On Wed, Mar 30, 2022 at 09:23:17AM +0200, Ard Biesheuvel wrote: > On Wed, 30 Mar 2022 at 09:19, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: > > From a conceptual perspective we've thought of the EFI stub as being > > logically part of the bootloader rather than the early kernel, and the > > bootloader is a point where the line is drawn. My guy feeling is that > > jumping into the secure kernel environment before EBS has been called is > > likely to end badly. > > If you jump back into the system firmware, sure. > > But the point I was trying to make is that you can replace that with > your own minimal implementation of EFI that just exposes a memory map > and some protocols and nothing else, and then the secure launch kernel > would be entirely in charge of the execution environment. We can't just replace system firmware with an imitation of the same - for instance, configuring the cold boot prevention memory overwrite requires us to pass a variable through to the real firmware, and that's something that we do in the stub.
