Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp4586841rwb; Tue, 17 Jan 2023 02:54:01 -0800 (PST) X-Google-Smtp-Source: AMrXdXtMSN76gaasANgYmU/NL6zNGRm6ezJtp/Gy/SalunmAyH1SolWpm9iJ7K51OX63xG8yag6/ X-Received: by 2002:a17:90a:5886:b0:227:4d5:6d67 with SMTP id j6-20020a17090a588600b0022704d56d67mr2798591pji.24.1673952840893; Tue, 17 Jan 2023 02:54:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673952840; cv=none; d=google.com; s=arc-20160816; b=pQ41BCPZpfQLwm2iLz5vLP9gUiLDfLY406utEDce8dYPn7LBLPvtZ+uxYm1RW3i4bh M0lxfCkUtHQwHUIPEt2bq7PCmCwZFaB9mqyjaWOEc4aHjp1dIJB/LmJAhuKKgJF4wwAC vXKnEqSfMowPYsQlJGhxRQak6ASdGI+Pe9bxkxq8cXRYmQaMF9b1WiGfulRfEZxYMA8r lLwkYGcoNgIQOi4sfg13onPuZ0vC8VVLtTOQ5pPdd71pIU2JaJ6qgSYh9eyz3StFQVSR rWyzjr9NYPVPI4myF8iYWHZM1XgkouYCwTrCp4h3FL0GOsn6YgHW4wGhdMLg2yoiJmg8 cBiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=nwa7yzUz/d5O5ZJ8+0pFVeV97HQ7VfJXVVDyNJvC/Sc=; b=OLoHiCvFiPT4yGb+/9Z6L9Dq85/ca6LezxAHw49XDcDf9UWMrcQ1RBDSQEFL3Jc0Gx wc3o2fYVU1kinG7ZfbGbTN/Tu391GcdlHgRMSpNguPLLLDK9UZkU7iH2aX2x7rEPdkx1 7m7H+AikeVywDDuVWPAPkrfL6e8LJiTV6E8LzNtd6OpPodwscNWUtCwyeWkztJJHxXGN 3/o4A7j23weZEs1UTImMFamciUwbto9oDqBtoVzuVRm0PvnJF429EAXERtDflBmR7RP4 pkGrLud1HBddwBbVqyk6HVdW9Q2w/usekkRB3dalLZLQ9JnfdENLz9GRhLpHuI7nE6UX X6XQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=NNWYtR+1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j62-20020a638b41000000b004b894ebdd37si18808411pge.672.2023.01.17.02.53.54; Tue, 17 Jan 2023 02:54:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=NNWYtR+1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236638AbjAQKZd (ORCPT + 51 others); Tue, 17 Jan 2023 05:25:33 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34602 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236574AbjAQKZ3 (ORCPT ); Tue, 17 Jan 2023 05:25:29 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A6D62684C for ; Tue, 17 Jan 2023 02:24:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673951080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=nwa7yzUz/d5O5ZJ8+0pFVeV97HQ7VfJXVVDyNJvC/Sc=; b=NNWYtR+1LwNEdWDqCZxjCItU2D/AqrQkgs8T1GRDz8qcQBqL229+04Rewx/bsTM70DQkJZ zsie0V0JX4QnzWL6wYJ44Jui/lIhZiVCfe9Hmfn6nfEFo9BB6nHfvCtQLG8VC43MT0DrR4 Px3y8lqNj54lhO4QFbSev8Sb/9Lr6y8= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-623-qPNNJ-EaNIGLAhi38TZx-g-1; Tue, 17 Jan 2023 05:24:36 -0500 X-MC-Unique: qPNNJ-EaNIGLAhi38TZx-g-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 51E8B29AB3E1; Tue, 17 Jan 2023 10:24:35 +0000 (UTC) Received: from sirius.home.kraxel.org (unknown [10.39.192.124]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C0DB11415108; Tue, 17 Jan 2023 10:24:34 +0000 (UTC) Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 6FB541800097; Tue, 17 Jan 2023 11:24:33 +0100 (CET) Date: Tue, 17 Jan 2023 11:24:33 +0100 From: Gerd Hoffmann To: "Kirill A. Shutemov" Cc: Dionna Amalie Glaze , Ard Biesheuvel , "Kirill A. Shutemov" , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, x86@kernel.org, jiewen.yao@intel.com, devel@edk2.groups.io, "Min M. Xu" , James Bottomley , Tom Lendacky , Erdem Aktas , Dave Hansen Subject: Re: [PATCH v2] x86/efi: Safely enable unaccepted memory in UEFI Message-ID: <20230117102433.mawczdq3di6776bx@sirius.home.kraxel.org> References: <20230113212926.2904735-1-dionnaglaze@google.com> <20230113222024.rp2erl54vx3grdbd@box.shutemov.name> <20230116105648.63hsxnmj2juwudmu@sirius.home.kraxel.org> <20230116123057.wvr6rz7y3ubgcm5z@box.shutemov.name> <20230116134246.soworigs56bz5v7o@box.shutemov.name> <20230116231711.cudsnxvnfg6aef3w@box.shutemov.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230116231711.cudsnxvnfg6aef3w@box.shutemov.name> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 17, 2023 at 02:17:11AM +0300, Kirill A. Shutemov wrote: > On Mon, Jan 16, 2023 at 11:43:15AM -0800, Dionna Amalie Glaze wrote: > > > > I still don't understand why we need to support every imaginable > > > > combination of firmware, bootloader and OS. Unaccepted memory only > > > > exists on a special kind of virtual machine, which provides very > > > > little added value unless you opt into the security and attestation > > > > features, which are all heavily based on firmware protocols. So why > > > > should care about a EFI-aware bootloader calling ExitBootServices() > > > > and subsequently doing a legacy boot of Linux on such systems? > > > > > > Why break what works? Some users want it. > > > > > > > The users that want legacy boot features will not be broken, > > Why do you call boot with a bootloader a legacy feature? Linux efi kernels can be booted in two ways: (1) old/legacy: boot loader calls ExitBootServices and jumps to the kernel entry point. (2) new/efi stub: boot loader does *not* call ExitBootServices, but loads the linux kernel as efi binary instead. The linux kernel efi stub calls ExitBootServices then. All kernel version relevant here (new enough to support SEV-SNP / TDX) have efi stub support, so (1) does not really matter in practice. the efi stub was added *exactly* to handle cases like this one: the kernel can do efi calls needed on its own without depending on the boot loader doing it on behalf of the kernel. > > This means that users of a distro that has not enabled unaccepted > > memory support cannot simply start a VM with the usual command, but > > instead have to know a baroque extra flag to get access to all the > > memory that they configured the machine (and for a CSP customer, paid > > for). That's not a good experience. > > New features require enabling. It is not something new. Asking user to manually configure something which can be handled automatically just fine is a bad design. take care, Gerd