Re: [PATCH 0/2] efi: Expose the runtime-services workqueue via sysfs

[Ilias Apalodimas]

Hi Sebastian,

Late to the party but ...

On Mon, 9 Feb 2026 at 17:55, Sebastian Andrzej Siewior
<bigeasy@xxxxxxxxxxxxx> wrote:
>
> On 2026-02-09 12:17:35 [-0300], Luis Claudio R. Goncalves wrote:
> > Sebastian, as for the TEE feature you mentioned, is there specific test I
> > should run? Or is there any test you would like me to run in the context of
> > this change?
>
> Puh.
> If you have a TEE environment, then the EFI interface should be
> "supplied" the TEE instead the runtime-wrappers. My guess is that
> tee_get_variable() would be used instead and here the workqueue won't be
> used (I think). So that is the easy part.
>
> What I don't know is if this is a problem, i.e. is it possible to
> interrupt the secure monitor and continue in Linux before heading back
> to the secure environment or not.

In theory yes. In practice, at least for arm & OP-TEE, the
communication between the TEE and the secure-world app doing the
variable chekcs & authentication is via the MM protocol [0].
IIRC that requires to run to completion. So what happens is that you
enter OP-TEE and right before the StMM is invoked (the app that
handles EFI variables) all exceptions are masked and it must run to
completion.
The period of masking does not include writing the variables to
storage. That's handled differently and is interruptible.

> If you could check how long you end up in the next variable and RTC call
> and if the time is noticeable, do you see it in cyclictest or not.
> So if the EFI-TEE-RTC-callback takes always >1ms and you don't see this
> in cyclictest as a spike then it should be good.
>
> Sebastian
>

[0] https://documentation-service.arm.com/static/5ed11e40ca06a95ce53f905c

Cheers
/Ilias