From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2FB9420D2C3B9 for ; Wed, 29 Mar 2017 09:40:11 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 61AFB61BBA; Wed, 29 Mar 2017 16:40:10 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 61AFB61BBA Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=lersek@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 61AFB61BBA Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-134.phx2.redhat.com [10.3.116.134]) by smtp.corp.redhat.com (Postfix) with ESMTP id C95D117118; Wed, 29 Mar 2017 16:40:08 +0000 (UTC) To: Ard Biesheuvel References: <20170329151940.23397-1-ard.biesheuvel@linaro.org> <4bdde09a-cf2e-33fb-967e-97e69e5be892@redhat.com> Cc: "edk2-devel@lists.01.org" , Marc Zyngier , Jon Masters , Drew Jones From: Laszlo Ersek Message-ID: Date: Wed, 29 Mar 2017 18:40:07 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Wed, 29 Mar 2017 16:40:10 +0000 (UTC) Subject: Re: [PATCH] ArmVirtPkg/PlatformHasAcpiDtDxe: allow manual override for DT installation X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Mar 2017 16:40:11 -0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit On 03/29/17 18:07, Ard Biesheuvel wrote: > On 29 March 2017 at 17:03, Laszlo Ersek wrote: >> On 03/29/17 18:02, Ard Biesheuvel wrote: >>> On 29 March 2017 at 17:00, Laszlo Ersek wrote: >>>> On 03/29/17 17:19, Ard Biesheuvel wrote: >>>>> In general, we should not present two separate (and inevitably different) >>>>> hardware descriptions to the OS, in the form of ACPI tables and a device >>>>> tree blob. For this reason, we recently added the logic to ArmVirtQemu to >>>>> only expose the ACPI 2.0 entry point if no DT binary is being passed, and >>>>> vice versa. >>>>> >>>>> However, this is arguably a regression for those who rely on both >>>>> descriptions being available, even if the use cases in question are >>>>> uncommon. >>>>> >>>>> So allow a secret handshake with the UEFI Shell, to set a variable that >>>>> will result in both descriptions being exposed on the next boot, if >>>>> executing in the default 'ACPI-only' mode. >>>>> >>>>> setvar -nv -bs -guid 50bea1e5-a2c5-46e9-9b3a-59596516b00a ForceDt =01 >>>>> >>>>> Contributed-under: TianoCore Contribution Agreement 1.0 >>>>> Signed-off-by: Ard Biesheuvel >>>>> --- >>>>> ArmVirtPkg/ArmVirtPkg.dec | 8 ++++++++ >>>>> ArmVirtPkg/ArmVirtQemu.dsc | 3 +++ >>>>> ArmVirtPkg/PlatformHasAcpiDtDxe/PlatformHasAcpiDtDxe.c | 7 ++++++- >>>>> ArmVirtPkg/PlatformHasAcpiDtDxe/PlatformHasAcpiDtDxe.inf | 5 +++++ >>>>> 4 files changed, 22 insertions(+), 1 deletion(-) >>>> >>>> Nacked-by: Laszlo Ersek >>>> >>>> This will cause everyone *at all* to set the secret handshake, and we >>>> will be back to square one, where everyone just exposes ACPI and DT at >>>> the same time, and delegate the decision to the guest kernel. >>>> >>>> And then vendors will continue to ignore ACPI testing, and they will >>>> continue shipping crap in their ACPI tables. >>>> >>>> We might as well rip out the recent patches that implement the mechanism >>>> and the policy for the mutual exclusion. >>>> >>>> As Leif proved so eloquently (in the pub) in Budapest during Connect, no >>>> OS needs both descriptions at the same time. Virt users can make up >>>> their minds about what to expose. We (RH virt) had been worriedly >>>> planning to make the same proposal to Leif, you, et al, and then we were >>>> happy to see the violent agreement that ensued. >>>> >>>> Sorry for getting political, but the kernel's unwavering preference for >>>> DT over ACPI is political, and the recent edk2 patches only exist to >>>> rectify that, from the firmware side. Users don't lose DT. What they do >>>> lose is the (harmful) freedom of not choosing one over the other. That >>>> freedom has had a terrible effect on the quality of ACPI tables shipped >>>> with *allegedly* SBBR-compliant hardware. >>>> >>>> Feel free to diverge from this in downstream distributions, but this >>>> loophole has no place in upstream edk2. >>>> >>>> NACK >>>> >>> >>> OK, fair enough. How do you propose to handle this regression then? >>> >> >> I don't. > > I think I am entitled to a more constructive attitude from you. I > don't care about politics, but I do care about not breaking people's > workflows. So if you insist on getting on your high horse and throw > capitalized NACKs at me, you could at least *pretend* to care about > other users than *your* downstream, and come up with some alternative. Ard, I'm not on my high horse. I thought we were in agreement about this. It was obvious (to me at least) that this policy would be considered a regression by those who wanted both DT and ACPI in the guest. From my side, breaking that was all intentional. I'm not deliberately screwing with users (just because they have "niche" needs), and normally I would fully agree with you. The problem is that by providing an automated, upstream (centralized) opt-out from the mutual exclusion, the ecosystem will be allowed to suffer from the same nonchalance towards ACPI that has been the case until now. It's clear that your well-meaning change will be immediately exploited as the new-old default. Do you plan to add the same loophole to the HII-enabled driver that you recently committed as well? Also, please don't accuse me of caring only about RH's downstream. The following blog post wasn't authored by a Red Hat employee: http://www.secretlab.ca/archives/151 The following document is also not Red Hat exclusive: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.den0044b/index.html What you are arguing for is, indirectly, to relicense platform vendors to continue ignoring ACPI, while (falsely) labeling their systems SBBR conformant. And then any OS vendor that actually cares about SBBR conformance (hint: it's not just Red Hat) sees brutal boot splats. That is not your intent (obviously), but that is the (seen, experienced) effect of providing both DT and ACPI. My Nacked-by is not for the specific technical solution that you proposed. The technical solution is fine. The goal is wrong. Which makes any technical solution (original or alternative) wrong. If you want, you can go ahead and commit this patch, adding my Nacked-by from above. I won't get into a fight with you over this (or anything else), but I want my conviction -- namely, that this is entirely wrong -- clearly marked. On the technical side: - I think a dynamic boolean PCD would be superior, if that is possible with HII (= directly nvvar-backed) PCDs -- absence of the variable should map to FALSE. I'm unsure though if that were as easy to set from the UEFI shell as a UINT8. So stick with the current data type if you deem that superior (maybe comment on it in the commit message). - please include in the C source, to reflect the [LibraryClasses] update in the INF. Peace Laszlo