| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Jan 2007 11:09:25 +0100
From: Michael Buesch <mb@...sch.de>
To: "Jan Beulich" <jbeulich@...ell.com>
Cc: jgarzik@...ox.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] intel-rng workarounds
On Wednesday 03 January 2007 10:18, Jan Beulich wrote:
> Add a load option to intel-rng to allow skipping the FWH detection,
> necessary in case the BIOS has locked read-only the firmware hub space.
> Also prevent any attempt to write to firmware space if it cannot be
> write enabled (apparently caused hangs on some systems not having an
> FWH and thus also not having a respective RNG).
>
> Signed-off-by: Jan Beulich <jbeulich@...ell.com>
>
> --- linux-2.6.20-rc3/drivers/char/hw_random/intel-rng.c 2006-11-29 22:57:37.000000000 +0100
> +++ 2.6.20-rc3-intel-rng-skip-fhw-detect/drivers/char/hw_random/intel-rng.c 2006-11-29 09:09:21.000000000 +0100
> @@ -143,6 +143,8 @@ static const struct pci_device_id pci_tb
> };
> MODULE_DEVICE_TABLE(pci, pci_tbl);
>
> +static __initdata int no_fwh_detect;
> +module_param(no_fwh_detect, int, 0);
I'd say we need some parameter description saying that
-1 == always skip and 1 == skip if R/O.
Otherwise this is quite confusing.
> static inline u8 hwstatus_get(void __iomem *mem)
> {
> @@ -240,6 +242,11 @@ static int __init mod_init(void)
> if (!dev)
> goto out; /* Device not found. */
>
> + if (no_fwh_detect < 0) {
> + pci_dev_put(dev);
> + goto fwh_done;
> + }
> +
> /* Check for Intel 82802 */
> if (dev->device < 0x2640) {
> fwh_dec_en1_off = FWH_DEC_EN1_REG_OLD;
> @@ -252,6 +259,23 @@ static int __init mod_init(void)
> pci_read_config_byte(dev, fwh_dec_en1_off, &fwh_dec_en1_val);
> pci_read_config_byte(dev, bios_cntl_off, &bios_cntl_val);
>
> + if ((bios_cntl_val &
> + (BIOS_CNTL_LOCK_ENABLE_MASK|BIOS_CNTL_WRITE_ENABLE_MASK))
> + == BIOS_CNTL_LOCK_ENABLE_MASK) {
> + static __initdata /*const*/ char warning[] =
> + KERN_WARNING PFX "Firmware space is locked read-only. If you can't or\n"
> + KERN_WARNING PFX "don't want to disable this in firmware setup, and if\n"
> + KERN_WARNING PFX "you are certain that your system has a functional\n"
> + KERN_WARNING PFX "RNG, try using the 'no_fwh_detect' option.\n";
> +
> + pci_dev_put(dev);
> + if (no_fwh_detect)
> + goto fwh_done;
> + printk(warning);
> + err = -EBUSY;
> + goto out;
> + }
> +
> mem = ioremap_nocache(INTEL_FWH_ADDR, INTEL_FWH_ADDR_LEN);
> if (mem == NULL) {
> pci_dev_put(dev);
> @@ -280,8 +304,7 @@ static int __init mod_init(void)
> pci_write_config_byte(dev,
> fwh_dec_en1_off,
> fwh_dec_en1_val | FWH_F8_EN_MASK);
> - if (!(bios_cntl_val &
> - (BIOS_CNTL_LOCK_ENABLE_MASK|BIOS_CNTL_WRITE_ENABLE_MASK)))
> + if (!(bios_cntl_val & BIOS_CNTL_WRITE_ENABLE_MASK))
> pci_write_config_byte(dev,
> bios_cntl_off,
> bios_cntl_val | BIOS_CNTL_WRITE_ENABLE_MASK);
> @@ -315,6 +338,8 @@ static int __init mod_init(void)
> goto out;
> }
>
> +fwh_done:
> +
> err = -ENOMEM;
> mem = ioremap(INTEL_RNG_ADDR, INTEL_RNG_ADDR_LEN);
> if (!mem)
>
>
>
>
--
Greetings Michael.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists