Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp303986imm; Fri, 10 Aug 2018 11:32:29 -0700 (PDT) X-Google-Smtp-Source: AA+uWPxwUjMkyChu29JPU+xVAeyrfbOsAG2+P7B55IX4jW/gVJ6mg5Pnm5b+J0hpW3n0GQUZC1xm X-Received: by 2002:a17:902:1703:: with SMTP id i3-v6mr6995061pli.263.1533925949056; Fri, 10 Aug 2018 11:32:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533925949; cv=none; d=google.com; s=arc-20160816; b=mDONLoYrthoHg/ltWAuDHEFsX24AT8g4b+JFip/oZCuV+Jxg0bFtGF6n+qlzCX5AXD T7jkYkPX1FWJM942FFgPiqh9ycq8j49Fs5X/966sQDpS9RJ1f2tst1EErspEU7baS0MO QssFrzbFaaCMu/0NfeZWDcagNyj3uN6rMXrjNig+SJHHbslOINttNCUOupcWMFy0jqjl U0dKOI/8D1BgTiFQa3UqtT1bKMNokEM5soRsNpTt/ZeGNQFi2/rskSapH6tdaFpV8FR/ u+XPQ04PJQtyP5x7el9JYAW2i3ROnc8alPxAoEQsrsMvO0HaxtMF4ICiVZctDjVdg48M DXqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:arc-authentication-results; bh=QGhq0w+xFdQXuR+iuKGkis+Pwz1VoJ9tczVJ0IByQDI=; b=zAEidPxOBJ78ZEuutBJjIWu2s29JvXXS/Jaa2Q1Pr58ekwbDDJpUUQaqCMO+xFUUdm yeFmeswLCNkCzM8H0EWUVlpdBtsTDSFpvW2E3E/YWXCA9eASexiCmizLoegNv8o7c/r9 dB0Ah+Dg7+WvZTyYuj65I87rbNKpX95ur2RrZK7FOshKew4M3pxEtXKRxN/m2Sa6aAWj hBeK6t0FKWjDr4vxk1T5LSQ0BGjn9s4TaHmM2WOBLNK7Sl5Av6PoInZFs97IhIBYOpig Owe1B69E2gGWexOE7v3fkVtcVn4zGDNcE1RORkk207JpwEBiabArCz5hhgVYEdTpBIHd 7F3A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r64-v6si11504716pfd.37.2018.08.10.11.32.14; Fri, 10 Aug 2018 11:32:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727058AbeHJVBo (ORCPT + 99 others); Fri, 10 Aug 2018 17:01:44 -0400 Received: from mail-lj1-f193.google.com ([209.85.208.193]:32783 "EHLO mail-lj1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726096AbeHJVBo (ORCPT ); Fri, 10 Aug 2018 17:01:44 -0400 Received: by mail-lj1-f193.google.com with SMTP id s12-v6so7898609ljj.0 for ; Fri, 10 Aug 2018 11:30:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=QGhq0w+xFdQXuR+iuKGkis+Pwz1VoJ9tczVJ0IByQDI=; b=oqkq9pSRMoRKOdvCbqTZRGA/+t/V3WqM/7z4nyFouVjihQ1pjygLNaRdXQLlhuDk8Q V8uIxUazkfKe4ATrEQX0zVb2uC7pDraXcs3l/rA+bIhGqM8sQBvUU0t364d/TLZ+Wp4D C9RpqJn43vLvByxtUAwvmh8jzkHkT5sEuJHPANn1aByC80dWVLru9gNklk0RomUMSJ4d KNE/992PAR3alvNDHemtQmp+0FHtkrkMreN6zyLeRoIxzost2JTqZ47LWsc4+RMHXhMA DyffmK2j7f5FudDvYOB8e+8JWpXb5EJT6ZVslNUZgWlgp2YzDYd5x5aQ2t3omahsiU0z Trqg== X-Gm-Message-State: AOUpUlGZ7QKK+fXGTGR1ph4YqCSuhe8kwRRj8dwU3k9EFWoDtvp/Rk0R Vk291Jszwi/o4GH82RWUlKdF2u0BNw12EzrveRpJ/A== X-Received: by 2002:a2e:8743:: with SMTP id q3-v6mr5357518ljj.139.1533925841654; Fri, 10 Aug 2018 11:30:41 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a2e:81a:0:0:0:0:0 with HTTP; Fri, 10 Aug 2018 11:30:41 -0700 (PDT) In-Reply-To: References: <1533789077-16156-1-git-send-email-sai.praneeth.prakhya@intel.com> <1533789077-16156-7-git-send-email-sai.praneeth.prakhya@intel.com> From: Bhupesh Sharma Date: Sat, 11 Aug 2018 00:00:41 +0530 Message-ID: Subject: Re: [PATCH V1 6/6] x86/efi: Introduce EFI_WARN_ON_ILLEGAL_ACCESSES To: "Prakhya, Sai Praneeth" Cc: "linux-efi@vger.kernel.org" , Linux Kernel Mailing List , "ricardo.ner@intel.com" , Matt Fleming , Lee Chun-Yi , Al Stone , Borislav Petkov , Ingo Molnar , Andy Lutomirski , Peter Zijlstra , Ard Biesheuvel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 10, 2018 at 11:04 