[fwts PATCH v2 1/1] lib: enable /dev/mem access on aarch64
Heinrich Schuchardt
xypron.glpk at gmx.de
Thu Oct 15 18:41:57 UTC 2020
On 15.10.20 20:01, Leif Lindholm wrote:
> On Thu, Oct 15, 2020 at 18:42:54 +0200, Heinrich Schuchardt wrote:
>> The SMBIOS3 table supplied by U-Boot cannot be read without mmap.
>
> In order to access SMBIOS on anything other than pre-UEFI x86 systems,
> linux should be built with CONFIG_DMI_SYSFS
>
> /dev/mem is the opposite of what operating systems are for, and
> enabling it on any ARM system leads to trivial (and frequently
> accidental) denial-of-service attacks from userland.
>
> /
> Leif
I fully understand your security concerns. But given a kernel that
exposes /dev/mem is there any reason for fwts not to use it?
I based my v5.9 kernel on arm64 defconfig. The defconfig has
CONFIG_DMI_SYSFS=n, CONFIG_DEVMEM=y. The Debian v5.8 kernel has
CONFIG_DMI_SYSFS=y, CONFIG_DEVMEM=y.
Best regards
Heinrich
>
>> Cc: Leif Lindholm <leif at nuviainc.com>
>> Fixes: f36ff824d145 ("lib: disable /dev/mem access on aarch64")
>> Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
>> ---
>> v2:
>> Leif's email address has changed
>> ---
>> src/lib/include/fwts.h | 1 +
>> 1 file changed, 1 insertion(+)
>>
>> diff --git a/src/lib/include/fwts.h b/src/lib/include/fwts.h
>> index 6f13d262..a4163055 100644
>> --- a/src/lib/include/fwts.h
>> +++ b/src/lib/include/fwts.h
>> @@ -105,6 +105,7 @@
>> #define FWTS_ARCH_AARCH64 1
>> #define FWTS_HAS_ACPI 1
>> #define FWTS_HAS_UEFI 1
>> +#define FWTS_USE_DEVMEM 1
>> #endif
>>
>> #if defined(__s390x__)
>> --
>> 2.28.0
>>
More information about the fwts-devel
mailing list