[OpenPower-Firmware] op-build v2.3.1 released!
Stewart Smith
stewart at linux.ibm.com
Tue Jul 9 11:29:48 AEST 2019
Release Notes for OpenPower Firmware v2.3.1
*******************************************
op-build v2.3.1 was released on July 9th, 2019 and contains several
important fixes for POWER8 and POWER9 systems.
For POWER8 and POWER9 systems there are updated skiboot, Linux, and
buildroot. There's also an an updated hostboot for POWER8 systems.
skiboot
=======
Bug fixes included in this release are:
* npu2: Purge cache when resetting a GPU
After putting all a GPU's links in reset, do a cache purge in case
we have CPU cache lines belonging to the now-unaccessible GPU
memory.
* npu2: Reset NVLinks when resetting a GPU
Resetting a V100 GPU brings its NVLinks down and if an NPU tries
using those, an HMI occurs. We were lucky not to observe this as the
bare metal does not normally reset a GPU and when passed through,
GPUs are usually before NPUs in QEMU command line or Libvirt XML and
because of that NPUs are naturally reset first. However simple
change of the device order brings HMIs.
This defines a bus control filter for a PCI slot with a GPU with
NVLinks so when the host system issues secondary bus reset to the
slot, it resets associated NVLinks.
* hw/phb4: Assert Link Disable bit after ETU init
The cursed RAID card in ozrom1 has a bug where it ignores PERST
being asserted. The PCIe Base spec is a little vague about what
happens while PERST is asserted, but it does clearly specify that
when PERST is de-asserted the Link Training and Status State Machine
(LTSSM) of a device should return to the initial state (Detect)
defined in the spec and the link training process should restart.
This bug was worked around in 9078f8268922 ("phb4: Delay training
till after PERST is deasserted") by setting the link disable bit at
the start of the FRESET process and clearing it after PERST was de-
asserted. Although this fixed the bug, the patch offered no
explaination of why the fix worked.
In b8b4c79d4419 ("hw/phb4: Factor out PERST control") the link
disable workaround was moved into phb4_assert_perst(). This is
called always in the CRESET case, but a following patch resulted in
assert_perst() not being called if phb4_freset() was entered
following a CRESET since p->skip_perst was set in the CRESET
handler. This is bad since a side-effect of the CRESET is that the
Link Disable bit is cleared.
This, combined with the RAID card ignoring PERST results in the PCIe
link being trained by the PHB while we're waiting out the 100ms ETU
reset time. If we hack skiboot to print a DLP trace after returning
from phb4_hw_init() we get:
PHB#0001[0:1]: Initialization complete
PHB#0001[0:1]: TRACE:0x0000102101000000 0ms presence GEN1:x16:polling
PHB#0001[0:1]: TRACE:0x0000001101000000 23ms GEN1:x16:detect
PHB#0001[0:1]: TRACE:0x0000102101000000 23ms presence GEN1:x16:polling
PHB#0001[0:1]: TRACE:0x0000183101000000 29ms training GEN1:x16:config
PHB#0001[0:1]: TRACE:0x00001c5881000000 30ms training GEN1:x08:recovery
PHB#0001[0:1]: TRACE:0x00001c5883000000 30ms training GEN3:x08:recovery
PHB#0001[0:1]: TRACE:0x0000144883000000 33ms presence GEN3:x08:L0
PHB#0001[0:1]: TRACE:0x0000154883000000 33ms trained GEN3:x08:L0
PHB#0001[0:1]: CRESET: wait_time = 100
PHB#0001[0:1]: FRESET: Starts
PHB#0001[0:1]: FRESET: Prepare for link down
PHB#0001[0:1]: FRESET: Assert skipped
PHB#0001[0:1]: FRESET: Deassert
PHB#0001[0:1]: TRACE:0x0000154883000000 0ms trained GEN3:x08:L0
PHB#0001[0:1]: TRACE: Reached target state
PHB#0001[0:1]: LINK: Start polling
PHB#0001[0:1]: LINK: Electrical link detected
PHB#0001[0:1]: LINK: Link is up
PHB#0001[0:1]: LINK: Went down waiting for stabilty
PHB#0001[0:1]: LINK: DLP train control: 0x0000105101000000
PHB#0001[0:1]: CRESET: Starts
What has happened here is that the link is trained to 8x Gen3 33ms
after we return from phb4_init_hw(), and before we've waitined to
100ms that we normally wait after re-initialising the ETU. When we
"deassert" PERST later on in the FRESET handler the link in L0
(normal) state. At this point we try to read from the Vendor/Device
ID register to verify that the link is stable and immediately get a
PHB fence due to a PCIe Completion Timeout. Skiboot attempts to
recover by doing another CRESET, but this will encounter the same
issue.
