lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: 
 <BL1PR18MB42488523A5E05291EA57D0AEDB372@BL1PR18MB4248.namprd18.prod.outlook.com>
Date: Sun, 24 Mar 2024 07:53:17 +0000
From: Elad Nachman <enachman@...vell.com>
To: Andrew Lunn <andrew@...n.ch>
CC: Taras Chornyi <taras.chornyi@...ision.eu>,
        "davem@...emloft.net"
	<davem@...emloft.net>,
        "edumazet@...gle.com" <edumazet@...gle.com>,
        "kuba@...nel.org" <kuba@...nel.org>,
        "pabeni@...hat.com" <pabeni@...hat.com>,
        "kory.maincent@...tlin.com" <kory.maincent@...tlin.com>,
        "thomas.petazzoni@...tlin.com" <thomas.petazzoni@...tlin.com>,
        "miquel.raynal@...tlin.com" <miquel.raynal@...tlin.com>,
        "przemyslaw.kitszel@...el.com" <przemyslaw.kitszel@...el.com>,
        "dkirjanov@...e.de" <dkirjanov@...e.de>,
        "netdev@...r.kernel.org"
	<netdev@...r.kernel.org>,
        "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: RE: [EXTERNAL] Re: [PATCH v2 0/5] Fix prestera driver fail to probe
 twice



> -----Original Message-----
> From: Andrew Lunn <andrew@...n.ch>
> Sent: Thursday, March 21, 2024 9:22 PM
> To: Elad Nachman <enachman@...vell.com>
> Cc: Taras Chornyi <taras.chornyi@...ision.eu>; davem@...emloft.net;
> edumazet@...gle.com; kuba@...nel.org; pabeni@...hat.com;
> kory.maincent@...tlin.com; thomas.petazzoni@...tlin.com;
> miquel.raynal@...tlin.com; przemyslaw.kitszel@...el.com;
> dkirjanov@...e.de; netdev@...r.kernel.org; linux-kernel@...r.kernel.org
> Subject: Re: [EXTERNAL] Re: [PATCH v2 0/5] Fix prestera driver fail to probe
> twice
> 
> > Originally, the pain point for Kory was the rmmod + insmod re-probing
> > failure, Which is only fixed by the first two commits, so I see little
> > point in submitting 3-5 alone, Without fixing Kory's problem.
> 
> I thought Kory's problem was actually EPROBE_DEFER? The resources needed
> for the PoE are not available, so probing the switch needs to happen again
> later, when PoE can get the resources it needs.

No, the PoE is the general high level application where he noted the problem.
There is no PoE code nor special PoE resources in the Prestera driver.
The problem was caused because the module exit was lacking the so called
"switch HW reset" API call which would cause the firmware to exit to the firmware
loader on the firmware CPU, and move to the state in the state machine when
it can receive new firmware from the host CPU (running the Prestera switchDev
driver).

> 
> But if that is going to take 30 seconds, i'm not sure we can call EPROBE_DEFER
> solved.
> 
> The later patches are pretty simple, don't need discussion, so could be
> merged. However, i think we need to explore different possible solutions for
> firmware {re}loading.
> 
> > The problem is not with the hardware, but with the existing firmware
> > code on the Firmware cpu, most probably secure-boot protected, which
> > lacks the ABIs to report to The kernel what is loaded, what version, what
> state, etc.
> 
> Can you at least tell if it is running firmware?

There is no existing API/ABI for that.

> 
> Can you explain the boot in a bit more detail. Are you saying it could be
> running an old firmware when the driver first loads? So you need to hit it with

Exactly.

> a reset in order to load the firmware for /lib/firmware, which might be newer
> than what it is already running?

Right. And there is also the configuration. There is no telling what kind of
Configuration the existing firmware is running. Just using the existing firmware
Will lead to the situation where Linux kernel side will report certain configuration
(via ip link / ip addr / tc , etc.) but the firmware configuration is completely different.
Loading the firmware again will configure the switch to the default setting, making
Sure that the Linux kernel switchDev side is synchronized with the firmware side
And the actual switch configuration.
Unfortunately, there is currently no API/ABI for warm-boot synchronization from
The firmware side to the Kernel switchdev side.

> 
> That would imply the device has FLASH and has a copy of firmware in it? And

Not of the firmware, the flash holds the firmware loader code.
This is a limited functionality code which has only the minimal API/ABI to load
The next firmware.

> if that is true, i think that also implies you have no way to upgrade the image
> in FLASH? Otherwise you would implement "devlink flash" to allow it to be
> upgraded. You then would not need to load the firmware on driver probe....

Right. This is a limitation of the design made. There is no option to upgrade the
Firmware loader binary on the flash, and many boards have it in secure boot,
Which means it cannot be upgraded without bricking the firmware 
CPU loader binary...

> 
> 	Andrew
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