Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp22206ybt; Tue, 16 Jun 2020 15:23:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzw0bhtfz0NHvop/PwKSa89aadM2tvAIHofWTsxeIiZCis0O3e5ZTmqc0It1Q5m4rkLYc7I X-Received: by 2002:a17:907:9486:: with SMTP id dm6mr4921921ejc.248.1592346187520; Tue, 16 Jun 2020 15:23:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592346187; cv=none; d=google.com; s=arc-20160816; b=gHz+YnXdHGWcJEgrnvqz6EeRK9J4Wnoh2UhxUP8q2n1B24kHDX2+m+nwkfSFreBb3y MZxw8f6Oyp0iiiTs21TaVD3LG8Q4pnzab2X1XmbL7GfF/4RjBjMLGdu1dufevEsSQAQI dQxzRZ33E95ssw6yFZgrjmbszf81bjGEORlDzVQQczWLyCvpX7cmR/+/EyjcK2TnCztt phYQcYUy8H59hk+TjdgVQIx+lC0zR6a0bA7pzqgws79potWShHITgUYFmcbVuSvVUBmG y/Y9mlumOumqKTmOZk1ppeWtCJgM8qu26ClFamlVNgaJfPZeIPRAg59QTuJ9VwamioHB FSbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=b/Feig0c7YeQhbsBIAzVzzK2fPzgIv/lBTcocN8aQXs=; b=OlsWqa7r8PisaioFSt6TtxydcosZdbL5l5rR/tRJUta10cNKQxF9hxpCb33djKUil8 gu95F5s8fqFg7D7pSWLMgFK6jBIirfFT0uwZfzWHb+nxqEETTllEieZv1Rf4xq9QplGX r4F8R+vDwFc23Baxjrx+QfRp35jpPvdjy/Z/Kh2Ym3pWngwrBLYSUh0aescVgihRnFmq SIunh27xE+9PB6MwmJoZ0YSYB2iAWRdX3JZZ2AkK1LIumIV7skmkQcRklKzbqXgV/OiB SG/tWRgCZmU4L2Hqce0vOIBCJsg9u61Wrxu9jqFfmgGfVjYodrd5isPKfQzv4f7faiZ+ CaJA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b="zwqQ/g3X"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cf23si11646487ejb.540.2020.06.16.15.22.43; Tue, 16 Jun 2020 15:23:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b="zwqQ/g3X"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726134AbgFPWU4 (ORCPT + 99 others); Tue, 16 Jun 2020 18:20:56 -0400 Received: from mail.zx2c4.com ([192.95.5.64]:39715 "EHLO mail.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725790AbgFPWU4 (ORCPT ); Tue, 16 Jun 2020 18:20:56 -0400 Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTP id b14129e7; Tue, 16 Jun 2020 22:02:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=mime-version :references:in-reply-to:from:date:message-id:subject:to:cc :content-type; s=mail; bh=RQicizWyLHOE2iCPPK+/7SOXm9U=; b=zwqQ/g 3Xq/tR7g2fHoBQXiJS3CWnnxoDeJkGT47tGoxmHOECjg2pvQJPYNo/Ejq0CvHM1o NCmge4rzYj7J/eHj9zJSeCG2eCkYQL9HaXTBeZrPxQo/3F7GTUifv5/bO4a4v1Ud tX/Z6mwcr0ATqWjJ5YOhLIS4J3U4wYUmcvjLJYoTjsmMdQqd2L5YBxtCdTOUFHKq mTD5KglvYfKuW154UJWyquve3RxyAMu6/S9EDsGIU4oyJc7XHMpgyuPBZdABo96n hzaxhz0tYYJKgIhXTZEKROYDp4gxesLOTbEKAPzbpWOQ+zn5bn7B9Bm251JldpEA sspq8gtWfQRzWYpw== Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 86c41781 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Tue, 16 Jun 2020 22:02:52 +0000 (UTC) Received: by mail-io1-f41.google.com with SMTP id y5so363070iob.12; Tue, 16 Jun 2020 15:20:53 -0700 (PDT) X-Gm-Message-State: AOAM531ciYCogHcehdyvkF/zUX9H3htBgXM5v4q+IUrAQuVcj3yfD3j8 iGpaLijqzXNdCQn2yewxtt+WsVcL9wzULYt4FHs= X-Received: by 2002:a05:6638:216f:: with SMTP id p15mr28530779jak.86.1592346052223; Tue, 16 Jun 2020 15:20:52 -0700 (PDT) MIME-Version: 1.0 References: <20200615104332.901519-1-Jason@zx2c4.com> In-Reply-To: <20200615104332.901519-1-Jason@zx2c4.com> From: "Jason A. Donenfeld" Date: Tue, 16 Jun 2020 16:20:41 -0600 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] acpi: disallow loading configfs acpi tables when locked down To: Len Brown , rjw@rjwysocki.net Cc: LKML , linux-acpi@vger.kernel.org, Kernel Hardening Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Rafael, Len, Looks like I should have CC'd you on this patch. This is probably something we should get into 5.8-rc2, so that it can then get put into stable kernels, as some people think this is security sensitive. Bigger picture is this: https://data.zx2c4.com/american-unsigned-language-2.gif https://data.zx2c4.com/american-unsigned-language-2-fedora-5.8.png Also, somebody mentioned to me that Microsoft's ACPI implementation disallows writes to system memory as a security mitigation. I haven't looked at what that actually entails, but I wonder if entirely disabling support for ACPI_ADR_SPACE_SYSTEM_MEMORY would be sensible. I haven't looked at too many DSDTs. Would that break real hardware, or does nobody do that? Alternatively, the range of acceptable addresses for SystemMemory could exclude kernel memory. Would that break anything? Have you heard about Microsoft's mitigation to know more details on what they figured out they could safely restrict without breaking hardware? Either way, food for thought I suppose. Jason