From nobody Fri Sep 06 02:10:30 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X0KSn56NVz5VCFk for ; Fri, 06 Sep 2024 02:10:33 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-io1-xd41.google.com (mail-io1-xd41.google.com [IPv6:2607:f8b0:4864:20::d41]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4X0KSm6fnXz4p1R for ; Fri, 6 Sep 2024 02:10:32 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=hardenedbsd.org header.s=google header.b=UfXjPdEA; dmarc=none; spf=pass (mx1.freebsd.org: domain of shawn.webb@hardenedbsd.org designates 2607:f8b0:4864:20::d41 as permitted sender) smtp.mailfrom=shawn.webb@hardenedbsd.org Received: by mail-io1-xd41.google.com with SMTP id ca18e2360f4ac-82a29c11e1cso65266739f.0 for ; Thu, 05 Sep 2024 19:10:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; t=1725588632; x=1726193432; darn=freebsd.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=mQOGOXPPnu9CpMkFeX/a21EcF6mX7LWE4UKf2/BIVqY=; b=UfXjPdEAzzSBy5opNNUcFJh4nYzGzk9nERtUcFV0TnP5aDeSMWTtbQj/iylQwFF3DD Jfmhace44dZMVxk5Ay4fBgDem0m8WYtkKrJzB+RZY9i7dZgV+zFoCE5bAYbMTBXYDsXm L/zjN0gAOR4F5vJTdy9owgwt6w89fe3SwPh699e87pIXMgOP1SHTLJz637a8HP2ejdL7 m6rLZDysSLDs16OEtHQFCbfO1aeLY/SiF8v/JCgkDFmUvPBC7VEg2iJ5AaWLon4nad2X 2BCWgdKRWGDW/4yl6bdz7WTup5RmtR/VAIdNLvHnYYHJjc0/lA66f/e0B1T1Z0aldD3t 6/JA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725588632; x=1726193432; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=mQOGOXPPnu9CpMkFeX/a21EcF6mX7LWE4UKf2/BIVqY=; b=kOmjkaKsU2w3hLU3/Sv4+PV5z7vPuRY6ZHQc8lJwUQgIZMXvvQXHNKZTunj2Oqi4+d HCWunNakIss7f07HVca3UBdDhcnMJsOwEXTnfXWcovQXiYIplGFfCaSmCfi+pXGlVmGT bYpcEY97L/BpOuvsZYaddIPS2IAy45JhwNY+vE/r/JkaVNTdQYIYQ1cYsTH6vTWNeGWf Twt30EOJOo4UFBxI/zbx+9eIBovTbV3BCEjFK5aDEoSKnXOYfAjLSM1Y2PGaWsEevbeC ITlyrZaCUP3ApS1wxfxmdxrwuIPg4pvlcnWUSR1flMUtocZMMeHEOlMsRTni1/QHH0gq lZsg== X-Forwarded-Encrypted: i=1; AJvYcCWP0Iquff/wDUb0ces4erNX8CEISyxg1BBbGMFoVu1yMKI+CJSK9lCcLHh6SAzwir+yQZDm+hQAu68U09PZlR6eiaOF@freebsd.org X-Gm-Message-State: AOJu0YwYq7gmiviu5iyP5FV2Zq3m8CTXOoAuAKyajW6kop2kRhVb24Ew E4VLuDJL/7zIVkq4i+e+lC3HJWU3E/1e16oZj6eTGgWoRymOVMblwQoKsFk7c8duMdqK3o71NEP sO/s4fg== X-Google-Smtp-Source: AGHT+IGs2oS8XhhuB9VIdKlYHAdEaoQ8yrpYPMRuHRnRn0Z8atXS6OkZlh7SWF7pCrw7NfXudJGIYQ== X-Received: by 2002:a05:6e02:1541:b0:39b:25dc:7bd6 with SMTP id e9e14a558f8ab-3a04f073206mr11966665ab.4.1725588631639; Thu, 05 Sep 2024 19:10:31 -0700 (PDT) Received: from mutt-hbsd (174-24-73-190.clsp.qwest.net. [174.24.73.190]) by smtp.gmail.com with ESMTPSA id e9e14a558f8ab-39f6b33d6c9sm18768765ab.2.2024.09.05.19.10.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 05 Sep 2024 19:10:31 -0700 (PDT) Date: Fri, 6 Sep 2024 02:10:30 +0000 From: Shawn Webb To: Mark Johnston Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: e962b37bf0ff - main - bhyve: Do not enable PCI BAR decoding if a boot ROM is present Message-ID: X-Operating-System: FreeBSD mutt-hbsd 15.0-CURRENT-HBSD FreeBSD 15.0-CURRENT-HBSD X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc References: <202408191359.47JDxAbK026029@gitrepo.freebsd.org> List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="g5khyvupkahmttj3" Content-Disposition: inline In-Reply-To: <202408191359.47JDxAbK026029@gitrepo.freebsd.org> X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.08 / 15.00]; SIGNED_PGP(-2.