Re: [PATCH 0/2] efivars: reading variables can generate SMIs

From: Borislav Petkov
Date: Fri Feb 16 2018 - 13:59:12 EST


On Fri, Feb 16, 2018 at 10:48:32AM -0800, Joe Konno wrote:
> We may see some other patches or RFCs about caching and/or shadowing
> variable values in efivarfs to reduce the number of direct EFI reads,
> with the goal of reducing how many SMIs are generated.

So if you do the caching scheme, the question about narrowing
permissions becomes moot...

> Any obvious EFI variables that userspace tools have come to depend on--
> those which normal, unprivileged users need to read-- are helpful inputs
> to this discussion.

... which solves the aspect of not breaking userspace nicely.

--
Regards/Gruss,
Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.