Re: [PATCH 0/2] efivars: reading variables can generate SMIs

From: Andi Kleen
Date: Sat Feb 17 2018 - 11:18:08 EST

Next message: Guenter Roeck: "Re: [v3,05/11] watchdog/hpwdt: Update Module info."
Previous message: Guenter Roeck: "Re: [v3,04/11] watchdog/hpwdt: white space changes"
In reply to: Ard Biesheuvel: "Re: [PATCH 0/2] efivars: reading variables can generate SMIs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Would rate limiting (but not only for non-root) help mitigate Spectre
> v1 issues in UEFI runtime services code as well? I have been looking
> into unmapping the entire kernel while such calls are in progress,
> because firmware is likely to remain vulnerable long after the OSes
> have been fixed, and we may be able to kill two birds with one stone
> here (and not break userland in the process)

Yes a global rate limit would seem like a good compromise.

-Andi

Next message: Guenter Roeck: "Re: [v3,05/11] watchdog/hpwdt: Update Module info."
Previous message: Guenter Roeck: "Re: [v3,04/11] watchdog/hpwdt: white space changes"
In reply to: Ard Biesheuvel: "Re: [PATCH 0/2] efivars: reading variables can generate SMIs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]