Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp1282249pxm; Thu, 3 Mar 2022 14:11:30 -0800 (PST) X-Google-Smtp-Source: ABdhPJy57GcZ/XiM3dKzR7/rM7Ch8we1u9nM+anWY3epOXBvEiUWndG6IWOYCcHeJYrgzkED07ld X-Received: by 2002:a17:902:e5cf:b0:151:b24e:8d3b with SMTP id u15-20020a170902e5cf00b00151b24e8d3bmr3256429plf.29.1646345490193; Thu, 03 Mar 2022 14:11:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646345490; cv=none; d=google.com; s=arc-20160816; b=x7rTyVKc5YKXrUEBW6C+35K2ImCtQElrBGbZFIzeMiI8gQ++zCDJ0jpb8Fpl/MKEzS eDVTuzI1t0o1Fqv1JCODm3AiiS7e+RI0qPFOl8Ce9+tq7ohvPcdpTw//Fcgpu0GHK/Dw +DvLPf1RL97MAtDV/G3ouNFOGbfZ6a73K9qlKK+8Ft/BOh30JchupwfCjPQ9iMZYt1+K MGCrWeTODVOsjEisvTyTfnKBzODSaP8HEj+4TP7ZHUWA7QugGmBy7QG3gpcdtilgWzdk aQfCtkTn6sXVhEn2NxaTjNBRey7A4NQmgrJ+0XIzti0OYkqlxtM2fZ6wu8WgPr2nBVFJ qEAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=NPwYAu5Nf7E2VRC7CNfaiXTchIQf2BZJMzSjdEEgZN4=; b=F+ns7zS2qyJn6c2Az88wIv5NSiolwlzLs1q9+gk2baKPLGZtWNUqXlUP+5SrHfI6Lr ZLM0ZVlfhAdZKqml5MUTFS92ZqCjfnU3X6Kclj7qkQaJ75CtEJVn5QMc3Ob7/kIEdq+F ZyCosg21ZfNyXeBR3+q5/t85VYIMf9EM1JINRx9vinVZ4lj1B2Gb67r4nNgp6a7VbZ5k wrCVuupsPQySjKma4uvswfG4US0/Ny+TD6760AXYdmopQD1JTDz71OUVVGzh+yeiVAwS h2+CSRFUdhDX4Jxj5yYFqvgdVRuWPyzPDLckLo8w8UfF109iG9wPRB29ofhE+McxAdRu uF+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z16-20020a634c10000000b00373d43f3be0si3228130pga.593.2022.03.03.14.11.13; Thu, 03 Mar 2022 14:11:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235486AbiCCUsx (ORCPT + 99 others); Thu, 3 Mar 2022 15:48:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36550 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235403AbiCCUsv (ORCPT ); Thu, 3 Mar 2022 15:48:51 -0500 Received: from cavan.codon.org.uk (irc.codon.org.uk [IPv6:2a00:1098:84:22e::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CB6562E0B2; Thu, 3 Mar 2022 12:48:00 -0800 (PST) Received: by cavan.codon.org.uk (Postfix, from userid 1000) id 7700040A44; Thu, 3 Mar 2022 20:47:59 +0000 (GMT) Date: Thu, 3 Mar 2022 20:47:59 +0000 From: Matthew Garrett To: baskov@ispras.ru Cc: Ard Biesheuvel , Peter Jones , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , X86 ML , linux-efi , Linux Kernel Mailing List Subject: Re: [PATCH RFC v2 0/2] Handle UEFI NX-restricted page tables Message-ID: <20220303204759.GA20294@srcf.ucam.org> References: <20220224154330.26564-1-baskov@ispras.ru> <20220228183044.GA18400@srcf.ucam.org> <9787f1c1948cc640e70a50e4b929f44f@ispras.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <9787f1c1948cc640e70a50e4b929f44f@ispras.ru> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,KHOP_HELO_FCRDNS,SPF_HELO_NEUTRAL, SPF_NEUTRAL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 03, 2022 at 04:42:07PM +0300, baskov@ispras.ru wrote: > On 2022-02-28 21:30, Matthew Garrett wrote: > > On Mon, Feb 28, 2022 at 05:45:53PM +0100, Ard Biesheuvel wrote: > > > > > Given that this is a workaround for a very specific issue arising on > > > PI based implementations of UEFI, I consider this a quirk, and so I > > > think this approach is reasonable. I'd still like to gate it on some > > > kind of identification, though - perhaps something related to DMI like > > > the x86 core kernel does as well. > > > > When the V1 patches were reviewed, you suggested allocating > > EFI_LOADER_CODE rather than EFI_LOADER_DATA. The example given for a > > failure case is when NxMemoryProtectionPolicy is set to 0x7fd4, in which > > case EFI_LOADER_CODE, EFI_BOOT_SERVICES_CODE and > > EFI_RUNTIEM_SERVICES_CODE should not have the nx policy applied. So it > > seems like your initial suggestion (s/LOADER_DATA/LOADER_CODE/) should > > have worked, even if there was disagreement about whether the spec > > required it to. Is this firmware applying a stricter policy? > > Yes, this firmware is being modified to enforce stricter policy. Ok. I think this should really go through the UEFI spec process - I agree that from a strict interpretation of the spec, what this firmware is doing is legitimate, but I don't like having a situation where we have to depend on the DXE spec. How does Windows handle this? Just update the page tables itself for any regions it needs during boot?