Received: by 10.223.185.116 with SMTP id b49csp2147356wrg; Sat, 24 Feb 2018 12:09:56 -0800 (PST) X-Google-Smtp-Source: AH8x226XYxxdZi/rNhC/kD+No4gsEc7DtwPuHJo/UFjtIpY6rsKRz3/1C9f1YMjSk8up+4qIpzbK X-Received: by 10.98.133.193 with SMTP id m62mr5749849pfk.74.1519502995951; Sat, 24 Feb 2018 12:09:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519502995; cv=none; d=google.com; s=arc-20160816; b=JbbO+xTBnhITgyCPwxK6urvaZxdT3tWbT8WuE4Msv1NMgTX5eLY4T2AkLD2/aetagI 67uVRUNSl4eJYeThyDYRLOKvXyz006j7nNmqdt7cqe+L13XOgEWxosBo+48P8IIGV0Nl k3tUsl4/QiYmpUIKF/LCdOA35Xj/9fWmyFEKrmVUMcSidpNNNKjKl4M5WAqoEwhfsRqv 7sZy31KGL6C3dFUQ5nfr+Atefz6UjQLes32K5ZjT8it4EyJrDxt2qRB0z6RiG2BTfoTC ixCJNs+nX35kAHZa4FzPwd25qclm8zD1e2LVY9gSRLPIxk/yb6Bqy6DUdx5IkAMuMv50 +tIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date:arc-authentication-results; bh=KyiK7hPWKyFJvvdSU9tSsaGizSoZu+V4Q8EWXIauMwQ=; b=CC4JN1+gFFvce0vnvvODA+s0WVJ+LZ9dyPVl8uh3xdMiYwB47+VPFPDUtfu5pa2pLa tbpsw9XTqixZ4mGe56trvLvFLvcWQ7nYnpk1C7huePjCp8aMs1Md7Buhk9ih4OGJYp5G 6iQLRWhRnm02ZWkZgVPTDo3QTAr6xAAuKgL6LNz0eyBcqWZlWDHSCoPolbZe2oC6d0Q/ c5mRfRK79XVjGLrPQJxDORDg6rg+Okxx3SqO4I61yCXsc7N18yy+jzbhGEItPelcEsts srPgn1r6ejpcFLGfhEmJpvUVXx2U2vX1CghnoAciy4PrPveCkNity9FOivU4W/uWHopE jA0A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v15si858132pgt.635.2018.02.24.12.08.57; Sat, 24 Feb 2018 12:09:55 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751480AbeBXUHB (ORCPT + 99 others); Sat, 24 Feb 2018 15:07:01 -0500 Received: from www.llwyncelyn.cymru ([82.70.14.225]:33572 "EHLO fuzix.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751428AbeBXUHA (ORCPT ); Sat, 24 Feb 2018 15:07:00 -0500 Received: from alans-desktop (82-70-14-226.dsl.in-addr.zen.co.uk [82.70.14.226]) by fuzix.org (8.15.2/8.15.2) with ESMTP id w1OK6H9d025618; Sat, 24 Feb 2018 20:06:17 GMT Date: Sat, 24 Feb 2018 20:06:17 +0000 From: Alan Cox To: Ard Biesheuvel Cc: Linus Torvalds , "Luck, Tony" , Joe Konno , "linux-efi@vger.kernel.org" , Linux Kernel Mailing List , Matthew Garrett , Jeremy Kerr , Andi Kleen , Matthew Garrett , Peter Jones , Andy Lutomirski , James Bottomley Subject: Re: [PATCH 1/2] fs/efivarfs: restrict inode permissions Message-ID: <20180224200617.75cfe5f2@alans-desktop> In-Reply-To: References: <20180215182208.35003-1-joe.konno@linux.intel.com> <20180215182208.35003-2-joe.konno@linux.intel.com> <6680a760-eb30-4daf-2dad-a9628f1c15a8@kernel.org> <20180220211849.fqjb6rdmypl6opir@agluck-desk> <20180220233008.55rfm7zw62hrao5p@agluck-desk> <3908561D78D1C84285E8C5FCA982C28F7B37DE1B@ORSMSX110.amr.corp.intel.com> Organization: Intel Corporation X-Mailer: Claws Mail 3.15.1-dirty (GTK+ 2.24.31; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 21 Feb 2018 09:03:00 +0000 > The thing I like about rate limiting (for everyone including root) is > that it does not break anybody's workflow (unless EFI variable access > occurs on a hot path, in which case you're either a) asking for it, or > b) the guy trying to DoS us), and that it can make exploitation of any > potential Spectre v1 vulnerabilities impractical at the same time. At b) doesn't make spectre v1 much harder alas. What matters there is that you turn on the right CPU protections before calling into EFI and turn them off afterwards. EFI firmware internally isn't built with retpoline anyway. Alan