lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-id: <4727CB1A.7040607@shaw.ca>
Date:	Tue, 30 Oct 2007 18:23:54 -0600
From:	Robert Hancock <hancockr@...w.ca>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Arjan van de Ven <arjan@...radead.org>, Greg KH <greg@...ah.com>,
	Jesse Barnes <jbarnes@...tuousgeek.org>,
	akpm@...ux-foundation.org, ak@...e.de, rajesh.shah@...el.com,
	linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: pci-disable-decode-of-io-memory-during-bar-sizing.patch

Linus Torvalds wrote:
> 
> On Tue, 30 Oct 2007, Robert Hancock wrote:
>>> You have to, anyway. Even now the MMCONFIG stuff uses CONF1 cycles for
>>> startup.
>> If it does, it's not by necessity. As soon as you read the table location out
>> of the ACPI tables you can start using it, and that shouldn't require any
>> config space accesses.
> 
> Don't be silly. Exactly _BECAUSE_ we cannot trust the firmware, we have to 
> use conf1 (which we can trust) to verify it and/or fix things up.

My point was, it's not inherently necessary in order to use MMCONFIG. 
I'm not saying the checks (unreachable_devices and 
pci_mmcfg_check_hostbridge) aren't useful or needed with many real 
machines. However, in the event that type1 access isn't available we 
just skip all those checks because we have no other option. It would 
indeed be a pretty broken spec if there was no way to bootstrap with it 
even under ideal conditions..

> 
> Also, there are several devices that don't show up in the MMCFG things, or 
> just otherwise get it wrong.
> 
> So just take a look at arch/x86/pci/mmconfig-shared.c and look for 
> "conf1".
> 
> Really. Damn, I'm nervous taking any MMCFG patches that has you as an 
> author, if you aren't even aware of these kinds of fundamnetal issues. You 
> probably read the standards about how things are "supposed" to work, and 
> then just believed them?
> 
> Rule #1 in kernel programming: don't *ever* think that things actually 
> work the way they are documented to work. The documentation is a starting 
> point, nothing else. 
> 
> And please be defensive in programming. We *know* conf1 cycles work. The 
> hardware has been extensively tested, and there are no firmware 
> interactions. There is *zero* reasons to use MMCONF cycles for normal 
> devices. Ergo: switching over to MMCONF when not needed is stupid and 
> fragile.

I can't really disagree that MMCONFIG doesn't have great advantages for 
most devices (though it likely is faster on a lot of platforms, which 
may be significant if the device does lots of config space accesses). So 
for the moment, avoiding using it except where necessary will likely 
work out (except if some system does indeed puke on mixing type1 and 
MMCONFIG).

However, what Microsoft is doing with Vista may eventually make a 
difference in the future. Many hardware vendors seem to use the testing 
strategy of "test with latest Windows version. Works OK? Ship it." If 
Vista decides that MMCONFIG is good to use all the time, then type1 
access support is likely going to a) end up less tested and b) probably 
deleted entirely in time. We've seen it before - it used to be that not 
using ACPI was the safe option on most hardware with Linux. Now you 
pretty much have to use it because the manufacturers only test with it 
enabled. I've seen at least one board where the interrupt routing was 
completely broken with ACPI off, because they obviously only tested in 
Windows..

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists