From: Tom Rini <trini@konsulko.com>
To: Simon Glass <sjg@chromium.org>
Cc: Sughosh Ganu <sughosh.ganu@linaro.org>,
u-boot@lists.denx.de,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Heinrich Schuchardt <xypron.glpk@gmx.de>,
Marek Vasut <marex@denx.de>,
Mark Kettenis <mark.kettenis@xs4all.nl>,
Fabio Estevam <festevam@gmail.com>
Subject: Re: [RFC PATCH 04/31] lmb: remove local instances of the lmb structure variable
Date: Wed, 12 Jun 2024 15:40:01 -0600 [thread overview]
Message-ID: <20240612214001.GI68077@bill-the-cat> (raw)
In-Reply-To: <CAFLszThj1wmF4zOLDjSjHX1cg8RfiHMGgpbRccJ-VJu2dtihNw@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1841 bytes --]
On Wed, Jun 12, 2024 at 02:24:25PM -0600, Simon Glass wrote:
> Hi Tom,
>
> On Wed, 12 Jun 2024 at 11:22, Tom Rini <trini@konsulko.com> wrote:
> >
> > On Tue, Jun 11, 2024 at 08:41:39PM -0600, Simon Glass wrote:
> >
> > [snip]
> > > Also IMO there is only really one LMB list today. We create it at the
> > > start of bootm and then it is done when we boot. The file-loading
> > > stuff is what makes all this confusing...and with bootstd that is
> > > under control as well.
> > >
> > > At lot of this effort seems to be about dealing with random scripts
> > > which load things. We want to make sure we complain if something
> > > overlaps. But we should be making the bootstd case work nicely and
> > > doing things within that framework. Also EFI sort-of has its own
> > > thing, which it is very-much in control of.
> > >
> > > Overall I think this is a bit more subtle that just combining allocators.
> >
> > I think this gets to the main misunderstanding. The problem isn't
> > handling bootstd, or EFI boot, or even assorted scripts. Those are all
> > cases where things are otherwise (sufficiently) well-defined. The
> > problem is "security" and that a "carefully crafted payload" could do
> > something malicious. That's why we have to do all of this stuff sooner
> > rather than later in our boot process.
>
> That's the first I have heard of this, actually, but a bit more detail
> would help. How does the payload get loaded? I'm just not sure about
> the overall goals. It seems that everyone else is already familiar -
> can someone please take the time to point me to the details?
Well, the short version I believe of the first CVE we got (and so
started abusing LMB) was along the lines of "load an image near where
the U-Boot stack is, smash things for fun and exploits".
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
next prev parent reply other threads:[~2024-06-12 21:40 UTC|newest]
Thread overview: 127+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-07 18:52 [RFC PATCH 00/31] Make U-Boot memory reservations coherent Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 01/31] lmb: remove the unused lmb_is_reserved() function Sughosh Ganu
2024-06-10 9:33 ` Ilias Apalodimas
2024-06-07 18:52 ` [RFC PATCH 02/31] lmb: staticize __lmb_alloc_base() Sughosh Ganu
2024-06-10 9:37 ` Ilias Apalodimas
2024-06-07 18:52 ` [RFC PATCH 03/31] lmb: make the lmb reservations persistent Sughosh Ganu
2024-06-10 21:17 ` Ilias Apalodimas
2024-06-10 11:23 ` Heinrich Schuchardt
2024-06-10 16:55 ` Tom Rini
2024-06-11 18:52 ` Simon Glass
2024-06-07 18:52 ` [RFC PATCH 04/31] lmb: remove local instances of the lmb structure variable Sughosh Ganu
2024-06-11 18:52 ` Simon Glass
2024-06-11 21:01 ` Tom Rini
2024-06-11 22:08 ` Simon Glass
2024-06-11 22:55 ` Tom Rini
2024-06-12 2:41 ` Simon Glass
2024-06-12 5:41 ` Ilias Apalodimas
2024-06-12 6:13 ` Heinrich Schuchardt
2024-06-12 17:22 ` Tom Rini
2024-06-12 20:24 ` Simon Glass
2024-06-12 21:40 ` Tom Rini [this message]
2024-06-13 15:22 ` Simon Glass
2024-06-13 15:42 ` Tom Rini
2024-06-13 16:59 ` Simon Glass
2024-06-13 17:27 ` Heinrich Schuchardt
2024-06-13 18:17 ` Sughosh Ganu
2024-06-13 19:06 ` Simon Glass
2024-06-13 19:05 ` Simon Glass
2024-06-13 20:11 ` Heinrich Schuchardt
2024-06-14 5:58 ` Ilias Apalodimas
2024-06-19 3:01 ` Simon Glass
2024-06-19 3:03 ` Simon Glass
2024-06-13 20:06 ` Tom Rini
2024-06-07 18:52 ` [RFC PATCH 05/31] lmb: pass a flag to image_setup_libfdt() for lmb reservations Sughosh Ganu
2024-06-10 17:12 ` Tom Rini
2024-06-07 18:52 ` [RFC PATCH 06/31] lmb: reserve and add common memory regions post relocation Sughosh Ganu
2024-06-10 17:30 ` Tom Rini
2024-06-07 18:52 ` [RFC PATCH 07/31] lmb: remove lmb_init_and_reserve_range() function Sughosh Ganu
2024-06-10 17:30 ` Tom Rini
2024-06-10 21:42 ` Ilias Apalodimas
2024-06-07 18:52 ` [RFC PATCH 08/31] lmb: replcace the lmb_init_and_reserve() function Sughosh Ganu
2024-06-10 17:31 ` Tom Rini
2024-06-11 8:50 ` Sughosh Ganu
2024-06-11 13:57 ` Tom Rini
2024-06-07 18:52 ` [RFC PATCH 09/31] lmb: allow for resizing lmb regions Sughosh Ganu
