Re: [PATCH v3 2/2] arm64: Add software workaround for Falkor erratum 1041

On 11/12, Shanker Donthineni wrote: > The ARM architecture defines the memory locations that are permitted > to be accessed as the result of a speculative instruction fetch from > an exception level for which all stages of translation are disabled. > Specifically, the core is permitted to

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 2:31 PM, James Bottomley wrote: > On Tue, 2017-11-14 at 14:17 -0800, Matthew Garrett wrote: >> Measured boot has a great deal of value in the sealing of private >> material, even in the absence of attestation. The way Microsoft make

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, 2017-11-14 at 14:17 -0800, Matthew Garrett wrote: > On Tue, Nov 14, 2017 at 2:14 PM, James Bottomley > wrote: > > > > On Tue, 2017-11-14 at 15:55 -0500, Matthew Garrett wrote: > > > > > > TPM-backed Trusted Boot means you don't /need/ to sign

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 2:14 PM, James Bottomley wrote: > On Tue, 2017-11-14 at 15:55 -0500, Matthew Garrett wrote: >> TPM-backed Trusted Boot means you don't /need/ to sign anything, >> since the measurements of what you loaded will end up in the TPM. But

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, 2017-11-14 at 15:55 -0500, Matthew Garrett wrote: > On Tue, Nov 14, 2017 at 3:50 PM, Luis R. Rodriguez > wrote: > > > > On Tue, Nov 14, 2017 at 12:18:54PM -0800, Linus Torvalds wrote: > > > > > > This is all theoretical security masturbation. The _real_ attacks > > >

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 3:50 PM, Luis R. Rodriguez wrote: > On Tue, Nov 14, 2017 at 12:18:54PM -0800, Linus Torvalds wrote: >> This is all theoretical security masturbation. The _real_ attacks have >> been elsewhere. > > In my research on this front I'll have to agree with

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 12:18:54PM -0800, Linus Torvalds wrote: > This is all theoretical security masturbation. The _real_ attacks have > been elsewhere. In my research on this front I'll have to agree with this, in terms of justification and there are only *two* arguments which I've so far have

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 3:35 PM, Linus Torvalds wrote: > On Tue, Nov 14, 2017 at 12:31 PM, Matthew Garrett wrote: >> >>> This is all theoretical security masturbation. The _real_ attacks have >>> been elsewhere. >> >> People made the same argument

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 12:31 PM, Matthew Garrett wrote: > >> This is all theoretical security masturbation. The _real_ attacks have >> been elsewhere. > > People made the same argument about Secure Boot, and then we > discovered that people *were* attacking the boot chain. As

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 3:18 PM, Linus Torvalds wrote: > On Tue, Nov 14, 2017 at 11:58 AM, Matthew Garrett wrote: >> >> Our ability to determine that userland hasn't been tampered with >> depends on the kernel being trustworthy. If userland can

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 11:58 AM, Matthew Garrett wrote: > > Our ability to determine that userland hasn't been tampered with > depends on the kernel being trustworthy. If userland can upload > arbitrary firmware to DMA-capable devices then we can no longer trust > the kernel.

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 9:34 AM, Linus Torvalds wrote: > It's this insane "firmware is special" that I disagree with. It's not > special at all. Our ability to determine that userland hasn't been tampered with depends on the kernel being trustworthy. If userland

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 4:21 AM, Mimi Zohar wrote: > On Mon, 2017-11-13 at 14:09 -0800, Linus Torvalds wrote: >> >> Seriously, if you have firmware in /lib/firmware, and you don't trust >> it, what the hell are you doing? > > I might "trust" the files in /lib/firmware,

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, 2017-11-14 at 13:38 +0100, Greg Kroah-Hartman wrote: > On Tue, Nov 14, 2017 at 07:21:38AM -0500, Mimi Zohar wrote: > > On Mon, 2017-11-13 at 14:09 -0800, Linus Torvalds wrote: > > > On Mon, Nov 13, 2017 at 1:44 PM, David Howells > > > wrote: > > > > > > > > Whilst

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Tue, Nov 14, 2017 at 07:21:38AM -0500, Mimi Zohar wrote: > On Mon, 2017-11-13 at 14:09 -0800, Linus Torvalds wrote: > > On Mon, Nov 13, 2017 at 1:44 PM, David Howells wrote: > > > > > > Whilst that may be true, we either have to check signatures on every bit > > > of > >

Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

On Mon, 2017-11-13 at 14:09 -0800, Linus Torvalds wrote: > On Mon, Nov 13, 2017 at 1:44 PM, David Howells wrote: > > > > Whilst that may be true, we either have to check signatures on every bit of > > firmware that the appropriate driver doesn't say is meant to be signed or

Re: arm64 crashkernel fails to boot on acpi-only machines due to ACPI regions being no longer mapped as NOMAP

On 13 November 2017 at 09:27, AKASHI Takahiro wrote: > Hi, > > On Fri, Nov 10, 2017 at 05:41:56PM +0530, Bhupesh Sharma wrote: >> Resent with Akashi's correct email address. >> >> On Fri, Nov 10, 2017 at 5:39 PM, Bhupesh Sharma wrote: >> > Hi Ard,