Received: by 10.223.185.116 with SMTP id b49csp1021563wrg; Fri, 16 Feb 2018 10:59:07 -0800 (PST) X-Google-Smtp-Source: AH8x2261nEbRE5+3LyraQuJRtMAYPDdbalLTCkrZf6ZJbygYyRrn451vddxa1aooJzJUOMDVJbzy X-Received: by 10.99.133.193 with SMTP id u184mr5758636pgd.401.1518807546980; Fri, 16 Feb 2018 10:59:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518807546; cv=none; d=google.com; s=arc-20160816; b=pTDfxkJbtxPVV66hQk2mkOkEFT+wwY62OpNvVMyE8vIeJGb5AUhR9JLQ+3J9WHDlCx 9jz/WLLbxp9y0GigoEC+t9byWUqcewXYkwNR80zZX1i+exQ/kkw6veybm6Bfr1uGl+8v idSpRhjmhTiqn7x7pXOR3MZtOZN3Cf0ZZj3C85hbNVIZTQWR/WRJpKfBmHRMqDJ698NQ jRLQSer7a5LM5fr6dLED0GBhLZFp6NZe9hOAT1D7e1O21ztodaNMFV0hWcq4lhxUlIFI J5h0/pP1EHCG7Qj7vC1Zr3L6GrsqT+cE6jW6qHVofKWouC0XLAL8YPiTrtu6Fo1+//e/ uehQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=0gjkJK6WS61/pA5dglwm8aglDjkaQJc6Z1W1GXydSC4=; b=HjLB8QsHyGCJ6RNUlAe5jA44Igd4Ned2LY4UF+NJdNiz3jd69PtyzTvC00GtUm9v3p PYf3zssyKa/B6mXYMte7Q2Sv66TbjmnmsCgFoUtaSho9xVrVBMAfbu2Gb3AnSbT5B5ee oSb8QVRs7fLk/x/+7VGAOZ/58aeMmOH9LX/+uJsQvZIIgZqL5pmJj7SH1+c6Rgjk88qg KOkRWWStSOw3Qg4mG98Ye3J9ibf7NFw457jY3cARzlwZPlmwe6STMSB6vE3Capt9wwk4 FNl9KxT6QTHVwAsMmNaS+EQlToaKdkbzOBUG0HfUJa6E9VCXfTZKIcyK3XJo6zMURuXa Aymw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aY/UR8rN; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m25si3306458pge.363.2018.02.16.10.58.52; Fri, 16 Feb 2018 10:59:06 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aY/UR8rN; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933675AbeBPKls (ORCPT + 99 others); Fri, 16 Feb 2018 05:41:48 -0500 Received: from mail-io0-f180.google.com ([209.85.223.180]:37100 "EHLO mail-io0-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933633AbeBPKlr (ORCPT ); Fri, 16 Feb 2018 05:41:47 -0500 Received: by mail-io0-f180.google.com with SMTP id t126so3707419iof.4 for ; Fri, 16 Feb 2018 02:41:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=0gjkJK6WS61/pA5dglwm8aglDjkaQJc6Z1W1GXydSC4=; b=aY/UR8rNMJZl0IHkaqsrFdnI0DCrZG2iIgS06Y42M/wzJLEAIByA1oNjYCZH/sqnPi sKNlI9vNva9ChhmbLhDtMAR7X+KYWuG91dLsSlkdMrjcMciyZs8CTcSUQ5Pr8+BtLAUs M6LoUnWp6KhLddR/A7yf57gl/x41ZcGfTlYOE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=0gjkJK6WS61/pA5dglwm8aglDjkaQJc6Z1W1GXydSC4=; b=JU2a+kvNGdgH7adCxqrkt+0ZBbVf8M0BOophZ36AiwEmOmWaEnyJFE6qZ/XV5G/xqK zhSEIf15tSYi4Wz8BdfQ1MZtqIU8jh72FlPSErf9SdzfvKhwlnGJ2saFMg18YUgLIwMc +W3/mW/Ffjd630aO8MijrrJ4ni+qKgvnQbRNxtnSZnV9d9GTPdB33zfEz5O4hGjicIm9 HlIVB3s6P+L4X7a7l9W49JSm6qHRdfu81iwH0pHz4FriU2EeSO3GdqOdZjoEOC8B2HH+ Qll80c2wOf7teDRD1vnhSm2HC82xkDvwP3HTo37x6OiXPGm8VSKbm0frvfuwSIrrIhnn tlvw== X-Gm-Message-State: APf1xPDb30afTpiK6B5dTqwARFP0K12Zu6AkHIuhImKGsnkzabY/iMm2 pnxEIrxtGfpgAYEinV+0tqvoymfls5HqsSGaaT94AA== X-Received: by 10.107.56.69 with SMTP id f66mr1028803ioa.170.1518777706532; Fri, 16 Feb 2018 02:41:46 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.138.209 with HTTP; Fri, 16 Feb 2018 02:41:45 -0800 (PST) In-Reply-To: <20180215182208.35003-1-joe.konno@linux.intel.com> References: <20180215182208.35003-1-joe.konno@linux.intel.com> From: Ard Biesheuvel Date: Fri, 16 Feb 2018 10:41:45 +0000 Message-ID: Subject: Re: [PATCH 0/2] efivars: reading variables can generate SMIs To: Joe Konno , Matthew Garrett , Ingo Molnar , Andy Lutomirski , Borislav Petkov Cc: linux-efi@vger.kernel.org, Linux Kernel Mailing List , Jeremy Kerr , Andi Kleen , Tony Luck , Benjamin Drung , Peter Jones Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 15 February 2018 at 18:22, Joe Konno wrote: > From: Joe Konno > > It was pointed out that normal, unprivileged users reading certain EFI > variables (through efivarfs) can generate SMIs. Given these nodes are created > with 0644 permissions, normal users could generate a lot of SMIs. By > restricting permissions a bit (patch 1), we can make it harder for normal users > to generate spurious SMIs. > > A normal user could generate lots of SMIs by reading the efivarfs in a trivial > loop: > > ``` > while true; do > cat /sys/firmware/efi/evivars/* > /dev/null > done > ``` > > Patch 1 in this series limits read and write permissions on efivarfs to the > owner/superuser. Group and world cannot access. > > Patch 2 is for consistency and hygiene. If we restrict permissions for either > efivarfs or efi/vars, the other interface should get the same treatment. > I am inclined to apply this as a fix, but I will give the x86 guys a chance to respond as well. > Joe Konno (2): > fs/efivarfs: restrict inode permissions > efi: restrict top-level attribute permissions > > drivers/firmware/efi/efi.c | 10 ++++++---- > fs/efivarfs/super.c | 4 ++-- > 2 files changed, 8 insertions(+), 6 deletions(-) > > -- > 2.14.1 >