2024-06-10 12:03 ` Ilias Apalodimas
2024-06-10 12:20 ` Sughosh Ganu
2024-06-10 12:47 ` Ilias Apalodimas
2024-06-10 12:57 ` Sughosh Ganu
2024-06-10 14:21 ` Ilias Apalodimas
2024-06-10 14:33 ` Sughosh Ganu
2024-06-10 12:54 ` Heinrich Schuchardt
2024-06-10 13:01 ` Sughosh Ganu
2024-06-11 9:17 ` Heinrich Schuchardt
2024-06-11 9:50 ` Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 10/31] event: add events to notify memory map changes Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 11/31] lib: Kconfig: add a config symbol for getting memory map updates Sughosh Ganu
2024-06-08 3:53 ` Heinrich Schuchardt
2024-06-08 4:34 ` Heinrich Schuchardt
2024-06-10 11:44 ` Ilias Apalodimas
2024-06-10 11:47 ` Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 12/31] add a function to check if an address is in RAM memory Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 13/31] efi_memory: notify of any changes to the EFI memory map Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 14/31] lmb: notify of any changes to the LMB " Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 15/31] efi_memory: add an event handler to update " Sughosh Ganu
2024-06-10 12:09 ` Ilias Apalodimas
2024-06-10 12:25 ` Sughosh Ganu
2024-06-10 14:17 ` Ilias Apalodimas
2024-06-10 14:52 ` Sughosh Ganu
2024-06-10 14:54 ` Sughosh Ganu
2024-06-11 6:19 ` Ilias Apalodimas
2024-06-10 15:12 ` Heinrich Schuchardt
2024-06-10 15:42 ` Sughosh Ganu
2024-06-10 15:54 ` Simon Glass
2024-06-12 6:45 ` Ilias Apalodimas
2024-06-12 7:11 ` Sughosh Ganu
2024-06-11 10:17 ` Heinrich Schuchardt
2024-06-11 10:27 ` Sughosh Ganu
2024-06-11 14:36 ` Tom Rini
2024-06-11 18:52 ` Simon Glass
2024-06-11 21:01 ` Tom Rini
2024-06-11 22:22 ` Simon Glass
2024-06-11 22:54 ` Tom Rini
2024-06-12 2:42 ` Simon Glass
2024-06-12 5:48 ` Ilias Apalodimas
2024-06-12 6:20 ` Sughosh Ganu
2024-06-12 20:24 ` Simon Glass
2024-06-12 6:06 ` Heinrich Schuchardt
2024-06-12 20:24 ` Simon Glass
2024-06-07 18:52 ` [RFC PATCH 16/31] lmb: " Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 17/31] lmb: remove call to efi_lmb_reserve() Sughosh Ganu
2024-06-10 11:46 ` Ilias Apalodimas
2024-06-11 9:11 ` Heinrich Schuchardt
2024-06-11 9:49 ` Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 18/31] sandbox: iommu: remove lmb allocation in the driver Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 19/31] zynq: lmb: do not add to lmb map before relocation Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 20/31] test: cedit: use allocated address for reading file Sughosh Ganu
2024-06-11 18:52 ` Simon Glass
2024-06-07 18:52 ` [RFC PATCH 21/31] test: event: update the expected event dump output Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 22/31] test: lmb: run the LMB tests only on sandbox Sughosh Ganu
2024-06-10 17:44 ` Tom Rini
2024-06-11 8:55 ` Sughosh Ganu
2024-06-11 9:56 ` Heinrich Schuchardt
2024-06-11 10:09 ` Sughosh Ganu
2024-06-11 14:05 ` Tom Rini
2024-06-11 14:06 ` Ilias Apalodimas
2024-06-07 18:52 ` [RFC PATCH 23/31] test: lmb: initialise the lmb structure before tests Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 24/31] test: lmb: add a test case for checking overlapping region add Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 25/31] test: lmb: adjust the test case to handle overlapping regions Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 26/31] test: lmb: run lmb tests only manually Sughosh Ganu
2024-06-08 4:39 ` Heinrich Schuchardt
2024-06-10 6:22 ` Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 27/31] test: bdinfo: dump the global LMB memory map Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 28/31] cmd: bdinfo: only dump the current LMB memory Sughosh Ganu
2024-06-08 3:59 ` Heinrich Schuchardt
2024-06-10 11:42 ` Ilias Apalodimas
2024-06-07 18:52 ` [RFC PATCH 29/31] temp: mx6sabresd: bump up the size limit of the board Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 30/31] temp: cmd: efi_mem: add a command to test efi alloc/free Sughosh Ganu
2024-06-08 3:37 ` Heinrich Schuchardt
2024-06-10 6:44 ` Sughosh Ganu
2024-06-07 18:52 ` [RFC PATCH 31/31] temp: cmd: efi: add a command to dump EFI memory map Sughosh Ganu
2024-06-08 3:28 ` Heinrich Schuchardt
2024-06-10 6:45 ` Sughosh Ganu
2024-06-10 21:05 ` [RFC PATCH 00/31] Make U-Boot memory reservations coherent Tom Rini
2024-06-11 9:01 ` Sughosh Ganu
2024-06-11 14:39 ` Tom Rini
2024-06-11 18:52 ` Simon Glass
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240612214001.GI68077@bill-the-cat \
--to=trini@konsulko.com \
--cc=festevam@gmail.com \
--cc=ilias.apalodimas@linaro.org \
--cc=marex@denx.de \
--cc=mark.kettenis@xs4all.nl \
--cc=sjg@chromium.org \
--cc=sughosh.ganu@linaro.org \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox