RE: [PATCH 0/2] efivars: reading variables can generate SMIs

From: Luck, Tony
Date: Fri Feb 16 2018 - 17:02:13 EST


> If the default is 600 then it makes sense to allow a privileged service to
> selectively make certain variables world readable at runtime.

As soon as you make one variable world readable you are vulnerable to
a local user launching a DoS attack by reading that variable over and over
generating a flood of SMIs.

-Tony