From: Laszlo Ersek <lersek@redhat.com> To: Borislav Petkov <bp@alien8.de> Cc: edk2-devel@lists.sourceforge.net, David Woodhouse <dwmw2@infradead.org>, linux-efi@vger.kernel.org, lkml <linux-kernel@vger.kernel.org>, Gleb Natapov <gleb@redhat.com>, Matthew Garrett <mjg59@srcf.ucam.org> Subject: Re: [edk2] Corrupted EFI region Date: Mon, 05 Aug 2013 17:15:38 +0200 [thread overview] Message-ID: <51FFC19A.1020204@redhat.com> (raw) In-Reply-To: <20130805144010.GE31845@pd.tnic> On 08/05/13 16:40, Borislav Petkov wrote: > On Mon, Aug 05, 2013 at 04:27:44PM +0200, Laszlo Ersek wrote: >> I wouldn't call the design of SetVirtualAddressMap() braindead. > > Ok, I've always wondered and you could probably shed some light on the > matter: why is SetVirtualAddressMap() a call-once only? Why can't I > simply call it again and update the mappings? The current implementation (how pointers are converted) probably doesn't accommodate a second call. Of course you want to know why SetVirtualAddressMap() was designed like that... I didn't participate in the design so I don't know :) But, as I said, a kernel directly executing another kernel is an unexpected idea. IMHO the second kernel in question doesn't fit the UEFI phases at all. The OS booted like that (ie. the OS whose kernel is the 2nd (=kexec) kernel) never goes through SEC, PEI, DXE, BDS. SetVirtualAddressMap() is a firmware interface, but the kexec OS (including its private boot loader and kernel) are not loaded by firmware. > >> I'd rather call kexec unique and somewhat unexpected :) > > In all fairness, it was there before UEFI, AFAICT. That doesn't matter as long as the UEFI designers aren't aware of it :) (Who should have made whom aware, ie. Linux people approaching UEFI people, or UEFI people exploring Linux, is a separate topic. As always I'm apolitical about UEFI; I'm not arguing for it or against it. My feeble efforts for improving OVMF and interfacing code are motivated by my employer, not my world view, but as a side-effect of working with the code I can't help but notice some nice things in edk2 and appreciate them :)) >>> I wouldn't wonder if we f*cked it up again like the last time. I'll give >>> it a long hard look. >> >> Ah sorry, by "and you guys suspect" I didn't mean to imply anything >> between the lines, I was simply trying to ascertain your working idea :) > > As long as we get to the bottom of this, we're all fine. And I'd > pretty much expect everyone who is dealing with EFI to have grown a > sufficiently thick skin before starting to do so, so don't worry. > > :-) This is a unique opportunity for me to point the following. (Unique because it wasn't me bringing up the thick skin thing :)) My skin is *very thin*. It's not even there, you could say. So, if I mess up, please don't insult me. (As explained before, my own language above wasn't even tongue-in-cheek.) Insult my code or my analysis pls. BTW there's another point I'd like to ask about -- you're saying you see the region corruption during the same boot, from the first (early) memmap dump to the second one (when just about to enter virtual mode). But, is this one boot the very first boot, or the kexec one? Thanks! Laszlo
WARNING: multiple messages have this Message-ID (diff)
