Hi, Il 14/11/19 22:51, Pali Rohár ha scritto: > This is model or BIOS specific. For example on E6440 are used 0x34a3 / > 0x35a3 SMM calls. Because of these platform specific problems we have > never incorporated this patch into mainline kernel. Would it be sensible to use a dmi_system_id table to discriminate between the known models and choose the right commands? Of course we wouldn't know the complete table at the beginning, but it can be filled as unknown models are reported. As a matter of facts, testing your patch I discovered that 0x34a3 / 0x35a3 work on my system as well (Dell Precision 5530). Do you know systems on which other codes only are known to work? > Also note that userspace can issue those SMM commands on its own (via > sys_iopl or sys_ioperm), fully bypassing such "protection" proposed in > this new patch. Yes, I know, but this is incompatible with Secure Boot, so I believe that this feature should go in the kernel module, and userspace should eventually stop doing direct requests and rely on the module. Isn't userspace sidestepping the kernel in this way already assumed to take their own responsibilities, much like userspace writing random things to /dev/mem? Thanks, Giovanni. -- Giovanni Mascellani <g.mascellani@xxxxxxxxx> Postdoc researcher - Université Libre de Bruxelles
Attachment:
signature.asc
Description: OpenPGP digital signature