From nobody Fri Sep 6 02:10:30 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X0KSn56NVz5VCFk
for <dev-commits-src-all@mlmmj.nyi.freebsd.org>; Fri, 06 Sep 2024 02:10:33 +0000 (UTC)
(envelope-from shawn.webb@hardenedbsd.org)
Received: from mail-io1-xd41.google.com (mail-io1-xd41.google.com [IPv6:2607:f8b0:4864:20::d41])
(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "smtp.gmail.com", Issuer "WR4" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4X0KSm6fnXz4p1R
for <dev-commits-src-all@freebsd.org>; Fri, 6 Sep 2024 02:10:32 +0000 (UTC)
(envelope-from shawn.webb@hardenedbsd.org)
Authentication-Results: mx1.freebsd.org;
dkim=pass header.d=hardenedbsd.org header.s=google header.b=UfXjPdEA;
dmarc=none;
spf=pass (mx1.freebsd.org: domain of shawn.webb@hardenedbsd.org designates 2607:f8b0:4864:20::d41 as permitted sender) smtp.mailfrom=shawn.webb@hardenedbsd.org
Received: by mail-io1-xd41.google.com with SMTP id ca18e2360f4ac-82a29c11e1cso65266739f.0
for <dev-commits-src-all@freebsd.org>; Thu, 05 Sep 2024 19:10:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=hardenedbsd.org; s=google; t=1725588632; x=1726193432; darn=freebsd.org;
h=in-reply-to:content-disposition:mime-version:references:message-id
:subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
bh=mQOGOXPPnu9CpMkFeX/a21EcF6mX7LWE4UKf2/BIVqY=;
b=UfXjPdEAzzSBy5opNNUcFJh4nYzGzk9nERtUcFV0TnP5aDeSMWTtbQj/iylQwFF3DD
Jfmhace44dZMVxk5Ay4fBgDem0m8WYtkKrJzB+RZY9i7dZgV+zFoCE5bAYbMTBXYDsXm
L/zjN0gAOR4F5vJTdy9owgwt6w89fe3SwPh699e87pIXMgOP1SHTLJz637a8HP2ejdL7
m6rLZDysSLDs16OEtHQFCbfO1aeLY/SiF8v/JCgkDFmUvPBC7VEg2iJ5AaWLon4nad2X
2BCWgdKRWGDW/4yl6bdz7WTup5RmtR/VAIdNLvHnYYHJjc0/lA66f/e0B1T1Z0aldD3t
6/JA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1725588632; x=1726193432;
h=in-reply-to:content-disposition:mime-version:references:message-id
:subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
:message-id:reply-to;
bh=mQOGOXPPnu9CpMkFeX/a21EcF6mX7LWE4UKf2/BIVqY=;
b=kOmjkaKsU2w3hLU3/Sv4+PV5z7vPuRY6ZHQc8lJwUQgIZMXvvQXHNKZTunj2Oqi4+d
HCWunNakIss7f07HVca3UBdDhcnMJsOwEXTnfXWcovQXiYIplGFfCaSmCfi+pXGlVmGT
bYpcEY97L/BpOuvsZYaddIPS2IAy45JhwNY+vE/r/JkaVNTdQYIYQ1cYsTH6vTWNeGWf
Twt30EOJOo4UFBxI/zbx+9eIBovTbV3BCEjFK5aDEoSKnXOYfAjLSM1Y2PGaWsEevbeC
ITlyrZaCUP3ApS1wxfxmdxrwuIPg4pvlcnWUSR1flMUtocZMMeHEOlMsRTni1/QHH0gq
lZsg==
X-Forwarded-Encrypted: i=1; AJvYcCWP0Iquff/wDUb0ces4erNX8CEISyxg1BBbGMFoVu1yMKI+CJSK9lCcLHh6SAzwir+yQZDm+hQAu68U09PZlR6eiaOF@freebsd.org
X-Gm-Message-State: AOJu0YwYq7gmiviu5iyP5FV2Zq3m8CTXOoAuAKyajW6kop2kRhVb24Ew
E4VLuDJL/7zIVkq4i+e+lC3HJWU3E/1e16oZj6eTGgWoRymOVMblwQoKsFk7c8duMdqK3o71NEP
sO/s4fg==
X-Google-Smtp-Source: AGHT+IGs2oS8XhhuB9VIdKlYHAdEaoQ8yrpYPMRuHRnRn0Z8atXS6OkZlh7SWF7pCrw7NfXudJGIYQ==
X-Received: by 2002:a05:6e02:1541:b0:39b:25dc:7bd6 with SMTP id e9e14a558f8ab-3a04f073206mr11966665ab.4.1725588631639;
Thu, 05 Sep 2024 19:10:31 -0700 (PDT)
Received: from mutt-hbsd (174-24-73-190.clsp.qwest.net. [174.24.73.190])
by smtp.gmail.com with ESMTPSA id e9e14a558f8ab-39f6b33d6c9sm18768765ab.2.2024.09.05.19.10.30
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 05 Sep 2024 19:10:31 -0700 (PDT)
Date: Fri, 6 Sep 2024 02:10:30 +0000
From: Shawn Webb <shawn.webb@hardenedbsd.org>
To: Mark Johnston <markj@freebsd.org>
Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org,
dev-commits-src-main@freebsd.org
Subject: Re: git: e962b37bf0ff - main - bhyve: Do not enable PCI BAR decoding
if a boot ROM is present
Message-ID: <qkp2zbmykgwsbrxekut35rexlktypzg5oj2bbfslig7eksprpi@2lw5x47mtytp>
X-Operating-System: FreeBSD mutt-hbsd 15.0-CURRENT-HBSD FreeBSD
15.0-CURRENT-HBSD
X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
References: <202408191359.47JDxAbK026029@gitrepo.freebsd.org>
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="g5khyvupkahmttj3"
Content-Disposition: inline
In-Reply-To: <202408191359.47JDxAbK026029@gitrepo.freebsd.org>
X-Spamd-Bar: -----
X-Spamd-Result: default: False [-5.08 / 15.00];
SIGNED_PGP(-2.00)[];
NEURAL_HAM_LONG(-1.00)[-1.000];
NEURAL_HAM_MEDIUM(-1.00)[-1.000];
NEURAL_HAM_SHORT(-0.98)[-0.979];
MID_RHS_NOT_FQDN(0.50)[];
R_DKIM_ALLOW(-0.20)[hardenedbsd.org:s=google];
MIME_GOOD(-0.20)[multipart/signed,text/plain];
R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36];
MIME_TRACE(0.00)[0:+,1:+,2:~];
ARC_NA(0.00)[];
MISSING_XM_UA(0.00)[];
TO_DN_SOME(0.00)[];
RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d41:from];
ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
RCVD_VIA_SMTP_AUTH(0.00)[];
FROM_HAS_DN(0.00)[];
RCPT_COUNT_THREE(0.00)[4];
RCVD_COUNT_TWO(0.00)[2];
FROM_EQ_ENVFROM(0.00)[];
DMARC_NA(0.00)[hardenedbsd.org];
TO_MATCH_ENVRCPT_SOME(0.00)[];
RCVD_TLS_LAST(0.00)[];
PREVIOUSLY_DELIVERED(0.00)[dev-commits-src-all@freebsd.org];
MLMMJ_DEST(0.00)[dev-commits-src-all@freebsd.org];
DKIM_TRACE(0.00)[hardenedbsd.org:+]
X-Rspamd-Queue-Id: 4X0KSm6fnXz4p1R
--g5khyvupkahmttj3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hey Mark,
This commit seems to force me to now pass "-o pci.enable_bars=3Dtrue" to
all my VMs on amd64. I wonder if that might be a POLA violation. I
didn't realize that I needed to set that until I bisected the src
tree, looking for the commit that broke bhyve for me.
Is changing the default here really worth it for amd64? If so, I'm
thinking this should be in both RELNOTES and UPDATING. I now have to
propigate re-enabling this across my entire infrastructure.
Thanks,
--=20
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A=
4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
On Mon, Aug 19, 2024 at 01:59:10PM UTC, Mark Johnston wrote:
> The branch main has been updated by markj:
>=20
> URL: https://cgit.FreeBSD.org/src/commit/?id=3De962b37bf0ffe7f30f5b025b46=
ea49ba01c71f2f
>=20
> commit e962b37bf0ffe7f30f5b025b46ea49ba01c71f2f
> Author: Mark Johnston <markj@FreeBSD.org>
> AuthorDate: 2024-08-19 13:56:06 +0000
> Commit: Mark Johnston <markj@FreeBSD.org>
> CommitDate: 2024-08-19 13:56:06 +0000
>=20
> bhyve: Do not enable PCI BAR decoding if a boot ROM is present
> =20
> Let the boot ROM handle BAR initialization. This fixes a problem whe=
re
> u-boot's BAR remapping conflicts with some limitations in bhyve. See
> https://lists.freebsd.org/archives/freebsd-virtualization/2024-April/=
002103.html
> for a description of what goes wrong.
> =20
> The old behaviour can be restored by setting the pci.enable_bars
> configuration variable.
> =20
> Reviewed by: corvink, jhb
> Sponsored by: Innovate UK
> Differential Revision: https://reviews.freebsd.org/D45049
> ---
> usr.sbin/bhyve/bhyve_config.5 | 3 +++
> usr.sbin/bhyve/pci_emul.c | 27 ++++++++++++++++++++++++---
> 2 files changed, 27 insertions(+), 3 deletions(-)
>=20
> diff --git a/usr.sbin/bhyve/bhyve_config.5 b/usr.sbin/bhyve/bhyve_config.5
> index ebbb206cca9f..25185e2ef1b4 100644
> --- a/usr.sbin/bhyve/bhyve_config.5
> +++ b/usr.sbin/bhyve/bhyve_config.5
> @@ -157,6 +157,9 @@ Specify the keyboard layout name with the file name in
> This value only works when loaded with UEFI mode for VNC, and
> used a VNC client that don't support QEMU Extended Key Event
> Message (e.g. TightVNC).