From: Laszlo Ersek <lersek@redhat.com> To: Borislav Petkov <bp@alien8.de> Cc: linux-efi@vger.kernel.org, Gleb Natapov <gleb@redhat.com>, edk2-devel@lists.sourceforge.net, lkml <linux-kernel@vger.kernel.org>, David Woodhouse <dwmw2@infradead.org> Subject: Re: [edk2] Corrupted EFI region Date: Mon, 05 Aug 2013 17:15:38 +0200 [thread overview] Message-ID: <51FFC19A.1020204@redhat.com> (raw) In-Reply-To: <20130805144010.GE31845@pd.tnic> On 08/05/13 16:40, Borislav Petkov wrote: > On Mon, Aug 05, 2013 at 04:27:44PM +0200, Laszlo Ersek wrote: >> I wouldn't call the design of SetVirtualAddressMap() braindead. > > Ok, I've always wondered and you could probably shed some light on the > matter: why is SetVirtualAddressMap() a call-once only? Why can't I > simply call it again and update the mappings? The current implementation (how pointers are converted) probably doesn't accommodate a second call. Of course you want to know why SetVirtualAddressMap() was designed like that... I didn't participate in the design so I don't know :) But, as I said, a kernel directly executing another kernel is an unexpected idea. IMHO the second kernel in question doesn't fit the UEFI phases at all. The OS booted like that (ie. the OS whose kernel is the 2nd (=kexec) kernel) never goes through SEC, PEI, DXE, BDS. SetVirtualAddressMap() is a firmware interface, but the kexec OS (including its private boot loader and kernel) are not loaded by firmware. > >> I'd rather call kexec unique and somewhat unexpected :) > > In all fairness, it was there before UEFI, AFAICT. That doesn't matter as long as the UEFI designers aren't aware of it :) (Who should have made whom aware, ie. Linux people approaching UEFI people, or UEFI people exploring Linux, is a separate topic. As always I'm apolitical about UEFI; I'm not arguing for it or against it. My feeble efforts for improving OVMF and interfacing code are motivated by my employer, not my world view, but as a side-effect of working with the code I can't help but notice some nice things in edk2 and appreciate them :)) >>> I wouldn't wonder if we f*cked it up again like the last time. I'll give >>> it a long hard look. >> >> Ah sorry, by "and you guys suspect" I didn't mean to imply anything >> between the lines, I was simply trying to ascertain your working idea :) > > As long as we get to the bottom of this, we're all fine. And I'd > pretty much expect everyone who is dealing with EFI to have grown a > sufficiently thick skin before starting to do so, so don't worry. > > :-) This is a unique opportunity for me to point the following. (Unique because it wasn't me bringing up the thick skin thing :)) My skin is *very thin*. It's not even there, you could say. So, if I mess up, please don't insult me. (As explained before, my own language above wasn't even tongue-in-cheek.) Insult my code or my analysis pls. BTW there's another point I'd like to ask about -- you're saying you see the region corruption during the same boot, from the first (early) memmap dump to the second one (when just about to enter virtual mode). But, is this one boot the very first boot, or the kexec one? Thanks! Laszlo ------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
next prev parent reply other threads:[~2013-08-05 15:13 UTC|newest] Thread overview: 108+ messages / expand[flat|nested] mbox.gz Atom feed top 2013-07-31 20:54 Corrupted EFI region Borislav Petkov 2013-07-31 20:54 ` Borislav Petkov 2013-07-31 20:58 ` Matthew Garrett 2013-07-31 20:58 ` Matthew Garrett 2013-07-31 21:51 ` Borislav Petkov 2013-07-31 21:51 ` Borislav Petkov 2013-07-31 21:54 ` Matthew Garrett 2013-07-31 21:54 ` Matthew Garrett 2013-08-01 16:51 ` Borislav Petkov 2013-08-01 16:51 ` Borislav Petkov 2013-07-31 21:55 ` David Woodhouse 2013-07-31 21:55 ` David Woodhouse 2013-08-01 16:49 ` Borislav Petkov 2013-08-01 