RE: [PATCH RFC 0/8] Add efi page fault handler to fix/recover from

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> I have added some x86/intel folks to cc.
> 
> I am fine with these patches, and I think it is useful to be able to detect and
> recover from buggy UEFI implementations that use boot time regions at
> runtime.
> 
> However, I need help from the x86 maintainers/developers to review this so
> please cc them on these patches.

Hi Ard,

Sure! I will keep them cc'ed.

Could you also please let me know you thoughts on this approach

If the illegal access occurs to any EFI region other than EFI boot time regions (Eg: EFI conventional memory or EFI loader code/data), these patches will exit firmware context and return to kernel i.e. we are adjusting RIP and RSP in efi page fault handler and leaving runtime service execution abruptly. Is that OK?

This code in "[PATCH RFC 4/8] x86/efi: Add page fault handler to fixup/recover from page faults caused by firmware"
+	regs->sp = xmm_regs_rsp;
+	regs->ip = exit_fw_ctx_rip;
+	exited_fw_ctx = true;
+	clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
+	pr_info("Exited Firmware context and disabled EFI Runtime Services\n");

AFAIK, efi runtime services are not reentrant. With this in mind, if something like above happens, I have completely turned off EFI runtime services in kernel. Is that OK? Or should we keep them enabled hoping to catch further illegal accesses (assuming that this feature is not used in production kernels).

Regards,
Sai
��.n��������+%������w��{.n�����{����*jg��������ݢj����G�������j:+v���w�m������w�������h�����٥




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux