Date: Fri, 6 Sep 2024 16:30:07 +0000 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: John Baldwin <jhb@freebsd.org> Cc: Mark Johnston <markj@freebsd.org>, src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: e962b37bf0ff - main - bhyve: Do not enable PCI BAR decoding if a boot ROM is present Message-ID: <spdohps7mmfirvxtxnv25nga5spycopqxol3vekfrptsmeo7p4@5jbif4bvvle2> In-Reply-To: <7213e551-6be2-44b1-a8b6-55645c593c12@FreeBSD.org> References: <202408191359.47JDxAbK026029@gitrepo.freebsd.org> <qkp2zbmykgwsbrxekut35rexlktypzg5oj2bbfslig7eksprpi@2lw5x47mtytp> <7213e551-6be2-44b1-a8b6-55645c593c12@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--356w62jdouopvffy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Sep 06, 2024 at 09:37:45AM UTC, John Baldwin wrote: > On 9/5/24 22:10, Shawn Webb wrote: > > Hey Mark, > >=20 > > This commit seems to force me to now pass "-o pci.enable_bars=3Dtrue" to > > all my VMs on amd64. I wonder if that might be a POLA violation. I > > didn't realize that I needed to set that until I bisected the src > > tree, looking for the commit that broke bhyve for me. > >=20 > > Is changing the default here really worth it for amd64? If so, I'm > > thinking this should be in both RELNOTES and UPDATING. I now have to > > propigate re-enabling this across my entire infrastructure. > >=20 > > Thanks, >=20 > That should only be true if you are using an older UEFI firmware that did > not program BARs. Are you seeing this on stock FreeBSD, and which version > of the UEFI ROM are you using? Ah, thanks for the hint, John! My UEFI edk2 bhyve package is years out of date. I guess I need to pay more attention to what `pkg upgrade` does NOT upgrade: hbsd-laptop-02[shawn]:/home/shawn $ pkg info | grep bhyve uefi-edk2-bhyve-g20210226_1,2 UEFI EDK2 firmware for bhyve uefi-edk2-bhyve-devel-g20190424_1 UEFI-EDK2 firmware for bhyve hbsd-laptop-02[shawn]:/home/shawn $ pkg search bhyve edk2-bhyve-g202308_5 EDK2 Firmware for bhyve I'm building some packages on my laptop right now. Once that finishes, I'll go ahead and upgrade to the new package, retest, and report. If this is indeed the problem (I suspect it is), I apologize for the noise. Thanks, though, for the hint and the help. :-) --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --356w62jdouopvffy Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmbbLggACgkQ/y5nonf4 4foWixAApQ9bRIsO7C4qJN+yNDVB+abdJBefIB32wQezNwydBHM7/rw1157gnNg2 grXWYfv6SivyXhQw9ldGkWV+EKtV7XbIyxWOevxfZXTOBds15umE/wL0i+7ixq22 hJzA7V+U8eMsA4YGWUE5ZjOsZ7hPaMX5no7Zz5vm+kB2M487MPCLjrPvElynov+w IHJ93L6diqtzSixRynSHJkfLPH45l+kklfAG9ovVrPtfjkHMJrg/7bki5b58LPU5 JudSO/MJM2/0MDwwc74QbkkOzWFuGaB2i/RcZe/VKBsXMs5t+nkmU4taxhpF+Yxz VoIx8yc8m1p1ZKrfDONtA5SpPHhqf7iSEwd/RvoOZAD1TKYp02BBLg1tPK9mSCBq /9OI9Oa1ZYRFRB+Ln1pfut4vRUm+s+SynoZ4pb4o8eEn+TbGJq4dF/sOCbi2lwwZ edxFajIm/i1xcdHjFL2VqRqcALZFNzGdYBP8y+c1JQyYgFs+r3RNVStgd6XcqhOW 3KkazuDvxkuD/lfcAW7UVVdoqy5MEoTRCicF8LgRxCtT87QOx4yC9cS3dBue9Boq LDqJkeKx6Y9gVRLtwwAKzcdNzS0fk9VAWjilqZBYn0hqHBK+92+mNL3T/S3NX2AZ S+cgY4dljZ8i4Ake8YWXbpl9A6FdNLNY5xySObvz7V0r/CWgeMA= =llO/ -----END PGP SIGNATURE----- --356w62jdouopvffy--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?spdohps7mmfirvxtxnv25nga5spycopqxol3vekfrptsmeo7p4>