lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1372314821.557.33.camel@dabdike>
Date:	Wed, 26 Jun 2013 23:33:41 -0700
From:	James Bottomley <James.Bottomley@...senPartnership.com>
To:	Grant Likely <grant.likely@...retlab.ca>
Cc:	Matthew Garrett <mjg59@...f.ucam.org>,
	Matt Fleming <matt@...sole-pimps.org>,
	Leif Lindholm <leif.lindholm@...aro.org>,
	Stephen Warren <swarren@...dotorg.org>,
	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>, linux-efi@...r.kernel.org,
	"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	"patches@...aro.org" <patches@...aro.org>,
	"H. Peter Anvin" <hpa@...ux.intel.com>,
	Thomas Gleixner <tglx@...utronix.de>, matt.fleming@...el.com
Subject: Re: [PATCH 1/4] Documentation: arm: [U]EFI runtime services

On Thu, 2013-06-27 at 07:23 +0100, Grant Likely wrote:
> On Thu, Jun 27, 2013 at 2:32 AM, Matthew Garrett <mjg59@...f.ucam.org> wrote:
> > On Wed, Jun 26, 2013 at 07:38:19AM -0700, James Bottomley wrote:
> >> The fixed virtual address scheme currently being looked at for x86_64 to
> >> make SetVirtualAddressMap() kexec invariant doesn't work on 32 bit
> >> because the address space isn't big enough.  For ARM, given that we've
> >> much more opportunity to work with the vendors, can we just avoid
> >> transitioning to a virtual address map and always just install a
> >> physical mapping before doing efi calls?
> >
> > We can probably get away with that now, but it does risk us ending up
> > with some firmware that expects to run in physical mode (boards designed
> > for Linux) and some firmware that expects to run in virtual mode (boards
> > designed for Windows). The degree of lockdown in the Windows ecosystem
> > at present means it's not a real problem at the moment, but if that ever
> > changes we're going to risk incompatibility.
> 
> What is the problem trying to be avoided by not using the virtual map?
> Is it passing the virtual mapping data from one kernel to the next
> when kexecing? Or something else?

Where to begin ... SetVirtualAddressMap() is one massive hack job ...
just look at the tiano core implementation.   Basically it has a fixed
idea of where all the pointers are and it tries to convert them all to
the new address space.  The problem we see in x86 is that this
conversion process isn't exhaustive due to implementation cockups, so
the post virtual address map image occasionally tries to access
unconverted pointers via the old physical address and oopses the kernel.

The problem for kexec is that SetVirtualAddressMap isn't idempotent.  In
fact by API fiat it can only ever be called once for the entire lifetime
of the UEFI bios, which could be many kernels in a kexec situation.  So,
somehow the subsequent kernels have to know not to call it, plus,
obviously, the virtual address map of the previous kernel has to work in
the next because it can't set up a new one.

James


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