On Fri, 2013-03-01 at 23:30 +0000, David Woodhouse wrote: > On Sat, 2013-03-02 at 00:07 +0100, Borislav Petkov wrote: > > Hmm, yeah, that's nasty. This also means option #2 can go too because > > of the fixed addresses. Option #1 is also kinda polluting user address > > space > > User address space is there to be polluted. Create a "kernel thread" for > invoking EFI, except that this kernel thread actually has userspace page > tables. Set up those page tables however the hell you like, and then > just make sure you always invoke EFI runtime services from that thread. Oh, I meant to mention: Matthew once told me about a bizarre issue on MacBook firmware, iirc. Some stuff doesn't work if the virtual address is above 2GiB. Or below 2GiB. I don't really remember what Matthew told me at all, to be honest. Only that Here Be Dragons and we don't quite have free rein about where we place stuff. But I suspect we ought to be able to find *somewhere* in the user address space that works, even for 32-bit kernels. -- dwmw2
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
