Re: Do not allow MSR or Embedded Controller writes from userspace in secure boot case

From: Alan Cox <hidden>
Date: 2012-11-07 23:27:22

Possibly related (same subject, not in this thread)

2012-11-09 · Re: Do not allow MSR or Embedded Controller writes from userspace in secure boot case · H. Peter Anvin <hidden>
2012-11-08 · Re: Do not allow MSR or Embedded Controller writes from userspace in secure boot case · Alan Cox <hidden>
2012-11-08 · Re: Do not allow MSR or Embedded Controller writes from userspace in secure boot case · Matthew Garrett <hidden>
2012-11-08 · Re: Do not allow MSR or Embedded Controller writes from userspace in secure boot case · Shea Levy <hidden>
2012-11-08 · Re: Do not allow MSR or Embedded Controller writes from userspace in secure boot case · Matthew Garrett <hidden>

On Wed,  7 Nov 2012 22:28:17 +0100
Thomas Renninger [off-list ref] wrote:

Hi,

I have seen some patches in this area and I wonder whether MSR and EC write accesses from userspace got closed already.

You need to cover read accesses as well I suspect to be completely
paranoid safe. I would also look at MTRRs because mis-setting MTRRs
allows you to get firmware to do interesting things in certain situations
because the commands being issued to stuff like the GPU may get corrupted.

Alan

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help