From: "Laszlo Ersek" <lersek@redhat.com>
To: Ard Biesheuvel <ardb@kernel.org>, devel@edk2.groups.io, mcb30@ipxe.org
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>,
Brijesh Singh <brijesh.singh@amd.com>,
Erdem Aktas <erdemaktas@google.com>,
Gerd Hoffmann <kraxel@redhat.com>,
James Bottomley <jejb@linux.ibm.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Jordan Justen <jordan.l.justen@intel.com>,
Min Xu <min.m.xu@intel.com>, Oliver Steffen <osteffen@redhat.com>,
Sebastien Boeuf <sebastien.boeuf@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Michael Brown <mcb30@ipxe.org>
Subject: Re: [edk2-devel] [PATCH v2] OvmfPkg/PlatformInitLib: catch QEMU's CPU hotplug reg block regression
Date: Thu, 12 Jan 2023 14:31:44 +0100 [thread overview]
Message-ID: <f9e398a8-502b-08eb-175a-772d4fe139b4@redhat.com> (raw)
In-Reply-To: <CAMj1kXHBz1DDyXC9+UgcXd6A6UWkSbTzAj_fYLPRjMw-TwtoAA@mail.gmail.com>
On 1/12/23 11:09, Ard Biesheuvel wrote:
> On Thu, 12 Jan 2023 at 10:56, Michael Brown <mcb30@ipxe.org> wrote:
>>
>> On 12/01/2023 08:28, Laszlo Ersek wrote:
>>> In QEMU v5.1.0, the CPU hotplug register block misbehaves: the negotiation
>>> protocol is (effectively) broken such that it suggests that switching from
>>> the legacy interface to the modern interface works, but in reality the
>>> switch never happens. The symptom has been witnessed when using TCG
>>> acceleration; KVM seems to mask the issue. The issue persists with the
>>> following (latest) stable QEMU releases: v5.2.0, v6.2.0, v7.2.0. Currently
>>> there is no stable release that addresses the problem.
>>>
>>> The QEMU bug confuses the Present and Possible counting in function
>>> PlatformMaxCpuCountInitialization(), in
>>> "OvmfPkg/Library/PlatformInitLib/Platform.c". OVMF ends up with Present=0
>>> Possible=1. This in turn further confuses MpInitLib in UefiCpuPkg (hence
>>> firmware-time multiprocessing will be broken). Worse, CPU hot(un)plug with
>>> SMI will be summarily broken in OvmfPkg/CpuHotplugSmm, which (considering
>>> the privilege level of SMM) is not that great.
>>>
>>> Detect the issue in PlatformMaxCpuCountInitialization(), and print an
>>> error message and *hang* if the issue is present.
>>
>> Would this mean that OVMF would refuse to start with all current distro
>> versions of qemu (when not using KVM), or am I misunderstanding?
>>
>
> I had the same question, actually. This would be less than ideal,
> especially given the fact that I didn't even notice the breakage, and
> Linux happily booted on all cores.
>
> If this is a security issue that affects SMM, could we make this
> behavior dependent on REQUIRE_SMM perhaps?
Yes, we could restrict this with FeaturePcdGet (PcdSmmSmramRequire), but
then all multi-processing (the MP PPI from CpuMpPei, and the MP protocol
from CpuDxe) remains broken (or at least "misconfigured") in OVMF.
That can have OS visible effects; for example, MSR_IA32_FEATURE_CONTROL
is supposed to be configured identically on all processors, and
PlatformPei uses the MP PPI (from CpuMpPei) to do that;
<https://tianocore.acgmultimedia.com/show_bug.cgi?id=86>.
Is it common that people run bleeding edge OVMF (built from git
checkout) on distro QEMU?
Edk2's release cycle is much shorter than QEMU's, so I guess we should
delay merging this until after QEMU v8 is out, at the least. But, if
there won't be another stable release for, say, QEMU v6, is that reason
enough to abandon this patch in OVMF?
Laszlo
next prev parent reply other threads:[~2023-01-12 13:31 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-12 8:28 [PATCH v2] OvmfPkg/PlatformInitLib: catch QEMU's CPU hotplug reg block regression Laszlo Ersek
2023-01-12 9:55 ` [edk2-devel] " Michael Brown
2023-01-12 10:09 ` Ard Biesheuvel
2023-01-12 13:31 ` Laszlo Ersek [this message]
2023-01-12 13:22 ` Laszlo Ersek
2023-01-12 16:08 ` Michael Brown
2023-01-12 17:58 ` Laszlo Ersek
2023-01-12 18:22 ` Laszlo Ersek
2023-01-12 22:49 ` Michael Brown
2023-01-13 6:03 ` Gerd Hoffmann
2023-01-13 9:32 ` Gerd Hoffmann
2023-01-13 10:10 ` Laszlo Ersek
2023-01-13 12:22 ` Gerd Hoffmann
2023-01-16 14:42 ` Ard Biesheuvel
2023-01-16 14:48 ` Laszlo Ersek
2023-01-17 12:37 ` Gerd Hoffmann
2023-01-17 16:43 ` Ard Biesheuvel
2023-01-18 7:25 ` Gerd Hoffmann
2023-01-18 11:50 ` Laszlo Ersek
2023-01-18 13:10 ` Gerd Hoffmann
2023-01-18 13:25 ` Laszlo Ersek
2023-01-18 13:10 ` Ard Biesheuvel
2023-01-18 13:21 ` Laszlo Ersek
2023-01-12 18:34 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f9e398a8-502b-08eb-175a-772d4fe139b4@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox