From: Alan Cox <gnomes@lxorguk.ukuu.org.uk>
To: <Mario.Limonciello@dell.com>
Cc: <dvhart@infradead.org>, <andy.shevchenko@gmail.com>,
<linux-kernel@vger.kernel.org>,
<platform-driver-x86@vger.kernel.org>, <luto@kernel.org>,
<quasisec@google.com>, <pali.rohar@gmail.com>,
<rjw@rjwysocki.net>, <mjg59@google.com>, <hch@lst.de>,
<greg@kroah.com>
Subject: Re: [PATCH v7 10/15] platform/x86: dell-smbios: add filtering capability for requests
Date: Fri, 13 Oct 2017 15:18:32 +0100 [thread overview]
Message-ID: <20171013151832.3ab0891d@alans-desktop> (raw)
In-Reply-To: <1200feb837864baa8a3be9740413f2e9@ausx13mpc120.AMER.DELL.COM>
> Within Linux the security model is that items accessible through this interface
> are only accessible by root.
"root" has not been a security concept in the Linux kernel since about
2.0. If you are relying on file permissions then at best you are using
CAP_SYS_DAC which is too weak for this.
If you are allowing near unchecked communication with a third party
entity that the user doesn't trust too much you should be requiring
CAP_SYS_RAWIO.
In fact it's a fair argument hat if you require CAP_SYS_RAWIO and have a
module option you have to set to allow it that with the module loaded
with say
insmod dell_smbios factory=1
does even blacklisted stuff then you are ok, because a process with
CAP_SYS_RAWIO has enough power to totally own the machine anyway
including taking over and doing the WMI call itself by hand in user space
or loading its own module.
Alan
next prev parent reply other threads:[~2017-10-13 14:19 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-11 16:27 [PATCH v7 00/15] Introduce support for Dell SMBIOS over WMI Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 01/15] platform/x86: wmi: Add new method wmidev_evaluate_method Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 02/15] platform/x86: dell-wmi: increase severity of some failures Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 03/15] platform/x86: dell-wmi: clean up wmi descriptor check Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 04/15] platform/x86: dell-wmi: allow 32k return size in the descriptor Mario Limonciello
2017-10-11 16:31 ` Pali Rohár
2017-10-11 16:37 ` Mario.Limonciello
2017-10-11 16:27 ` [PATCH v7 05/15] platform/x86: dell-wmi-descriptor: split WMI descriptor into it's own driver Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 06/15] platform/x86: wmi: Don't allow drivers to get each other's GUIDs Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 07/15] platform/x86: dell-smbios: only run if proper oem string is detected Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 08/15] platform/x86: dell-smbios: Add a sysfs interface for SMBIOS tokens Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 09/15] platform/x86: dell-smbios: Introduce dispatcher for SMM calls Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 10/15] platform/x86: dell-smbios: add filtering capability for requests Mario Limonciello
2017-10-12 10:09 ` Alan Cox
2017-10-12 13:23 ` Mario.Limonciello
2017-10-12 14:33 ` Pali Rohár
2017-10-12 14:43 ` Mario.Limonciello
2017-10-13 14:18 ` Alan Cox [this message]
2017-10-13 0:46 ` Darren Hart
2017-10-13 9:43 ` Greg KH
2017-10-13 10:40 ` Pali Rohár
2017-10-13 15:03 ` Mario.Limonciello
2017-10-13 15:19 ` Alan Cox
2017-10-13 15:44 ` Mario.Limonciello
2017-10-13 19:46 ` Alan Cox
2017-10-13 22:16 ` Darren Hart
2017-10-13 15:56 ` Greg KH
2017-10-13 17:47 ` Mario.Limonciello
2017-10-13 22:28 ` Darren Hart
2017-10-13 16:37 ` Darren Hart
2017-10-11 16:27 ` [PATCH v7 11/15] platform/x86: dell-smbios-wmi: Add new WMI dispatcher driver Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 12/15] platform/x86: dell-smbios-smm: test for WSMT Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 13/15] platform/x86: wmi: Add sysfs attribute for required_buffer_size Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 14/15] platform/x86: wmi: create userspace interface for drivers Mario Limonciello
2017-10-11 16:27 ` [PATCH v7 15/15] platform/x86: dell-smbios-wmi: introduce userspace interface Mario Limonciello
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171013151832.3ab0891d@alans-desktop \
--to=gnomes@lxorguk.ukuu.org.uk \
--cc=Mario.Limonciello@dell.com \
--cc=andy.shevchenko@gmail.com \
--cc=dvhart@infradead.org \
--cc=greg@kroah.com \
--cc=hch@lst.de \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mjg59@google.com \
--cc=pali.rohar@gmail.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=quasisec@google.com \
--cc=rjw@rjwysocki.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox