From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matt Fleming Subject: Re: [PATCH v2] x86/mm: warn on W+x mappings Date: Mon, 12 Oct 2015 13:55:48 +0100 Message-ID: <20151012125548.GE2579@codeblueprint.co.uk> References: <1443814185-21552-1-git-send-email-sds@tycho.nsa.gov> <20151003112701.GA4531@gmail.com> <5612CBE8.2010504@tycho.nsa.gov> <20151006073205.GA11115@gmail.com> <5613EAD5.2070405@tycho.nsa.gov> <20151012113605.GB7384@pd.tnic> <20151012124113.GD2579@codeblueprint.co.uk> <20151012124936.GA6260@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: <20151012124936.GA6260-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> Sender: linux-efi-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Ingo Molnar Cc: Borislav Petkov , Stephen Smalley , x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org, Thomas Gleixner , "H. Peter Anvin" , Peter Zijlstra , Andy Lutomirski , Denys Vlasenko , Brian Gerst , linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Ard Biesheuvel List-Id: linux-efi@vger.kernel.org On Mon, 12 Oct, at 02:49:36PM, Ingo Molnar wrote: > > > So why not unmap them after bootup? Is there any reason to call into EFI code > while the system is up and running? That's where the runtime services code lives. So if you want things like EFI variables (used by the distro installer, among other things) you need to map the runtime regions. You can of course disable that by using the "noefi" kernel parameter, which should unmap everything for you once you've finished booting. -- Matt Fleming, Intel Open Source Technology Center From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752398AbbJLMzx (ORCPT ); Mon, 12 Oct 2015 08:55:53 -0400 Received: from mail-wi0-f176.google.com ([209.85.212.176]:33741 "EHLO mail-wi0-f176.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752348AbbJLMzv (ORCPT ); Mon, 12 Oct 2015 08:55:51 -0400 Date: Mon, 12 Oct 2015 13:55:48 +0100 From: Matt Fleming To: Ingo Molnar Cc: Borislav Petkov , Stephen Smalley , x86@kernel.org, linux-kernel@vger.kernel.org, keescook@chromium.org, Thomas Gleixner , "H. Peter Anvin" , Peter Zijlstra , Andy Lutomirski , Denys Vlasenko , Brian Gerst , linux-efi@vger.kernel.org, Ard Biesheuvel Subject: Re: [PATCH v2] x86/mm: warn on W+x mappings Message-ID: <20151012125548.GE2579@codeblueprint.co.uk> References: <1443814185-21552-1-git-send-email-sds@tycho.nsa.gov> <20151003112701.GA4531@gmail.com> <5612CBE8.2010504@tycho.nsa.gov> <20151006073205.GA11115@gmail.com> <5613EAD5.2070405@tycho.nsa.gov> <20151012113605.GB7384@pd.tnic> <20151012124113.GD2579@codeblueprint.co.uk> <20151012124936.GA6260@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20151012124936.GA6260@gmail.com> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 12 Oct, at 02:49:36PM, Ingo Molnar wrote: > > > So why not unmap them after bootup? Is there any reason to call into EFI code > while the system is up and running? That's where the runtime services code lives. So if you want things like EFI variables (used by the distro installer, among other things) you need to map the runtime regions. You can of course disable that by using the "noefi" kernel parameter, which should unmap everything for you once you've finished booting. -- Matt Fleming, Intel Open Source Technology Center