Re: [PATCH 0/2] efivars: reading variables can generate SMIs

From: Andy Lutomirski
Date: Sat Feb 17 2018 - 13:12:48 EST


On Fri, Feb 16, 2018 at 10:03 PM, Matthew Garrett <mjg59@xxxxxxxxxx> wrote:
> On Fri, Feb 16, 2018 at 2:02 PM Luck, Tony <tony.luck@xxxxxxxxx> wrote:
>
>> > If the default is 600 then it makes sense to allow a privileged service
> to
>> > selectively make certain variables world readable at runtime.
>
>> As soon as you make one variable world readable you are vulnerable to
>> a local user launching a DoS attack by reading that variable over and over
>> generating a flood of SMIs.
>
> I'm not terribly worried about untrusted users on my laptop, but I would
> prefer to run as little code as root as possible.

I think that, for the most part, systemwide configuration should not
be accessible to non-root. Unprivileged users, in general, have no
legitimate reason to know that my default boot is Boot0000* Fedora
HD(1,GPT,ee...,0x800,0x64000)/File(\EFI\fedora\shim.efi). Even more
so if I'm network booting.

Alternatively, we could call this a distro issue. Distros could
easily change the permissions on /sys/firmware/efi/efivars to disallow
unprivileged access.