Hi,

Il 14/11/19 22:51, Pali Rohár ha scritto:
> This is model or BIOS specific. For example on E6440 are used 0x34a3 /
> 0x35a3 SMM calls. Because of these platform specific problems we have
> never incorporated this patch into mainline kernel.

Would it be sensible to use a dmi_system_id table to discriminate
between the known models and choose the right commands? Of course we
wouldn't know the complete table at the beginning, but it can be filled
as unknown models are reported.

As a matter of facts, testing your patch I discovered that 0x34a3 /
0x35a3 work on my system as well (Dell Precision 5530). Do you know
systems on which other codes only are known to work?

> Also note that userspace can issue those SMM commands on its own (via
> sys_iopl or sys_ioperm), fully bypassing such "protection" proposed in
> this new patch.

Yes, I know, but this is incompatible with Secure Boot, so I believe
that this feature should go in the kernel module, and userspace should
eventually stop doing direct requests and rely on the module. Isn't
userspace sidestepping the kernel in this way already assumed to take
their own responsibilities, much like userspace writing random things to
/dev/mem?

Thanks, Giovanni.
-- 
Giovanni Mascellani <g.mascellani@gmail.com>
Postdoc researcher - Université Libre de Bruxelles