Received: by 10.223.185.116 with SMTP id b49csp1045918wrg; Fri, 16 Feb 2018 11:24:42 -0800 (PST) X-Google-Smtp-Source: AH8x227L+t2TB29mR7MrYY813zTYlNL5WMXPCzjk5VswJUjYOJixB6bUcMWg1Ae2kGOgCU2gEA7x X-Received: by 10.98.160.142 with SMTP id p14mr5341158pfl.134.1518809082127; Fri, 16 Feb 2018 11:24:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518809082; cv=none; d=google.com; s=arc-20160816; b=Ef9kvdrvAxjkTJUQFVJ4tZ2c8WsLsoXWNPa2SraRTiEiDCPtN+wU1zK+MiG3kR9PCn OBxy0+johOcH3o1uLej566IrC3o7NNRHLF/OdsNMAAeResPtfbobQ9Ga59X0erBnw3QU TRRRdiA74xuq2hQBpGFWIC0S6agEH5XGx9dhNkGPJ7RnP2UTQdLUXvPorb6+c/ml/WKI mDaSmviSwXdFvE7ocaqSN3FfkodiItYLo0TvFn1IRsBkXmpdgfSspd4REZrcJvbDDAYI CAmJarBte4+zRIpO8M+vuR2xae3Hsfx+QzoooCEHxkS6oXLZ18dFVest1olRMqlJ2Vji 0Dpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=Lmodji8ElCD0lbW+HFHS6CPt//vbHIMWH6InVQCrACI=; b=TSmbBs/+qcIWAgckfk2dSaWwU3zTfL83sd6tMO4YpG2UWqOp+OgHw7J9HiKCp+AOao RYyQ9YFDQKNhqGgVCEratKItq1zMOWp2FVObPfUi3m4T1qjw0zZxutdqArZRFI8zercg uCqGbrxXC5htStQ1Tce6mmJHcuuXQOUFY/lE+NnYIkHEII3cXCarPHfiTeUI30SoPpre Pib4HSoVFrYoM/6RAKV6rh+1y2JAyYEIXHSqWKNxIyNQxjGJGHXwzSR8rM/F5bwZA37b xnoBHh+1IIcffoTuYOE4Sm8vNJtyJsZdS4wHuTiRoRYp2CZdXYslHeBwoDHqMrDZBOaR taXA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r7si1689249pgs.227.2018.02.16.11.24.27; Fri, 16 Feb 2018 11:24:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752553AbeBPSsj (ORCPT + 99 others); Fri, 16 Feb 2018 13:48:39 -0500 Received: from mga11.intel.com ([192.55.52.93]:15264 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751282AbeBPSsd (ORCPT ); Fri, 16 Feb 2018 13:48:33 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 16 Feb 2018 10:48:33 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,520,1511856000"; d="asc'?scan'208";a="175920115" Received: from jbkonno-saint14.jf.intel.com (HELO jbkonno-saint14) ([10.54.30.229]) by orsmga004.jf.intel.com with ESMTP; 16 Feb 2018 10:48:32 -0800 Date: Fri, 16 Feb 2018 10:48:32 -0800 From: Joe Konno To: Ard Biesheuvel Cc: Borislav Petkov , Matthew Garrett , Ingo Molnar , Andy Lutomirski , linux-efi@vger.kernel.org, Linux Kernel Mailing List , Jeremy Kerr , Andi Kleen , Tony Luck , Benjamin Drung , Peter Jones Subject: Re: [PATCH 0/2] efivars: reading variables can generate SMIs Message-ID: <20180216184832.sqreq5zhar3jqdae@jbkonno-saint14> References: <20180215182208.35003-1-joe.konno@linux.intel.com> <20180216105548.GA29042@pd.tnic> <20180216110821.GB29042@pd.tnic> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="xshtw7avu7dmxdg5" Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --xshtw7avu7dmxdg5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Feb 16, 2018 at 11:18:12AM +0000, Ard Biesheuvel wrote: > On 16 February 2018 at 11:08, Borislav Petkov wrote: > > On Fri, Feb 16, 2018 at 10:58:47AM +0000, Ard Biesheuvel wrote: > >> By your own reasoning above, that's a no-no as well. > > > > I'm sure we can come up with some emulation - the same way we did the > > BIOS emulation. > > > >> But thanks for your input. Anyone else got something constructive to c= ontribute? > > > > The not-breaking userspace is constructive contribution. The last > > paragraph is my usual rant. > > >=20 > Fair enough. And I am not disagreeing with you either. >=20 > So question to Joe: is it well defined which variables may exhibit > this behavior? For brevity's sake, "not yet." Folks-- e.g. firmware writers and equipment makers-- may use SMIs more (or less) than others. So, how many SMIs generated by the reference shell script can, and will, vary platform to platform. I and my colleagues are digging into this. > Given that UEFI variables are GUID scoped, would whitelisting certain > GUIDs (the ones userland currently relies on to be readable my > non-privileged users) and making everything else user-only solve this > problem as well? Perhaps. I don't want us chasing white rabbits just yet, but the whitelist is but one approach under consideration. We may see some other patches or RFCs about caching and/or shadowing variable values in efivarfs to reduce the number of direct EFI reads, with the goal of reducing how many SMIs are generated. Any obvious EFI variables that userspace tools have come to depend on-- those which normal, unprivileged users need to read-- are helpful inputs to this discussion. The discussion is double-ended: asking the "which variables almost always cause SMIs?" at the front and "which variables do normal, unprivileged tools need for standard operation?" at the back. Cheers, thanks for the feedback and consideration --xshtw7avu7dmxdg5 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJahyd6AAoJEI2IR9UvSqpmYF4P+gI6oe1l8WJIsfLDjokgjTsF +JcfSZcqHHFZUopYn3QcHMQZNc4vrVkMkV5wZRTEkVp3QU1x9fKeNeQxLRbkAIW8 mpjf4ksGCsPrKwVyYVB0AJTaluabSladzCrzzSh7kGlKW2UgYR5bdGox4KnXjNGM WSqPhIqSeK/Ojt5PCIlj5JNaEhjC3J+vEIOLwPs7FeLHMlaNiE1lLRqabGbZPLv/ JSfwStJ0Gu3WvjXgo8b7fy4tMwC14h1/ZVlj4xaX/2S3xtmZhccOBCD0iKxgXk2S RAxVBP+y9czJ8u91Y5ePLkOPQs4/B8LVhRmy+azrQDmBn2v8YWnj4kfQPRFqISz6 bJKdQLWpzgpcpPXeftzViEQLttVzERKZTdfjNao4H2i8S3pYcO6KT++hNEljVBQ0 rNJBcavfawk1bD3/5B869XJ0f5Noql2iqLvLH5iSS+bSU3f/hlpM2Pqpexqa3Pcj XJA4S+zlKQU9LJW3KhC5VzsBf+yik5hVW/JAF6ceNQ19DhDBVnrAP0VjS9TXQSuA +8X59VzCSnBs4FqSLn0kFHrmEQar83RFLBRD3I58YHgnNWcsS+eBmuwMr0+LxWrq aPXaTIuWfOXGFVq1cgZtKq5zJfoKz4qY88bL49+iQonx8y90AKRnGmUbASLXpXuX l7nWydx1DGw7nuLrK/TL =HYZS -----END PGP SIGNATURE----- --xshtw7avu7dmxdg5--