From: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
To: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
Cc: "linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
joeyli <jlee-IBi9RG/b67k@public.gmane.org>,
Kweh Hock Leong
<hock.leong.kweh-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
Borislav Petkov <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org>,
Mark Salter <msalter-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Peter Jones <pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Bryan O'Donoghue
<pure.logic-SyKdqv6vbfZdzvEItQ6vdLNAH6kLmebB@public.gmane.org>
Subject: Re: [PATCH 2/4] efi: Capsule update support
Date: Tue, 29 Mar 2016 13:26:58 +0100 [thread overview]
Message-ID: <20160329122658.GC3625@codeblueprint.co.uk> (raw)
In-Reply-To: <20160321203159.GF11676-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
On Mon, 21 Mar, at 08:31:59PM, Matt Fleming wrote:
>
> Good question. They're not handled in any special way with this patch
> series, so the firmware will just initiate its own reset inside of
> UpdateCapsule().
>
> That's probably not what we want, because things like on-disk
> consistency are not guaranteed if the machine spontaneously reboots
> without assistance from the kernel.
>
> The simplest thing to do is to refuse to pass such capsules to the
> firmware, since it's likely not going to be a common use case. But
> maybe that's overly restrictive.
>
> Let me have a think about that one.
OK, I did think about this, and until someone actually requests the
ability to handle CAPSULE_FLAGS_INITIATE_RESET, I'm happy to just punt
on the problem. Anyone got any objections?
---
diff --git a/drivers/firmware/efi/capsule.c b/drivers/firmware/efi/capsule.c
index dac25208ad5e..84450e9cdf41 100644
--- a/drivers/firmware/efi/capsule.c
+++ b/drivers/firmware/efi/capsule.c
@@ -84,6 +84,14 @@ int efi_capsule_supported(efi_guid_t guid, u32 flags, size_t size, int *reset)
u64 max_size;
int rv = 0;
+ /*
+ * We do not handle firmware-initiated reset because that
+ * would require us to prepare the kernel for reboot. Refuse
+ * to load any capsules with that flag.
+ */
+ if (flags & EFI_CAPSULE_INITIATE_RESET)
+ return -EINVAL;
+
capsule = kmalloc(sizeof(*capsule), GFP_KERNEL);
if (!capsule)
return -ENOMEM;
WARNING: multiple messages have this Message-ID (diff)
From: Matt Fleming <matt@codeblueprint.co.uk>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: "linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
joeyli <jlee@suse.com>,
Kweh Hock Leong <hock.leong.kweh@intel.com>,
Borislav Petkov <bp@alien8.de>, Mark Salter <msalter@redhat.com>,
Peter Jones <pjones@redhat.com>,
"Bryan O'Donoghue" <pure.logic@nexus-software.ie>
Subject: Re: [PATCH 2/4] efi: Capsule update support
Date: Tue, 29 Mar 2016 13:26:58 +0100 [thread overview]
Message-ID: <20160329122658.GC3625@codeblueprint.co.uk> (raw)
In-Reply-To: <20160321203159.GF11676@codeblueprint.co.uk>
On Mon, 21 Mar, at 08:31:59PM, Matt Fleming wrote:
>
> Good question. They're not handled in any special way with this patch
> series, so the firmware will just initiate its own reset inside of
> UpdateCapsule().
>
> That's probably not what we want, because things like on-disk
> consistency are not guaranteed if the machine spontaneously reboots
> without assistance from the kernel.
>
> The simplest thing to do is to refuse to pass such capsules to the
> firmware, since it's likely not going to be a common use case. But
> maybe that's overly restrictive.
>
> Let me have a think about that one.
OK, I did think about this, and until someone actually requests the
ability to handle CAPSULE_FLAGS_INITIATE_RESET, I'm happy to just punt
on the problem. Anyone got any objections?
---
diff --git a/drivers/firmware/efi/capsule.c b/drivers/firmware/efi/capsule.c
index dac25208ad5e..84450e9cdf41 100644
--- a/drivers/firmware/efi/capsule.c
+++ b/drivers/firmware/efi/capsule.c
@@ -84,6 +84,14 @@ int efi_capsule_supported(efi_guid_t guid, u32 flags, size_t size, int *reset)
u64 max_size;
int rv = 0;
+ /*
+ * We do not handle firmware-initiated reset because that
+ * would require us to prepare the kernel for reboot. Refuse
+ * to load any capsules with that flag.
+ */
+ if (flags & EFI_CAPSULE_INITIATE_RESET)
+ return -EINVAL;
+
capsule = kmalloc(sizeof(*capsule), GFP_KERNEL);
if (!capsule)
return -ENOMEM;
next prev parent reply other threads:[~2016-03-29 12:26 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-17 12:57 [PATCH 0/4] EFI capsule update support Matt Fleming
2016-03-17 12:57 ` Matt Fleming
2016-03-17 12:57 ` [PATCH 1/4] efi: Move efi_status_to_err() to drivers/firmware/efi/ Matt Fleming
[not found] ` <1458219431-24741-2-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-03-21 9:43 ` Ard Biesheuvel
2016-03-21 9:43 ` Ard Biesheuvel
2016-03-17 12:57 ` [PATCH 2/4] efi: Capsule update support Matt Fleming
[not found] ` <1458219431-24741-3-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-03-21 10:19 ` Ard Biesheuvel
2016-03-21 10:19 ` Ard Biesheuvel
[not found] ` <CAKv+Gu8fX7x1x3Od5ThxyFxux_NKDx59PNedkgSfn_V0yg_NQQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-03-21 20:31 ` Matt Fleming
2016-03-21 20:31 ` Matt Fleming
[not found] ` <20160321203159.GF11676-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-03-29 12:26 ` Matt Fleming [this message]
2016-03-29 12:26 ` Matt Fleming
[not found] ` <20160329122658.GC3625-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-03-29 13:50 ` Ard Biesheuvel
2016-03-29 13:50 ` Ard Biesheuvel
[not found] ` <CAKv+Gu_S-BBo8yinQmbEcag43krKBZGxf-0OC=WkZASgS5_Cdg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-04-05 10:09 ` Matt Fleming
2016-04-05 10:09 ` Matt Fleming
2016-03-17 12:57 ` [PATCH 3/4] x86/efi: Force EFI reboot to process pending capsules Matt Fleming
2016-03-17 12:57 ` [PATCH 4/4] efi: A misc char interface to update EFI firmware Matt Fleming
[not found] ` <1458219431-24741-5-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-04-01 2:48 ` deckard
2016-04-01 2:48 ` deckard
[not found] ` <1459478930.6099.249.camel-SyKdqv6vbfZdzvEItQ6vdLNAH6kLmebB@public.gmane.org>
2016-04-05 9:48 ` Matt Fleming
2016-04-05 9:48 ` Matt Fleming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160329122658.GC3625@codeblueprint.co.uk \
--to=matt-mf/unelci9gs6ibeejttw/xrex20p6io@public.gmane.org \
--cc=ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org \
--cc=hock.leong.kweh-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=jlee-IBi9RG/b67k@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=msalter-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=pure.logic-SyKdqv6vbfZdzvEItQ6vdLNAH6kLmebB@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.