From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from a7-11.smtp-out.eu-west-1.amazonses.com (a7-11.smtp-out.eu-west-1.amazonses.com [54.240.7.11])
 by mx.groups.io with SMTP id smtpd.web10.33949.1683642213789332076
 for <devel@edk2.groups.io>;
 Tue, 09 May 2023 07:23:34 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@ipxe.org header.s=cphpx6z2rfcgehlykjjh3gknqe3hsoe2 header.b=dZqqJGTn;
 spf=pass (domain: eu-west-1.amazonses.com, ip: 54.240.7.11, mailfrom: 0102018800e55c15-06451e86-006c-45d0-91ee-106189471d0b-000000@eu-west-1.amazonses.com)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
	s=cphpx6z2rfcgehlykjjh3gknqe3hsoe2; d=ipxe.org; t=1683642212;
	h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Content-Type:Content-Transfer-Encoding;
	bh=CPYxFBR6HYe64Gu1TSJduM2//wyj8FXu/TBTK5NUwQE=;
	b=dZqqJGTnMWC4lvADylXAl+4IJ2JrXUZGiyyvXnX1da2tpvS4/Sk3NN8WpbSEo6TZ
	P76DNJuHPuDbJh4gXokB3vv/xASA5MCbNVeMvlxfyzmzyLZzmBZUtOn9xZjnwcSaxhk
	GGwFIVkailUDkJzWNKjZsSumOTqoUlWQXXW+eB7DpJdMK+O8Fd2lKMzHewPdb61J8Vw
	b1ZS1AWNC4wYG3yuAK/0pCIJi1TXJFw9cwbIqKt/JWwm+GahDoXHMVhW9KObu8WaFkC
	vxEDsTSUn3TEy2gq9GzvT55EVIRf7GasPGxIWikSMbFu0SQ3ax1rT5R/wDi5ccBTe7J
	p+YGnThtkg==
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
	s=shh3fegwg5fppqsuzphvschd53n6ihuv; d=amazonses.com; t=1683642212;
	h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Content-Type:Content-Transfer-Encoding:Feedback-ID;
	bh=CPYxFBR6HYe64Gu1TSJduM2//wyj8FXu/TBTK5NUwQE=;
	b=Sc/ouqDuMMiLF2lB1K6lZdnGVkTXh15rp6Nww2pfoiiTy3K9ZmP5dW7Nl+PUxua5
	W1TX1XD6BG6vLOu8lSsk7YOsT7OFc+AQ+mvfhAk34ZnOm36FIiYxP/ZUfsYxRtJjlpM
	NsBDt/sbDDluOHi+jbuYj8qYkrr4VHrGekmiS5Q4=
Message-ID: <0102018800e55c15-06451e86-006c-45d0-91ee-106189471d0b-000000@eu-west-1.amazonses.com>
Date: Tue, 9 May 2023 14:23:31 +0000
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.6.0
Subject: Re: [edk2-devel] [PATCH v2 0/2] OvmfPkg: Relax assertion that interrupts do not occur at TPL_HIGH_LEVEL
To: devel@edk2.groups.io, lersek@redhat.com
Cc: Gerd Hoffmann <kraxel@redhat.com>, Oliver Steffen <osteffen@redhat.com>,
 Pawel Polawski <ppolawsk@redhat.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Ard Biesheuvel <ardb+tianocore@kernel.org>,
 Jordan Justen <jordan.l.justen@intel.com>
References: <175D7813A02A6FCA.31428@groups.io>
 <01020188006a98ab-43bff9af-a85f-4cc9-b044-69fc167b5982-000000@eu-west-1.amazonses.com>
 <bb6edf7b-a0cf-ed7e-e7d2-d9afb2360ba9@redhat.com>
From: "Michael Brown" <mcb30@ipxe.org>
In-Reply-To: <bb6edf7b-a0cf-ed7e-e7d2-d9afb2360ba9@redhat.com>
X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00,
	URIBL_BLOCKED,URIBL_DBL_BLOCKED_OPENDNS,URIBL_ZEN_BLOCKED_OPENDNS
	autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	blyat.fensystems.co.uk
Feedback-ID: 1.eu-west-1.fspj4M/5bzJ9NLRzJP0PaxRwxrpZqiDQJ1IF94CF2TA=:AmazonSES
X-SES-Outgoing: 2023.05.09-54.240.7.11
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

On 09/05/2023 14:31, Laszlo Ersek wrote:
> On 5/9/23 14:09, Michael Brown wrote:
>> At TPL_HIGH_LEVEL, CPU interrupts are disabled (as per the UEFI
>> specification) and so we should never encounter a situation in which
>> an interrupt occurs at TPL_HIGH_LEVEL. The specification also
>> restricts usage of TPL_HIGH_LEVEL to the firmware itself.
>>
>> However, nothing actually prevents a UEFI application from calling
>> gBS->RaiseTPL(TPL_HIGH_LEVEL) and then violating the invariant by
>> enabling interrupts via the STI or equivalent instruction. Some
>> versions of the Microsoft Windows bootloader are known to do this.
>>
>> NestedInterruptTplLib maintains the invariant that interrupts are
>> disabled at TPL_HIGH_LEVEL (even when performing the dark art of
>> deliberately manipulating the stack so that IRET will return with
>> interrupts still disabled), but does not itself rely on external code
>> maintaining this invariant.
>>
>> Relax the assertion that the interrupted TPL is below TPL_HIGH_LEVEL
>> to an error message, to allow UEFI applications such as these versions
>> of the Microsoft Windows bootloader to continue to function.
>>
>> Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2189136
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>> Cc: Oliver Steffen <osteffen@redhat.com>
>> Cc: Pawel Polawski <ppolawsk@redhat.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>>
>> Michael Brown (2):
>>    OvmfPkg: Clarify invariants for NestedInterruptTplLib
>>    OvmfPkg: Relax assertion that interrupts do not occur at
>>      TPL_HIGH_LEVEL
>>
>>   OvmfPkg/Library/NestedInterruptTplLib/Tpl.c | 31 +++++++++++++++++----
>>   1 file changed, 26 insertions(+), 5 deletions(-)
>>
> 
> series
> Acked-by: Laszlo Ersek <lersek@redhat.com>

Thank you!

Gerd: are you happy for your Reviewed-by to stand, since the only 
changes since v1 were to comment wording?  (My apologies for forgetting 
to include a v2 description in the cover letter.)

Thanks,

Michael