This patch fixes the problem by setting the Link Disable bit (by
calling phb4_assert_perst()) immediately after we return from
phb4_init_hw(). This prevents the link from being trained while
PERST is asserted which seems to avoid the Completion Timeout. With
the patch applied we get:
PHB#0001[0:1]: Initialization complete
PHB#0001[0:1]: TRACE:0x0000102101000000 0ms presence GEN1:x16:polling
PHB#0001[0:1]: TRACE:0x0000001101000000 23ms GEN1:x16:detect
PHB#0001[0:1]: TRACE:0x0000102101000000 23ms presence GEN1:x16:polling
PHB#0001[0:1]: TRACE:0x0000909101000000 29ms presence GEN1:x16:disabled
PHB#0001[0:1]: CRESET: wait_time = 100
PHB#0001[0:1]: FRESET: Starts
PHB#0001[0:1]: FRESET: Prepare for link down
PHB#0001[0:1]: FRESET: Assert skipped
PHB#0001[0:1]: FRESET: Deassert
PHB#0001[0:1]: TRACE:0x0000001101000000 0ms GEN1:x16:detect
PHB#0001[0:1]: TRACE:0x0000102101000000 0ms presence GEN1:x16:polling
PHB#0001[0:1]: TRACE:0x0000001101000000 24ms GEN1:x16:detect
PHB#0001[0:1]: TRACE:0x0000102101000000 36ms presence GEN1:x16:polling
PHB#0001[0:1]: TRACE:0x0000183101000000 97ms training GEN1:x16:config
PHB#0001[0:1]: TRACE:0x00001c5881000000 97ms training GEN1:x08:recovery
PHB#0001[0:1]: TRACE:0x00001c5883000000 97ms training GEN3:x08:recovery
PHB#0001[0:1]: TRACE:0x0000144883000000 99ms presence GEN3:x08:L0
PHB#0001[0:1]: TRACE: Reached target state
PHB#0001[0:1]: LINK: Start polling
PHB#0001[0:1]: LINK: Electrical link detected
PHB#0001[0:1]: LINK: Link is up
PHB#0001[0:1]: LINK: Link is stable
PHB#0001[0:1]: LINK: Card [9005:028c] Optimal Retry:disabled
PHB#0001[0:1]: LINK: Speed Train:GEN3 PHB:GEN4 DEV:GEN3
PHB#0001[0:1]: LINK: Width Train:x08 PHB:x08 DEV:x08
PHB#0001[0:1]: LINK: RX Errors Now:0 Max:8 Lane:0x0000
* npu2: Reset PID wildcard and refcounter when mapped to LPID
Since 105d80f85b "npu2: Use unfiltered mode in XTS tables" we do not
register every PID in the XTS table so the table has one entry per
LPID. Then we added a reference counter to keep track of the entry
use when switching GPU between the host and guest systems (the
"Fixes:" tag below).
The POWERNV platform setup creates such entries and references them
at the boot time when initializing IOMMUs and only removes it when a
GPU is passed through to a guest. This creates a problem as POWERNV
boots via kexec and no defererencing happens; the XTS table state
remains undefined. So when the host kernel boots, skiboot thinks
there are valid XTS entries and does not update the XTS table which
breaks ATS.
