Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp5411595rwd; Mon, 12 Jun 2023 04:57:41 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4fMRa9ZVIoIZYgw12Bx7QlMIjRfKKUNH/JntDUsKhygAKXgx7Dwoo4UEnh8La0pPsYvS2M X-Received: by 2002:a05:6359:616:b0:129:ca90:3b6d with SMTP id eh22-20020a056359061600b00129ca903b6dmr3414138rwb.19.1686571061611; Mon, 12 Jun 2023 04:57:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686571061; cv=none; d=google.com; s=arc-20160816; b=LfilZcVJlps1+fRu8KTg107Ag8FM2RL218NBpDp26llMYGr3SfN0e1qB8A/yXQsl7T 8ieP7VLITggTTlXb/Hu9b74zn3RO70+XxzEt3Q8FVUpwq8CM9HwtQzoWYVAuA4uMcIdu F9gbc2gQLmEAtn4w5F+hEpjrb4fRXhEeWeSLf8/AcT5LnoOhxd+IxiRLNK5dDuPJqOD4 d+kkHBFfOYUSXD8CFnCuna7Y/pQhEcF8sh5xlChRWJVwXv2ZSkXOoRReVBWhMV8MK3XF XnXEzd6+XNeIS4zBStPSfK8ZfLmTL5BEbFpsNavBhKmhLVetjvnXjFBW/Yk20hX4dy1H hoYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=SOYFG37rRayi9J7r+oSr6FSmN5OTj32lODA4hncwNKw=; b=Zw2vf8qcZxa8CLkEhJ30uKb/KlybM5f0y+2wbVcNQYDKKdn3JgAil+yLQRLI9zYaKp vCoPEi4WAcfAZj/6PmtLhG98LN9FlAJB+zCHO8j1Llqy94vOnqkB4HiH73HZrJeaARCp DJ1XNb+cgAiqis7WG9+GSi/B/u7QjhhnxiWyaST4fM09K1eD9jCq+j1pQUeYK5qQ9fN1 wBbGlCRzOgKqikOgAiWAorj3l7dlR00CDdqAsz0p1uNrb89T/B+tyIml3b5hP07wP5Xg aMbChhbPvPNjLc00zlQR58egCrTisyUFdeu2FEWDAi+i9fnar+by/nrV+7EScGpDepKQ cjCw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o21-20020a637e55000000b0052c9e5561ebsi6669833pgn.821.2023.06.12.04.57.30; Mon, 12 Jun 2023 04:57:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235206AbjFLLwR (ORCPT + 99 others); Mon, 12 Jun 2023 07:52:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36830 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230353AbjFLLv5 (ORCPT ); Mon, 12 Jun 2023 07:51:57 -0400 X-Greylist: delayed 592 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Mon, 12 Jun 2023 04:48:18 PDT Received: from gardel.0pointer.net (gardel.0pointer.net [85.214.157.71]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8CF16197 for ; Mon, 12 Jun 2023 04:48:18 -0700 (PDT) Received: from gardel-login.0pointer.net (gardel-mail [IPv6:2a01:238:43ed:c300:10c3:bcf3:3266:da74]) by gardel.0pointer.net (Postfix) with ESMTP id 85B66E8022C; Mon, 12 Jun 2023 13:37:56 +0200 (CEST) Received: by gardel-login.0pointer.net (Postfix, from userid 1000) id 24DAC16006B; Mon, 12 Jun 2023 13:37:55 +0200 (CEST) Date: Mon, 12 Jun 2023 13:37:55 +0200 From: Lennart Poettering To: Jonathan McDowell Cc: Jean Delvare , Kay Sievers , Greg Kroah-Hartman , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH] firmware: dmi: Don't restrict access to serial number / UUID Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mo, 12.06.23 09:59, Jonathan McDowell (noodles@meta.com) wrote: > The /sys/devices/virtual/dmi/id/*_serial + product_uuid files are > currently only readable by root. There's no clear rationale for this; > Windows + OS X both allow regular users to access the information, so > there appears to be no expectation on the manufacturer side that it > should be kept secret. > > Having the information easily available helps with automated tools that > collect system information for the purposes of fault diagnosis/tracking > without requiring the tools have root access. > > (I've tried to look for context on the initial patch submission about > why these were root-only but didn't find any; hopefully Lennart or Kay > can provide details if I'm missing something.) When I originally added this in 2007 the intel cpuid serial numbers kerfuffle wasn't ancient history yet, i.e. see: https://en.wikipedia.org/wiki/Pentium_III#Controversy_about_privacy_issues So we wanted to ensure that potentially identifying hw information would not leak to unprivileged code just like that so easily, hence restricting this was the easy way out. We subsequently came up with the /etc/machine-id concept, i.e. a *user* controlled ID value people can use instead. And for VMs we then added logic so that the VM supplied UUID can be propagated into that (under the assumption that the VM supplied UUID is under user control anyway). To my knowledge on ChromeOS the /etc/machine-id concept isn't much liked either, they'd rather have *no* identifiable info available to unpriv code instead of just user controllable ids... (i remember some conversations with chromeos people back in the day about this.) if you open up the DMI serial numbers like this you might not make yourself many friends in that camp... One might argue that there's always some identifiable hw info available for apps to use, or that apps should run in sandboxes that make this impossible, but that's cheap of courseā€¦ Lennart -- Lennart Poettering, Berlin