Re: [edk2-devel] Conflicting virtual addresses causing Runtime Services issues

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Ard Biesheuvel" <ardb@kernel.org>
To: Jon Nettleton <jon@solid-run.com>
Cc: devel@edk2.groups.io, Laszlo Ersek <lersek@redhat.com>,
	Hao A Wu <hao.a.wu@intel.com>,
	 Liming Gao <gaoliming@byosoft.com.cn>,
	 "Ard Biesheuvel (TianoCore)" <ardb+tianocore@kernel.org>,
	 "Leif Lindholm (Nuvia address)" <leif@nuviainc.com>
Subject: Re: [edk2-devel] Conflicting virtual addresses causing Runtime Services issues
Date: Fri, 12 Mar 2021 20:52:12 +0100	[thread overview]
Message-ID: <CAMj1kXFezjh0qQg4i_O5L=YQip5Tet=nKkaWoJ89MB0Y4BVLmQ@mail.gmail.com> (raw)
In-Reply-To: <CABdtJHtbj97_nbN87i3TDbPLVs8DP684zAYCUNv7AxrpayttkA@mail.gmail.com>

On Fri, 12 Mar 2021 at 07:00, Jon Nettleton <jon@solid-run.com> wrote:
>
> On Fri, Mar 12, 2021 at 4:02 AM Jon Nettleton via groups.io
> <jon=solid-run.com@groups.io> wrote:
> >
> > On Thu, Mar 11, 2021 at 11:39 PM Ard Biesheuvel <ardb@kernel.org> wrote:
> > >
> > > On Thu, 11 Mar 2021 at 23:25, Laszlo Ersek <lersek@redhat.com> wrote:
> > > >
> > > > Adding Ard and Leif, comments below:
> > > >
...
> > > Thanks for inviting me to this party!
> > >
> > > So the tl;dr here is that some points get converted twice, which
> > > usually is not a problem because the virtual address resulting from
> > > the conversion is rarely mistaken for a physical address living in a
> > > EFI_MEMORY_RUNTIME region.
> > >
> > > So I agree with Laszlo's assertion that the consumer of a protocol has
> > > no business updating its protocol pointers, so this should definitely
> > > be fixed in the core VariableRuntime driver. However, given the
> > > typical nature of the variable stack, i.e., a platform specfic NOR
> > > flash driver combined with the generic FTW and variable drivers, doing
> > > so would likely break many out of tree platforms where the NOR flash
> > > driver does not bother to update its pointers at all.
> >
> > Not ideal, but we could add a flag to Runtime Services and let the platform
> > specify if it is remapping the FVB.  This would allow us to not break legacy
> > drivers, but still easily let properly designed platforms bypass this
> > behaviour.  As time progressed this could be used to for a deprecation
> > warning, until it became the default handling of FVB pointer conversion.
> >
> Something like the attached patch possibly?

Frankly, I don't think adding a PCD that does one or the other is the
right way to go here.

Instead, what we might do is:
- record the original values of the pointers at ExitBootServices() time
- don't touch the original values but the copies during SetVirtualAddressMap()
- in each exposed RuntimeService(), do a runtime check whether the
addresses in the protocol struct are equal to the converted copies,
and if not, update them.

This functionality should be enabled by default, but can be opted out
of by a platform if we dedicate a PCD to it that defaults to enabled.
At some point, we could add some kind of deprecation warning if the
PCD is enabled, and have a path forward to actually retiring it
completely.

next prev parent reply	other threads:[~2021-03-12 19:52 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-10  8:04 Conflicting virtual addresses causing Runtime Services issues Jon Nettleton
2021-03-10 14:52 ` [edk2-devel] " Laszlo Ersek
2021-03-11  6:53   ` Jon Nettleton
     [not found]   ` <166B374585A9D8FC.18699@groups.io>
2021-03-11  9:48     ` Jon Nettleton
2021-03-11 14:50       ` Laszlo Ersek
2021-03-11 15:49         ` Jon Nettleton
2021-03-11 22:25         ` Laszlo Ersek
2021-03-11 22:39           ` Ard Biesheuvel
2021-03-12  3:01             ` Jon Nettleton
     [not found]             ` <166B792D1514133B.31346@groups.io>
2021-03-12  5:59               ` Jon Nettleton
2021-03-12 19:30                 ` Laszlo Ersek
2021-03-12 19:52                 ` Ard Biesheuvel [this message]
2021-03-12 19:17             ` Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAMj1kXFezjh0qQg4i_O5L=YQip5Tet=nKkaWoJ89MB0Y4BVLmQ@mail.gmail.com' \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox