| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Apr 2023 23:34:51 +0200
From: Ard Biesheuvel <ardb@...nel.org>
To: Dave Hansen <dave.hansen@...el.com>
Cc: Tom Lendacky <thomas.lendacky@....com>,
"Kirill A. Shutemov" <kirill@...temov.name>,
linux-kernel@...r.kernel.org, x86@...nel.org,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
"H. Peter Anvin" <hpa@...or.com>,
Michael Roth <michael.roth@....com>,
Joerg Roedel <jroedel@...e.de>,
Dionna Glaze <dionnaglaze@...gle.com>,
Andy Lutomirski <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
"Min M. Xu" <min.m.xu@...el.com>,
Gerd Hoffmann <kraxel@...hat.com>,
James Bottomley <jejb@...ux.ibm.com>,
Jiewen Yao <jiewen.yao@...el.com>,
Erdem Aktas <erdemaktas@...gle.com>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Subject: Re: [PATCH v7 6/6] x86/efi: Safely enable unaccepted memory in UEFI
On Wed, 5 Apr 2023 at 23:23, Dave Hansen <dave.hansen@...el.com> wrote:
>
> On 4/5/23 13:11, Tom Lendacky wrote:
> >>> The thing that worries me is the "Near future firmware" where someone
> >>> runs a ~6.4 kernel and has a fast boot experience. They upgrade to a
> >>> newer, "dropped protocol" kernel and their boot gets slower.
> >
> > Right, so that is what begs the question of when to actually drop the
> > call. Or does it really need to be dropped? It's a small patch to
> > execute a boot services call, I guess I don't see the big deal of it
> > being there.
> > If the firmware still has the protocol, the call is made, if it doesn't,
> > its not. In the overall support for unaccepted memory, this seems to be
> > a very minor piece.
>
> I honestly don't think it's a big deal either, at least on the kernel
> side. Maybe it's a bigger deal to the firmware folks on their side.
>
> So, the corrected table looks something like this:
>
> | Kernel |
> | |
> | Unenlightened | Enlightened | Dropped UEFI |
> Firmware | ~5.19?? | ~6.4?? | protocol |
> |---------------+-------------+--------------|
> Deployed | Slow boot | Slow boot | Slow boot |
> Near future | Slow boot | Fast boot | Slow boot |
> Far future | 2GB limited | Fast Boot | Fast boot |
>
I don't think there is any agreement on the firmware side on what
constitutes are reasonable minimum to accept when lazy accept is in
use, so the 2 GiB is really the upper bound here, and it could
substantially less.
>
> But, honestly, I don't see much benefit to the "dropped UEFI protocol".
> It adds complexity and will represent a regression either in boot
> speeds, or in unenlightened kernels losing RAM when moving to newer
> firmware. Neither of those is great.
>
> Looking at this _purely_ from the kernel perspective, I think I'd prefer
> this situation:
>
> | Kernel |
> | |
> | Unenlightened | Enlightened |
> Firmware | ~5.19?? | ~6.4?? |
> |---------------+-------------+
> Deployed | Slow boot | Slow boot |
> Future | Slow boot | Fast boot |
>
> and not have future firmware drop support for the handshake protocol.
> That way there are no potential regressions.
>
> Is there a compelling reason on the firmware side to drop the
> ExitBootServices() protocol that I'm missing?
The protocol only exists to stop the firmware from eagerly accepting
all memory on behalf of the OS. So from the firmware side, it would be
more about removing that functionality (making the protocol call moot)
rather than removing the protocol itself.
Powered by blists - more mailing lists