Re: [PATCH 0/2] efivars: reading variables can generate SMIs

From: Matthew Garrett
Date: Fri Feb 16 2018 - 14:51:45 EST


On Fri, Feb 16, 2018 at 11:31 AM Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
wrote:
> This is why I was leaning towards applying these patches: not breaking
> userland is an important rule, but it does not imply every aspect of
> behavior observable by userland is set in stone. In other words, I
> agree with Peter that making this change does not *break* userland in
> a way anyone is likely to care deeply about.

In some modes tpmtotp will run as non-root and expect to be able to read an
EFI variable.