Re: [PATCH 17/24] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
On 04/07/17 at 08:05am, David Howells wrote: > Dave Young wrote: > > > > > This option allows userspace to pass the RSDP address to the kernel, > > > > which > > > > makes it possible for a user to circumvent any restrictions imposed on > > > > loading modules. Ignore the option when the kernel is locked down. > > > > > > I'm not really sure here. > > > > > > What exactly is the mechanism? > > > > Actually this acpi_rsdp param is created for EFI kexec reboot in old > > days when we had not supported persistent efi vm space across kexec > > reboot. At that time kexec reboot runs as noefi mode, it can not find > > the acpi root table thus kernel will hang early. > > > > Now kexec can support EFI boot so this param is not necessary for most > > user unless they still use efi=old_map. > > Is this patch now unnecessary? I think it is still necessary because the acpi_rsdp kernel param is still a valid paramater and one can still pass a pointer to be recognized as acpi root pointer. Maybe "imposed on loading modules" is not clear which can be dropped. Thanks Dave
Re: [PATCH 17/24] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Dave Young wrote: > > > This option allows userspace to pass the RSDP address to the kernel, which > > > makes it possible for a user to circumvent any restrictions imposed on > > > loading modules. Ignore the option when the kernel is locked down. > > > > I'm not really sure here. > > > > What exactly is the mechanism? > > Actually this acpi_rsdp param is created for EFI kexec reboot in old > days when we had not supported persistent efi vm space across kexec > reboot. At that time kexec reboot runs as noefi mode, it can not find > the acpi root table thus kernel will hang early. > > Now kexec can support EFI boot so this param is not necessary for most > user unless they still use efi=old_map. Is this patch now unnecessary? David
Re: [PATCH 17/24] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
On 04/06/17 at 09:43pm, Rafael J. Wysocki wrote: > On Wed, Apr 5, 2017 at 10:16 PM, David Howells wrote: > > From: Josh Boyer > > > > This option allows userspace to pass the RSDP address to the kernel, which > > makes it possible for a user to circumvent any restrictions imposed on > > loading modules. Ignore the option when the kernel is locked down. > > I'm not really sure here. > > What exactly is the mechanism? Actually this acpi_rsdp param is created for EFI kexec reboot in old days when we had not supported persistent efi vm space across kexec reboot. At that time kexec reboot runs as noefi mode, it can not find the acpi root table thus kernel will hang early. Now kexec can support EFI boot so this param is not necessary for most user unless they still use efi=old_map. > > Thanks, > Rafael > -- > To unsubscribe from this list: send the line "unsubscribe linux-efi" in > the body of a message to majord...@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 17/24] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
On Wed, Apr 5, 2017 at 10:16 PM, David Howells wrote: > From: Josh Boyer > > This option allows userspace to pass the RSDP address to the kernel, which > makes it possible for a user to circumvent any restrictions imposed on > loading modules. Ignore the option when the kernel is locked down. I'm not really sure here. What exactly is the mechanism? Thanks, Rafael