Re: [PATCH] x86: EFI runtime code mapping enhancement

[Andi Kleen]

> For EFI runtime service in virtual mode, using direct mapping is mainly
> for kexec, where EFI runtime memory area need to be mapped at same
> virtual address across kexec. 

I see. I didn't consider this aspect.

> - Use direct mapping of kernel, clean NX bit from kernel page table
> temporarily before/after EFI calling. This needs not split 2M page into
> 4K pages, because the region changed is aligned with 2M. And, because
> the changing is temporary, a little larger region is not a big issue.

I would just do it permanently. 

> Aligning 
> EFI runtime code region with 1G seems not a good idea too. I think a
> better method is adding a non-split mode to c_p_a(), where the region
> changed is enlarged if necessary to avoid page allocation. This can be
> used to implement early_set_memory_xx(). The early_set_memory_xx()
> instead of duplicated c_p_a() variant can be used by EFI code.

I attempted something like this with my advisory vs required static
protections last week, but it was rejected.

But yes having such a mode would make sense agreed. 

The easiest way (as in least amount of code) to implement it actually 
is to just bypass set_memory_*() and just do the lookup_address() yourself 
and clear NX and do a global TLB flush. For the special case of NX
that is fine because you don't need to worry about fixing up any aliases.

-Andi
 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/