Issue #586 has been updated by Nicholas Chin.
Autoport doesn't generate the contents of those logs directly; it runs other tools and then parses the output of some of them. Currently it runs `acpidump`, which dumps the binary contents of all the ACPI tables as hexadecimal to the aucpidump.log file. Acpidump does have a `-b` flag which dumps them to separate binary files, which would make it easier to redact individual tables such as the SLIC table. So perhaps a solution is to change the command autoport runs to `acpidump -b` and then delete the slic.dat file by default with a message saying it has been deleted to protect their activation key. A flag for "unredacted mode" could also be added to include it and any other things that might be wiped in the future, in case the user doesn't intend to post the logs and is just running autoport as a convenient log dumper for their own use. As you've said, there are other things that could be redacted like MAC addresses or serial numbers, but some of that probably wouldn't scale well to implement in autoport since there are many places such things may appear. MAC addresses might show up in lspci register dumps for network cards, and autoport can't account for every possible network card that's out there. Serial numbers in standardized dmidecode entries might be possible to redact, though there could also be non standard OEM entries that also contain some information. Ultimately the user is always responsible for what they post online; if there are other things they do not wish to include it is up to them to ensure it is not included. ---------------------------------------- Bug #586: autoport should sanitize at least its ACPI DSDT SLIC/MSDM key dumps? https://ticket.coreboot.org/issues/586#change-2037 * Author: Walter Sonius * Status: Response Needed * Priority: Urgent * Target version: master * Start date: 2025-03-23 ---------------------------------------- Some might even want other info like MAC addresses or serial numbers to be cleared from the autoport dumps, but could at least these SLIC/MSDM activation keys be wiped by default when doing a log dump? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: https://ticket.coreboot.org/my/account _______________________________________________ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org
