lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 7 Dec 2022 11:29:58 -0800
From:   Shannon Nelson <shannon.nelson@....com>
To:     Jakub Kicinski <kuba@...nel.org>
Cc:     netdev@...r.kernel.org, davem@...emloft.net, jiri@...dia.com
Subject: Re: [PATCH net-next 1/2] devlink: add fw bank select parameter

On 12/6/22 5:41 PM, Jakub Kicinski wrote:
 > On Mon, 5 Dec 2022 09:26:26 -0800 Shannon Nelson wrote:
 >> Some devices have multiple memory banks that can be used to
 >> hold various firmware versions that can be chosen for booting.
 >> This can be used in addition to or along with the FW_LOAD_POLICY
 >> parameter, depending on the capabilities of the particular
 >> device.
 >>
 >> This is a parameter suggested by Jake in
 >> 
https://lore.kernel.org/netdev/CO1PR11MB508942BE965E63893DE9B86AD6129@CO1PR11MB5089.namprd11.prod.outlook.com/
 >
 > Can we make this netlink attributes?
To be sure, you are talking about defining new values in enum 
devlink_attr, right?  Perhaps something like
     DEVLINK_ATTR_INFO_VERSION_BANK   /* u32 */
to go along with _VERSION_NAME and _VERSION_VALUE for each item under 
running and stored?

Does u32 make sense here or should it be a string?

Or do we really need another value here, perhaps we should use the 
existing _VERSION_NAME to display the bank?  This is what is essentially 
happening in the current ionic and this proposed pds_core output, but 
without the concept of bank numbers:
       running:
         fw 1.58.0-6
       stored:
         fw.goldfw 1.51.0-3
         fw.mainfwa 1.58.0-6
         fw.mainfwb 1.56.0-47-24-g651edb94cbe

With (optional?) bank numbers, it might look like
       running:
         1 fw 1.58.0-6
       stored:
         0 fw.goldfw 1.51.0-3
         1 fw.mainfwa 1.58.0-6
         2 fw.mainfwb 1.56.0-47-24-g651edb94cbe

Is this reasonable?

 >
 > What is the flow that you have in mind end to end (user actions)?
 > I think we should document that, by which I mean extend the pseudo
 > code here:
 >
 > 
https://docs.kernel.org/next/networking/devlink/devlink-flash.html#firmware-version-management
 >
 > I expect we need to define the behavior such that the user can ignore
 > the banks by default and get the right behavior.
 >
 > Let's define
 >   - current bank - the bank from which the currently running image has
 >     been loaded
I'm not sure this is any more information than what we already have as 
"running" if we add the bank prefix.

 >   - active bank - the bank selected for next boot
Can there be multiple active banks?  I can imagine a device that has FW 
partitioned into multiple banks, and brings in a small set of them for a 
full runtime.

 >   - next bank - current bank + 1 mod count
Next bank for what?  This seems easy to confuse between next bank to 
boot and next bank to flash.  Is this something that needs to be 
displayed to the user?

 >
 > If we want to keep backward compat - if no bank specified for flashing:
 >   - we flash to "next bank"
 >   - if flashing is successful we switch "active bank" to "next bank"
 > not that multiple flashing operations without activation/reboot will
 > result in overwriting the same "next bank" preventing us from flashing
 > multiple banks without trying if they work..
I think this is a nice guideline, but I'm not sure all physical devices 
will work this way.

 >
 > "stored" versions in devlink info display the versions for "active bank"
 > while running display running (i.e. in RAM, not in the banks!)>
 > In terms of modifications to the algo in documentation:
 >   - the check for "stored" versions check should be changed to an while
 >     loop that iterates over all banks
 >   - flashing can actually depend on the defaults as described above so
 >     no change
 >
 > We can expose the "current" and "active" bank as netlink attrs in dev
 > info.
How about a new info item
     DEVLINK_ATTR_INFO_ACTIVE_BANK
which would need a new api function something like
     devlink_info_active_bank_put()

Again, with the existing "running" attribute, maybe we don't need to add 
a "current"?

sln

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