* Josh Triplett <j...@joshtriplett.org> wrote:
> On Mon, Oct 12, 2015 at 04:17:54PM +0200, Ingo Molnar wrote:
> > * Matt Fleming <m...@codeblueprint.co.uk> wrote:
> > > On Mon, 12 Oct, at 02:49:36PM, Ingo Molnar wrote:
> > > > So why not unmap them after bootup? Is there any reason to call into
> > > > EFI code
> > > > while the system is up and running?
> > >
> > > That's where the runtime services code lives. So if you want things like
> > > EFI
> > > variables (used by the distro installer, among other things) you need to
> > > map the
> > > runtime regions.
> >
> > So EFI variables could be queried during bootup and saved on the Linux side.
>
> That wouldn't support writing to EFI variables. Or using the EFI
> capsule update system to update firmware.
Well, if we know the location of those pages then we could map those 'rw-' -
while
the rest would be mapped 'r-x'.
The 'rwx' mappings that are created are problematic from a security POV - they
basically undo many of our NX protections...
Thanks,
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
