lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 25 Jun 2024 08:58:27 -0400
From: Prarit Bhargava <prarit@...hat.com>
To: Liu Wei <liuwei09@...tc.cn>, will@...nel.org
Cc: catalin.marinas@....com, linux-arm-kernel@...ts.infradead.org,
 linux-kernel@...r.kernel.org, Andrew Lunn <andrew@...n.ch>
Subject: Re: [PATCH v4] ACPI: Add acpi=nospcr to disable ACPI SPCR as default
 console on ARM64

On 6/24/24 23:05, Liu Wei wrote:
> For varying privacy and security reasons, sometimes we would like to
> completely silence the _serial_ console, and only enable it when needed.
> 
> But there are many existing systems that depend on this _serial_ console,
> so add acpi=nospcr to disable console in ACPI SPCR table as default
> _serial_ console.
> 
> Signed-off-by: Liu Wei <liuwei09@...tc.cn>
> Suggested-by: Prarit Bhargava <prarit@...hat.com>
> Suggested-by: Will Deacon <will@...nel.org>
> Suggested-by: Andrew Lunn <andrew@...n.ch>
> ---
> 
> v2: Add a config option suggested by Prarit
> 
> v3: Use cmdline acpi=nospcr instead of config
> 
> v4: Some description in comment or document
> ---
>   .../admin-guide/kernel-parameters.txt          | 10 +++++++---
>   arch/arm64/kernel/acpi.c                       | 18 +++++++++++++++++-
>   2 files changed, 24 insertions(+), 4 deletions(-)
> 
> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> index 11e57ba2985c..6814ff7ae446 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -12,7 +12,7 @@
>   	acpi=		[HW,ACPI,X86,ARM64,RISCV64,EARLY]
>   			Advanced Configuration and Power Interface
>   			Format: { force | on | off | strict | noirq | rsdt |
> -				  copy_dsdt }
> +				  copy_dsdt | nospcr }
>   			force -- enable ACPI if default was off
>   			on -- enable ACPI but allow fallback to DT [arm64,riscv64]
>   			off -- disable ACPI if default was on
> @@ -21,8 +21,12 @@
>   				strictly ACPI specification compliant.
>   			rsdt -- prefer RSDT over (default) XSDT
>   			copy_dsdt -- copy DSDT to memory
> -			For ARM64 and RISCV64, ONLY "acpi=off", "acpi=on" or
> -			"acpi=force" are available
> +			nospcr -- disable console in ACPI SPCR table as
> +				default _serial_ console on ARM64
> +			For ARM64, ONLY "acpi=off", "acpi=on", "acpi=force" or
> +			"acpi=nospcr" are available
> +			For RISCV64, ONLY "acpi=off", "acpi=on" or "acpi=force"
> +			are available
>   
>   			See also Documentation/power/runtime_pm.rst, pci=noacpi
>   
> diff --git a/arch/arm64/kernel/acpi.c b/arch/arm64/kernel/acpi.c
> index e0e7b93c16cc..55757d8884d4 100644
> --- a/arch/arm64/kernel/acpi.c
> +++ b/arch/arm64/kernel/acpi.c
> @@ -45,6 +45,7 @@ EXPORT_SYMBOL(acpi_pci_disabled);
>   static bool param_acpi_off __initdata;
>   static bool param_acpi_on __initdata;
>   static bool param_acpi_force __initdata;
> +static bool param_acpi_nospcr __initdata;
>   
>   static int __init parse_acpi(char *arg)
>   {
> @@ -58,6 +59,8 @@ static int __init parse_acpi(char *arg)
>   		param_acpi_on = true;
>   	else if (strcmp(arg, "force") == 0) /* force ACPI to be enabled */
>   		param_acpi_force = true;
> +	else if (strcmp(arg, "nospcr") == 0) /* disable SPCR as default console */
> +		param_acpi_nospcr = true;
>   	else
>   		return -EINVAL;	/* Core will print when we return error */
>   
> @@ -237,7 +240,20 @@ void __init acpi_boot_table_init(void)
>   			acpi_put_table(facs);
>   		}
>   #endif
> -		acpi_parse_spcr(earlycon_acpi_spcr_enable, true);
> +
> +		/*
> +		 * For varying privacy and security reasons, sometimes need
> +		 * to completely silence the serial console output, and only
> +		 * enable it when needed.
> +		 * But there are many existing systems that depend on this
> +		 * behavior, use acpi=nospcr to disable console in ACPI SPCR
> +		 * table as default serial console.
> +		 */
> +		acpi_parse_spcr(earlycon_acpi_spcr_enable,
> +			!param_acpi_nospcr);
> +		pr_info("Use ACPI SPCR as default console: %s\n",
> +				param_acpi_nospcr ? "No" : "Yes");
> +
>   		if (IS_ENABLED(CONFIG_ACPI_BGRT))
>   			acpi_table_parse(ACPI_SIG_BGRT, acpi_parse_bgrt);
>   	}

This looks good to me.  Sorry that this took so long Liu.

Reviewed-by: Prarit Bhargava <prarit@...hat.com>

P.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