Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 07 Jun 2007 21:49:06 -0700
From:      Nate Lawson <nate@root.org>
To:        Hidetoshi Shimokawa <simokawa@FreeBSD.ORG>
Cc:        cvs-src@freebsd.org, src-committers@freebsd.org, cvs-all@freebsd.org
Subject:   Re: cvs commit: src/sys/dev/firewire firewirereg.h fwohci.c sbp.c
Message-ID:  <4668DFC2.1070006@root.org>
In-Reply-To: <626eb4530706071728w1a8d0f5fi198e5e708777498e@mail.gmail.com>
References:  <20070607132053.974EF16A584@hub.freebsd.org>	 <46683958.2060700@root.org> <626eb4530706071728w1a8d0f5fi198e5e708777498e@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Hidetoshi Shimokawa wrote:
> On 6/8/07, Nate Lawson <nate@root.org> wrote:
>> Hidetoshi Shimokawa wrote:
>> > simokawa    2007-06-07 13:20:49 UTC
>> >
>> >   FreeBSD src repository
>> >
>> >   Modified files:
>> >     sys/dev/firewire     firewirereg.h fwohci.c sbp.c
>> >   Log:
>> >   Add a tunable hw.firewire.phydma_enable.
>> >
>> >   This is enabled by default.  It should be disabled for
>> >   those who are uneasy with peeking/poking from FireWire.
>> >
>> >   Please note sbp(4) and dcons(4) over FireWire need
>> >   this feature.
>> >
>> >   Revision  Changes    Path
>> >   1.48      +1 -0      src/sys/dev/firewire/firewirereg.h
>> >   1.91      +11 -6     src/sys/dev/firewire/fwohci.c
>> >   1.94      +7 -0      src/sys/dev/firewire/sbp.c
>> >
>> >
>> > Index: src/sys/dev/firewire/firewirereg.h
>> > diff -u src/sys/dev/firewire/firewirereg.h:1.47
>> src/sys/dev/firewire/firewirereg.h:1.48
>> > --- src/sys/dev/firewire/firewirereg.h:1.47   Wed Jun  6 14:31:36 2007
>> > +++ src/sys/dev/firewire/firewirereg.h        Thu Jun  7 13:20:48 2007
>> > @@ -299,6 +299,7 @@
>> >
>> >  extern int firewire_debug;
>> >  extern devclass_t firewire_devclass;
>> > +extern int firewire_phydma_enable;
>> >
>> >  #ifdef __DragonFly__
>> >  #define              FWPRI           PCATCH
>> > Index: src/sys/dev/firewire/fwohci.c
>> > diff -u src/sys/dev/firewire/fwohci.c:1.90
>> src/sys/dev/firewire/fwohci.c:1.91
>> > --- src/sys/dev/firewire/fwohci.c:1.90        Wed Jun  6 14:31:36 2007
>> > +++ src/sys/dev/firewire/fwohci.c     Thu Jun  7 13:20:48 2007
>> > @@ -79,9 +79,13 @@
>> >  #undef OHCI_DEBUG
>> >
>> >  static int nocyclemaster = 0;
>> > +int firewire_phydma_enable = 1;
>> >  SYSCTL_DECL(_hw_firewire);
>> >  SYSCTL_INT(_hw_firewire, OID_AUTO, nocyclemaster, CTLFLAG_RW,
>> &nocyclemaster, 0,
>> >          "Do not send cycle start packets");
>> > +SYSCTL_INT(_hw_firewire, OID_AUTO, phydma_enable, CTLFLAG_RW,
>> > +     &firewire_phydma_enable, 1, "Allow physical request DMA from
>> firewire");
>> > +TUNABLE_INT("hw.firewire.phydma_enable", &firewire_phydma_enable);
>> >
>> >  static char dbcode[16][0x10]={"OUTM", "OUTL","INPM","INPL",
>> >               "STOR","LOAD","NOP ","STOP",};
>> > @@ -1862,12 +1866,13 @@
>> >
>> >               /* Allow async. request to us */
>> >               OWRITE(sc, OHCI_AREQHI, 1 << 31);
>> > -             /* XXX insecure ?? */
>> > -             /* allow from all nodes */
>> > -             OWRITE(sc, OHCI_PREQHI, 0x7fffffff);
>> > -             OWRITE(sc, OHCI_PREQLO, 0xffffffff);
>> > -             /* 0 to 4GB regison */
>> > -             OWRITE(sc, OHCI_PREQUPPER, 0x10000);
>> > +             if (firewire_phydma_enable) {
>> > +                     /* allow from all nodes */
>> > +                     OWRITE(sc, OHCI_PREQHI, 0x7fffffff);
>> > +                     OWRITE(sc, OHCI_PREQLO, 0xffffffff);
>> > +                     /* 0 to 4GB region */
>> > +                     OWRITE(sc, OHCI_PREQUPPER, 0x10000);
>> > +             }
>> >               /* Set ATRetries register */
>> >               OWRITE(sc, OHCI_ATRETRY, 1<<(13+16) | 0xfff);
>>
>> I see this runs each time a PHY_SID intr arrives.  Is that enough to
>> really prevent access if a pre-existing host on the bus requests DMA?  I
>> don't think an intr is generated in that case.
>>
>> Should this be a separate function run directly by the sysctl that sets
>> the filters immediately?
>
> Yes,  that's true.
>
> I recommend you to put it in loader.conf


Since someone who is setting this is concerned about security, should
this at least be documented?  I'd prefer that the routine be changed to
set the filter registers synchronously with the sysctl.

-- 
Nate



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4668DFC2.1070006>