On Mon, Aug 21, 2017 at 06:56:01AM -0700, Andy Lutomirski wrote: > There are two ways this could be a problem. One is that u privileged > user apps shouldn't be able to read from EFI memory. The other is > that, if EFI were to have IO memory mapped at a "user" address, perf > could end up reading it.
So assuming the efi_switch_mm() case from the calling thread context, I don't see how we can avoid it at all. Suppose we have a free running PEBS counter (PEBS puts samples in DS buffer and only raises PMI when 'full'). This can easily cover the entire efi_switch_mm() and back swizzle, and then we have 'userspace' samples that don't correspond to actual userspace. EFI (pretending to be userspace) is a giant trainwreck.
