Re: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-29 Thread Luck, Tony
On Mon, Aug 28, 2017 at 05:10:33PM -0700, Kees Cook wrote: > On Wed, Aug 23, 2017 at 7:56 AM, Luck, Tony wrote: > >>> Should this not also have a capability check. Assuming file permissions > >>> are sufficient for grabbing a chunk of system memory holding error > >>> info

Re: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-29 Thread Luck, Tony
On Mon, Aug 28, 2017 at 05:10:33PM -0700, Kees Cook wrote: > On Wed, Aug 23, 2017 at 7:56 AM, Luck, Tony wrote: > >>> Should this not also have a capability check. Assuming file permissions > >>> are sufficient for grabbing a chunk of system memory holding error > >>> info doesn't seem too scary

Re: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-28 Thread Kees Cook
On Wed, Aug 23, 2017 at 7:56 AM, Luck, Tony wrote: >>> Should this not also have a capability check. Assuming file permissions >>> are sufficient for grabbing a chunk of system memory holding error >>> info doesn't seem too scary but it's at odds with a lot of other cases ?

Re: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-28 Thread Kees Cook
On Wed, Aug 23, 2017 at 7:56 AM, Luck, Tony wrote: >>> Should this not also have a capability check. Assuming file permissions >>> are sufficient for grabbing a chunk of system memory holding error >>> info doesn't seem too scary but it's at odds with a lot of other cases ? >> >> At least one of

RE: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-23 Thread Luck, Tony
>> Should this not also have a capability check. Assuming file permissions >> are sufficient for grabbing a chunk of system memory holding error >> info doesn't seem too scary but it's at odds with a lot of other cases ? > > At least one of those other cases (pstore) added a capability check and

RE: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-23 Thread Luck, Tony
>> Should this not also have a capability check. Assuming file permissions >> are sufficient for grabbing a chunk of system memory holding error >> info doesn't seem too scary but it's at odds with a lot of other cases ? > > At least one of those other cases (pstore) added a capability check and

Re: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-18 Thread Punit Agrawal
"Luck, Tony" writes: > From: Tony Luck > > The ACPI sysfs interface provides a way to read each ACPI table from > userspace via entries in /sys/firmware/acpi/tables/ > > The BERT table simply provides the size and address of the error > record in BIOS

Re: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-18 Thread Punit Agrawal
"Luck, Tony" writes: > From: Tony Luck > > The ACPI sysfs interface provides a way to read each ACPI table from > userspace via entries in /sys/firmware/acpi/tables/ > > The BERT table simply provides the size and address of the error > record in BIOS reserved memory and users may want access

RE: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-17 Thread Luck, Tony
> Should this not also have a capability check. Assuming file permissions > are sufficient for grabbing a chunk of system memory holding error > info doesn't seem too scary but it's at odds with a lot of other cases ? At least one of those other cases (pstore) added a capability check and now

RE: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-17 Thread Luck, Tony
> Should this not also have a capability check. Assuming file permissions > are sufficient for grabbing a chunk of system memory holding error > info doesn't seem too scary but it's at odds with a lot of other cases ? At least one of those other cases (pstore) added a capability check and now

Re: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-17 Thread Alan Cox
On Thu, 17 Aug 2017 14:39:46 -0700 "Luck, Tony" wrote: > From: Tony Luck > > The ACPI sysfs interface provides a way to read each ACPI table from > userspace via entries in /sys/firmware/acpi/tables/ > > The BERT table simply provides the size and

Re: [PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-17 Thread Alan Cox
On Thu, 17 Aug 2017 14:39:46 -0700 "Luck, Tony" wrote: > From: Tony Luck > > The ACPI sysfs interface provides a way to read each ACPI table from > userspace via entries in /sys/firmware/acpi/tables/ > > The BERT table simply provides the size and address of the error > record in BIOS

[PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-17 Thread Luck, Tony
From: Tony Luck The ACPI sysfs interface provides a way to read each ACPI table from userspace via entries in /sys/firmware/acpi/tables/ The BERT table simply provides the size and address of the error record in BIOS reserved memory and users may want access to this record.

[PATCH] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region

2017-08-17 Thread Luck, Tony
From: Tony Luck The ACPI sysfs interface provides a way to read each ACPI table from userspace via entries in /sys/firmware/acpi/tables/ The BERT table simply provides the size and address of the error record in BIOS reserved memory and users may want access to this record. In an earlier age