On Wed, 02 Mar, at 02:07:36PM, Ard Biesheuvel wrote:

On 2 March 2016 at 12:49, Matt Fleming [off-list ref] wrote:

quoted

On Mon, 22 Feb, at 03:25:54PM, Ard Biesheuvel wrote:

quoted

Recent UEFI versions expose permission attributes for runtime services
memory regions, either in the UEFI memory map or in the separate memory
attributes table.  This allows the kernel to map these regions with
stricter permissions, rather than the RWX permissions that are used by
default. So wire this up in our mapping routine.

Signed-off-by: Ard Biesheuvel <redacted>
---
 arch/arm/include/asm/efi.h |  1 +
 arch/arm/kernel/efi.c      | 41 ++++++++++++++++++++
 2 files changed, 42 insertions(+)

Looks fine from an EFI perspective, but it would be nice for somebody
else with ARM knowledge to ACK it.

I agree.

Note that the whole memory attribute series needs to wait for some
memremap() changes that I proposed for ARM (or at least the bits where
we wire it up for arm64+ARM)

Thanks for the reminder. I'll definitely hold off on applying this for
now.