From: Greg KH <gregkh@linuxfoundation.org>
To: Mario.Limonciello@dell.com
Cc: gnomes@lxorguk.ukuu.org.uk, dvhart@infradead.org,
andy.shevchenko@gmail.com, linux-kernel@vger.kernel.org,
platform-driver-x86@vger.kernel.org, luto@kernel.org,
quasisec@google.com, pali.rohar@gmail.com, rjw@rjwysocki.net,
mjg59@google.com, hch@lst.de
Subject: Re: [PATCH v4 13/14] platform/x86: dell-smbios-wmi: introduce userspace interface
Date: Thu, 5 Oct 2017 17:44:45 +0200 [thread overview]
Message-ID: <20171005154445.GC29347@kroah.com> (raw)
In-Reply-To: <d8678883f1164ca4b3be13d56293cb2c@ausx13mpc120.AMER.DELL.COM>
On Thu, Oct 05, 2017 at 02:22:37PM +0000, Mario.Limonciello@dell.com wrote:
> > -----Original Message-----
> > From: Alan Cox [mailto:gnomes@lxorguk.ukuu.org.uk]
> > Sent: Thursday, October 5, 2017 8:59 AM
> > To: Limonciello, Mario <Mario_Limonciello@Dell.com>
> > Cc: dvhart@infradead.org; Andy Shevchenko <andy.shevchenko@gmail.com>;
> > LKML <linux-kernel@vger.kernel.org>; platform-driver-x86@vger.kernel.org;
> > Andy Lutomirski <luto@kernel.org>; quasisec@google.com;
> > pali.rohar@gmail.com; rjw@rjwysocki.net; mjg59@google.com; hch@lst.de; Greg
> > KH <greg@kroah.com>
> > Subject: Re: [PATCH v4 13/14] platform/x86: dell-smbios-wmi: introduce
> > userspace interface
> >
> > On Wed, 4 Oct 2017 17:48:39 -0500
> > Mario Limonciello <mario.limonciello@dell.com> wrote:
> >
> > > This userspace character device will be used to perform SMBIOS calls
> > > from any applications.
> > >
> > > It provides an ioctl that will allow passing the 32k WMI calling
> > > interface buffer between userspace and kernel space.
> >
> > What is your security model for firing 32K of random crap at the BIOS ?
>
> Adding new class and select methods requires a review with the security
> team. They will do STRIDE analysis and threat modeling.
>
> > Do you fuzz test the BIOS interface ?
>
> Yes there has been internal fuzz testing classes and selects used in the
> ACPI interface in the past. I can't comment on how regularly that is done.
> I do think it's interesting is to use the interface in Linux for further fuzz
> testing though.
That should be simple, start firing random data at this memory location
and see what happens. Can you brick the box? Change the
manufactured-date? Change the serial number? Normally these types of
BIOS interfaces allow all sorts of "fun" things like this, which is why
we have the kernel "own" the interface, to protect yourself from
breaking the box.
> > How do we know that between now and the end of the universe every call is
> > safe to execute as any random user without upsetting other users on the
> > same PC ?
>
> Any random user shouldn't be executing the ioctl.
> Only root should be executing any of these calls.
"only root" isn't the best protection method, you should know better :)
You are going to have to do some kind of parsing/whitelisting here,
trust us...
