Re: [PATCH v2] irq: add quirk for broken interrupt remapping on 55XX chipsets

From: Bjorn Helgaas
Date: Thu Apr 04 2013 - 14:41:59 EST

Next message: Linus Torvalds: "Re: [PATCH] mm: prevent mmap_cache race in find_vma()"
Previous message: Tejun Heo: "Re: [PATCH v2 07/20] x86, ACPI: Make acpi_initrd_override_find workwith 32bit flat mode"
In reply to: Neil Horman: "Re: [PATCH v2] irq: add quirk for broken interrupt remapping on 55XXchipsets"
Next in thread: Neil Horman: "Re: [PATCH v2] irq: add quirk for broken interrupt remapping on 55XXchipsets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 4, 2013 at 11:51 AM, Neil Horman <nhorman@xxxxxxxxxxxxx> wrote:

> Oh, you want the bug report that I'm fixing this against? Sure, I can do that.
> I thought you wanted me to include a url in the WARN_TAINT, with which user
> could report occurances of this bug. Yeah, the bug that this is reported in is:
> https://bugzilla.redhat.com/show_bug.cgi?id=887006
>
> Its standing in for about a dozen or so variants of this issue we've seen

Exactly -- I'm just hoping for something in the changelog. BTW, this
particular bugzilla is not public.

> Regardless, theres also the security issue to consider here - namely that
> disabling irq remapping opens up users of virt to a possible security bug
> (potential irq injection). Some users may wish to live with the remapping
> error, given that error typically leads to devices that need to be
> restarted/reset to start working again, rather than live with the security hole.
> I rather like the warning, that gives users a choice, but I'll spin up a version
> that just disables it if you would rather.

I don't believe users will want to make a choice like that or even be
sophisticated enough to do it, at least not based on something in
dmesg. I'm pretty sure I'm not :)

The only supportable thing I can imagine doing would be:

- Disable interrupt remapping if this chipset defect is present, so
devices work reliably (they don't need whatever restart/reset you
referred to above).
- Disable virt functionality when interrupt remapping is disabled to
avoid the security problem (I don't know the details of this.)
- Add a command-line option to enable interrupt remapping (I think
"intremap=on" is currently parsed too early, but maybe this could be
reworked so the option could override the quirk disable).
- Add release notes saying "boot with 'intremap=on' if you want the
virt functionality and can accept unreliable devices."

That way the default behavior is safe and reliable (though perhaps
lacking some functionality), and you have told the user a way to get
safe and unreliable operation if he's willing to accept that. At
least, that's what I think I would want if I were in RH's shoes.

Bjorn
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: [PATCH] mm: prevent mmap_cache race in find_vma()"
Previous message: Tejun Heo: "Re: [PATCH v2 07/20] x86, ACPI: Make acpi_initrd_override_find workwith 32bit flat mode"
In reply to: Neil Horman: "Re: [PATCH v2] irq: add quirk for broken interrupt remapping on 55XXchipsets"
Next in thread: Neil Horman: "Re: [PATCH v2] irq: add quirk for broken interrupt remapping on 55XXchipsets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]