From mboxrd@z Thu Jan 1 00:00:00 1970 From: grant.likely@linaro.org (Grant Likely) Date: Fri, 24 Oct 2014 14:55:23 +0100 Subject: [PATCH 6/6] arm64/efi: remove idmap manipulations from UEFI code In-Reply-To: References: <1414154384-15385-1-git-send-email-ard.biesheuvel@linaro.org> <1414154384-15385-7-git-send-email-ard.biesheuvel@linaro.org> Message-ID: To: linux-arm-kernel@lists.infradead.org List-Id: linux-arm-kernel.lists.infradead.org On Fri, Oct 24, 2014 at 2:53 PM, Ard Biesheuvel wrote: > On 24 October 2014 15:41, Grant Likely wrote: >> On Fri, Oct 24, 2014 at 1:39 PM, Ard Biesheuvel >> wrote: >>> Now that we have moved the call to SetVirtualAddressMap() to the stub, >>> UEFI has no use for the ID map, so we can drop the code that installs >>> ID mappings for UEFI memory regions. >>> >>> Signed-off-by: Ard Biesheuvel >> >> I have to say, this series makes me happy. :-) >> >> This method will go a long way to catching UEFI implementations that >> do incorrect things after exitbootservices is called. I'm assuming >> that any attempt to access a region that boot services has not >> requested will get trapped by the kernel, correct? >> > > If we really want to catch firmware problems, we should probably wipe > all boot services regions between the calls to ExitBootServices() and > SetVirtualAddressMap(). Mark Salter's original approach here was > fairly cautious here, i.e., reserving boot services regions until > after the call to SetVirtualAddressMap(), but there is no point in > doing that for kexec, that's why I removed it. I quite like that idea. Let's do that and see if anyone screams in agony. g.