From nobody Fri Aug 02 15:18:54 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wb8cq2s1hz5Rtdd for ; Fri, 02 Aug 2024 15:19:07 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com [IPv6:2607:f8b0:4864:20::102c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wb8cq155Yz55ml for ; Fri, 2 Aug 2024 15:19:07 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-pj1-x102c.google.com with SMTP id 98e67ed59e1d1-2cdadce1a57so5672043a91.2 for ; Fri, 02 Aug 2024 08:19:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20230601.gappssmtp.com; s=20230601; t=1722611945; x=1723216745; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=AtrohDacqOWK5xmgqGl6oOkypTO/uRD4qw93cNNowqs=; b=jhoBEsYgGDYtLrkgzafMzug413hW/43v9MhRRvyFnKGaAmef+zAXDYEhYNjhA9EYCU EGNr6e/Zu4hAqDsieqaGjGq1be2De1ZomfeXfIWZf4iuwF7eGcPA/f43VW6TzJVfkpK9 qwzwe3207HaI38DfFFK67/dD59nBv9YjmeIqKmvZ3SARm7ruqTa76iTKB0qomqMAXFhl 6BmU6u3jaYacuoBx5SBb083+r2YIdzIM8BeH4nxpyaRt6wJH6u0lOrpdajvEhCO8/iHl Cy0S8NZYhzI8A8PAwEOCW+3jF4WcFHUJoF5rR/4m+F/QdMGIElcphyVZ7IePL3pFC4q8 k6Dw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722611945; x=1723216745; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=AtrohDacqOWK5xmgqGl6oOkypTO/uRD4qw93cNNowqs=; b=LX98DRhtycpRXe/pK+Rvh5y5sI5+ziOq0D/1KsTbDsMVeevHyPMdwSRb3PpRirgfc2 2OsN0eedHHRb/iVV53zEWbFvzR6OJnSAAyhPLb+bXgUjP0x2T0WNiPSu0OJMhl1arjxc 6NEW2aex8wtMnLe4bLMAg9DLJ6o5C6swViXiti4pF0l61ycYaMiVwQm+RKBYyPXbZ1+e IyM/QTnMhIxr5TGMMbI5R/WIjJQNkVfmbxdpVNKw2Cwi2L7aUZQkpOB/7OeTd7e+hBtC TwK5Zh0QaB15LTNumzhlZ48bJQATRfyAYg/YVtCwDSnI48O6Km62i93ABvjq33eHZsUl u/NA== X-Forwarded-Encrypted: i=1; AJvYcCUtwooMkwkSp0n0XHXL0AvojRgH9xmrrT5HBHCKNEIsLXoE+kUzAvyqRjV5R8KTmQOPK700mEsNXQBbFVJ/xB38wfpm6jawjPnoy3ERqufv X-Gm-Message-State: AOJu0YywgcprIlaf4OI6ukkCys5Sg9ae+4aJo7eeioN6ooHdPdncbo0I 5oAe7dvZKe0Eyyi0pr9nf5D2y0RxWKfXHtjixexcq1A7LtMSzXC2ClePwAvd/XY+NwglWlG0tKK m/7ULUkj87jS8CPBbYW6GLG9hocBh1HGcsYUjpg== X-Google-Smtp-Source: AGHT+IFg1pSLAkaYMWmp2ROkeXQdRLmrlPjdLnKZAWJVR7lplXrTIaoanOU9J6V5ZVLPikph2GPtkqdXKZxSYWr4wRo= X-Received: by 2002:a17:90a:5804:b0:2c8:7897:eb46 with SMTP id 98e67ed59e1d1-2cff956bd4dmr4505713a91.37.1722611945370; Fri, 02 Aug 2024 08:19:05 -0700 (PDT) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 References: <202408012131.471LVOGC039269@gitrepo.freebsd.org> In-Reply-To: From: Warner Losh Date: Fri, 2 Aug 2024 09:18:54 -0600 Message-ID: Subject: Re: git: 46ea2ffc3fbc - main - stand: Reduce limit to 500k for x86 loader To: Mark Johnston Cc: Warner Losh , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Content-Type: multipart/alternative; boundary="00000000000017121d061eb4d9ad" X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Queue-Id: 4Wb8cq155Yz55ml --00000000000017121d061eb4d9ad Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Aug 2, 2024 at 8:29=E2=80=AFAM Mark Johnston wr= ote: > On Thu, Aug 01, 2024 at 09:31:24PM +0000, Warner Losh wrote: > > The branch main has been updated by imp: > > > > URL: > https://cgit.FreeBSD.org/src/commit/?id=3D46ea2ffc3fbc42089d8322a65fdee84= 76d2b00d6 > > > > commit 46ea2ffc3fbc42089d8322a65fdee8476d2b00d6 > > Author: Warner Losh > > AuthorDate: 2024-08-01 21:24:51 +0000 > > Commit: Warner Losh > > CommitDate: 2024-08-01 21:30:26 +0000 > > > > stand: Reduce limit to 500k for x86 loader > > > > The largest loader that works for PXE boot is about 500k. PXE needs > low > > memory for packets and other