Re: [PATCH] x86: Lock down MSR writing in secure boot
From: Matthew Garrett
Date: Sat Feb 09 2013 - 10:12:05 EST
On Sat, 2013-02-09 at 10:29 +0100, Borislav Petkov wrote:
> On Fri, Feb 08, 2013 at 10:45:35PM -0800, Kees Cook wrote:
> > Also, _reading_ MSRs from userspace arguably has utility that doesn't
> > compromise ring-0.
>
> And to come back to the original question: what is that utility, who
> would need it on a secure boot system and why?
Things like Turbostat are useful, although perhaps that information
should be exposed in a better way.
N§²æìr¸yúèØb²X¬¶ÇvØ^)Þ{.nÇ+·¥{±êçzX§¶¡Ü}©²ÆzÚ&j:+v¨¾«êçzZ+Ê+zf£¢·h§~Ûiÿûàz¹®w¥¢¸?¨èÚ&¢)ßfù^jÇy§m
á@A«a¶Úÿ0¶ìh®åi