lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAFOAJEeKNy0HW82W6HV_49d5sc5L0m62QDfY9qA1906_ZzGRYg@mail.gmail.com>
Date:   Fri, 1 Apr 2022 00:19:57 +0200
From:   Javier Martinez Canillas <javierm@...hat.com>
To:     "Ahmed S. Darwish" <a.darwish@...utronix.de>
Cc:     Ard Biesheuvel <ardb@...nel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        linux-efi <linux-efi@...r.kernel.org>,
        Brian Masney <bmasney@...hat.com>,
        Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
        Al Stone <ahs3@...hat.com>,
        Peter Robinson <pbrobinson@...il.com>,
        Robbie Harwood <rharwood@...hat.com>,
        Peter Jones <pjones@...hat.com>,
        Alexander Larsson <alexl@...hat.com>,
        Andrew Halaney <ahalaney@...hat.com>,
        linux-rt-users@...r.kernel.org,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH v2] efi: Allow to enable EFI runtime services by default
 on RT

Hello Ahmed,

On Thu, Mar 31, 2022 at 9:36 PM Ahmed S. Darwish
<a.darwish@...utronix.de> wrote:
>
> Hi Ard, Javier,
>
> Am Do, Mar 31, 2022, schrieb Ard Biesheuvel:
> > On Thu, 31 Mar 2022 at 17:17, Javier Martinez Canillas
> > <javierm@...hat.com> wrote:
>

[snip]

> In case of (CONFIG_PREEMPT_RT=y && CONFIG_EFI_DISABLE_RUNTIME=n),
> shouldn't we add a small message in the kernel log warning that EFI
> runtime services are enabled for the RT kernel?
>
> In almost all HW, except custom ones with "verified" firmware, such a
> warning would be useful... This is especially true since in the embedded

I considered that as well but was not sure about what that message should be.

Since it will be printed even on systems whose EFI firmwares do not
have such long call times as the ones described in the commit that
disabled the runtime services for RT.

And in that case the warning may be misleading and make users believe
that a problem exists, which might not be accurate.

> domain, manually-configured RT kernels are almost always the norm.
>

Agreed. That is why the default for CONFIG_EFI_DISABLE_RUNTIME=y, if
CONFIG_PREEMPT_RT=y. So users will need to explicitly disable the
option if they want the EFI runtime services to be enabled with
CONFIG_PREEMPT_RT.

Best regards,
Javier

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