driver state, so the largest safe size > for > > the loader is about 500k. Reduce the size from 560k to 500k so we > don't > > accidentally break PXE in the future. > > > > Add a comment for people with special needs. If you control the > > hardware, it can be safe to have boot loaders as large as 580k or > 600k > > in some cases. Since the BIOS loader is becoming more and more of a > > legacy item, the build variable LOADERSIZE isn't documented. This > change > > doesn't change that: there's been little demand for this > documentation > > and in general, users shouldn't change it lightly. > > > > PR: 257018 > > Sponsored by: Netflix > > --- > > stand/i386/loader/Makefile | 7 ++++++- > > 1 file changed, 6 insertions(+), 1 deletion(-) > > > > diff --git a/stand/i386/loader/Makefile b/stand/i386/loader/Makefile > > index a4aa3a3c4d45..efd442977780 100644 > > --- a/stand/i386/loader/Makefile > > +++ b/stand/i386/loader/Makefile > > @@ -32,7 +32,12 @@ VERSION_FILE=3D ${.CURDIR}/../loader/version > > # > > # will tell you how many kiB of lomem are available. > > # > > -LOADERSIZE?=3D 560000 # Largest known safe size for loader.bi= n > > +# We further reduce this to 500k, though, to give PXE an additional 64= k > of space > > +# so pxeloader will fit. If you have special needs that do not include > pxeboot, > > +# you can safely set this as high as 560000 generally, or a bit higher > if you > > +# have tight control over the machines you are booting on. > > +# > > +LOADERSIZE?=3D 500000 # Largest known safe size for loader.bi= n > > Hi Warner, > > This breaks the WITH_BEARSSL (which implies WITH_LOADER_VERIEXEC) build. > When enabled, the loader ends up being just slightly larger than the > limit. > "Then fix veriexec to fit." is my knee-jerk (emphasis on the jerk) response. My more polite response is "Why not bump LOADERSIZE locally when you enable that option since it's one of the "special needs" people listed in the comment." IMHO, this is a special need given the tight space constraints, and the big impact when the loader gets too big for PXEBOOT to work. I'm very leery of doing too much "magic" with the size when other options are enabled. The whole point of the limit is to enforce the limit, and I don't want to go start playing whack-a-mole here: do I also disable pxeboot when the limit is > 500k? Do I just do that for veriexec? etc It becomes an aweful game. Or do I just fail the PXE build when loader is > 500k and have a knob to disable that if you want to build both? There's some other, interesting patches that may help with the size issue as well. I'm ill disposed to adding hacks that might wind up being temporary until I can look at those more closely. However, as time goes by, these issues will only grow more acute and we need to start dealing with them now. Given I've MFC'd this, though, I'm not entirely sure the best way forward for that. Warner --00000000000017121d061eb4d9ad Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Fri, Aug 2, 2024 at 8:29=E2=80=AFA= M Mark Johnston <markj@freebsd.org<= /a>> wrote:
O= n Thu, Aug 01, 2024 at 09:31:24PM +0000, Warner Losh wrote:
> The branch main has been updated by imp:
>
> URL: https://= cgit.FreeBSD.org/src/commit/?id=3D46ea2ffc3fbc42089d8322a65fdee8476d2b00d6<= /a>
>
> commit 46ea2ffc3fbc42089d8322a65fdee8476d2b00d6
> Author:=C2=A0 =C2=A0 =C2=A0Warner Losh <imp@FreeBSD.org>
