| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ccc78255-a2c4-4144-b580-9a16aada09c2@broadcom.com>
Date: Thu, 10 Oct 2024 15:57:22 -0700
From: Florian Fainelli <florian.fainelli@...adcom.com>
To: Sam Edwards <cfsworks@...il.com>, Rafał Miłecki
<rafal@...ecki.pl>, William Zhang <william.zhang@...adcom.com>,
Anand Gore <anand.gore@...adcom.com>, Kursad Oney <kursad.oney@...adcom.com>
Cc: Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>,
Conor Dooley <conor+dt@...nel.org>,
Broadcom internal kernel review list
<bcm-kernel-feedback-list@...adcom.com>, devicetree@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/2] arm64: dts: broadcom: bcmbca: bcm4908: Reserve CFE
stub area
On 10/4/24 22:01, Sam Edwards wrote:
> The CFE bootloader places a stub program in the first page of physical
> memory to hold the secondary CPUs until the boot CPU writes the release
> address, but does not splice a /reserved-memory node into the FDT to
> protect it. If Linux overwrites this program before execution reaches
> smp_prepare_cpus(), the secondary CPUs may become inaccessible.
>
> This is only a problem with CFE, and then only until the secondary CPUs
> are brought online. Ideally, there would be some hypothetical mechanism
> we could use to indicate that this area of memory is sensitive only
> during boot. But as there is none, and since it is such a small amount
> of memory, it is easiest to reserve it unconditionally.
If we supported CPU hotplug on those platforms (do we?) then it actually
does matter that this memory remains protected, and it cannot be
reclaimed. This does not invalidate the commit message and I will take
it as-is, but it it is not memory that we can necessarily reclaim that
easily, if we did things properly.
>
> Therefore, add a /reserved-memory node to bcm4908.dtsi to protect the
> first 4KiB of physical memory.
>
> Signed-off-by: Sam Edwards <CFSworks@...il.com>
> ---
> arch/arm64/boot/dts/broadcom/bcmbca/bcm4908.dtsi | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/arch/arm64/boot/dts/broadcom/bcmbca/bcm4908.dtsi b/arch/arm64/boot/dts/broadcom/bcmbca/bcm4908.dtsi
> index 8b924812322c..c51b92387fad 100644
> --- a/arch/arm64/boot/dts/broadcom/bcmbca/bcm4908.dtsi
> +++ b/arch/arm64/boot/dts/broadcom/bcmbca/bcm4908.dtsi
> @@ -68,6 +68,16 @@ l2: l2-cache0 {
> };
> };
>
> + reserved-memory {
> + #address-cells = <2>;
> + #size-cells = <2>;
> + ranges;
> +
> + cfe-stub@0 {
> + reg = <0x0 0x0 0x0 0x1000>;
> + };
> + };
> +
> axi@...00000 {
> compatible = "simple-bus";
> #address-cells = <1>;
--
Florian
Powered by blists - more mailing lists