On Mon, Nov 9, 2015 at 11:08 PM, Ard Biesheuvel
wrote:
> On 9 November 2015 at 22:08, Kees Cook wrote:
>> On Sat, Nov 7, 2015 at 11:55 PM, Ard Biesheuvel
>> wrote:
>>> On 8 November 2015 at 07:58, Kees Cook
On Sat, Nov 7, 2015 at 11:55 PM, Ard Biesheuvel
wrote:
> On 8 November 2015 at 07:58, Kees Cook wrote:
>> On Fri, Nov 6, 2015 at 11:39 PM, Ard Biesheuvel
>> wrote:
>>> On 7 November 2015 at 08:09, Ingo Molnar
On Sat, 07 Nov, at 08:05:54AM, Ingo Molnar wrote:
>
> * Matt Fleming wrote:
>
> > On Thu, 05 Nov, at 01:33:10PM, Linus Torvalds wrote:
> > >
> > > And if this turns out to be due to EFI wanting those permissions, what
> > > should
> > > we do? People have talked
On 8 November 2015 at 07:58, Kees Cook wrote:
> On Fri, Nov 6, 2015 at 11:39 PM, Ard Biesheuvel
> wrote:
>> On 7 November 2015 at 08:09, Ingo Molnar wrote:
>>>
>>> * Matt Fleming wrote:
>>>
On
On 7 November 2015 at 08:09, Ingo Molnar wrote:
>
> * Matt Fleming wrote:
>
>> On Fri, 06 Nov, at 07:55:50AM, Ingo Molnar wrote:
>> >
>> > 3) We should fix the EFI permission problem without relying on the
>> > firmware: it
>> > appears we could
* Matt Fleming wrote:
> On Fri, 06 Nov, at 07:55:50AM, Ingo Molnar wrote:
> >
> > 3) We should fix the EFI permission problem without relying on the
> > firmware: it
> > appears we could just mark everything R-X optimistically, and if a
> > write fault
> >
* Matt Fleming wrote:
> On Thu, 05 Nov, at 01:33:10PM, Linus Torvalds wrote:
> >
> > And if this turns out to be due to EFI wanting those permissions, what
> > should
> > we do? People have talked about running the EFI callbacks in their own
> > private
> > page
On Fri, 06 Nov, at 07:55:50AM, Ingo Molnar wrote:
>
> 3) We should fix the EFI permission problem without relying on the firmware:
> it
> appears we could just mark everything R-X optimistically, and if a write
> fault
> happens (it's pretty rare in fact, only triggers when we write
On Thu, 05 Nov, at 11:05:35PM, Andy Lutomirski wrote:
>
> Admittedly, we might need to use a certain amount of care to avoid
> interesting conflicts with the vmap mechanism. We might need to vmap
> all of the EFI stuff, and possibly even all the top-level entries that
> contain EFI stuff (i.e.
On Thu, 05 Nov, at 01:33:10PM, Linus Torvalds wrote:
>
> And if this turns out to be due to EFI wanting those permissions, what
> should we do? People have talked about running the EFI callbacks in
> their own private page table setup, which sounds like the right idea,
> but until that actually
On Fri, Nov 06, 2015 at 01:09:48PM +, Matt Fleming wrote:
> On Thu, 05 Nov, at 11:05:35PM, Andy Lutomirski wrote:
> >
> > Admittedly, we might need to use a certain amount of care to avoid
> > interesting conflicts with the vmap mechanism. We might need to vmap
> > all of the EFI stuff, and
11 matches
Mail list logo