16:49 ` Borislav Petkov 2013-08-05 11:27 ` [edk2] " Laszlo Ersek 2013-08-05 11:27 ` Laszlo Ersek 2013-08-05 13:02 ` Borislav Petkov 2013-08-05 13:02 ` Borislav Petkov 2013-08-05 13:39 ` Laszlo Ersek 2013-08-05 13:39 ` Laszlo Ersek 2013-08-05 14:03 ` Borislav Petkov 2013-08-05 14:03 ` Borislav Petkov 2013-08-05 14:27 ` Laszlo Ersek 2013-08-05 14:27 ` Laszlo Ersek 2013-08-05 14:40 ` Borislav Petkov 2013-08-05 14:40 ` Borislav Petkov 2013-08-05 15:15 ` Laszlo Ersek [this message] 2013-08-05 15:15 ` Laszlo Ersek 2013-08-05 15:34 ` James Bottomley 2013-08-05 15:34 ` James Bottomley 2013-08-05 16:27 ` Laszlo Ersek 2013-08-05 16:27 ` Laszlo Ersek 2013-08-05 16:12 ` Borislav Petkov 2013-08-05 16:12 ` Borislav Petkov 2013-08-05 16:41 ` Laszlo Ersek 2013-08-05 16:41 ` Laszlo Ersek 2013-08-05 16:47 ` Borislav Petkov 2013-08-05 16:47 ` Borislav Petkov 2013-08-05 17:00 ` Kinney, Michael D 2013-08-05 17:00 ` Kinney, Michael D 2013-08-05 17:09 ` Laszlo Ersek 2013-08-05 17:09 ` Laszlo Ersek 2013-08-05 21:26 ` Laszlo Ersek 2013-08-05 21:26 ` Laszlo Ersek 2013-08-05 22:08 ` Borislav Petkov 2013-08-05 22:08 ` Borislav Petkov 2013-08-06 14:10 ` Borislav Petkov 2013-08-06 14:10 ` Borislav Petkov 2013-08-06 15:31 ` Laszlo Ersek 2013-08-06 15:31 ` Laszlo Ersek 2013-08-07 15:19 ` Borislav Petkov 2013-08-07 17:23 ` Andrew Fish 2013-08-07 17:23 ` Andrew Fish 2013-08-07 20:19 ` Matt Fleming 2013-08-07 20:19 ` Matt Fleming 2013-08-07 20:24 ` Matt Fleming 2013-08-07 20:24 ` Matt Fleming 2013-08-07 21:10 ` Andrew Fish 2013-08-07 21:10 ` Andrew Fish 2013-08-07 21:23 ` Matthew Garrett 2013-08-08 10:17 ` Matt Fleming 2013-08-08 10:17 ` Matt Fleming 2013-08-08 13:46 ` Andrew Fish 2013-08-08 13:46 ` Andrew Fish 2013-09-02 8:19 ` Matt Fleming 2013-09-02 8:19 ` Matt Fleming 2013-09-13 20:38 ` jerry.hoemann 2013-09-13 20:38 ` jerry.hoemann-VXdhtT5mjnY 2013-09-16 10:59 ` Matt Fleming 2013-09-16 10:59 ` Matt Fleming 2013-09-16 11:50 ` Laszlo Ersek 2013-09-16 11:50 ` Laszlo Ersek 2013-09-16 15:57 ` Josh Triplett 2013-09-16 15:57 ` Josh Triplett 2013-09-16 16:25 ` Laszlo Ersek 2013-09-16 16:25 ` Laszlo Ersek 2013-09-16 16:27 ` Matthew Garrett 2013-09-16 16:27 ` Matthew Garrett 2013-09-16 16:29 ` Josh Triplett 2013-09-16 16:29 ` Josh Triplett 2013-09-18 19:24 ` jerry.hoemann 2013-09-18 19:24 ` jerry.hoemann-VXdhtT5mjnY 2013-09-20 9:06 ` Matt Fleming 2013-09-20 9:06 ` Matt Fleming 2013-08-07 17:49 ` Laszlo Ersek 2013-08-07 17:49 ` Laszlo Ersek 2013-08-08 15:02 ` Borislav Petkov 2013-08-08 15:02 ` Borislav Petkov 2013-08-08 21:45 ` Brian J. Johnson 2013-08-08 21:45 ` Brian J. Johnson 2013-08-18 7:33 ` Jordan Justen 2013-08-18 7:33 ` Jordan Justen 2013-08-05 15:50 ` Andrew Fish 2013-08-05 15:50 ` Andrew Fish 2013-08-05 18:12 ` Borislav Petkov 2013-08-05 18:12 ` Borislav Petkov 2013-08-05 21:37 ` H. Peter Anvin 2013-08-05 21:37 ` H. Peter Anvin 2013-08-05 21:41 ` Borislav Petkov 2013-08-05 21:41 ` Borislav Petkov 2013-08-05 21:49 ` H. Peter Anvin 2013-08-05 21:49 ` H. Peter Anvin 2013-08-05 21:55 ` Laszlo Ersek 2013-08-05 21:55 ` Laszlo Ersek 2013-08-05 22:52 ` James Bottomley 2013-08-05 22:52 ` James Bottomley 2013-08-06 7:26 ` Laszlo Ersek 2013-08-06 7:26 ` Laszlo Ersek
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=51FFC19A.1020204@redhat.com \ --to=lersek@redhat.com \ --cc=bp@alien8.de \ --cc=dwmw2@infradead.org \ --cc=edk2-devel@lists.sourceforge.net \ --cc=gleb@redhat.com \ --cc=linux-efi@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=mjg59@srcf.ucam.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.