From: Matthew Garrett <mjg59@google.com> To: tony.luck@intel.com Cc: luto@kernel.org, James Bottomley <James.Bottomley@hansenpartnership.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>, joe.konno@linux.intel.com, mingo@kernel.org, bp@alien8.de, linux-efi <linux-efi@vger.kernel.org>, Linux Kernel Mailing List <linux-kernel@vger.kernel.org>, jk@ozlabs.org, ak@linux.intel.com, benjamin.drung@profitbricks.com, pjones@redhat.com Subject: Re: [PATCH 0/2] efivars: reading variables can generate SMIs Date: Fri, 16 Feb 2018 22:03:37 +0000 [thread overview] Message-ID: <CACdnJuvR4NTdCwp=jT3AoW898EXuq6zakfo5hm6dd9mP-SWoGQ@mail.gmail.com> (raw) In-Reply-To: <3908561D78D1C84285E8C5FCA982C28F7B3795A3@ORSMSX110.amr.corp.intel.com> On Fri, Feb 16, 2018 at 2:02 PM Luck, Tony <tony.luck@intel.com> wrote: > > If the default is 600 then it makes sense to allow a privileged service to > > selectively make certain variables world readable at runtime. > As soon as you make one variable world readable you are vulnerable to > a local user launching a DoS attack by reading that variable over and over > generating a flood of SMIs. I'm not terribly worried about untrusted users on my laptop, but I would prefer to run as little code as root as possible.
WARNING: multiple messages have this Message-ID (diff)
From: Matthew Garrett <mjg59-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> To: tony.luck-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org Cc: luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, James Bottomley <James.Bottomley-JuX6DAaQMKPCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>, Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>, joe.konno-VuQAYsv1563Yd54FQh9/CA@public.gmane.org, mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org, linux-efi <linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>, Linux Kernel Mailing List <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>, jk-mnsaURCQ41sdnm+yROfE0A@public.gmane.org, ak-VuQAYsv1563Yd54FQh9/CA@public.gmane.org, benjamin.drung-EIkl63zCoXaH+58JC4qpiA@public.gmane.org, pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org Subject: Re: [PATCH 0/2] efivars: reading variables can generate SMIs Date: Fri, 16 Feb 2018 22:03:37 +0000 [thread overview] Message-ID: <CACdnJuvR4NTdCwp=jT3AoW898EXuq6zakfo5hm6dd9mP-SWoGQ@mail.gmail.com> (raw) In-Reply-To: <3908561D78D1C84285E8C5FCA982C28F7B3795A3-8oqHQFITsIHTXloPLtfHfbfspsVTdybXVpNB7YpNyf8@public.gmane.org> On Fri, Feb 16, 2018 at 2:02 PM Luck, Tony <tony.luck-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org> wrote: > > If the default is 600 then it makes sense to allow a privileged service to > > selectively make certain variables world readable at runtime. > As soon as you make one variable world readable you are vulnerable to > a local user launching a DoS attack by reading that variable over and over > generating a flood of SMIs. I'm not terribly worried about untrusted users on my laptop, but I would prefer to run as little code as root as possible.
