivial for the user so that latter can
simply do:

for f in $(ls /lib/firmware/intel/ifs_0/*.scan);
do
	echo $f > /sys/devices/virtual/misc/intel_ifs_0/test_file
done

and simply supply the full filename.

There will be no requirement on the naming - only on the filename length
and it should be in that directory /lib/firmware/intel/ifs_0/

  (btw, what's that appended "_0" supposed to mean there?)

So the kernel would simply open it, sanity-check it, if it passes, it
would run it - otherwise it would ignore it.

A usability win-win.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