From: Matthew Garrett <mjg59-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
To: James Bottomley
<James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
Cc: Grant Likely
<grant.likely-s3s/WqlpOiPyB63q8FvJNQ@public.gmane.org>,
"linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Jon Masters <jcm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Leif Lindholm
<leif.lindholm-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
Ard Biesheuvel
<ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
Peter Jones <pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Subject: Re: MemoryOverwriteRequestControl
Date: Mon, 4 Jul 2016 23:26:09 +0100 [thread overview]
Message-ID: <20160704222609.GB5160@srcf.ucam.org> (raw)
In-Reply-To: <1467667917.2288.23.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
On Mon, Jul 04, 2016 at 02:31:57PM -0700, James Bottomley wrote:
> Currently, the kernel does nothing with this, but you'd more expect
> something in userspace to do something with it, probably a component of
> the TSS.
The OS loader is expected to set MOR to 1, so given the boot stub
there's need for kernel support. A "correct" implementation would also
involve the kernel clearing all its secrets before reboot and then
setting it back to 0, so I don't think we can just punt responsibility
to userspace.
--
Matthew Garrett | mjg59-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org
next prev parent reply other threads:[~2016-07-04 22:26 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-04 19:37 MemoryOverwriteRequestControl Grant Likely
[not found] ` <CACxGe6s7rgTBUf7jtN6J3i3w-HvAm2rFnjjwCtWRS6oHx3ZB5A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-07-04 21:31 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467667917.2288.23.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-04 22:26 ` Matthew Garrett [this message]
[not found] ` <20160704222609.GB5160-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 1:03 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467680635.2288.36.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 1:06 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160705010622.GA7974-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 2:35 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467686108.2288.43.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 2:40 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160705024022.GA9292-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 2:58 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467687531.2288.51.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 3:03 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160705030314.GA9597-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 4:24 ` MemoryOverwriteRequestControl James Bottomley
2016-07-04 22:20 ` MemoryOverwriteRequestControl Matthew Garrett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160704222609.GB5160@srcf.ucam.org \
--to=mjg59-1xo5oi07kqx4cg9nei1l7q@public.gmane.org \
--cc=James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org \
--cc=ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=grant.likely-s3s/WqlpOiPyB63q8FvJNQ@public.gmane.org \
--cc=jcm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=leif.lindholm-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).