Re: [PATCH] [EFI,PCI] Allow disabling PCI busmastering on bridges during boot
From: Matthew Garrett
Date: Fri Dec 13 2019 - 16:24:49 EST
On Thu, Dec 12, 2019 at 7:46 AM Ard Biesheuvel
<ard.biesheuvel@xxxxxxxxxx> wrote:
>
> On Wed, 4 Dec 2019 at 20:56, Matthew Garrett <mjg59@xxxxxxxxxx> wrote:
> > We already handle this case - the kernel doesn't activate busmastering
> > until after it does IOMMU setup.
>
> Build issues aside (which we already handled off list), I think we
> should consider the following concerns I have about this patch:
> - make it work on ARM (already done)
> - make the cmdline option an efi=xxx one, this makes it obvious which
> context this is active in
Ok.
> - I would prefer it if we could make it more obvious that this affects
> PCI DMA only, other masters are unaffected by any of this.
Ok - in terms of naming, or in terms of documentation?
> - What about integrated masters? On the systems I have access to,
> there are a lot of DMA capable endpoints that sit on bus 0 without any
> root port or PCI bridge in between
There's not really anything we can do about those. My gut feeling is
that if you're in a situation where you can't trust your integrated
chipset then you're going to have trouble building any real trust in
the platform.
> - Should we treat GOP producers differently? Or perhaps only if the
> efifb address is known to be carved out of system memory?
Hm, good question. Video cards are one of the most complicated devices
on the system, so I'd prefer not to leave us vulnerable to them. Maybe
try this as an opt-in thing for a while and see whether people find
graphics-related breakage?
> If we come up with a good story here in terms of policy, we may be
> able to enable this by default, which would be a win imo.
I'm pretty sure we're going to have some hardware that this just
breaks on, unfortunately - Apple's EFI driver for Broadcom wifi used
to continue DMAing over ExitBootServices(), and the "easy" fix of
disabling BME on it beforehand resulted in the card wedging on driver
load, so I think we'll see other devices that have similar behaviour.
(We "fixed" the Apple case by putting the card into S3)