Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp1623217pxp; Thu, 17 Mar 2022 12:59:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwagE8QSe3KHBuzF7QutoVrWJgG+WG3MXuwpsT+RO5v/kPQvV8Ri2zm1wZAiWrlrGl1gxM1 X-Received: by 2002:a17:902:d48d:b0:153:a517:6ff2 with SMTP id c13-20020a170902d48d00b00153a5176ff2mr6835533plg.141.1647547149452; Thu, 17 Mar 2022 12:59:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1647547149; cv=none; d=google.com; s=arc-20160816; b=zxoA1XePsgnFY8aSXjhHuq609uJgGGY3t3u/3/CJjs9RtYry8SJVCTaDTz/++POXqn ZcMdr6Ns91RGm0tjDxWc4G37SH85jWU3rztBfL/OyVNHXDz6sl3nJnlYFWhPsF1NAOz8 FB5uv1iGZ7R/4Gs5H4dHDHEue20Y5Ez5/m2vRBwY7J5vlLZ2TXZcZV9zXuHUJYhk5dl0 agpbPk4Jafq6A9vyAxTSr/qRo9kbfGfLiIj3DHRFA5ffJjDANu+vWKfy3fYwRmAjYnFb G9YyvevXSYc/w+hmsFZgUHIg5bscMiDJLfLkDj0CsquJcIo9RcWJtdCv8lvVLh3jU7By 0KUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:message-id:user-agent :references:in-reply-to:subject:cc:to:from:date:mime-version; bh=IjcgkmXIIuGyE6LuZLt35wvgXrS+TOea4U1AAmOMpA0=; b=tRJRMNncjhN6g/I8N6+Za8O6R+BrA/7VAJlZfsobl9qdabkBYDXRDBhjJYaf9JPB+v nCA4RqORkcRvYe+rXyBCL5eiWlz/p1FJGcQc/PlSFEJ+r/RmflZWK5Sw/9dCHHuhcCp+ XdV5YSNSVv/40D254Aa1Bw7JLkF30fivPUIUAvFNpYPpRpLRUbLekwIz7TZykWarwJH6 BleZB2ag4r6KVnq9bpXRCuPD41FHpK3L0UIKf8WR3h6b2QKTrz7ONhHmK4kfx/ATq7YR vSg4GsGlwlJpeB0IRTnouBfNXA4fkJPTznv2h2kyT/uvS5QdHi7B48zhPBDK7OqICf7n oKmA== ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id s15-20020a170902ea0f00b00151f5a233d1si6257663plg.505.2022.03.17.12.59.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Mar 2022 12:59:09 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 77AB42816BE; Thu, 17 Mar 2022 12:52:35 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232746AbiCQN17 (ORCPT + 99 others); Thu, 17 Mar 2022 09:27:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58258 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234596AbiCQN1v (ORCPT ); Thu, 17 Mar 2022 09:27:51 -0400 Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6C8DE16C0A5; Thu, 17 Mar 2022 06:26:34 -0700 (PDT) Received: from mail.ispras.ru (unknown [83.149.199.84]) by mail.ispras.ru (Postfix) with ESMTPSA id 784C840D4004; Thu, 17 Mar 2022 13:26:28 +0000 (UTC) MIME-Version: 1.0 Date: Thu, 17 Mar 2022 16:26:28 +0300 From: baskov@ispras.ru To: Matthew Garrett Cc: Ard Biesheuvel , Peter Jones , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , X86 ML , linux-efi , Linux Kernel Mailing List , bret.barkelew@microsoft.com Subject: Re: [PATCH RFC v2 0/2] Handle UEFI NX-restricted page tables In-Reply-To: <20220303204759.GA20294@srcf.ucam.org> References: <20220224154330.26564-1-baskov@ispras.ru> <20220228183044.GA18400@srcf.ucam.org> <9787f1c1948cc640e70a50e4b929f44f@ispras.ru> <20220303204759.GA20294@srcf.ucam.org> User-Agent: Roundcube Webmail/1.4.4 Message-ID: <9b8493626c3c6c0af415e0b277147f9e@ispras.ru> X-Sender: baskov@ispras.ru Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2022-03-03 23:47, Matthew Garrett wrote: > > Ok. I think this should really go through the UEFI spec process - I > agree that from a strict interpretation of the spec, what this firmware > is doing is legitimate, but I don't like having a situation where we > have to depend on the DXE spec. > > How does Windows handle this? Just update the page tables itself for > any > regions it needs during boot? Sorry for delay. Windows is closed source, so we cannot give guarantees on its behavior, but this is our belief regarding its behavior. Added Bret Barkelew (bret.barkelew@microsoft.com) to the CC-list in case he can add something. Regarding the spec changes, we agree it is reasonable, but whether the spec changes or not it will take some time to update the edk2. Our first solution was safer in regards to the use of the services, yet as Ard suggested, using DXE services is much cleaner as long as it works. We can post it to edk2-devel, but our opinion is that these issues are independent. Thanks, Baskov Evgeniy