| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Oct 2023 13:51:13 +0300
From: Nikolay Borisov <nik.borisov@...e.com>
To: kirill.shutemov@...ux.intel.com
Cc: ardb@...nel.org, linux-efi@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/efistub: Don't try to print after ExitBootService()
On 12.10.23 г. 13:14 ч., kirill.shutemov@...ux.intel.com wrote:
> On Wed, Oct 11, 2023 at 10:25:28PM +0300, Nikolay Borisov wrote:
>> setup_e820() is executed after UEFI's ExitBootService has been called.
>> This causes the firmware to throw an exception because Console IO
>> protocol handler is supposed to work only during boot service
>> environment. As per UEFI 2.9, section 12.1:
>>
>> "This protocol isused to handle input and output of text-based
>> information intended for the system user during the operation of code
>> in the boot services environment."
>>
>> Running a TDX guest with TDVF with unaccepted memory disabled results in
>> the following output:
>
> Oh. My bad.
>
> But there's other codepath that does the same. If setup_e820() fails with
> EFI_BUFFER_TOO_SMALL, efi_stub_entry() would try to print "exit_boot()
> failed\n".
>
> I wouldner if it is feasible to hook up earlyprintk console into
> efi_printk() machinery for after ExitBootService() case? Silent boot
> failure is not the best UX.
>
In my testing I was able to transpose setup_e820 and efi
exit_boot_service by calling exit_boot_func before setup_e820 which
ensures the various memory variables are populated. Is there any
specific reason why ExitBootServices is called before setting up the
e820 table? AFAIU this is an arbitrary choice?
Powered by blists - more mailing lists