Received: by 10.223.185.116 with SMTP id b49csp50230wrg; Tue, 20 Feb 2018 15:41:24 -0800 (PST) X-Google-Smtp-Source: AH8x227/ZpuemK8+c+Wsm91JZvbEBeQiN9fM9Q2NF8hVKH4ZV4mzGpiUPs0m94o6BAh00r9E/JMO X-Received: by 2002:a17:902:8487:: with SMTP id c7-v6mr1194467plo.7.1519170084253; Tue, 20 Feb 2018 15:41:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519170084; cv=none; d=google.com; s=arc-20160816; b=w8QvWZQJKCzrx+K91n2enBR4MO95zZbjnji/bCL9FUj3t9x6kd0P+US4uOrm35cOUo UCxIrxUrXxRH94lzqh8MkUEE25UCYe9q27CgWJ3KdwRlmB4kEpZapsFV8KK4MGeTFy8M Mlyi0MYLkm89jPYDBPa0EZi4zuVhtt/0v9RdeK95m1PwfnASBcdkTf5ye5Fgbm2uhtPN GcwDOEC2dhyingxUXnSTzwtU9OjGjAlNJ8N605F1M317ua0AnJU9LHgfSrwpWwW8pK8G VktuHoGDIKqgA0PqeRNJI/f7TuHe1OnkCHwuWNG+HyqTlKW7gy/R1O25xVgyUJ6qqM7y hX1w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=5k2+Jrz4iRMKz+GSUFa3GwAwQovrvt1LTs2cbGSD6yk=; b=BxyUOG56K5eCCr0zQjWpLXOrGNDwe1oKk2vjRyb34WZ9RSuQ+I5kGFEfUlJUo0BvEa V7EvDsiEFL9y2qp0ublibnnqLxMRrvdc0xubp+Bl/qzcXWBGaVJrtcXIiAcEMH2tRjAu niaPXqwakXJbf1GKhNxe0gMZcozevw2HOw4DVfFTiBgutLoDNLC/p61aPvznqShTKsSS uTqe0aq1XeLbVOIHk7ebFOSB4v8r8Mvo2SYpqGrQ9h3UhYjnTxQZOFk5L9CwqS7HGynS L4kv4wb1NAr9uge0Th8101JfxKVSToM258XQ7LUggha1RulvX62Luf8AyZf563M+M2hO lPjQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=fF7yK/j8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g3-v6si6678274pld.270.2018.02.20.15.41.10; Tue, 20 Feb 2018 15:41:24 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=fF7yK/j8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751633AbeBTXjt (ORCPT + 99 others); Tue, 20 Feb 2018 18:39:49 -0500 Received: from mail-it0-f41.google.com ([209.85.214.41]:51258 "EHLO mail-it0-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751515AbeBTXjj (ORCPT ); Tue, 20 Feb 2018 18:39:39 -0500 Received: by mail-it0-f41.google.com with SMTP id o9so194277itc.1 for ; Tue, 20 Feb 2018 15:39:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5k2+Jrz4iRMKz+GSUFa3GwAwQovrvt1LTs2cbGSD6yk=; b=fF7yK/j8qDnz4rNslmOW0lHfrlrmYObg6hBTVdwo9UC06IjDqUQ0/0iOCvvV6S6+1v c1n6qsdmJL6HeF8be6AuojBmvzsLZG9CCGcs2ahJy1hOuwBrMaQ8BnUq+lc5Wbjjbls8 /2wjgVdjic+Vu2f67cQyha+A8nmowUDyfCkHyL2mNWXkTi+x8nF0/SWl/2u9YKoiSvz9 tX6btV4oZs/hR/n4//w4WuibMlL20Ju5gc+iaoWOX7LwdFLw5OmXbtiFiCMio20xhfZH 68xLYVN0Qdt3cfdTMZQ7hHs9W6ABliTO6DQmpyPijTy8XwcMjSvKPhOJF2KBzH1lJh/Y IOJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5k2+Jrz4iRMKz+GSUFa3GwAwQovrvt1LTs2cbGSD6yk=; b=d8PDdjjZ+v3KXngcuo+V/xgM3nPd9gJb0bKK/yg7IWsDjk/6cWlv/eltdYWyXf41hL wYaAktIaefgx+GkGvW1NKiVYcisI8x9IxAcrgwow2Z82RDQk99R/8WGQmcBRDk5nDox+ Gof2HB4XwYuMHx6dtj43r4TLviuXGy3RqGZSwKuQJS5X5P8A3LgZ2Dvk9s+KXq2t4hvp ngNFyuh/zfzgvI7BcPGRPH7JSl992h5OE5PZwE6es/qZ1JxLchFq09i69RiClsVqrdjK Z5ZBv1zx4xFL4H+pj+SeB6IxSjHN8ntb0RdrW5fiX4edmXuVt7cEujFL+1e2BsWjUJFP SjUA== X-Gm-Message-State: APf1xPAcFQw88fS6hqeHVxS9QnafvsS4zSqhqK0QwvDu/Q4+QQNO1dwc XNc8D7EPc3R7GNAtX8ZDKRB4IU9/S2cszWveoYoFdw== X-Received: by 10.36.165.4 with SMTP id k4mr885833itf.123.1519169977933; Tue, 20 Feb 2018 15:39:37 -0800 (PST) MIME-Version: 1.0 References: <20180215182208.35003-1-joe.konno@linux.intel.com> <20180215182208.35003-2-joe.konno@linux.intel.com> <6680a760-eb30-4daf-2dad-a9628f1c15a8@kernel.org> <20180220211849.fqjb6rdmypl6opir@agluck-desk> <20180220233008.55rfm7zw62hrao5p@agluck-desk> In-Reply-To: <20180220233008.55rfm7zw62hrao5p@agluck-desk> From: Matthew Garrett Date: Tue, 20 Feb 2018 23:39:27 +0000 Message-ID: Subject: Re: [PATCH 1/2] fs/efivarfs: restrict inode permissions To: tony.luck@intel.com Cc: Linus Torvalds , joe.konno@linux.intel.com, linux-efi , Linux Kernel Mailing List , Ard Biesheuvel , matthew.garrett@nebula.com, Jeremy Kerr , ak@linux.intel.com, pjones@redhat.com, luto@kernel.org, James Bottomley Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 20, 2018 at 3:30 PM Luck, Tony wrote: > [1] I didn't dig through the Linux code to check whether we manage to > get those four SMIs from a single EFI call, or whether we make multiple > EFI calls to open/read/close one file. It is possible that we stink a > bit too if we are doing more EFI calls than required. read() will make two calls - one to obtain the size of the variable, the other to read it. It looks like cat will also trigger an fstat(), so we're probably also making a call for that. There's presumably some optimisation that could be made there if we trust the firmware not to change the size behind our back.