[Skiboot] [RFC PATCH] nvram: Flag dangerous NVRAM options

Alistair Popple alistair at popple.id.au
Fri May 3 15:40:56 AEST 2019 

> +static void nvram_dangerous(const char *key)
> +{
> +	prlog(PR_ERR, "
> ___________________________________________________________\n");
> +	prlog(PR_ERR, "<  Dangerous NVRAM option: %s\n", key);
> +	prlog(PR_ERR, "
> -----------------------------------------------------------\n");
> +	prlog(PR_ERR, "                  \\                         \n");
> +	prlog(PR_ERR, "                   \\   WW                   \n");
> +	prlog(PR_ERR, "                      <^ \\___/|             \n");
> +	prlog(PR_ERR, "                       \\      /             \n");
> +	prlog(PR_ERR, "                        \\_  _/              \n");
> +	prlog(PR_ERR, "                          }{                 \n"); +}
> +

This chicken is too small and cute to represent danger. Perhaps a giant spider 
instead?

> diff --git a/hw/npu2-common.c b/hw/npu2-common.c
> index d4c0f851d6..018335e2ab 100644
> --- a/hw/npu2-common.c
> +++ b/hw/npu2-common.c
> @@ -660,7 +660,7 @@ void probe_npu2(void)
>  	}
> 
>  	/* Check for a zcal override */
> -	zcal = nvram_query("nv_zcal_override");
> +	zcal = nvram_query("nv_zcal_override", true);

Acked-By: Alistair Popple <alistair at popple.id.au>

>  	if (zcal) {
>  		nv_zcal_nominal = atoi(zcal);
>  		prlog(PR_WARNING, "NPU2: Using ZCAL impedance override = %d\n",
> nv_zcal_nominal); diff --git a/hw/npu2-opencapi.c b/hw/npu2-opencapi.c
> index 9df51b22ed..4ee6235733 100644
> --- a/hw/npu2-opencapi.c
> +++ b/hw/npu2-opencapi.c
> @@ -1727,7 +1727,7 @@ static void read_nvram_training_state(void)
>  {
>  	const char *state;
> 
> -	state = nvram_query("opencapi-link-training");
> +	state = nvram_query("opencapi-link-training", true);
>  	if (state) {
>  		if (!strcmp(state, "prbs31"))
>  			npu2_ocapi_training_state = NPU2_TRAIN_PRBS31;
> diff --git a/hw/phb4.c b/hw/phb4.c
> index 52aedc890f..f2898263d4 100644
> --- a/hw/phb4.c
> +++ b/hw/phb4.c
> @@ -5919,16 +5919,16 @@ void probe_phb4(void)
>  	struct dt_node *np;
>  	const char *s;
> 
> -	verbose_eeh = nvram_query_eq("pci-eeh-verbose", "true");
> +	verbose_eeh = nvram_query_eq("pci-eeh-verbose", "true", true);
>  	/* REMOVEME: force this for now until we stabalise PCIe */
>  	verbose_eeh = 1;
>  	if (verbose_eeh)
>  		prlog(PR_INFO, "PHB4: Verbose EEH enabled\n");
> 
> -	pci_tracing = nvram_query_eq("pci-tracing", "true");
> -	pci_eeh_mmio = !nvram_query_eq("pci-eeh-mmio", "disabled");
> -	pci_retry_all = nvram_query_eq("pci-retry-all", "true");
> -	s = nvram_query("phb-rx-err-max");
> +	pci_tracing = nvram_query_eq("pci-tracing", "true", true);
> +	pci_eeh_mmio = !nvram_query_eq("pci-eeh-mmio", "disabled", true);
> +	pci_retry_all = nvram_query_eq("pci-retry-all", "true", true);
> +	s = nvram_query("phb-rx-err-max", true);
>  	if (s) {
>  		rx_err_max = atoi(s);
> 
> @@ -5937,7 +5937,6 @@ void probe_phb4(void)
>  		rx_err_max = MIN(rx_err_max, 255);
>  	}
>  	prlog(PR_DEBUG, "PHB4: Maximum RX errors during training: %d\n",
> rx_err_max); -
>  	/* Look for PBCQ XSCOM nodes */
>  	dt_for_each_compatible(dt_root, np, "ibm,power9-pbcq")
>  		phb4_probe_pbcq(np);
> diff --git a/hw/slw.c b/hw/slw.c
> index adbfdce950..b0d503cc7f 100644
> --- a/hw/slw.c
> +++ b/hw/slw.c
> @@ -883,7 +883,7 @@ void add_cpu_idle_state_properties(void)
>  		if (wakeup_engine_state == WAKEUP_ENGINE_PRESENT)
>  			supported_states_mask |= OPAL_PM_WINKLE_ENABLED;
>  	}
> -	nvram_disable_str = nvram_query("opal-stop-state-disable-mask");
> +	nvram_disable_str = nvram_query("opal-stop-state-disable-mask", true);
>  	if (nvram_disable_str)
>  		nvram_disabled_states_mask = strtol(nvram_disable_str, NULL, 0);
>  	prlog(PR_DEBUG, "NVRAM stop disable mask: %x\n",
> nvram_disabled_states_mask); diff --git a/hw/xscom.c b/hw/xscom.c
> index b652e61702..7b642bad25 100644
> --- a/hw/xscom.c
> +++ b/hw/xscom.c
> @@ -833,7 +833,7 @@ int64_t xscom_trigger_xstop(void)
>  	int rc = OPAL_UNSUPPORTED;
>  	bool xstop_disabled = false;
> 
> -	if (nvram_query_eq("opal-sw-xstop", "disable"))
> +	if (nvram_query_eq("opal-sw-xstop", "disable", true))
>  		xstop_disabled = true;
> 
>  	if (xstop_disabled) {
> diff --git a/include/nvram.h b/include/nvram.h
> index 012c107f17..7c88d3bb2e 100644
> --- a/include/nvram.h
> +++ b/include/nvram.h
> @@ -24,7 +24,7 @@ bool nvram_validate(void);
>  bool nvram_has_loaded(void);
>  bool nvram_wait_for_load(void);
> 
> -const char *nvram_query(const char *name);
> -bool nvram_query_eq(const char *key, const char *value);
> +const char *nvram_query(const char *name, bool dangerous);
> +bool nvram_query_eq(const char *key, const char *value, bool dangerous);
> 
>  #endif /* __NVRAM_H */
> diff --git a/libstb/secureboot.c b/libstb/secureboot.c
> index 4f6a301d5e..5714bec178 100644
> --- a/libstb/secureboot.c
> +++ b/libstb/secureboot.c
> @@ -104,7 +104,7 @@ void secureboot_init(void)
> 
>  	prlog(PR_DEBUG, "Found %s\n", compat);
> 
> -	if (nvram_query_eq("force-secure-mode", "always")) {
> +	if (nvram_query_eq("force-secure-mode", "always", true)) {
>  		secure_mode = true;
>  		prlog(PR_NOTICE, "secure mode on (FORCED by nvram)\n");
>  	} else {
> diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c
> index ae2cc55646..570972c858 100644
> --- a/libstb/trustedboot.c
> +++ b/libstb/trustedboot.c
> @@ -102,7 +102,7 @@ void trustedboot_init(void)
>  		return;
>  	}
> 
> -	if (nvram_query_eq("force-trusted-mode", "true")) {
> +	if (nvram_query_eq("force-trusted-mode", "true", true)) {
>  		trusted_mode = true;
>  		prlog(PR_NOTICE, "trusted mode on (FORCED by nvram)\n");
>  	} else {

More information about the Skiboot mailing list