From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932995AbcHKIwg (ORCPT <rfc822;w@1wt.eu>);
	Thu, 11 Aug 2016 04:52:36 -0400
Received: from mail-wm0-f67.google.com ([74.125.82.67]:36665 "EHLO
	mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S932715AbcHKIw3 (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Thu, 11 Aug 2016 04:52:29 -0400
Date: Thu, 11 Aug 2016 10:52:25 +0200
From: Ingo Molnar <mingo@kernel.org>
To: Andy Lutomirski <luto@amacapital.net>,
        Matt Fleming <matt@codeblueprint.co.uk>
Cc: Mario Limonciello <mario_limonciello@dell.com>,
        Borislav Petkov <bp@alien8.de>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Matthew Garrett <mjg59@srcf.ucam.org>, X86 ML <x86@kernel.org>,
        "H. Peter Anvin" <hpa@zytor.com>, Matt Fleming <mfleming@suse.de>
Subject: Re: [PATCH v2 0/5] Allow the trampoline to use EFI boot services RAM
Message-ID: <20160811085225.GA4403@gmail.com>
References: <cover.1470821230.git.luto@kernel.org>
 <20160810123058.GB3204@gmail.com>
 <CALCETrUqbmCQrWLoxw7nVQAPsu5UQ-McJx9dCsicHmH=XzzFtQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CALCETrUqbmCQrWLoxw7nVQAPsu5UQ-McJx9dCsicHmH=XzzFtQ@mail.gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


* Andy Lutomirski <luto@amacapital.net> wrote:

> On Aug 10, 2016 3:31 PM, "Ingo Molnar" <mingo@kernel.org> wrote:
> >
> >
> > One side note:
> >
> > * Andy Lutomirski <luto@kernel.org> wrote:
> >
> > > This series fixes it the other way: it allow the trampoline to live
> > > in boot services memory.  It achieves this by deferring the panic
> > > due to failure to reserve a trampoline until early_initcall time
> > > and then adjusting the EFI boot services quirk to reserve space
> > > for the trampoline if we haven't already found it a home.
> >
> > >   x86/efi: Allocate a trampoline if needed in efi_free_boot_services()
> >
> > Btw., this means that we first try to allocate the trampoline the old fashioned
> > way, and in the rare cases this fails we allocate it from the EFI data area,
> > right?
> 
> Yes, exactly.
> 
> >
> > This is problematic from the probability management POV: we are creating a rare
> > piece of code that will run only on a select few systems.
> >
> > I think it would be much better to allocate the trampoline from the EFI area on
> > all EFI systems by default. Is there any reason why that would not work?
> 
> I think most EFI systems don't have any boot services below 1MB, so
> that wouldn't work.
> 
> We could try allocating from EFI more generically, but that sounds
> much scarier.  The EFI memory map code is tangled with the e820 code
> and the memblock code, and I'd be nervous about confusing the e820
> code or accidentally allocating blacklisted RAM (EBDA,
> Sandybridge-quirked, etc.)  The code I wrote should only allocate the
> trampoline at a different address than current kernels in cases where
> current kernels would panic.
> 
> I don't like it either, but after scratching my head for a while I
> didn't come up with anything better.  At least the actual special case
> is only a couple lines of code.

Ok, fine enough to me!

Matt, is patch #5:

   [PATCH v2 5/5] x86/efi: Allocate a trampoline if needed in efi_free_boot_services()

looking good to you?

Thanks,

	Ingo