On Fri, 06 Jan, at 07:28:40PM, Ard Biesheuvel wrote: > > This is my point exactly. But it appears efi_free_boot_services() > occurs much later than I thought, and so there is a sizabe time window > where SLAB is up but reservations can still be made. But we don't > check whether efi_free_boot_services() has been called.
True. This has only been correct thus far because all code has been audited, but adding a check to catch future offenders is a good idea. > Another problem is that we never check that the reservation is > covered by a BootServicesData region, which are the only ones that > are guaranteed to be retained up to this point. The runtime regions are guaranteed to be retained too. Again, this shouldn't actually be a problem today, but the potential for breakage here warrants some kind of check and loud warning.
