From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from wout3-smtp.messagingengine.com (wout3-smtp.messagingengine.com [64.147.123.19]) by mx.groups.io with SMTP id smtpd.web11.165237.1673872264402419231 for ; Mon, 16 Jan 2023 04:31:04 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@shutemov.name header.s=fm1 header.b=rgqE77CO; spf=pass (domain: shutemov.name, ip: 64.147.123.19, mailfrom: kirill@shutemov.name) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id AB6A93200926; Mon, 16 Jan 2023 07:31:02 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Mon, 16 Jan 2023 07:31:03 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov.name; h=cc:cc:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm1; t=1673872262; x=1673958662; bh=GA efGTRYV8k2AcfSXuQg3jAZJ+2nQm68uzPllcZ7W6g=; b=rgqE77COihinuJ6B22 xrzBg+KCo9nX34j6aO3qWOFuUJF50Trf2RuAYqbSTly4ddm8k9fhuP+/kD7GPUB8 C8HD6fExGxh4A0X6O2vur1t7v+szxstsj23rualNvJbKNlJQPUmzQRp71eerYYGc bhnw2qFMPUGSd4qDEKoY7ci/5HsdmfCFfPBHjYkgZa683HB/Qq7V2JdiXbQ558AD gRUCarYu+jBw24+eE/IFZaCEnBTyptuvsI6Gy6pZ2XwChjkGsDX4p9yw56E/vL2E UDStROgWL1PgxPcDTQnigbZ+z9OTguvt4mIKLG4uuUI7B84efWdHweAiAHulDioH NmxQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1673872262; x=1673958662; bh=GAefGTRYV8k2AcfSXuQg3jAZJ+2n Qm68uzPllcZ7W6g=; b=TGfMw1d+r4qVRpM0Vq1vpiLmmdcYDvV1wvrlWki9SiaJ Zt/sMXoXcoGSbglgA31Jk+H1NCcf/IjgI+dUNY1QPBH3pc1RSERfHcH/1MaeSyyT KSvM2GhcXvMieys6A+fKr5XbLL5FHsYHEJFOgvRCG9jS7Qo0jV8fNRwyT8IpBhVR 80hxf8bQLQ3E/BdXp/L2ExybWCC94ofIjMBwmVeDZSFiNOSbPx+iodw7mYVkQdL7 l1cDSoNKPLagIFxmjekarKmWA7ojX5eXaSYOu3J5ijaQnVcbYMfhI/QG7opFwSrA 9fPhkA3ZNj32r4VZ9ALdp9+DNO7ThZ+r7SaY2rCNtQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedruddtgedggedtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkfhggtggujgesthdttddttddtvdenucfhrhhomhepfdfmihhr ihhllhcutedrucfuhhhuthgvmhhovhdfuceokhhirhhilhhlsehshhhuthgvmhhovhdrnh grmhgvqeenucggtffrrghtthgvrhhnpefhieeghfdtfeehtdeftdehgfehuddtvdeuheet tddtheejueekjeegueeivdektdenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmh epmhgrihhlfhhrohhmpehkihhrihhllhesshhhuhhtvghmohhvrdhnrghmvg X-ME-Proxy: Feedback-ID: ie3994620:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 16 Jan 2023 07:31:00 -0500 (EST) Received: by box.shutemov.name (Postfix, from userid 1000) id 9DD80109792; Mon, 16 Jan 2023 15:30:57 +0300 (+03) Date: Mon, 16 Jan 2023 15:30:57 +0300 From: "Kirill A. Shutemov" To: Gerd Hoffmann Cc: "Kirill A. Shutemov" , Dionna Glaze , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, x86@kernel.org, jiewen.yao@intel.com, devel@edk2.groups.io, Ard Biescheuvel , "Min M. Xu" , James Bottomley , Tom Lendacky , Erdem Aktas , Dave Hansen Subject: Re: [PATCH v2] x86/efi: Safely enable unaccepted memory in UEFI Message-ID: <20230116123057.wvr6rz7y3ubgcm5z@box.shutemov.name> References: <20230113212926.2904735-1-dionnaglaze@google.com> <20230113222024.rp2erl54vx3grdbd@box.shutemov.name> <20230116105648.63hsxnmj2juwudmu@sirius.home.kraxel.org> MIME-Version: 1.0 In-Reply-To: <20230116105648.63hsxnmj2juwudmu@sirius.home.kraxel.org> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Jan 16, 2023 at 11:56:48AM +0100, Gerd Hoffmann wrote: > On Sat, Jan 14, 2023 at 01:20:24AM +0300, Kirill A. Shutemov wrote: > > On Fri, Jan 13, 2023 at 09:29:26PM +0000, Dionna Glaze wrote: > > > This patch depends on Kirill A. Shutemov's series > > > > > > [PATCHv8 00/14] mm, x86/cc: Implement support for unaccepted memory > > > > > > The UEFI v2.9 specification includes a new memory type to be used in > > > environments where the OS must accept memory that is provided from its > > > host. Before the introduction of this memory type, all memory was > > > accepted eagerly in the firmware. In order for the firmware to safely > > > stop accepting memory on the OS's behalf, the OS must affirmatively > > > indicate support to the firmware. > > > > I think it is a bad idea. > > > > This approach breaks use case with a bootloader between BIOS and OS. > > As the bootloader does ExitBootServices() it has to make the call on > > behalf of OS when it has no idea if the OS supports unaccepted. > > Nothing breaks, it'll error on the safe side. If the protocol callback > is not called the firmware will simply accept all memory. The guest OS > will only see unaccepted memory if it explicitly asked for it (assuming > the firmware wants know to support both cases, of course the firmware > could also enforce the one or the other and just not offer the > protocol). How bootloader suppose to know if OS will ask for unaccepted memory? It can't. It means the use-case with bootloader cannot ever use unaccepted memory. That's broken design. -- Kiryl Shutsemau / Kirill A. Shutemov