On Sun, Oct 20, 2019 at 11:20 PM Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote: > You'll have to elaborate a bit here and explain that this is > sufficient, given that we run EFI runtime services with interrupts > enabled. I can add a note about this in v2. This is called with preemption disabled and we have a separate interrupt shadow stack, so as far as I can tell, this should be sufficient. Did you have concerns about this? Sami
