[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-4.17] x86/efi: don't translate EFI memory map MMIO regions to e820 RESERVED

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Tue, 4 Oct 2022 14:17:34 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=MzJtNBInalBbzFlgsONfFl9I1w4GX2Atzw8fcSu4wYc=; b=H33dJAj2pAjN/+7iZ8/RJK46H8C/yMNczbK+LXHf9qdvWCT5QqWK18xRDvUsQqOVdBeuuVKYLXE43NPJz50rjVaHZ+/FbeeNQmLwt0oRu3BNCu+/bst6Dl8jgwg7YhM6RtydqEMngE9wEVoF1UL06a4y2NZmUx/M8psltJZ1KIaASYGal8R2t59/xMz/1YhJrvqDxMeqmeOkmuBBZ1Py1goDkVegbtPGMV/I9Us4XPJwp1XY4VNH1ALpjPOycfteMk1BDGKNtVEC0s5RVQK3I8JCEbzSA229owynGdQWWGir6j3SsK09X5yZQBKqL23k8XyxKpZxF5YHOXnPVXkUAw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=D6/TgnnZ1E1AoizlrJNMnvhPAIfdBqd83wBq8klm5eWJ3woQVTiJdp1Vtif6FVWTJ8Azn/HayJwPYOKCzmhz7kzc5RryTuWvNHv+01NYhLyAdA5J7yP9/++lERwXLvDIaWxUeo5BrCHnyatz7SJ+3hzkJ6OAx/Loqpsx1wEVGCIiYu2Xk2EWzZybjTrSKLCcT08/5euUf7k4+VvpWj/3iDOd4YmUb1DjYKvP5Mux1mHIGhn7ma+twvBuVH7Z2uedtpC0CYOMhajsIFNnIAeNeqp7EjER400pWYQkaNpW/PLYMAhQqJ/u60IMd30B1DpIAfHdP5U/oqIZPTLVMZIS4A==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Tue, 04 Oct 2022 12:18:02 +0000
  • Ironport-data: A9a23:WPJ9uazNd67sh8SPV/J6t+csxyrEfRIJ4+MujC+fZmUNrF6WrkUAn 2ROC2+CMv/fYzf8KdAnbtngoR4Cu5TdmIc2TlZpqiAxQypGp/SeCIXCJC8cHc8wwu7rFxs7s ppEOrEsCOhuExcwcz/0auCJQUFUjP3OHPykYAL9EngZbRd+Tys8gg5Ulec8g4p56fC0GArIs t7pyyHlEAbNNwVcbyRFsMpvlDs15K6o4WtA4gRkDRx2lAS2e0c9Xcp3yZ6ZdxMUcqEMdsamS uDKyq2O/2+x13/B3fv8z94X2mVTKlLjFVDmZkh+AsBOsTAbzsAG6Y4pNeJ0VKtio27hc+ada jl6ncfYpQ8BZsUgkQmGOvVSO3kW0aZuoNcrLZUj2CA6IoKvn3bEmp1T4E8K0YIwx+9cEWNx+ /MhMw8SaB+T2vOR/rKgVbw57igjBJGD0II3nFhFlGicJ9B2BJfJTuPN+MNS2yo2ioZWB/HCa sEFaD1pKhPdfxlIPVRRA5U79AuqriCnL3sE9xTI9exuvTi7IA9ZidABNPLPfdOHX4NNl1uwr WPa5WXpRBodMbRzzBLVri7x37eTwEsXXqoQPqeU9fxh2WfN7W44VSYoVxyEhemQ3xvWt9V3b hZ8FjAVhao4+VGvT9L9dwalu3PCtRkZM/JPF8Uq5QfLzbDbiy6JC25BQjNfZdgOsM4tWSdsx lKPh8nuBzFkrPuSU331y1uPhTa7OCxQJ2lSYyYBFFIB+4O6/tF1iQ/TRNF+FqLzlsfyBTz73 zGNqm45mqkXiskIka68+Dgrng6Rm3QAdSZtji2/Y45vxloRiFKND2Bw1WXm0A==
  • Ironport-hdrordr: A9a23:KkhHFKirKWo26l+GNRN/hnNgF3BQX0F13DAbv31ZSRFFG/FwyP rCoB1L73XJYWgqM03I+eruBEBPewK4yXdQ2/hoAV7EZnichILIFvAa0WKG+VHd8kLFltK1uZ 0QEJSWTeeAd2SS7vyKnzVQcexQp+VvmZrA7Ym+854ud3ANV0gJ1XYENu/xKDwTeOApP+taKH LKjfA32gZINE5nGPiTNz0gZazuttfLnJXpbVovAAMm0hCHiXeN5KThGxaV8x8CW3cXqI1SuV Ttokjc3OGOovu7whjT2yv66IlXosLozp9mCNaXgsYYBz3wgkKDZZhnWZeFoDcpydvfoWoCoZ 3pmVMNLs5z43TeciWcpgbs4RDp1HIU53rr2Taj8A7eiP28YAh/J9tKhIpffBecwVEnpstA3K VC2H/cn4ZLDDvb9R6Nq+TgZlVPrA6ZsHAimekcgzh0So0FcoJcqoQZ4Qd8DIoAJiTn84oqed MeQf003MwmP29yUkqp/1WGmLeXLzQO91a9MwI/U/WuondrdCsT9Tpa+CQd9k1whq7VBaM0pd gsCZ4Y5I2mfvVmE56VO91xMPdfKla9NS4kY1jiVmjPJeUgB0/njaLRzfEc2NyKEaZ4v6fa3q 6xG29liQ==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Tue, Oct 04, 2022 at 12:40:10PM +0200, Jan Beulich wrote:
> On 04.10.2022 11:27, Roger Pau Monné wrote:
> > On Tue, Oct 04, 2022 at 11:01:18AM +0200, Jan Beulich wrote:
> >> On 30.09.2022 16:17, Roger Pau Monne wrote:
> >>> The EFI memory map contains two memory types (EfiMemoryMappedIO and
> >>> EfiMemoryMappedIOPortSpace) used to describe IO memory areas of
> >>> devices used by EFI.
> >>>
> >>> The current parsing of the EFI memory map was translating
> >>> EfiMemoryMappedIO and EfiMemoryMappedIOPortSpace to E820_RESERVED on
> >>> x86.  This is an issue because device MMIO regions (BARs) should not
> >>> be positioned on reserved regions.  Any BARs positioned on non-hole
> >>> areas of the memory map will cause is_memory_hole() to return false,