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.98)[-0.979]; MID_RHS_NOT_FQDN(0.50)[]; R_DKIM_ALLOW(-0.20)[hardenedbsd.org:s=google]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ARC_NA(0.00)[]; MISSING_XM_UA(0.00)[]; TO_DN_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d41:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; DMARC_NA(0.00)[hardenedbsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_TLS_LAST(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[dev-commits-src-all@freebsd.org]; MLMMJ_DEST(0.00)[dev-commits-src-all@freebsd.org]; DKIM_TRACE(0.00)[hardenedbsd.org:+] X-Rspamd-Queue-Id: 4X0KSm6fnXz4p1R --g5khyvupkahmttj3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hey Mark, This commit seems to force me to now pass "-o pci.enable_bars=3Dtrue" to all my VMs on amd64. I wonder if that might be a POLA violation. I didn't realize that I needed to set that until I bisected the src tree, looking for the commit that broke bhyve for me. Is changing the default here really worth it for amd64? If so, I'm thinking this should be in both RELNOTES and UPDATING. I now have to propigate re-enabling this across my entire infrastructure. Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc On Mon, Aug 19, 2024 at 01:59:10PM UTC, Mark Johnston wrote: > The branch main has been updated by markj: >=20 > URL: https://cgit.FreeBSD.org/src/commit/?id=3De962b37bf0ffe7f30f5b025b46= ea49ba01c71f2f >=20 > commit e962b37bf0ffe7f30f5b025b46ea49ba01c71f2f > Author: Mark Johnston > AuthorDate: 2024-08-19 13:56:06 +0000 > Commit: Mark Johnston > CommitDate: 2024-08-19 13:56:06 +0000 >=20 > bhyve: Do not enable PCI BAR decoding if a boot ROM is present > =20 > Let the boot ROM handle BAR initialization. This fixes a problem whe= re > u-boot's BAR remapping conflicts with some limitations in bhyve. See > https://lists.freebsd.org/archives/freebsd-virtualization/2024-April/= 002103.html > for a description of what goes wrong. > =20 > The old behaviour can be restored by setting the pci.enable_bars > configuration variable. > =20 > Reviewed by: corvink, jhb > Sponsored by: Innovate UK > Differential Revision: https://reviews.freebsd.org/D45049 > --- > usr.sbin/bhyve/bhyve_config.5 | 3 +++ > usr.sbin/bhyve/pci_emul.c | 27 ++++++++++++++++++++++++--- > 2 files changed, 27 insertions(+), 3 deletions(-) >=20 > diff --git a/usr.sbin/bhyve/bhyve_config.5 b/usr.sbin/bhyve/bhyve_config.5 > index ebbb206cca9f..25185e2ef1b4 100644 > --- a/usr.sbin/bhyve/bhyve_config.5 > +++ b/usr.sbin/bhyve/bhyve_config.5 > @@ -157,6 +157,9 @@ Specify the keyboard layout name with the file name in > This value only works when loaded with UEFI mode for VNC, and > used a VNC client that don't support QEMU Extended Key