> AuthorDate: 2024-08-01 21:24:51 +0000
> Commit:=C2=A0 =C2=A0 =C2=A0Warner Losh <imp@FreeBSD.org>
> CommitDate: 2024-08-01 21:30:26 +0000
>
>=C2=A0 =C2=A0 =C2=A0stand: Reduce limit to 500k for x86 loader
>=C2=A0 =C2=A0 =C2=A0
>=C2=A0 =C2=A0 =C2=A0The largest loader that works for PXE boot is about= 500k. PXE needs low
>=C2=A0 =C2=A0 =C2=A0memory for packets and other driver state, so the l= argest safe size for
>=C2=A0 =C2=A0 =C2=A0the loader is about 500k. Reduce the size from 560k= to 500k so we don't
>=C2=A0 =C2=A0 =C2=A0accidentally break PXE in the future.
>=C2=A0 =C2=A0 =C2=A0
>=C2=A0 =C2=A0 =C2=A0Add a comment for people with special needs. If you= control the
>=C2=A0 =C2=A0 =C2=A0hardware, it can be safe to have boot loaders as la= rge as 580k or 600k
>=C2=A0 =C2=A0 =C2=A0in some cases. Since the BIOS loader is becoming mo= re and more of a
>=C2=A0 =C2=A0 =C2=A0legacy item, the build variable LOADERSIZE isn'= t documented. This change
>=C2=A0 =C2=A0 =C2=A0doesn't change that: there's been little de= mand for this documentation
>=C2=A0 =C2=A0 =C2=A0and in general, users shouldn't change it light= ly.
>=C2=A0 =C2=A0 =C2=A0
>=C2=A0 =C2=A0 =C2=A0PR: 257018
>=C2=A0 =C2=A0 =C2=A0Sponsored by: Netflix
> ---
>=C2=A0 stand/i386/loader/Makefile | 7 ++++++-
>=C2=A0 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/stand/i386/loader/Makefile b/stand/i386/loader/Makefile > index a4aa3a3c4d45..efd442977780 100644
> --- a/stand/i386/loader/Makefile
> +++ b/stand/i386/loader/Makefile
> @@ -32,7 +32,12 @@ VERSION_FILE=3D=C2=A0 =C2=A0 =C2=A0 ${.CURDIR}/../l= oader/version
>=C2=A0 #
>=C2=A0 # will tell you how many kiB of lomem are available.
>=C2=A0 #
> -LOADERSIZE?=3D 560000=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 # Largest kno= wn safe size for loader.bin
> +# We further reduce this to 500k, though, to give PXE an additional 6= 4k of space
> +# so pxeloader will fit. If you have special needs that do not includ= e pxeboot,
> +# you can safely set this as high as 560000 generally, or a bit highe= r if you
> +# have tight control over the machines you are booting on.
> +#
> +LOADERSIZE?=3D 500000=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 # Largest kno= wn safe size for loader.bin

Hi Warner,

This breaks the WITH_BEARSSL (which implies WITH_LOADER_VERIEXEC) build. When enabled, the loader ends up being just slightly larger than the
limit.

special need= given the tight space constraints, and the big impact when the loader
gets too big for PXEBOOT to work.

I'= m very leery of doing too much "magic" with the size when other o= ptions are enabled. The
whole point of the limit is to enforce th= e limit, and I don't want to go start playing whack-a-mole
he= re: do I also disable pxeboot when the limit is > 500k? Do I just do tha= t for veriexec? etc It
becomes an aweful game. Or do I just fail = the PXE build when loader is > 500k and have a knob
to disable= that if you want to build both?

There's s= ome other, interesting patches that may help with the size issue as well. I= 'm
ill disposed to adding hacks that might wind up being temp= orary until I can look at those
more closely. However, as time go= es by, these issues will only grow more acute and we
need to star= t dealing with them now.

Given I've MFC'd = this, though, I'm not entirely sure the best way forward for that.
<= /div>

Warner
--00000000000017121d061eb4d9ad--