On Thu, Aug 08, 2019 at 07:39:14PM +0200, Laszlo Ersek wrote: > On 08/07/19 19:41, Andrew Fish wrote: > >> On Aug 7, 2019, at 10:29 AM, Laszlo Ersek <ler...@redhat.com> wrote: > >> ummm... not sure why, but I never got this email in my inbox. I only see > >> it in my list folder. I see myself addressed on it as: > >> > >> Laszlo Ersek via Groups.Io <lersek=redhat....@groups.io > >> <mailto:lersek=redhat....@groups.io>>
I've adjusted my mail config to honor the 'reply-to:' header, should be ok now. > >> On 08/05/19 12:18, Roman Kagan wrote: > >>> On Sat, Aug 03, 2019 at 04:03:04AM +0200, Laszlo Ersek via Groups.Io > >>> wrote: > >>>> On 08/01/19 21:16, Roman Kagan wrote: > >> I'm convinced that OpenSSL needs to expose a new API for this particular > >> problem. Since, as you point out below, the problem only affects the essentially broken configuration (SECURE_BOOT_ENABLE && !SMM_REQUIRE), I'm fine with saving time and effort and sticking to the hack-ish approach proposed in the bugzilla issue, which is to iterate over "thread-local" pointers and EfiConvertPointer() on each. (As long as it fixes the problem of course; I'll test and report back.) So we should be good without a new API from OpenSSL. > In other words, the problem doesn't exist when OpenSSL (with the rest of > the variable driver stack) is protected with SMM, as pointers into SMRAM > remain valid "forever", after the initial SMM driver dispatch. Makes perfect sense. We happen to build this broken configuration for some historical reasons, I'm failing to recall exactly which. Will try to get rid of it. Thanks, Roman. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#45287): https://edk2.groups.io/g/devel/message/45287 Mute This Topic: https://groups.io/mt/32686575/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
