| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Jun 2023 08:06:43 -0500
From: Jorge Lopez <jorgealtxwork@...il.com>
To: Randy Dunlap <rdunlap@...radead.org>
Cc: hdegoede@...hat.com, platform-driver-x86@...r.kernel.org,
linux-kernel@...r.kernel.org, thomas@...ch.de,
ilpo.jarvinen@...ux.intel.com
Subject: Re: [PATCH v16 12/13] hp-bioscfg: Makefile
On Fri, Jun 2, 2023 at 5:46 PM Randy Dunlap <rdunlap@...radead.org> wrote:
>
> Hi again,
>
> On 6/2/23 06:10, Jorge Lopez wrote:
> > HP BIOS Configuration driver purpose is to provide a driver supporting
> > the latest sysfs class firmware attributes framework allowing the user
> > to change BIOS settings and security solutions on HP Inc.’s commercial
> > notebooks.
> >
> > Many features of HP Commercial notebooks can be managed using Windows
> > Management Instrumentation (WMI). WMI is an implementation of Web-Based
> > Enterprise Management (WBEM) that provides a standards-based interface
> > for changing and monitoring system settings. HP BIOSCFG driver provides
> > a native Linux solution and the exposed features facilitates the
> > migration to Linux environments.
> >
> > The Linux security features to be provided in hp-bioscfg driver enables
> > managing the BIOS settings and security solutions via sysfs, a virtual
> > filesystem that can be used by user-mode applications. The new
> > documentation cover HP-specific firmware sysfs attributes such Secure
> > Platform Management and Sure Start. Each section provides security
> > feature description and identifies sysfs directories and files exposed
> > by the driver.
> >
> > Many HP Commercial notebooks include a feature called Secure Platform
> > Management (SPM), which replaces older password-based BIOS settings
> > management with public key cryptography. PC secure product management
> > begins when a target system is provisioned with cryptographic keys
> > that are used to ensure the integrity of communications between system
> > management utilities and the BIOS.
> >
> > HP Commercial notebooks have several BIOS settings that control its
> > behaviour and capabilities, many of which are related to security.
> > To prevent unauthorized changes to these settings, the system can
> > be configured to use a cryptographic signature-based authorization
> > string that the BIOS will use to verify authorization to modify the
> > setting.
> >
> > Linux Security components are under development and not published yet.
> > The only linux component is the driver (hp bioscfg) at this time.
> > Other published security components are under Windows.
> >
>
> A commit message should tell what and why. E.g.:
>
> Add Makefile and Kconfig to build hp-bioscfg.
>
> It does not need all of that boilerplate info.
> The cover letter is good for that.
>
> The "why" part can and usually should include some background/history
> info.
I will update the commit message for all portions of the driver as indicated
>
> > Signed-off-by: Jorge Lopez <jorge.lopez2@...com>
> >
> > ---
> > Based on the latest platform-drivers-x86.git/for-next
> > ---
> > drivers/platform/x86/hp/Kconfig | 16 ++++++++++++++++
> > drivers/platform/x86/hp/Makefile | 1 +
> > drivers/platform/x86/hp/hp-bioscfg/Makefile | 11 +++++++++++
> > 3 files changed, 28 insertions(+)
> > create mode 100644 drivers/platform/x86/hp/hp-bioscfg/Makefile
>
> thanks.
> --
> ~Randy
Powered by blists - more mailing lists