Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp1105137ybl; Wed, 14 Aug 2019 10:47:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqyY+28fN7sBa544HEulm2ane6QeDUw0J7n6Ntuq1RXHNbb00Gewp9+GFkVk+zL/aRNM7r5y X-Received: by 2002:a17:902:7d84:: with SMTP id a4mr567814plm.90.1565804874795; Wed, 14 Aug 2019 10:47:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565804874; cv=none; d=google.com; s=arc-20160816; b=RG0K8/xlXxd0sqJHZDVCUfl2lRmqcBIoKlKv37SanaMqYYWa2E6cbMFfO68/xmUgRe Z6Tl+nNxY4nepB4DKxO1RfGA5KaJiP/R5rKrD/6DjX8nubXuEUi+jM6NOAzAHo/TnoAw 6vI6kXkykMpJWe0nYxL1nWsDhS3PQ8vBRl2eO2nXETfW9r+gmC2QxtoUbREIG443LgTK bvOIZcodeJPAX64nu+B9Wcwdw6qxBbNmGz7/15LSISGfVtOWYE8u2mcxeDbwtJdq5wc6 6I/j2Gc/iOpMvZ97OsLYu2wK7b8RuG07Jq/h1WI9aC0apoEYtKQsvR7GKvX7F6DIHtbr e6KQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=2SA+6786MPKxV9jdAfB9Q+F1WSWbXybqiA3c/b/Fyek=; b=HQtGNIsK12aCn9+XZzf77UK+50h27Wd2xaeJkR35g3SBy8ouig/mzE2ECwujK1NTo8 vQwITT/R+3dIEf7q6Fz3yI7/TTbQ1UUkW7lAThYVdMxATMSMmLe700xn9IR1uvDA+8+S eJqskqS3IqLr9aIuyV5bn8SdaisfTOgWFfXl0KeFGDpiRZpVKwst6oY8OOIZQNcyJOS/ 46oMqA049YghuqvSBbNT0Gku17UlqNwkG5lIevrViMTamT0VVqywM1RFX1nlT5tHgSJQ hvVp2D+3pn22z4lCGHSTc7I2Dta75lq7BcSAGZ51BZm4e8eOOX3WfeTj5CN0DfEy0SV2 n9vQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=HRoKkCMG; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e9si132966pfi.170.2019.08.14.10.47.39; Wed, 14 Aug 2019 10:47:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=HRoKkCMG; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728693AbfHNRqs (ORCPT + 99 others); Wed, 14 Aug 2019 13:46:48 -0400 Received: from mail.skyhub.de ([5.9.137.197]:33292 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728169AbfHNRqs (ORCPT ); Wed, 14 Aug 2019 13:46:48 -0400 Received: from zn.tnic (p200300EC2F0BD0003850D0C8BF1AA1C5.dip0.t-ipconnect.de [IPv6:2003:ec:2f0b:d000:3850:d0c8:bf1a:a1c5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id BE7B31EC0260; Wed, 14 Aug 2019 19:46:46 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1565804807; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=2SA+6786MPKxV9jdAfB9Q+F1WSWbXybqiA3c/b/Fyek=; b=HRoKkCMGX9XffldZ1bdQh77Ucsh/dkiDimF3tNgLqjK4pzSo/87R66h1SJtgSp22UDqUVe 9ystX6lvzqfB/NilBoEtGEhi5N1uAoID2eMpKHUszFuHLpwxwk21JMPBW91lBfiSyzHmC+ 5xV1UL/PqMyGU66c8NTryZSdeBhaTYY= Date: Wed, 14 Aug 2019 19:47:32 +0200 From: Borislav Petkov To: Matthew Garrett Cc: James Morris , LSM List , Linux Kernel Mailing List , Linux API , Josh Boyer , David Howells , Kees Cook , Dave Young , linux-acpi@vger.kernel.org Subject: Re: [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down Message-ID: <20190814174732.GD1841@zn.tnic> References: <20190808000721.124691-1-matthewgarrett@google.com> <20190808000721.124691-16-matthewgarrett@google.com> <20190814072602.GA27836@zn.tnic> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Aug 14, 2019 at 10:14:54AM -0700, Matthew Garrett wrote: > We explicitly don't want to pay attention to the acpi_rsdp kernel > parameter in early boot except for the case of finding the SRAT table, > and we only need that if CONFIG_RANDOMIZE_BASE and > CONFIG_MEMORY_HOTREMOVE are set. However, we *do* want to tell the > actual kernel where the RSDP is if we found it via some other means, > so we can't just clear the boot parameters value. Ok. > The kernel proper will parse the command line again and will then (if > lockdown isn't enabled) override the actual value we passed up in boot > params. Yeah, ok, I see what you're doing there. AFAICT, you do that in setup_arch->acpi_boot_table_init-> ... -> acpi_os_get_root_pointer() I hope nothing needs it earlier because then we'll have to restructure again... Thx. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.