lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Zr4Td7PiKhKl3Et3@lpieralisi>
Date: Thu, 15 Aug 2024 16:40:55 +0200
From: Lorenzo Pieralisi <lpieralisi@...nel.org>
To: Shivendra Pratap <quic_spratap@...cinc.com>
Cc: Elliot Berman <quic_eberman@...cinc.com>,
	Bjorn Andersson <andersson@...nel.org>,
	Konrad Dybcio <konrad.dybcio@...aro.org>,
	Sebastian Reichel <sre@...nel.org>, Rob Herring <robh@...nel.org>,
	Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>,
	Conor Dooley <conor+dt@...nel.org>, Vinod Koul <vkoul@...nel.org>,
	Andy Yan <andy.yan@...k-chips.com>,
	Mark Rutland <mark.rutland@....com>,
	Bartosz Golaszewski <bartosz.golaszewski@...aro.org>,
	Satya Durga Srinivasu Prabhala <quic_satyap@...cinc.com>,
	Melody Olvera <quic_molvera@...cinc.com>,
	devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-arm-kernel@...ts.infradead.org,
	Florian Fainelli <florian.fainelli@...adcom.com>,
	linux-pm@...r.kernel.org, linux-arm-msm@...r.kernel.org,
	quic_spratap@...inc.com
Subject: Re: [PATCH v5 3/4] firmware: psci: Read and use vendor reset types

On Mon, Aug 12, 2024 at 11:46:08PM +0530, Shivendra Pratap wrote:
> 
> 
> On 8/9/2024 10:28 PM, Elliot Berman wrote:
> > On Fri, Aug 09, 2024 at 03:30:38PM +0200, Lorenzo Pieralisi wrote:
> >> On Wed, Aug 07, 2024 at 11:10:50AM -0700, Elliot Berman wrote:
> >>
> >> [...]
> >>
> >>>>> +static void psci_vendor_sys_reset2(unsigned long action, void *data)
> >>>>
> >>>> 'action' is unused and therefore it is not really needed.
> >>>>
> >>>>> +{
> >>>>> +	const char *cmd = data;
> >>>>> +	unsigned long ret;
> >>>>> +	size_t i;
> >>>>> +
> >>>>> +	for (i = 0; i < num_psci_reset_params; i++) {
> >>>>> +		if (!strcmp(psci_reset_params[i].mode, cmd)) {
> >>>>> +			ret = invoke_psci_fn(PSCI_FN_NATIVE(1_1, SYSTEM_RESET2),
> >>>>> +					     psci_reset_params[i].reset_type,
> >>>>> +					     psci_reset_params[i].cookie, 0);
> >>>>> +			pr_err("failed to perform reset \"%s\": %ld\n",
> >>>>> +				cmd, (long)ret);
> >>>>> +		}
> >>>>> +	}
> >>>>> +}
> >>>>> +
> >>>>>  static int psci_sys_reset(struct notifier_block *nb, unsigned long action,
> >>>>>  			  void *data)
> >>>>>  {
> >>>>> +	if (data && num_psci_reset_params)
> >>>>
> >>>> So, reboot_mode here is basically ignored; if there is a vendor defined
> >>>> reset, we fire it off.
> >>>>
> >>>> I think Mark mentioned his concerns earlier related to REBOOT_* mode and
> >>>> reset type (granted, the context was different):
> >>>>
> >>>> https://lore.kernel.org/all/20200320120105.GA36658@C02TD0UTHF1T.local/
> >>>>
> >>>> I would like to understand if this is the right thing to do before
> >>>> accepting this patchset.
> >>>>
> >>>
> >>> I don't have any concerns to move this part below checking reboot_mode.
> >>> Or, I could add reboot_mode == REBOOT_COLD check.
> >>
> >> The question is how can we map vendor specific reboot magic to Linux
> >> reboot modes sensibly in generic PSCI code - that's by definition
> >> vendor specific.
> >>
> > 
> > I don't think it's a reasonable thing to do. "reboot bootloader" or
> > "reboot edl" don't make sense to the Linux reboot modes.
> > 
> > I believe the Linux reboot modes enum is oriented to perspective of
> > Linux itself and the vendor resets are oriented towards behavior of the
> > SoC.
> > 
> > Thanks,
> > Elliot
> > 
> 
> Agree.
> 
> from perspective of linux reboot modes, kernel's current implementation in reset path is like:
> __
> #1 If reboot_mode is WARM/SOFT and PSCI_SYSRESET2 is supported 
>     Call PSCI - SYSTEM_RESET2 - ARCH RESET
> #2 ELSE
>     Call PSCI - SYSTEM_RESET COLD RESET
> ___
> 
> ARM SPECS for PSCI SYSTEM_RESET2
> This function extends SYSTEM_RESET. It provides:
> • ARCH RESET: set Bit[31] to 0               = > This is already in place in condition #1.
> • vendor-specific resets: set Bit[31] to 1.  = > current patchset adds this part before kernel's reboot_mode reset at #0.
> 
> 
> In current patchset, we see a condition added at #0-psci_vendor_reset2 being called before kernel’s current reboot_mode condition and it can take any action only if all below conditions are satisfied.
> - PSCI SYSTEM_RESET2 is supported.
> - psci dt node defines an entry "bootloader" as a reboot-modes.
> - User issues reboot with a command say - (reboot bootloader).
> - If vendor reset fails, default reboot mode will execute as is.
> 
> Don't see if we will skip or break the kernel reboot_mode flow with this patch. 
> Also if user issues reboot <cmd> and <cmd> is supported on SOC vendor reset psci node, should cmd take precedence over kernel reboot mode enum? may be yes? 
> 

Please wrap lines when replying.

I don't think it is a matter of precedence. reboot_mode and the reboot
command passed to the reboot() syscall are there for different (?)
reasons.

What I am asking is whether it is always safe to execute a PSCI vendor
reset irrispective of the reboot_mode value.

Lorenzo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