> >>> which would then cause memory decoding to be disabled for such device.
> >>> This leads to EFI firmware malfunctions when using runtime services.
> >>>
> >>> The system under which this was observed has:
> >>>
> >>> EFI memory map:
> >>> [...]
> >>>  00000fd000000-00000fe7fffff type=11 attr=800000000000100d
> >>> [...]
> >>> 0000:00:1f.5 disabled: BAR [0xfe010, 0xfe010] overlaps with memory map
> >>>
> >>> The device behind this BAR is:
> >>>
> >>> 00:1f.5 Serial bus controller [0c80]: Intel Corporation Lewisburg SPI 
> >>> Controller (rev 09)
> >>>   Subsystem: Super Micro Computer Inc Device 091c
> >>>   Flags: fast devsel
> >>>   Memory at fe010000 (32-bit, non-prefetchable) [size=4K]well
> >>>
> >>> For the record, the symptom observed in that machine was a hard freeze
> >>> when attempting to set an EFI variable (XEN_EFI_set_variable).
> >>>
> >>> Fix by not adding regions with type EfiMemoryMappedIO or
> >>> EfiMemoryMappedIOPortSpace to the e820 memory map, that allows BARs to
> >>> be positioned there.
> >>>
> >>> Fixes: 75cc460a1b ('xen/pci: detect when BARs are not suitably 
> >>> positioned')
> >>> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
> >>
> >> In the best case this is moving us from one way of being wrong to another:
> >> So far we wrongly include BARs in E820_RESERVED (_if_ they can be
> >> legitimately covered by a EfiMemoryMappedIO region in the first place,
> >> which I'm not sure is actually permitted - iirc just like E820_RESERVED
> >> may not be used for BARs, this memory type also may not be), whereas with
> >> your change we would no longer report non-BAR MMIO space (chipset specific
> >> ranges for example) as reserved. In fact I think the example you provide
> >> is at least partly due to bogus firmware behavior: The BAR is put in space
> >> normally used for firmware specific memory (MMIO) ranges. I think firmware
> >> should either assign the BAR differently or exclude the range from the
> >> memory map.
> > 
> > Hm, I'm not sure the example is bogus, how would firmware request a BAR
> > to be mapped for run time services to access it otherwise if it's not
> > using EfiMemoryMappedIO?
> > 
> > Not adding the BAR to the memory map in any way would mean the OS is
> > free to not map it for runtime services to access.
> 
> My view is that BARs should not be marked for runtime services use. Doing
> so requires awareness of the driver inside the OS, which I don't think
> one can expect. If firmware needs to make use of a device in a system, it
> ought to properly hide it from the OS. Note how the potential sharing of
> an RTC requires special provisions in the spec, mandating driver awareness.
> 
> Having a BAR expressed in the memory map also contradicts the ability of
> an OS to relocate all BARs of all devices, if necessary.

I've failed to figure out if there's a way in UEFI to report a device
is in use by the firmware.  I've already looked before sending the
patch (see also the post commit notes about for example not passing
through the device to any guest for obvious reason).

I've got no idea if Linux has any checks to avoid trying to move BARs
residing in EfiMemoryMappedIO ranges, we have now observed this
behavior in two systems already.

Maybe we could do a special check for PCI devices and allow them
having BARs in EfiMemoryMappedIO, together with printing a warning
message.

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.