| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 21 Jun 2021 06:10:04 +0200 (CEST)
From: "Maciej W. Rozycki" <macro@...am.me.uk>
To: Thomas Gleixner <tglx@...utronix.de>
cc: Arnd Bergmann <arnd@...nel.org>,
Heiner Kallweit <hkallweit1@...il.com>,
Nikolai Zhubr <zhubr.2@...il.com>,
netdev <netdev@...r.kernel.org>, Jeff Garzik <jgarzik@...ox.com>,
the arch/x86 maintainers <x86@...nel.org>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>
Subject: Re: Realtek 8139 problem on 486.
On Sun, 20 Jun 2021, Thomas Gleixner wrote:
> > If overriding the BIOS setting breaks something that works today, nothing
> > is gained, because the next person running into an i486 PCI specific bug
> > is unlikely to be as persistent and competent as Nikolai in tracking down
> > the root cause.
>
> Yes, sigh. The reason why this BIOS switch exists, which should have
> never existed, is that during the transition from EISA which was edge
> triggered to PCI some card manufacturers just changed the bus interface
> of their cards but completely missed the edge -> level change in
> hardware either by stupidity or intentionally so they did not have to
> make any changes to the rest of the hardware and to drivers.
Umm, I have been fairly sure it is actually EISA that has introduced
switching between edge- and level-triggered interrupts on a line-by-line
basis for ISA option compatibility (previously ISA and MCA were globally
edge-triggered and level-triggered respectively via a bit in ICW1 as per
classic 8259A configuration modes) and at least Intel documentation[1][2]
confirms that ELCR was already present in plain EISA chipsets, so that you
could set IRQ lines used by ISA and EISA cards for edge-triggering and
level-triggering respectively.
One peculiarity here is that level-triggered interrupts are necessarily
active-low to permit sharing, but ISA edge-triggered interrupts are
active-high. Otherwise due to the oddity of how edge-triggered 8259A
interrupts work we could actually safely reprogram all but the 8254 timer
for level triggering and things would still work just fine (pretty much
what MCA did with a hardware hack for the timer).
So while there may have been odd cases of ISA circuitry repurposed for
PCI (and then in a broken manner), they must have been exceedingly rare in
the first place, and likely hardly any have survived, as their usability
must have been marginal.
For EISA I reckon such repurposing wouldn't be an issue as the
manufacturer would simply require the interrupt line to be programmed by
the EISA BIOS for the edge-triggered mode via the accompanying ECU
configuration file for the piece of hardware in question. In fact some
genuine ISA hardware, such as the 3Com 3c509b Ethernet card, did support
configuring as EISA hardware.
> The predominant OS'es at that time of course did not have an easy way to
> add a quirk to fix this, so the way out was to add the chicken bit
> option to the BIOS which then either tells the OS the trigger mode for
> INTA..INTD and just sets up ELCR before booting the OS. I have faint
> memories that I had to use such a BIOS switch long time ago to get some
> add-on PCI card working.
>
> So the right thing to do is to leave 8139 as is and add a PCI quirk
> which enforces level trigger type for 8139 in legacy PCI interrupt mode.
I think it makes little sense really to add a quirk based on option card
hardware ID, as one could plug any PCI card into a slot whose interrupt
line to be used has been incorrectly configured in the BIOS. So all PCI
cards would have to have such a quirk defined.
As I noted in a previous message I think the only sensible approach is to
have the quirk based on the southbridge hardware ID, or in the absence of
one -- the northbridge ID (I have now double-checked and it's the Aries
chipset that does not make its southbridge component, the 82426EX ISA
Bridge (IB), visible in the PCI configuration space).
If this system uses the IB or the 82378ZB SIO southbridge, then we can
handle it with full confidence however, as they have been documented, and
they both have the ELCR register[3][4][5]. Note that the earlier version
of the SIO southbridge, the 82378IB doesn't have the ELCR register[6][7],
and it could only handle PCI interrupts with board-specific external logic
(probably a design erratum/oversight, hence a later correction[8]).
The northbridge ID for Aries is 8086:0486 and the southbridge ID for SIO
is 8086:0484. The 82378IB and 82378ZB SIO revisions can be told apart by
the configuration-space Revision Identification Register, bits 3:0: 0x0
for the 82378IB w/o ELCR, 0x3 for the 82378ZB with ELCR[9].
> Alternatively we can just emit a noisy warning when a legacy PCI
> interrupt is configured as edge by the BIOS and tell people to toggle
> that switch if stuff does not work. Though that might be futile because
> not all BIOSes have these toggle options.
A warning surely won't hurt, but TBH I'd just reprogram any incorrectly
configured PCI interrupt line unconditionally where the ELCR is available.
The chance someone uses a broken PCI card that drives its interrupt line
as edge-triggered and is actually handled by a Linux driver both at a time
is IMO nil. Such a card requires special provisions hardly any system
provides and has anyone here seen a report of such a beast?
NB copies of documents referred available upon request, except for
290473-004, which I only have in the hardcopy form (though see
<https://archive.org/details/bitsavers_intelpentirocessorsandRelatedComponents_64170750>).
References:
[1] "82357 Integrated System Peripheral (ISP)", Intel Corporation, Order
Number: 290253-006, March, 1994, Section 5.14.7 "Edge and Level
Triggered Modes", p. 44
[2] "Multiprocessor Specification", Version 1.1, Intel Corporation, Order
Number: 242016-003, September 1994, Section 5.3.2 "Level-triggered
Interrupt Support", p. 5-7
[3] "82420EX PCIset Data Sheet, 82425EX PCI System Controller (PSC)
and 82426EX ISA Bridge (IB)", Intel Corporation, Order Number:
290488-004, December 1995, Section 4.11.2 "Edge and Level Interrupt
Triggered Mode", p. 111
[4] "82378 System I/O (SIO)", Intel Corporation, Order Number: 290473-004,
December 1994, Section 5.8.1 "Edge and Level Triggered Modes"
[5] "82378ZB System I/O (SIO) and 82379AB System I/O APIC (SIO.A)", Intel
Corporation, Order Number: 290571-001, March 1996, Section 4.8.1.
"Edge and Level Triggered Modes", p. 101
[6] "82378IB System I/O (SIO)", Intel Corporation, Order Number:
290473-002, April 1993, Section 5.8.7.7 "Edge and Level Triggered
Modes"
[7] "82378 System I/O (SIO)", Intel Corporation, Order Number: 290473-004,
December 1994, Section 4.4.1 "ICW1--Initialization Command Word 1
Register"
[8] "82378IB to 82378ZB Errata Fix and Feature Enhancement Conversion
FOL933002-01",
<https://web.archive.org/web/19990421045433/http://support.intel.com/support/chipsets/420/8511.htm>
[9] "82378 System I/O (SIO)", Intel Corporation, Order Number: 290473-004,
December 1994, Section 4.1.5 "RID--Revision Identification Register"
Maciej
Powered by blists - more mailing lists