PM, Prakhya, Sai Praneeth wrote: >> > +config EFI_WARN_ON_ILLEGAL_ACCESSES >> >> How about shortening the name to just 'EFI_WARN_ON_ILLEGAL_ACCESS'? >> > > Makes sense.. I will shorten it. > >> > + bool "Warn about illegal memory accesses by firmware" >> > + depends on EFI >> >> From a distribution p-o-v, I would suggest that we set this CONFIG option only if >> we are in the EXPERT mode, as this need more thrashing with the behaviour we >> see on old, buggy EFI firmwares available on very old x86 machines. So >> something like: >> bool "Warn about illegal memory accesses by firmware" if EXPERT >> > > Agreed. Although the feature is intended to warn about all these buggy firmware's > instead of silently working around (as we are doing presently), it needs more testing. > Hence, as you said, I think it's safe to have it as an EXPERT config option. > >> > + help >> > + Enable this debug feature so that the kernel can detect illegal >> > + memory accesses by firmware and issue a warning. Also, >> > + 1. If the illegally accessed region is EFI_BOOT_SERVICES_, >> > + the kernel fixes it up by mapping the requested region. > > [....] > >> > diff --git a/init/main.c b/init/main.c index >> > 3b4ada11ed52..dce0520861a1 100644 >> > --- a/init/main.c >> > +++ b/init/main.c >> > @@ -730,7 +730,8 @@ asmlinkage __visible void __init start_kernel(void) >> > arch_post_acpi_subsys_init(); >> > sfi_init_late(); >> > >> > - if (efi_enabled(EFI_RUNTIME_SERVICES)) { >> > + if (efi_enabled(EFI_RUNTIME_SERVICES) && >> > + !IS_ENABLED(CONFIG_EFI_WARN_ON_ILLEGAL_ACCESSES)) { >> >> Since this is an arch agnostic code leg, do we really want to introduce a generic >> check for CONFIG_EFI_WARN_ON_ILLEGAL_ACCESSES >> here, without checking for whether we are actually running this on a >> x86 hardware, or alternatively we can consider moving >> CONFIG_EFI_WARN_ON_ILLEGAL_ACCESSES out of 'arch/x86/Kconfig' to >> 'arch/Kconfig' so that later it can be used on other archs like ARM64 as well. >> >> I think the later would be more useful.. > > Thanks for bringing this up. I see your point. I will refrain from polluting architecture > agnostic code. As we don't need efi_free_boot_services() at all, if EFI_WARN_ON_ILLEGAL_ACCESSES > is enabled, probably making changes to include/linux/efi.h would be better, I guess.. > > Moving this to arch/Kconfig could be too futuristic.. I guess.. because I am not sure > if this problem exists on ARM machines, if so, probably Ard could suggest something here. I think Ard can comment better but let me chime in with my limited experience with Fedora arm64 implementations - we are already seeing EFI firmware implementations which are broken/are orphaned (not well supported anymore) on arm64 even though the hardware is still in-use. With arm64 EFI firmware implementations still catching up with ARM server SBBR specifications, we expect more x86 like broken EFI implementations on arm64 as well. So, I don't see that as a distant problem, in-fact this is something which has been on my Fedora to-do list for arm64 for some time. If there is a framework on x86 available, I can take a stab and extrapolate it for arm64 as well. Thanks, Bhupesh