Re: [PATCH 0/2] efivars: reading variables can generate SMIs

From: Joe Konno
Date: Fri Feb 16 2018 - 13:48:43 EST

Next message: Masahiro Yamada: "[PATCH 01/23] kbuild: remove kbuild cache"
Previous message: Masahiro Yamada: "[PATCH 05/23] kconfig: move and rename sym_expand_string_value()"
In reply to: Ard Biesheuvel: "Re: [PATCH 0/2] efivars: reading variables can generate SMIs"
Next in thread: Borislav Petkov: "Re: [PATCH 0/2] efivars: reading variables can generate SMIs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 16, 2018 at 11:18:12AM +0000, Ard Biesheuvel wrote:
> On 16 February 2018 at 11:08, Borislav Petkov <bp@xxxxxxxxx> wrote:
> > On Fri, Feb 16, 2018 at 10:58:47AM +0000, Ard Biesheuvel wrote:
> >> By your own reasoning above, that's a no-no as well.
> >
> > I'm sure we can come up with some emulation - the same way we did the
> > BIOS emulation.
> >
> >> But thanks for your input. Anyone else got something constructive to contribute?
> >
> > The not-breaking userspace is constructive contribution. The last
> > paragraph is my usual rant.
> >
>
> Fair enough. And I am not disagreeing with you either.
>
> So question to Joe: is it well defined which variables may exhibit
> this behavior?

For brevity's sake, "not yet." Folks-- e.g. firmware writers and
equipment makers-- may use SMIs more (or less) than others. So, how many
SMIs generated by the reference shell script can, and will, vary
platform to platform. I and my colleagues are digging into this.

> Given that UEFI variables are GUID scoped, would whitelisting certain
> GUIDs (the ones userland currently relies on to be readable my
> non-privileged users) and making everything else user-only solve this
> problem as well?

Perhaps. I don't want us chasing white rabbits just yet, but the
whitelist is but one approach under consideration. We may see some other
patches or RFCs about caching and/or shadowing variable values in
efivarfs to reduce the number of direct EFI reads, with the goal of
reducing how many SMIs are generated.

Any obvious EFI variables that userspace tools have come to depend on--
those which normal, unprivileged users need to read-- are helpful inputs
to this discussion.

The discussion is double-ended: asking the "which variables almost
always cause SMIs?" at the front and "which variables do normal,
unprivileged tools need for standard operation?" at the back.

Cheers, thanks for the feedback and consideration

Attachment: signature.asc
Description: PGP signature

Next message: Masahiro Yamada: "[PATCH 01/23] kbuild: remove kbuild cache"
Previous message: Masahiro Yamada: "[PATCH 05/23] kconfig: move and rename sym_expand_string_value()"
In reply to: Ard Biesheuvel: "Re: [PATCH 0/2] efivars: reading variables can generate SMIs"
Next in thread: Borislav Petkov: "Re: [PATCH 0/2] efivars: reading variables can generate SMIs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]