From: Sohil Mehta <sohil.mehta@intel.com>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: <x86@kernel.org>, Dave Hansen <dave.hansen@linux.intel.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "Borislav Petkov" <bp@alien8.de>,
"H . Peter Anvin" <hpa@zytor.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Kiryl Shutsemau <kas@kernel.org>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Tony Luck <tony.luck@intel.com>,
"Alexander Shishkin" <alexander.shishkin@linux.intel.com>,
<linux-kernel@vger.kernel.org>, <linux-efi@vger.kernel.org>
Subject: Re: [PATCH 0/3] x86: Extend LASS support to EFI configurations
Date: Thu, 4 Dec 2025 09:34:29 -0800 [thread overview]
Message-ID: <5fb937b4-5459-4894-a107-945bfb50a701@intel.com> (raw)
In-Reply-To: <CAMj1kXFicnmVUeoRsMNbBgDN20fCN+R01H9shcgOJMD2Nzn8Cg@mail.gmail.com>
On 12/4/2025 4:47 AM, Ard Biesheuvel wrote:
> Hello Sohil,
>
Hello Ard - Thank you for looking at the patches.
>>
>> 2) Boot services code and data are referenced long after
>> ExitBootServices(). For example, efi_check_for_embedded_firmwares()
>> accesses boot services memory even after SetVirtualAddressMap().
>>
>
> These accesses use the kernel direct map, so I don't think they come
> into play here.
>
I don't mean SVAM should have switched these addresses to virtual ones
but doesn't all of EFI_BOOT_SERVICES_{CODE|DATA} have address[63] = 0?
LASS wouldn't care whether there is an actual mapping behind the
address. It only relies on the MSB for enforcement. So, any code that
relied on accessing boot services memory before efi_free_boot_services()
could get affected by LASS.
Or, did I misunderstand your comment? I am trying to clarify because I
have similar wording in the commit messages, and it would be preferable
to keep that accurate.
>> 3) Some runtime services fail to switch to virtual mode properly and
>> continue referencing physical addresses [3]. The kernel maintains a
>> 1:1 mapping of all runtime services code and data regions to avoid
>> breaking such firmware.
>>
>
> In [3], I mainly elaborated on why it is still necessary to call
> SetVirtualAddressMap(), and why it needs to be called with a mapping
> in the upper address range.
>
> For this particular call, there is no choice but to disarm LASS, given
> that the lower mapping is still active at this point.
>
> However, that does not imply that we have to assume that systems that
> support LASS (which are fairly recent AIUI) are buggy in the same way,
> i.e., that they access addresses in the 1:1 region after
> SetVirtualAddressMap() completes.
I assumed that it must be widespread because the kernel maintains the
1:1 mapping unconditionally without any Family-model checks. The code
isn't explicitly warning about such implementations, either.
>
> In fact, we might attempt to use the availability of LASS as a
> preliminary cutoff point for disabling this hack entirely, and only
> backpedal if we get actual reports where this is still a problem.
Sure, I am onboard with this approach, but some folks seemed skeptical
about it during the base LASS series review. My only concern is breaking
user systems when they update to a LASS-enabled kernel.
x86 maintainers, any preference?
Would it be useful to put this (patch 2) behind an "efi=disable_lass"
command line option? That way, if someone runs into it, there is at
least a fallback option they can rely on. By default, we would still
expect newer firmware to not need this hack.
next prev parent reply other threads:[~2025-12-04 17:34 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-04 7:21 [PATCH 0/3] x86: Extend LASS support to EFI configurations Sohil Mehta
2025-12-04 7:21 ` [PATCH 1/3] x86/cpu: Defer LASS enabling until userspace comes up Sohil Mehta
2025-12-04 7:21 ` [PATCH 2/3] x86/efi: Make runtime services compatible with LASS Sohil Mehta
2025-12-04 7:21 ` [PATCH 3/3] x86/cpu: Remove LASS restriction on EFI Sohil Mehta
2025-12-04 12:47 ` [PATCH 0/3] x86: Extend LASS support to EFI configurations Ard Biesheuvel
2025-12-04 17:34 ` Sohil Mehta [this message]
2025-12-04 19:03 ` Ard Biesheuvel
2025-12-04 19:15 ` H. Peter Anvin
2025-12-04 19:40 ` Ard Biesheuvel
2025-12-04 19:51 ` H. Peter Anvin
2025-12-04 19:58 ` Ard Biesheuvel
2025-12-13 0:21 ` Sohil Mehta
2025-12-13 0:17 ` Sohil Mehta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5fb937b4-5459-4894-a107-945bfb50a701@intel.com \
--to=sohil.mehta@intel.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=kas@kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox