lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <98876971-e4e0-44f1-8faf-f791bd7a4e4e@trager.us>
Date: Mon, 12 May 2025 17:59:35 -0700
From: Lee Trager <lee@...ger.us>
To: Jacob Keller <jacob.e.keller@...el.com>,
 Alexander Duyck <alexanderduyck@...com>, Jakub Kicinski <kuba@...nel.org>,
 kernel-team@...a.com, "David S. Miller" <davem@...emloft.net>,
 Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>,
 Simon Horman <horms@...nel.org>, Jonathan Corbet <corbet@....net>,
 Andrew Lunn <andrew+netdev@...n.ch>, Mohsin Bashir <mohsin.bashr@...il.com>,
 Sanman Pradhan <sanman.p211993@...il.com>, Su Hui <suhui@...china.com>,
 Al Viro <viro@...iv.linux.org.uk>,
 Michal Swiatkowski <michal.swiatkowski@...ux.intel.com>
Cc: Andrew Lunn <andrew@...n.ch>, netdev@...r.kernel.org,
 linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next v4 2/5] eth: fbnic: Accept minimum anti-rollback
 version from firmware

On 5/12/25 11:47 AM, Jacob Keller wrote:

>
> On 5/9/2025 5:21 PM, Lee Trager wrote:
>> fbnic supports applying firmware which may not be rolled back. This is
>> implemented in firmware however it is useful for the driver to know the
>> minimum supported firmware version. This will enable the driver validate
>> new firmware before it is sent to the NIC. If it is too old the driver can
>> provide a clear message that the version is too old.
>>
> This reminds me of the original efforts i had with minimum firmware
> versions for the ice E810 hardware.
>
> I guess for fbnic, you entirely handle this within firmware so there's
> no reason to provide an interface to control this, and you have a lot
> more control over verifying that the anti-rollback behavior is correct.
>
> The definition for the minimum version is baked into the firmware image?
> So once a version with this anti-rollback is applied it then prevents
> you from rolling back to lower version, and can do a verification to
> enforce this. Unlike the similar "opt-in" behavior in ice which requires
> a user to first apply a firmware and then set the parameter, opening up
> a bunch of attestation issues due to not being a single atomic operation.

Correct this is handled entirely in firmware. We use the normal firmware 
update process when incrementing anti-rollback. During the updating 
process firmware first validates that the new version number is >= to 
the anti rollback version set in the SOTP. If not the update is 
rejected. The drivers role is purely informational, it checks anti roll 
back and provides devlink with a human readable error when necessary.

When incrementing anti rollback the NIC first boots the new firmware. 
Once it has validated it can boot the new firmware it increments the 
anti roll back version in the SOTP automatically. This makes anti roll 
back automatic and provides a way for us to abort the process if needed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