Date: Thu, 13 Feb 2020 16:23:44 +0100 From: Ralf Wenk <iz-rpi03@hs-karlsruhe.de> To: Kyle Evans <kevans@freebsd.org> Cc: Andrew Turner <andrew@freebsd.org>, Oleksandr Tymoshenko <gonzo@freebsd.org>, freebsd-arm <freebsd-arm@freebsd.org>, Emmanuel Vadot <manu@freebsd.org> Subject: Re: A investigative hack that makes (for example) head -r356529 boot and operate normally an RPi4B (finally!): protect all armstub8-gic.bin's loaded content from replacement by the kernel Message-ID: <E1j2GLA-000N0i-EO@iz-wera-new.HS-Karlsruhe.DE> In-Reply-To: <E1j2G3j-000Mzo-Dw@iz-wera-new.HS-Karlsruhe.DE> References: <7E7605DC-021D-448A-8459-8EC26BA9836D.ref@yahoo.com> <7E7605DC-021D-448A-8459-8EC26BA9836D@yahoo.com> <E1j2EmR-000Mwm-ID@iz-wera-new.HS-Karlsruhe.DE> <CACNAnaHVYeuoK=4f7XzokpAVjcqd6ovD58-0LdP_vPGjiXQgdw@mail.gmail.com> <E1j2FRX-000MyR-1O@iz-wera-new.HS-Karlsruhe.DE> <E1j2G3j-000Mzo-Dw@iz-wera-new.HS-Karlsruhe.DE>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2020-02-13 at 16:05 +0100 Ralf Wenk wrote:
> On 2020-02-13 at 15:26 +0100 Ralf Wenk wrote:
> > On 2020-02-13 at 7:49 -0600 Kyle Evans wrote:
> > > On Thu, Feb 13, 2020 at 7:43 AM Ralf Wenk <iz-rpi03@hs-karlsruhe.de> wrote:
> > > >
> > > > On 2020-02-12 at 18:00 -0800 Mark Millard wrote via freebsd-arm:
> > > > > [...]
> > > > >
> > > > > # svnlite diff /usr/src/sys/dev/fdt/fdt_common.c
> > > > > Index: /usr/src/sys/dev/fdt/fdt_common.c
> > > > > ===================================================================
> > > > > --- /usr/src/sys/dev/fdt/fdt_common.c (revision 357529)
> > > > > +++ /usr/src/sys/dev/fdt/fdt_common.c (working copy)
> > > > > @@ -485,7 +485,18 @@
> > > > >
> > > > > tuples = res_len / tuple_size;
> > > > > reservep = (pcell_t *)&reserve;
> > > > > +#ifdef __aarch64__
> > > > > + //HACK!!!
> > > > > + // Reserve the first few pages, for example to
> > > > > + // preserve armstub8-gic.bin or armstub.bin
> > > > > + // content.
> > > > > + mr[0].mr_start= 0;
> > > > > + mr[0].mr_size= 2*4096;
> > > > > + tuples++;
> > > > > + for (i = 1; i < tuples; i++) {
> > > > > +#else
> > > > > for (i = 0; i < tuples; i++) {
> > > > > +#endif
> > > > >
> > > > > rv = fdt_data_to_res(reservep, addr_cells, size_cells,
> > > > > (u_long *)&mr[i].mr_start, (u_long *)&mr[i].mr_size);
> > > > > @@ -512,6 +523,11 @@
> > > > >
> > > > > root = OF_finddevice("/reserved-memory");
> > > > > if (root == -1) {
> > > > > + // Fail over to checking for and handling memreserve,
> > > > > + // such as for a RPi4B.
> > > > > + if (0 == fdt_get_reserved_regions(reserved,mreserved))
> > > > > + return (0);
> > > > > +
> > > > > return (ENXIO);
> > > > > }
> > > > >
> > > >
> > > > I can confirm that with your patch(es) my RPi3 does not freeze any more
> > > > when loading mac_ntpd.ko. The patches are applied against r357853M.
>
> An reboot is working again too.
>
> > > Have you tested the RPi3 with just this second hunk of patch to
> > > fallover to memreserve, or is the first hunk definitely required as
> > > well?
> >
> > Good question. I tested both hunks together.
> > Will try what happens when just applying the second and report back.
>
> Here it is:
> Without the first hunk the system freezes again when loading mac_ntpd.ko.
> [...]
And after a couple of minutes the kernel panics with the known
"possible deadlock" message.
panic: deadlres_td_on_lock: possible deadlock detected for
0xffff000052753560, blocked for 902372 ticks
cpuid = 0
time = 925
KDB: stack backtrace:
db_trace_self() at db_trace_self_wrapper+0x28
pc = 0xffff00000074f0cc lr = 0xffff000000106b6c
sp = 0xffff00005214b580 fp = 0xffff00005214b790
db_trace_self_wrapper() at vpanic+0x194
pc = 0xffff000000106b6c lr = 0xffff00000040de90
sp = 0xffff00005214b7a0 fp = 0xffff00005214b850
vpanic() at panic+0x44
pc = 0xffff00000040de90 lr = 0xffff00000040dc38
sp = 0xffff00005214b860 fp = 0xffff00005214b8e0
panic() at deadlkres+0x2dc
pc = 0xffff00000040dc38 lr = 0xffff0000003a60a0
sp = 0xffff00005214b8f0 fp = 0xffff00005214b940
deadlkres() at fork_exit+0x7c
pc = 0xffff0000003a60a0 lr = 0xffff0000003cb658
sp = 0xffff00005214b950 fp = 0xffff00005214b980
fork_exit() at fork_trampoline+0x10
pc = 0xffff0000003cb658 lr = 0xffff00000076c514
sp = 0xffff00005214b990 fp = 0x0000000000000000
KDB: enter: panic
[ thread pid 0 tid 100083 ]
Stopped at 0
db>
Ralf
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1j2GLA-000N0i-EO>