Received: by 10.223.185.116 with SMTP id b49csp1184203wrg; Fri, 16 Feb 2018 14:05:10 -0800 (PST) X-Google-Smtp-Source: AH8x2273rO4h91h2C+vq2Y7GLCg6Q7PNgqfR0gTAwvEtkHJmzE7js2vIAYF/K7EW2Z3bT7/LyY7s X-Received: by 10.98.72.204 with SMTP id q73mr6948319pfi.48.1518818709917; Fri, 16 Feb 2018 14:05:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518818709; cv=none; d=google.com; s=arc-20160816; b=O1B/wYTMnXQjQKSPbwcvEqx0KO6dyrjgXhnPpxHEPY10ROhc7QKq88DMrtlHA6ZgqC 7AY3r1zNwGbvVxHU/bWsa7sf8Dq9OVcaNz5/TEsDIFa0COM0GJD+VenLmJMHwN3I0H3M v4vJJ7WQqxPSvNrXi4HOO05towAdg8tpLUZ0U+wJtZ2+9WQVZo6NRcSgL1/cHMGLvg5b BaDWH7VRmMDkcRPCczO/BSA5MuuKdGzowIAM3cyjvn262fIvLdL9ga6xBLT/YxB2eeZE +bjWrExZIaQxwh0u62UVvZIs2wXgKZjg/PfJm7YVIsbj07sYxLur8roUcwC7bWtz5xKx CaUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=Dt06ffl4FjXr4xM4NN+9o/Ilwy4LhG+E+w+zO7IG38E=; b=M7mS95AWy8ImpBjfpCNWSy0PEDhUZninLIZ3G4k+DfRV1x4UywgzGOcF6oZW88U6iC /P6ZHok9G4p76jfLFpU73DwbuIwbc6XQKJ9ULcS/Xb7EUzBIJqB/pOI5B64/x8wkiB3P V8xB5gSY/KiF6JGkLm4FCQpg2NrC/mk8wQk2zjcl+Zhvk7EWXygqoJWShX7aNNIqF3Kq eIp3S+ydonIRiWrBaD1gOPK8e02/YoFhm13WqHzfT1aLJfiX5v/zlk7ddge4qp+ujk60 9omuKqNFCHQ2caNUlQ5ycjkV9PmSn74Pk3aO3NAck+Y3OkGE4RTc0xW7a+w1iuwoadTz +H3w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=YtQZwLbQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j5-v6si854674plt.469.2018.02.16.14.04.55; Fri, 16 Feb 2018 14:05:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=YtQZwLbQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751050AbeBPWDv (ORCPT + 99 others); Fri, 16 Feb 2018 17:03:51 -0500 Received: from mail-it0-f49.google.com ([209.85.214.49]:51641 "EHLO mail-it0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750939AbeBPWDs (ORCPT ); Fri, 16 Feb 2018 17:03:48 -0500 Received: by mail-it0-f49.google.com with SMTP id 193so3411931iti.1 for ; Fri, 16 Feb 2018 14:03:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Dt06ffl4FjXr4xM4NN+9o/Ilwy4LhG+E+w+zO7IG38E=; b=YtQZwLbQrhNzceFQwuQ9UQc4br/XZ/YIVDSeqs9wKqUtiDKrRQOgFNMdksbnv1nJM4 dSnfLoYg3ky5ebRR762LQjrfPg2QXgvHAvXhmC5Fx0IUoNsNjeG7+5jAlRc5YYcrHQ2J xOdBCK6hatsHGwgxuLqdTNWtsZiVp+sVGpWYBnnYihpZixFxVMZrVTULFpYH46azsoNM ewpd+119YXIe3hoXtVQP6DPcPXIvApalkoa6mCwKXSG1imffA77ezd0jiA7UfYhlI3rm Z/qSBFmxCmdtdP237x/+L7A1IyTa3bcTeRha15f/q+G0n7hk6XiCPqb+lQbHHE2pPz1a d6CQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Dt06ffl4FjXr4xM4NN+9o/Ilwy4LhG+E+w+zO7IG38E=; b=nzMuHm53BbqFhIAS8ULRHoz1sEkewDVkNktvPpZWczchdT7RHlRuV1BKWbia/bmK3T fCqq9n7moJTlirc7VBQznG7sNRHVeliAm+ozenikh3+2x9OAZA6n2UCRuUM7321T7z+y 8bRHxx/xrXoy1G9ljT8k1A2AWrYWhAlfGarCkQcL+jiOqmXtwkny5ygo68GU5+kMmOUS 7ubcfQZBwhQPkgBjUY9BVuM/y2qBKhm8N5+J9fzI/BTdzTcuUtO+dvAFTpilODcHoFaK kbipqfEBwfICVV7P09CG0B0ksUyfr5GxFmifDI+MHMlEUgs8UXpmdjB0rAK6GHbv/YYh lplg== X-Gm-Message-State: APf1xPBPn92dVWL10OYcqD7GV6PKeogC45V70h/2gcqDbjj8eWVhbeA6 NxLZ+zEPaZH2j3uN6lj1of55bkyg75Psec1a1mpttg== X-Received: by 10.36.237.75 with SMTP id r72mr10314759ith.14.1518818627665; Fri, 16 Feb 2018 14:03:47 -0800 (PST) MIME-Version: 1.0 References: <20180215182208.35003-1-joe.konno@linux.intel.com> <1518814319.4419.10.camel@HansenPartnership.com> <3908561D78D1C84285E8C5FCA982C28F7B37942B@ORSMSX110.amr.corp.intel.com> <3908561D78D1C84285E8C5FCA982C28F7B3795A3@ORSMSX110.amr.corp.intel.com> In-Reply-To: <3908561D78D1C84285E8C5FCA982C28F7B3795A3@ORSMSX110.amr.corp.intel.com> From: Matthew Garrett Date: Fri, 16 Feb 2018 22:03:37 +0000 Message-ID: Subject: Re: [PATCH 0/2] efivars: reading variables can generate SMIs To: tony.luck@intel.com Cc: luto@kernel.org, James Bottomley , Ard Biesheuvel , joe.konno@linux.intel.com, mingo@kernel.org, bp@alien8.de, linux-efi , Linux Kernel Mailing List , jk@ozlabs.org, ak@linux.intel.com, benjamin.drung@profitbricks.com, pjones@redhat.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 16, 2018 at 2:02 PM Luck, Tony wrote: > > If the default is 600 then it makes sense to allow a privileged service to > > selectively make certain variables world readable at runtime. > As soon as you make one variable world readable you are vulnerable to > a local user launching a DoS attack by reading that variable over and over > generating a flood of SMIs. I'm not terribly worried about untrusted users on my laptop, but I would prefer to run as little code as root as possible.