thanks,
greg k-h
next prev parent reply other threads:[~2017-10-05 15:44 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-04 22:48 [PATCH v4 00/14] Introduce support for Dell SMBIOS over WMI Mario Limonciello
2017-10-04 22:48 ` [PATCH v4 01/14] platform/x86: wmi: Add new method wmidev_evaluate_method Mario Limonciello
2017-10-04 22:48 ` [PATCH v4 02/14] platform/x86: dell-wmi: clean up wmi descriptor check Mario Limonciello
2017-10-04 22:48 ` [PATCH v4 03/14] platform/x86: dell-wmi: allow 32k return size in the descriptor Mario Limonciello
2017-10-04 22:48 ` [PATCH v4 04/14] platform/x86: dell-wmi: increase severity of some failures Mario Limonciello
2017-10-05 5:20 ` Andy Shevchenko
2017-10-05 15:02 ` Mario.Limonciello
2017-10-05 18:22 ` Andy Shevchenko
2017-10-04 22:48 ` [PATCH v4 05/14] platform/x86: dell-wmi-descriptor: split WMI descriptor into it's own driver Mario Limonciello
2017-10-05 1:09 ` Darren Hart
2017-10-05 5:29 ` Andy Shevchenko
2017-10-05 7:11 ` Darren Hart
2017-10-05 8:47 ` Andy Shevchenko
2017-10-05 13:59 ` Mario.Limonciello
2017-10-05 14:14 ` Darren Hart
2017-10-05 14:47 ` Mario.Limonciello
2017-10-05 17:22 ` Darren Hart
2017-10-05 17:32 ` Mario.Limonciello
2017-10-05 5:34 ` Andy Shevchenko
2017-10-05 17:04 ` Mario.Limonciello
2017-10-04 22:48 ` [PATCH v4 06/14] platform/x86: wmi: Don't allow drivers to get each other's GUIDs Mario Limonciello
2017-10-04 22:48 ` [PATCH v4 07/14] platform/x86: dell-smbios: only run if proper oem string is detected Mario Limonciello
2017-10-04 22:48 ` [PATCH v4 08/14] platform/x86: dell-smbios: Add a sysfs interface for SMBIOS tokens Mario Limonciello
2017-10-05 8:49 ` Andy Shevchenko
2017-10-05 13:58 ` Mario.Limonciello
2017-10-05 14:22 ` Andy Shevchenko
2017-10-04 22:48 ` [PATCH v4 09/14] platform/x86: dell-smbios: Introduce dispatcher for SMM calls Mario Limonciello
2017-10-05 1:57 ` Darren Hart
2017-10-05 15:04 ` Mario.Limonciello
2017-10-04 22:48 ` [PATCH v4 10/14] platform/x86: dell-smbios-smm: test for WSMT Mario Limonciello
2017-10-05 1:59 ` Darren Hart
2017-10-04 22:48 ` [PATCH v4 11/14] platform/x86: dell-smbios-wmi: Add new WMI dispatcher driver Mario Limonciello
2017-10-05 2:14 ` Darren Hart
2017-10-05 15:12 ` Mario.Limonciello
2017-10-05 17:57 ` Darren Hart
2017-10-05 19:47 ` Mario.Limonciello
2017-10-06 16:44 ` Darren Hart
2017-10-06 16:47 ` Mario.Limonciello
2017-10-04 22:48 ` [PATCH v4 12/14] platform/x86: wmi: create character devices when requested by drivers Mario Limonciello
2017-10-05 2:33 ` Darren Hart
2017-10-05 7:16 ` Greg KH
2017-10-05 14:35 ` Mario.Limonciello
2017-10-05 15:42 ` Greg KH
2017-10-05 15:51 ` Pali Rohár
2017-10-05 16:26 ` Greg KH
2017-10-05 17:39 ` Darren Hart
2017-10-05 18:47 ` Greg KH
2017-10-05 19:03 ` Mario.Limonciello
2017-10-05 19:09 ` Greg KH
2017-10-05 19:32 ` Pali Rohár
2017-10-05 19:39 ` Mario.Limonciello
2017-10-05 19:34 ` Mario.Limonciello
2017-10-05 20:58 ` Darren Hart
2017-10-05 20:51 ` Darren Hart
2017-10-04 22:48 ` [PATCH v4 13/14] platform/x86: dell-smbios-wmi: introduce userspace interface Mario Limonciello
2017-10-05 7:23 ` Greg KH
2017-10-05 16:28 ` Mario.Limonciello
2017-10-05 16:34 ` Pali Rohár
2017-10-05 16:40 ` Greg KH
2017-10-05 7:33 ` Greg KH
2017-10-05 16:37 ` Mario.Limonciello
2017-10-05 13:59 ` Alan Cox
2017-10-05 14:22 ` Mario.Limonciello
2017-10-05 15:44 ` Greg KH [this message]
2017-10-05 15:56 ` Pali Rohár
2017-10-05 16:28 ` Greg KH
2017-10-05 16:48 ` Mario.Limonciello
2017-10-10 19:40 ` Alan Cox
2017-10-10 19:51 ` Mario.Limonciello
2017-10-04 22:48 ` [PATCH v4 14/14] platform/x86: Kconfig: Set default for dell-smbios to ACPI_WMI Mario Limonciello
2017-10-05 0:09 ` [PATCH v4 00/14] Introduce support for Dell SMBIOS over WMI Darren Hart
2017-10-05 9:00 ` Andy Shevchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171005154445.GC29347@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=Mario.Limonciello@dell.com \
--cc=andy.shevchenko@gmail.com \
--cc=dvhart@infradead.org \
--cc=gnomes@lxorguk.ukuu.org.uk \
--cc=hch@lst.de \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mjg59@google.com \
--cc=pali.rohar@gmail.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=quasisec@google.com \
--cc=rjw@rjwysocki.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).