lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160203105851.GA22159@gmail.com>
Date:	Wed, 3 Feb 2016 11:58:51 +0100
From:	Ingo Molnar <mingo@...nel.org>
To:	Ard Biesheuvel <ard.biesheuvel@...aro.org>
Cc:	Matt Fleming <matt@...eblueprint.co.uk>,
	"H . Peter Anvin" <hpa@...or.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Andy Lutomirski <luto@...nel.org>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>
Subject: Re: [PATCH 07/14] efi: runtime-wrappers: Run UEFI Runtime Services
 with interrupts enabled


* Ard Biesheuvel <ard.biesheuvel@...aro.org> wrote:

> > More fundamentally, this makes me nervous:
> >
> >  > The UEFI spec allows Runtime Services to be invoked with interrupts 
> >  > enabled. [...]
> >
> > So what really matters is not what the spec says, but how Windows executes 
> > UEFI firmware code in practice.
> >
> > If major versions of Windows calls UEFI firmware with interrupts disabled, 
> > then frankly I don't think we should interrupt them under Linux either, 
> > regardless of what the spec says ...
> >
> > Random firmware code getting interrupted by the OS changes timings and might 
> > have other side effects the firmware code might not expect - so the question 
> > is, does Windows already de facto allow the IRQ preemption of firmware calls?
> >
> 
> Good question. I will try to find out.

Note that if there's a reasonable (but not 100%) case in favor of keeping irqs 
enabled, we can try your patch, with the possibility that we might have to revert 
it, should it cause problems.

In practice we probably already interrupt EFI services with NMI interrupts, which 
can be pretty heavy as well if they for example generate printks.

So I'm not against this change in a strong fashion - I'm just a bit cautious and 
it would be nice to know how Windows behaves here.

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