next prev parent reply other threads:[~2018-02-16 22:03 UTC|newest] Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-02-15 18:22 [PATCH 0/2] efivars: reading variables can generate SMIs Joe Konno 2018-02-15 18:22 ` [PATCH 1/2] fs/efivarfs: restrict inode permissions Joe Konno 2018-02-20 19:18 ` Andy Lutomirski 2018-02-20 21:18 ` Luck, Tony 2018-02-20 21:22 ` Matthew Garrett 2018-02-20 21:32 ` Luck, Tony 2018-02-20 21:35 ` Matthew Garrett 2018-02-20 22:01 ` Linus Torvalds 2018-02-20 23:30 ` Luck, Tony 2018-02-20 23:39 ` Matthew Garrett 2018-02-20 23:50 ` Luck, Tony 2018-02-21 0:49 ` Linus Torvalds 2018-02-21 1:05 ` Luck, Tony 2018-02-21 2:16 ` Linus Torvalds 2018-02-21 9:03 ` Ard Biesheuvel 2018-02-21 18:02 ` Linus Torvalds 2018-02-21 18:21 ` Andi Kleen 2018-02-21 19:47 ` Luck, Tony 2018-02-21 19:50 ` Linus Torvalds 2018-02-21 19:58 ` Luck, Tony 2018-02-21 20:40 ` Linus Torvalds 2018-02-22 1:45 ` [PATCH] efivarfs: Limit the rate for non-root to read files Luck, Tony 2018-02-22 1:58 ` Linus Torvalds 2018-02-22 5:34 ` Luck, Tony 2018-02-22 17:10 ` Eric W. Biederman [not found] ` <CA+55aFy0hRexJkLbN7t31LjfGr4Ae0W5g6sBMqHHJi8aYuGKeA@mail.gmail.com> [not found] ` <612E894E-62C8-4155-AED8-D53702EDC8DC@intel.com> [not found] ` <CA+55aFxeBaTbwvbWqx1MKYjKKzLUs=1O43Bx2=JaO8qrnY-8HA@mail.gmail.com> 2018-02-22 17:15 ` [PATCH v2] " Luck, Tony 2018-02-22 17:39 ` Linus Torvalds 2018-02-22 17:54 ` Luck, Tony 2018-02-22 18:07 ` Linus Torvalds 2018-02-22 18:08 ` Ard Biesheuvel 2018-02-23 20:34 ` Andy Lutomirski 2018-02-23 19:47 ` [PATCH] " Peter Jones 2018-02-21 19:52 ` [PATCH 1/2] fs/efivarfs: restrict inode permissions Linus Torvalds 2018-02-24 20:06 ` Alan Cox 2018-02-25 10:56 ` Ard Biesheuvel 2018-02-21 0:49 ` Peter Jones 2018-02-20 23:19 ` Andy Lutomirski 2018-02-15 18:22 ` [PATCH 2/2] efi: restrict top-level attribute permissions Joe Konno 2018-02-15 18:22 ` Joe Konno 2018-02-16 10:41 ` [PATCH 0/2] efivars: reading variables can generate SMIs Ard Biesheuvel 2018-02-16 10:55 ` Borislav Petkov 2018-02-16 10:58 ` Ard Biesheuvel 2018-02-16 11:08 ` Borislav Petkov 2018-02-16 11:18 ` Ard Biesheuvel 2018-02-16 11:18 ` Ard Biesheuvel 2018-02-16 18:48 ` Joe Konno 2018-02-16 18:48 ` Joe Konno 2018-02-16 18:58 ` Borislav Petkov 2018-02-16 19:22 ` Peter Jones 2018-02-16 19:31 ` Ard Biesheuvel 2018-02-16 19:51 ` Matthew Garrett 2018-02-16 19:51 ` Matthew Garrett 2018-02-16 19:32 ` Luck, Tony 2018-02-16 19:54 ` Peter Jones 2018-02-16 20:51 ` James Bottomley 2018-02-16 20:51 ` James Bottomley 2018-02-16 21:09 ` Luck, Tony 2018-02-16 21:09 ` Luck, Tony 2018-02-16 21:45 ` Andy Lutomirski 2018-02-16 21:58 ` Matthew Garrett 2018-02-16 22:02 ` Luck, Tony 2018-02-16 22:02 ` Luck, Tony 2018-02-16 22:03 ` Matthew Garrett [this message] 2018-02-16 22:03 ` Matthew Garrett 2018-02-17 18:12 ` Andy Lutomirski 2018-02-17 18:12 ` Andy Lutomirski 2018-02-16 22:05 ` Peter Jones 2018-02-17 9:36 ` Ard Biesheuvel 2018-02-17 9:36 ` Ard Biesheuvel 2018-02-17 16:17 ` Andi Kleen 2018-02-17 16:17 ` Andi Kleen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to='CACdnJuvR4NTdCwp=jT3AoW898EXuq6zakfo5hm6dd9mP-SWoGQ@mail.gmail.com' \ --to=mjg59@google.com \ --cc=James.Bottomley@hansenpartnership.com \ --cc=ak@linux.intel.com \ --cc=ard.biesheuvel@linaro.org \ --cc=benjamin.drung@profitbricks.com \ --cc=bp@alien8.de \ --cc=jk@ozlabs.org \ --cc=joe.konno@linux.intel.com \ --cc=linux-efi@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=luto@kernel.org \ --cc=mingo@kernel.org \ --cc=pjones@redhat.com \ --cc=tony.luck@intel.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.