> +.It Va pci.enable_bars Ta bool Ta Ta
> +Enable and map PCI BARs before executing any guest code.
> +This setting is false by default when using a boot ROM and true otherwis=
e.
> .It Va tpm.path Ta string Ta Ta
> Path to the host TPM device.
> This is typically /dev/tpm0.
> diff --git a/usr.sbin/bhyve/pci_emul.c b/usr.sbin/bhyve/pci_emul.c
> index 00e9138d3910..e066d6766f3c 100644
> --- a/usr.sbin/bhyve/pci_emul.c
> +++ b/usr.sbin/bhyve/pci_emul.c
> @@ -48,6 +48,7 @@
> =20
> #include "acpi.h"
> #include "bhyverun.h"
> +#include "bootrom.h"
> #include "config.h"
> #include "debug.h"
> #ifdef __amd64__
> @@ -853,6 +854,14 @@ pci_emul_alloc_bar(struct pci_devinst *pdi, int idx,=
enum pcibar_type type,
> TAILQ_INSERT_BEFORE(bar, new_bar, chain);
> }
> =20
> + /*
> + * Enable PCI BARs only if we don't have a boot ROM, i.e., bhyveload was
> + * used to load the initial guest image. Otherwise, we rely on the boot
> + * ROM to handle this.
> + */
> + if (!get_config_bool_default("pci.enable_bars", !bootrom_boot()))
> + return (0);
> +
> /*
> * pci_passthru devices synchronize their physical and virtual command
> * register on init. For that reason, the virtual cmd reg should be
> @@ -966,8 +975,19 @@ pci_emul_assign_bar(struct pci_devinst *const pdi, c=
onst int idx,
> pci_set_cfgdata32(pdi, PCIR_BAR(idx + 1), bar >> 32);
> }
> =20
> - if (type !=3D PCIBAR_ROM) {
> - register_bar(pdi, idx);
> + switch (type) {
> + case PCIBAR_IO:
> + if (porten(pdi))
> + register_bar(pdi, idx);
> + break;
> + case PCIBAR_MEM32:
> + case PCIBAR_MEM64:
> + case PCIBAR_MEMHI64:
> + if (memen(pdi))
> + register_bar(pdi, idx);
> + break;
> + default:
> + break;
> }
> =20
> return (0);
> @@ -1140,7 +1160,8 @@ pci_emul_init(struct vmctx *ctx, struct pci_devemu =
*pde, int bus, int slot,
> pci_set_cfgdata8(pdi, PCIR_INTLINE, 255);
> pci_set_cfgdata8(pdi, PCIR_INTPIN, 0);
> =20
> - pci_set_cfgdata8(pdi, PCIR_COMMAND, PCIM_CMD_BUSMASTEREN);
> + if (!get_config_bool_default("pci.enable_bars", !bootrom_boot()))
> + pci_set_cfgdata8(pdi, PCIR_COMMAND, PCIM_CMD_BUSMASTEREN);
> =20
> err =3D (*pde->pe_init)(pdi, fi->fi_config);
> if (err =3D=3D 0)
>=20
--g5khyvupkahmttj3
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmbaZIgACgkQ/y5nonf4
4fqYDQ//eMyzfZ4TVp20Zm7/sUsJh6YKTROAvwI0Lzt7H70FavlXkkUF1+L1qqTQ
J9xpLPlN8ee+24b7DcQh4Aad+JGSB0rc46fhDSlBx2RMkceiL+fvbVtPSNdSRfF6
qrpoShG0PKqR9hwINK8lqrRTT/SyF6g4AKh1n+mt9jEtJ9thj8QP53mLEYqiKukH
/Kg+grYL0QsmYJYI2LCPJBXSXFF+5IyOtmt6QVn+W2v0WTQr0OBtHIeKZNKv0/02
CJGjRRx0I5yt1aAXNGZJXwzICLbqeucuxf3+jaCo900fsIqSQK4QbVRufTkWcFvp
t0r2Piwi9TjaoOZpo61mdbN1k+2YXyQkXiKfVh6Os7Y4afBLLJb8v10d3EobqYXp
4B5atNWnAmbpB9TRaPM2LKsJyTzcDKSRFk2DHxM4Z0j0Jhr96K1U0DffuEL+Dokt
v5nHXSNDltnXQo9+iP4FIThJJEIStxXf20LoCZcwPOvg+llthwSMhLIOhwn9e+75
A77V3cV7/bNbu/0a47kwLNoyLMkBepTXkbBIME71EFYhO6StP5t+zLHWXbV3T0eM
X/ZcQspiOs5KYcOSP/XV0BJkgebqhokIioNI4MFothxP4Pqxc9xZPtBu98nnkt7v
ZBeGucp42vo1eyp2AEUrJVimI3P4vk6JVkLUJIs9rDQr5OxL+4M=
=CpdA
-----END PGP SIGNATURE-----
--g5khyvupkahmttj3--