Event > Message (e.g. TightVNC). > +.It Va pci.enable_bars Ta bool Ta Ta > +Enable and map PCI BARs before executing any guest code. > +This setting is false by default when using a boot ROM and true otherwis= e. > .It Va tpm.path Ta string Ta Ta > Path to the host TPM device. > This is typically /dev/tpm0. > diff --git a/usr.sbin/bhyve/pci_emul.c b/usr.sbin/bhyve/pci_emul.c > index 00e9138d3910..e066d6766f3c 100644 > --- a/usr.sbin/bhyve/pci_emul.c > +++ b/usr.sbin/bhyve/pci_emul.c > @@ -48,6 +48,7 @@ > =20 > #include "acpi.h" > #include "bhyverun.h" > +#include "bootrom.h" > #include "config.h" > #include "debug.h" > #ifdef __amd64__ > @@ -853,6 +854,14 @@ pci_emul_alloc_bar(struct pci_devinst *pdi, int idx,= enum pcibar_type type, > TAILQ_INSERT_BEFORE(bar, new_bar, chain); > } > =20 > + /* > + * Enable PCI BARs only if we don't have a boot ROM, i.e., bhyveload was > + * used to load the initial guest image. Otherwise, we rely on the boot > + * ROM to handle this. > + */ > + if (!get_config_bool_default("pci.enable_bars", !bootrom_boot())) > + return (0); > + > /* > * pci_passthru devices synchronize their physical and virtual command > * register on init. For that reason, the virtual cmd reg should be > @@ -966,8 +975,19 @@ pci_emul_assign_bar(struct pci_devinst *const pdi, c= onst int idx, > pci_set_cfgdata32(pdi, PCIR_BAR(idx + 1), bar >> 32); > } > =20 > - if (type !=3D PCIBAR_ROM) { > - register_bar(pdi, idx); > + switch (type) { > + case PCIBAR_IO: > + if (porten(pdi)) > + register_bar(pdi, idx); > + break; > + case PCIBAR_MEM32: > + case PCIBAR_MEM64: > + case PCIBAR_MEMHI64: > + if (memen(pdi)) > + register_bar(pdi, idx); > + break; > + default: > + break; > } > =20 > return (0); > @@ -1140,7 +1160,8 @@ pci_emul_init(struct vmctx *ctx, struct pci_devemu = *pde, int bus, int slot, > pci_set_cfgdata8(pdi, PCIR_INTLINE, 255); > pci_set_cfgdata8(pdi, PCIR_INTPIN, 0); > =20 > - pci_set_cfgdata8(pdi, PCIR_COMMAND, PCIM_CMD_BUSMASTEREN); > + if (!get_config_bool_default("pci.enable_bars", !bootrom_boot())) > + pci_set_cfgdata8(pdi, PCIR_COMMAND, PCIM_CMD_BUSMASTEREN); > =20 > err =3D (*pde->pe_init)(pdi, fi->fi_config); > if (err =3D=3D 0) >=20 --g5khyvupkahmttj3 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmbaZIgACgkQ/y5nonf4 4fqYDQ//eMyzfZ4TVp20Zm7/sUsJh6YKTROAvwI0Lzt7H70FavlXkkUF1+L1qqTQ J9xpLPlN8ee+24b7DcQh4Aad+JGSB0rc46fhDSlBx2RMkceiL+fvbVtPSNdSRfF6 qrpoShG0PKqR9hwINK8lqrRTT/SyF6g4AKh1n+mt9jEtJ9thj8QP53mLEYqiKukH /Kg+grYL0QsmYJYI2LCPJBXSXFF+5IyOtmt6QVn+W2v0WTQr0OBtHIeKZNKv0/02 CJGjRRx0I5yt1aAXNGZJXwzICLbqeucuxf3+jaCo900fsIqSQK4QbVRufTkWcFvp t0r2Piwi9TjaoOZpo61mdbN1k+2YXyQkXiKfVh6Os7Y4afBLLJb8v10d3EobqYXp 4B5atNWnAmbpB9TRaPM2LKsJyTzcDKSRFk2DHxM4Z0j0Jhr96K1U0DffuEL+Dokt v5nHXSNDltnXQo9+iP4FIThJJEIStxXf20LoCZcwPOvg+llthwSMhLIOhwn9e+75 A77V3cV7/bNbu/0a47kwLNoyLMkBepTXkbBIME71EFYhO6StP5t+zLHWXbV3T0eM X/ZcQspiOs5KYcOSP/XV0BJkgebqhokIioNI4MFothxP4Pqxc9xZPtBu98nnkt7v ZBeGucp42vo1eyp2AEUrJVimI3P4vk6JVkLUJIs9rDQr5OxL+4M= =CpdA -----END PGP SIGNATURE----- --g5khyvupkahmttj3--