From: jcm@redhat.com (Jon Masters)
To: linux-arm-kernel@lists.infradead.org
Subject: SMBIOS/DMI data under CONFIG_STRICT_DEVMEM
Date: Sat, 17 Jan 2015 17:52:59 -0500 [thread overview]
Message-ID: <54BAE7CB.2010705@redhat.com> (raw)
In-Reply-To: <CAOesGMi3=QkiQ326nFfGTjsOKrGqgO-q+r+A4Uc_9YWCDrAtwA@mail.gmail.com>
Hi Olof,
On 01/17/2015 04:10 PM, Olof Johansson wrote:
> Hi,
>
> On Sat, Jan 17, 2015 at 12:12 PM, Jon Masters <jcm@redhat.com> wrote:
>> Hi Catalin, all,
>>
>> I would like to ensure that the SMBIOS data provided by firmware is
>> always readable from userspace on AArch64, through /dev/mem.
>
> Seems like this would be a good opportunity for cleanup and fixing
> userspace to use /sys/firmware/dmi interfaces instead of having to go
> poking through /dev/mem. That way they don't have to be privileged
> process any more and is a general security benefit for everybody.
I don't disagree :)
Indeed, I was pushing within RH years ago to help get it into
/sys/firmware/dmi where it lives today. Someone went over this code for
us a few months ago and the determination was that there's a chunk of
refactoring that needs doing to get it to do the right thing. I think in
the interim some of the vendor kernels might need another solution, but
I've already asked that Linaro refactor the tool to do it right.
There's probably good reasons to be able to poke at the tables directly
from userspace under certain circumstances too. For example, one of the
reference platforms I am using has bogus checksums in the tables so they
fail to load in the Linux interpreter which means you never see the
entries in /sys/firmware/dmi being created and could not debug why if
you had no direct access to read the raw ones. That means that probably
people would still carry hacks to allow such access.
Jon.
next prev parent reply other threads:[~2015-01-17 22:52 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-17 20:12 SMBIOS/DMI data under CONFIG_STRICT_DEVMEM Jon Masters
2015-01-17 20:59 ` Ard Biesheuvel
2015-01-17 21:01 ` Jon Masters
2015-01-17 21:10 ` Olof Johansson
2015-01-17 22:52 ` Jon Masters [this message]
2015-01-17 22:56 ` Jon Masters
2015-01-17 23:21 ` Leif Lindholm
2015-01-18 0:49 ` Jon Masters
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54BAE7CB.2010705@redhat.com \
--to=jcm@redhat.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).