Re: [PATCH 15/16] platform/x86: wmi-mof: New driver to expose embedded WMI MOF metadata

From: Andy Lutomirski
Date: Sat May 27 2017 - 17:08:18 EST


On Sat, May 27, 2017 at 4:14 AM, Pali RohÃr <pali.rohar@xxxxxxxxx> wrote:
> Hi! Note that in WMI is stored binary MOF (BMOF; .bmf file; compiled
> MOF), not ordinary MOF data which are plain text. So maybe it could make
> sense to include "B" into name of sysfs entry? Or not? (Just suggestion)
>
> On Saturday 27 May 2017 07:31:29 Darren Hart wrote:
>> From: Andy Lutomirski <luto@xxxxxxxxxx>
>>
>> Quite a few laptops (and maybe servers?) have embedded WMI MOF
>
> Not "a few", but "lots of" :-)
>
>> metadata. I think that Samba has tools to interpret it, but there is
>> currently no interface to get the data in the first place.
>
> No, there is no non-ms-windows tool for interpreting those binary MOF
> (BMF) data yet.
>
>> + priv->mofdata = wmidev_block_query(wdev, 0);
>> + if (!priv->mofdata) {
>> + dev_warn(&wdev->dev, "failed to read MOF\n");
>> + return -EIO;
>> + }
>> +
>> + if (priv->mofdata->type != ACPI_TYPE_BUFFER) {
>> + dev_warn(&wdev->dev, "MOF is not a buffer\n");
>> + ret = -EIO;
>> + goto err_free;
>> + }
>
> Are not those problems fatal for driver and therefore dev_err() better?
>
>> + sysfs_bin_attr_init(&priv->mof_bin_attr);
>> + priv->mof_bin_attr.attr.name = "mof";
>> + priv->mof_bin_attr.attr.mode = 0400;
>
> 0400 means to be readable only by root? Is there then reason why normal
> user should not be able to read it?
>

I have no specific objection to making it 0444, but in general I'd
rather expose less information to unprivileged users rather than more.
I'm also having trouble imagining what an unprivileged user would do
with the MOF -- it's useful for reverse engineering and it may
eventually be useful for making WMI calls from userspace, but neither
of those is particularly useful to unprivileged users.