Re: [PATCH v4 1/2] firmware: google: Expose CBMEM over sysfs

[Julius Werner]

> > +What:          /sys/bus/coreboot/devices/.../cbmem_attributes/address
> > +Date:          Apr 2020
> > +KernelVersion: 5.6
> > +Contact:       Patrick Rudolph <patrick.rudolph@xxxxxxxxxxxxx>
> > +Description:
> > +               coreboot device directory can contain a file named
> > +               cbmem_attributes/address if the device corresponds to a CBMEM
> > +               buffer.
> > +               The file holds an ASCII representation of the physical address
> > +               of the CBMEM buffer in hex (e.g. 0x000000008000d000) and should
> > +               be used for debugging only.
>
> If this is for debugging purposes only perhaps it should go into
> debugfs. We try to not leak information about physical addresses to
> userspace and this would let an attacker understand where memory may be.
> That's not ideal and should be avoided.

This is memory allocated by firmware and not subject to (k)ASLR, so
nothing valuable can be leaked here. The same addresses could already
be parsed out of /sys/firmware/log. Before this interface we usually
accessed this stuff via /dev/mem (and tools that want to remain
backwards-compatible will probably want to keep doing that), so having
a quick shorthand to grab physical addresses can be convenient.