lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y+VgXbVHf0BC3vO6@fedora>
Date:   Thu, 9 Feb 2023 13:06:37 -0800
From:   Darren Hart <darren@...amperecomputing.com>
To:     Ard Biesheuvel <ardb@...nel.org>
Cc:     Justin He <Justin.He@....com>, LKML <linux-kernel@...r.kernel.org>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>,
        "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
        Alexandru Elisei <alexandru.elisei@...il.com>, nd <nd@....com>,
        Nathan Chancellor <nathan@...nel.org>
Subject: Re: [PATCH v2] arm64: efi: Force the use of SetVirtualAddressMap()
 on eMAG and Altra Max machines

On Thu, Feb 09, 2023 at 04:30:57PM +0100, Ard Biesheuvel wrote:
> (cc Nathan, another happy Ampere customer)
> 
> On Thu, 9 Feb 2023 at 05:26, Justin He <Justin.He@....com> wrote:
> >
> >
> >
> > > -----Original Message-----
> > > From: Darren Hart <darren@...amperecomputing.com>
> > > Sent: Thursday, February 9, 2023 8:28 AM
> > > To: LKML <linux-kernel@...r.kernel.org>
> > > Cc: stable@...r.kernel.org; linux-efi@...r.kernel.org; Alexandru Elisei
> > > <alexandru.elisei@...il.com>; Justin He <Justin.He@....com>; Huacai Chen
> > > <chenhuacai@...nel.org>; Jason A. Donenfeld <Jason@...c4.com>; Ard
> > > Biesheuvel <ardb@...nel.org>
> > > Subject: [PATCH v2] arm64: efi: Force the use of SetVirtualAddressMap() on
> > > eMAG and Altra Max machines
> > >
> > > Commit 550b33cfd445 ("arm64: efi: Force the use of SetVirtualAddressMap()
> > > on Altra machines") identifies the Altra family via the family field in the type#1
> > > SMBIOS record. eMAG and Altra Max machines are similarly affected but not
> > > detected with the strict strcmp test.
> > >
> > > The type1_family smbios string is not an entirely reliable means of identifying
> > > systems with this issue as OEMs can, and do, use their own strings for these
> > > fields. However, until we have a better solution, capture the bulk of these
> > > systems by adding strcmp matching for "eMAG"
> > > and "Altra Max".
> > >
> > > Fixes: 550b33cfd445 ("arm64: efi: Force the use of SetVirtualAddressMap() on
> > > Altra machines")
> > > Cc: <stable@...r.kernel.org> # 6.1.x
> > > Cc: <linux-efi@...r.kernel.org>
> > > Cc: Alexandru Elisei <alexandru.elisei@...il.com>
> > > Cc: Justin He <Justin.He@....com>
> > > Cc: Huacai Chen <chenhuacai@...nel.org>
> > > Cc: "Jason A. Donenfeld" <Jason@...c4.com>
> > > Cc: Ard Biesheuvel <ardb@...nel.org>
> > > Signed-off-by: Darren Hart <darren@...amperecomputing.com>
> > Tested-by: justin.he@....com
> > > ---
> > > V1 -> V2: include eMAG
> > >
> > >  drivers/firmware/efi/libstub/arm64.c | 9 ++++++---
> > >  1 file changed, 6 insertions(+), 3 deletions(-)
> > >
> > > diff --git a/drivers/firmware/efi/libstub/arm64.c
> > > b/drivers/firmware/efi/libstub/arm64.c
> > > index ff2d18c42ee7..4501652e11ab 100644
> > > --- a/drivers/firmware/efi/libstub/arm64.c
> > > +++ b/drivers/firmware/efi/libstub/arm64.c
> > > @@ -19,10 +19,13 @@ static bool system_needs_vamap(void)
> > >       const u8 *type1_family = efi_get_smbios_string(1, family);
> > >
> > >       /*
> > > -      * Ampere Altra machines crash in SetTime() if SetVirtualAddressMap()
> > > -      * has not been called prior.
> > > +      * Ampere eMAG, Altra, and Altra Max machines crash in SetTime() if
> > > +      * SetVirtualAddressMap() has not been called prior.
> > >        */
> > > -     if (!type1_family || strcmp(type1_family, "Altra"))
> > > +     if (!type1_family || (
> > > +         strcmp(type1_family, "eMAG") &&
> > > +         strcmp(type1_family, "Altra") &&
> > > +         strcmp(type1_family, "Altra Max")))
> > In terms of resolving the boot hang issue, it looks good to me. And I've verified the
> > "eMAG" part check.
> > So please feel free to add:
> > Tested-by: Justin He <justin.he@....com>
> >
> 
> Thanks. I've queued this up now.
> 
> > But I have some other concerns:
> > 1. On an Altra server, the type1_family returns "Server". I don't know whether it
> > is a smbios or server firmware bug.
> 
> This is not really a bug. OEMs are free to put whatever they want into
> those fields, although that is a great example of a sloppy vendor that
> just puts random junk in there.
> 

We could use the type1 "product name" and have a unique identifier, but that
doesn't scale well either. Ampere partners with many OEMs, and we should expect
this to increase in time.

> We could plumb in the type 4 smbios record too, and check the version
> for *Altra* - however, it would be nice to get an idea of how many
> more we will end up needing to handle here.

If we don't get this fixed in firmware, I think we have two kernel side
maintainable options:

1) Depend on the type4 string for the SoCs with impacted EDK2 firmware. This is
suboptimal as OEMs should be able to update the firmware they ship and control
how the kernel interacts with their platform. This effectively removes that
option in order to avoid the individual listing of "product name".

2) Revert the earlier commit changing the default to not calling
SetVirtualAddressMap(). Obviously undesirable for the reasons that patch went
in, and it affects all arm64 platforms. The only argument here is it used to
work and now it doesn't.

> Also, is anyone looking to get this fixed? There is Altra code in the
> public EDK2 repo, but it is very hard to get someone to care about
> these things, and fix their firmware.

Yes, this is a conversation I'm having internally with the firmware teams, and
the preferred approach provided it can be effectively rolled out to eventually
capture all Altra* and future platforms.

Thanks,

-- 
Darren Hart
Ampere Computing / OS and Kernel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