From: James Bottomley <James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
To: Grant Likely
<grant.likely-s3s/WqlpOiPyB63q8FvJNQ@public.gmane.org>,
"linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Jon Masters <jcm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Leif Lindholm
<leif.lindholm-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
Ard Biesheuvel
<ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
Peter Jones <pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Matthew Garrett <mjg59-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
Subject: Re: MemoryOverwriteRequestControl
Date: Mon, 04 Jul 2016 14:31:57 -0700 [thread overview]
Message-ID: <1467667917.2288.23.camel@HansenPartnership.com> (raw)
In-Reply-To: <CACxGe6s7rgTBUf7jtN6J3i3w-HvAm2rFnjjwCtWRS6oHx3ZB5A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
On Mon, 2016-07-04 at 20:37 +0100, Grant Likely wrote:
> Random question: Does anybody (kernel or distros) do anything with
> the MemoryOverwriteRequestControl EFI variable? I was asked by a
> platform engineer for input on what Linux needs, and I didn't have an
> answer for him.
The usual answer for these cases is to do what Tianocore does.
Currently, the kernel does nothing with this, but you'd more expect
something in userspace to do something with it, probably a component of
the TSS.
> Reference: section 5 of
> https://www.trustedcomputinggroup.org/wp-content/uploads/Platform-Res
> et-Attack-Mitigation-Specification.pdf
That's a bit of an old Spec. Microsoft has been busy updating this
stuff:
https://msdn.microsoft.com/en-us/windows/hardware/drivers/bringup/device-guard-requirements
Tianocore head seems to do all of this.
James
next prev parent reply other threads:[~2016-07-04 21:31 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-04 19:37 MemoryOverwriteRequestControl Grant Likely
[not found] ` <CACxGe6s7rgTBUf7jtN6J3i3w-HvAm2rFnjjwCtWRS6oHx3ZB5A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-07-04 21:31 ` James Bottomley [this message]
[not found] ` <1467667917.2288.23.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-04 22:26 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160704222609.GB5160-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 1:03 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467680635.2288.36.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 1:06 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160705010622.GA7974-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 2:35 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467686108.2288.43.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 2:40 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160705024022.GA9292-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 2:58 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467687531.2288.51.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 3:03 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160705030314.GA9597-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 4:24 ` MemoryOverwriteRequestControl James Bottomley
2016-07-04 22:20 ` MemoryOverwriteRequestControl Matthew Garrett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1467667917.2288.23.camel@HansenPartnership.com \
--to=james.bottomley-d9phhud1jfjcxq6kfmz53/egyhegw8jk@public.gmane.org \
--cc=ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=grant.likely-s3s/WqlpOiPyB63q8FvJNQ@public.gmane.org \
--cc=jcm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=leif.lindholm-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=mjg59-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org \
--cc=pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.