This adds the reference counter and the XTS entry reset when a GPU
is assigned to LPID and we cannot rely on the kernel to clean that
up.
* hw/phb4: Use read/write_reg in assert_perst
While the PHB is fenced we can't use the MMIO interface to access
PHB registers. While processing a complete reset we inject a PHB
fence to isolate the PHB from the rest of the system because the PHB
won't respond to MMIOs from the rest of the system while being
reset.
We assert PERST after the fence has been erected which requires us
to use the XSCOM indirect interface to access the PHB registers
rather than the MMIO interface. Previously we did that when
asserting PERST in the CRESET path. However in b8b4c79d4419
("hw/phb4: Factor out PERST control"). This was re-written to use
the raw in_be64() accessor. This means that CRESET would not be
asserted in the reset path. On some Mellanox cards this would
prevent them from re-loading their firmware when the system was
fast-reset.
This patch fixes the problem by replacing the raw {in|out}_be64()
accessors with the phb4_{read|write}_reg() functions.
* opal-prd: Fix prd message size issue
If prd messages size is insufficient then read_prd_msg() call fails
with below error. And caller is not reallocating sufficient buffer.
Also its hard to guess the size.
Mar 28 03:31:43 zz24p1 opal-prd: FW: error reading from firmware:
alloc 32 rc -1: Invalid argument Mar 28 03:31:43 zz24p1 opal-prd:
FW: error reading from firmware: alloc 32 rc -1: Invalid argument
Mar 28 03:31:43 zz24p1 opal-prd: FW: error reading from firmware:
alloc 32 rc -1: Invalid argument ....
Lets use opal-msg-size device tree property to allocate memory for
prd message.
* npu2: Fix clearing the FIR bits
FIR registers are SCOM-only so they cannot be accesses with the
indirect write, and yet we use SCOM-based addresses for these; fix
this.
* opal-gard: Account for ECC size when clearing partition
When 'opal-gard clear all' is run, it works by erasing the GUARD
then using blockevel_smart_write() to write nothing to the
partition. This second write call is needed because we rely on
libflash to set the ECC bits appropriately when the partition
contained ECCed data.
The API for this is a little odd with the caller specifying how much
actual data to write, and libflash writing size + size/8 bytes since
there is one additional ECC byte for every eight bytes of data.
We currently do not account for the extra space consumed by the ECC
data in reset_partition() which is used to handle the 'clear all'
command. Which results in the paritition following the GUARD
partition being partially overwritten when the command is used. This
patch fixes the problem by reducing the length we would normally
write by the number of ECC bytes required.
* nvram: Flag dangerous NVRAM options
Most nvram options used by skiboot are just for debug or testing for
regressions. They should never be used long term.
We've hit a number of issues in testing and the field where nvram
options have been set "temporarily" but haven't been properly
cleared after, resulting in crashes or real bugs being masked.
This patch marks most nvram options used by skiboot as dangerous and
prints a chicken to remind users of the problem.
* devicetree: Don't set path to dtc in makefile
By setting the path we fail to build under buildroot which has it's
own set of host tools in PATH, but not at /usr/bin.
Keep the variable so it can be set if need be but default to
whatever 'dtc' is in the users path.
Linux and buildroot
===================
Move to Linux v5.1.15-openpower1 and buildroot 2019.02.3
This updates to a in-support stable Linux release, resolving potential
security and stability issues. Notably, this includes fixes for
CVE-2019-12817, CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479.
Buildroot stays on the same major version with the .2 and .3 stable
releases added in.
The skiroot defconfig is updated to ensure we still run the MMU in
Radix mode (see http://git.kernel.org/torvalds/c/8adddf349fda0). It
also disables xmon by default.
Hostboot
========
Point op-build P8 hostboot at commit to report cache-count-disabled OS
flag
Points OP build at the P8 hostboot package commit which enables
reporting to the OS that the cache-count-disabled Spectre workaround
is available.
--
Stewart Smith
OPAL Architect, IBM.
More information about the OpenPower-Firmware
mailing list