From nobody Fri Sep 06 16:30:07 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X0hXf05pGz5VS9J for ; Fri, 06 Sep 2024 16:30:10 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-il1-x144.google.com (mail-il1-x144.google.com [IPv6:2607:f8b0:4864:20::144]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4X0hXd5Cm4z3wmh for ; Fri, 6 Sep 2024 16:30:09 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Authentication-Results: mx1.freebsd.org; none Received: by mail-il1-x144.google.com with SMTP id e9e14a558f8ab-39f4ec52c5fso7616505ab.2 for ; Fri, 06 Sep 2024 09:30:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; t=1725640208; x=1726245008; darn=freebsd.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=BWBtd0RahNgfAz/bSoLOjQwlQejn87nqo7fg107rpGU=; b=IjbG0li671CQbCfoC9yGQJWgx2KzhwzeWVzfxqg3v1ka0cN5HYl9q23Bl/GJP6HAiA y9efSds/0M9vrT5uWk7orgEl/hclgzVH8jOe7mmZ16l6plCMyaQ3r3YHNf0Vnd9PQetO jkMqUcu1RlXLCGl2U9UDGDGeL0j1/5aNXJJ+zkPxRQTSepU8rWW8l35jUSskSWUc8svl wErDN5bCarkafgJYc7hB5hO0cSwGTwbCGHeWwEd64vu12q9iV1s7Vl0TAI1CZ6aYNLrR BB1e9rwXVWTVG1ExIs5qpWElkyMKYM4OkIqTLXKeWamZX/5fdJomXTtHCgjq5BtVYLbR PgdA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725640208; x=1726245008; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=BWBtd0RahNgfAz/bSoLOjQwlQejn87nqo7fg107rpGU=; b=ti1eOLtMFz4zyALPfBsciJepPYG3CLLTEAmJqpD7zdi+xxkmq5v0+NqCNi1nuKy5/P nlHomjtm09EvuC4YxbTAbZVYqGefMRZXtJfebA4xSCEgeR9Bwti5aLTLc7KIjyuWdQes XY8WvZysPhBEmxLDUCUgDzySbxDvWzqij0+/YAFIQ49/++PDeLMVBWTCmjZ7xF2Xvam7 se6sdvcp5euJf9jG+VHbrOCbXBcqRUy7mVDn2ophEKECB4YlCHIOVtl2lfB3Jd7nk/6g GldRGc2ABeZsZoNd5Yzzc4xFHtWQqS6WDrvp3y/IOg54AWXNeZB4C+EgfIaNtYFmuKxc PuJg== X-Forwarded-Encrypted: i=1; AJvYcCUcTx/KR/ismszpJVmXdNswqjpVPytLmKdf+2GEX7Mbcr889GVbLyJq+xtujYoqMYiFKpadhff7+3pT3ZB6a6/L15XRjg==@freebsd.org X-Gm-Message-State: AOJu0YwjoKj0MBNaJCM04S4BNgxaL32eITJ852aFapf7Mg3hGpzUtmc4 nc5BNfx3yA2/l/tZYtTl+5k8UEDae7Rdb8oWYQ4Z5Tc3wkSfW5qfb+rQxmFdGqM= X-Google-Smtp-Source: AGHT+IFezbs3C/3jwdpOIhp6k7q/zqx9s7ighlaunKm6QGmCgiZS2LLaHZhkPlpMZBRoeVqAf5xk9w== X-Received: by 2002:a05:6e02:1aaa:b0:376:40b7:b6f3 with SMTP id e9e14a558f8ab-3a04f069b27mr42344065ab.2.1725640208272; Fri, 06 Sep 2024 09:30:08 -0700 (PDT) Received: from mutt-hbsd (174-24-73-190.clsp.qwest.net. [174.24.73.190]) by smtp.gmail.com with ESMTPSA id 8926c6da1cb9f-4d08060c2e9sm601194173.22.2024.09.06.09.30.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Sep 2024 09:30:07 -0700 (PDT) Date: Fri, 6 Sep 2024 16:30:07 +0000 From: Shawn Webb To: John Baldwin Cc: Mark Johnston , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: e962b37bf0ff - main - bhyve: Do not enable PCI BAR decoding if a boot ROM is present Message-ID: X-Operating-System: FreeBSD mutt-hbsd 15.0-CURRENT-HBSD FreeBSD 15.0-CURRENT-HBSD X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc References: <202408191359.47JDxAbK026029@gitrepo.freebsd.org> <7213e551-6be2-44b1-a8b6-55645c593c12@FreeBSD.org> List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="356w62jdouopvffy" Content-Disposition: inline In-Reply-To: <7213e551-6be2-44b1-a8b6-55645c593c12@FreeBSD.org> X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Queue-Id: 4X0hXd5Cm4z3wmh --356w62jdouopvffy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Sep 06, 2024 at 09:37:45AM UTC, John Baldwin wrote: > On 9/5/24 22:10, Shawn Webb wrote: > > Hey Mark, > >=20 > > This commit seems to force me to now pass "-o pci.enable_bars=3Dtrue" to > > all my VMs on amd64. I wonder if that might be a POLA violation. I > > didn't realize that I needed to set that until I bisected the src > > tree, looking for the commit that broke bhyve for me. > >=20 > > Is changing the default here really worth it for amd64? If so, I'm > > thinking this should be in both RELNOTES and UPDATING. I now have to > > propigate re-enabling this across my entire infrastructure. > >=20 > > Thanks, >=20 > That should only be true if you are using an older UEFI firmware that did > not program BARs. Are you seeing this on stock FreeBSD, and which version > of the UEFI ROM are you using? Ah, thanks for the hint, John! My UEFI edk2 bhyve package is years out of date. I guess I need to pay more attention to what `pkg upgrade` does NOT upgrade: hbsd-laptop-02[shawn]:/home/shawn $ pkg info | grep bhyve uefi-edk2-bhyve-g20210226_1,2 UEFI EDK2 firmware for bhyve uefi-edk2-bhyve-devel-g20190424_1 UEFI-EDK2 firmware for bhyve hbsd-laptop-02[shawn]:/home/shawn $ pkg search bhyve edk2-bhyve-g202308_5 EDK2 Firmware for bhyve I'm building some packages on my laptop right now. Once that finishes, I'll go ahead and upgrade to the new package, retest, and report. If this is indeed the problem (I suspect it is), I apologize for the noise. Thanks, though, for the hint and the help. :-) --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --356w62jdouopvffy Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmbbLggACgkQ/y5nonf4 4foWixAApQ9bRIsO7C4qJN+yNDVB+abdJBefIB32wQezNwydBHM7/rw1157gnNg2 grXWYfv6SivyXhQw9ldGkWV+EKtV7XbIyxWOevxfZXTOBds15umE/wL0i+7ixq22 hJzA7V+U8eMsA4YGWUE5ZjOsZ7hPaMX5no7Zz5vm+kB2M487MPCLjrPvElynov+w IHJ93L6diqtzSixRynSHJkfLPH45l+kklfAG9ovVrPtfjkHMJrg/7bki5b58LPU5 JudSO/MJM2/0MDwwc74QbkkOzWFuGaB2i/RcZe/VKBsXMs5t+nkmU4taxhpF+Yxz VoIx8yc8m1p1ZKrfDONtA5SpPHhqf7iSEwd/RvoOZAD1TKYp02BBLg1tPK9mSCBq /9OI9Oa1ZYRFRB+Ln1pfut4vRUm+s+SynoZ4pb4o8eEn+TbGJq4dF/sOCbi2lwwZ edxFajIm/i1xcdHjFL2VqRqcALZFNzGdYBP8y+c1JQyYgFs+r3RNVStgd6XcqhOW 3KkazuDvxkuD/lfcAW7UVVdoqy5MEoTRCicF8LgRxCtT87QOx4yC9cS3dBue9Boq LDqJkeKx6Y9gVRLtwwAKzcdNzS0fk9VAWjilqZBYn0hqHBK+92+mNL3T/S3NX2AZ S+cgY4dljZ8i4Ake8YWXbpl9A6FdNLNY5xySObvz7V0r/CWgeMA= =llO/ -----END PGP SIGNATURE----- --356w62jdouopvffy--