Ticket #11315 (closed defect: fixed)

Opened 3 years ago

Last modified 3 years ago

XO 1.75 secure mode gets ttyS0 console instead of ttyS2

Reported by: greenfeld Owned by: greenfeld
Priority: normal Milestone: 11.3.0
Component: ofw - open firmware Version: Development build as of this date
Keywords: Cc: dsd, pgf
Action Needed: no action Verified: no
Deployments affected: Blocked By:
Blocking:

Description

Apparently, OFW is responsible for providing the parameters when booting an XO in secure mode. However on an XO-1.75 it sets up the serial console output for Linux to use ttyS0 instead of ttyS2, which olpc.fth uses.

Dsd wants some time to ponder the best way to handle this. It may be preferable to move the console parameter inside of the kernel, but this is not necessarily backward (XO-1 and XO-1.5) compatible.

Change History

  Changed 3 years ago by wmb@…

  • status changed from new to assigned

We had this discussion some time ago. The consensus was that the *right* thing is for the kernel to responsible for its own non-optional cmdline settings, but that was unlikely to happen in x86 land.

If that is still true, even if we make it happen in the ARM kernel, we'll still need a different command line between x86 and ARM, so I might as well prepare for that.

follow-up: ↓ 3   Changed 3 years ago by pgf

just fyi, we've talked about renaming the linux serial port to ttyS0, instead of the somewhat unintuitive ttyS2. not sure if this would affect the conclusion in comment 1 or not.

in reply to: ↑ 2   Changed 3 years ago by greenfeld

Replying to pgf:

just fyi, we've talked about renaming the linux serial port to ttyS0, instead of the somewhat unintuitive ttyS2. not sure if this would affect the conclusion in comment 1 or not.

If this is happening in software (which I believe I've seen talked about as a kernel patch), we will have to ponder this the software way.

If this is a hardware change happening in a later bringup, 11.3.0 is going to need to know about this now as it likely will be used as the initial manufactured software release,

  Changed 3 years ago by pgf

definitely not a hardware change.

  Changed 3 years ago by dsd

I think we can solve this cleanly enough without having to rename ttyS2 through moving the console= (and fbcon=) params out of OFW (and out of olpc.fth too), into the kernel CONFIG_CMDLINE, for all laptop models.

I have confirmed (by looking at the code and testing) that the kernel copes fine if the console= and fbcon= parameters are passed multiple times. It ignores the repeated ones. So that avoids any possible headaches of mixing an old firmware (which passes the parameters in secure mode) with a new kernel (which also has the parameters specified in CONFIG_CMDLINE).

The one corner case happens when we mix a new firmware (which doesn't pass parameters) with an old OS build, which has a kernel that expects (in secure mode) to receive those parameters from OFW. In that case, in secure mode, early boot will have the smaller font, and no kernel messages are sent over serial console. (Unsecure mode is fine still since the params will come from the olpc.fth shipped in that OS build).

If we can live with that corner case (I think we can) then we can move this info out of OFW into the kernel CONFIG_CMDLINE, which would allow us to solve this bug at the same time. Thoughts?

  Changed 3 years ago by dsd

  • cc pgf added

Discussion/clarification with Paul on IRC:

If we make this change, if you downgrade OS on a secure laptop, you'll lose serial console kernel messages, but only on secure laptops. VT consoles remain available, and the bash prompt over serial still works. The framebuffer font size will be small during early boot, but will correct itself when userspace starts. The only breakage is to convenience, not function.

This would be noticable if you had a secure laptop with a broken screen and broken serial input, and it was secure, and you downgraded the OS. But first debugging steps in such a situation could be replace the screen and get a devkey.

One slight downside: settings in CONFIG_CMDLINE cannot be tweaked trivially - you have to rebuild the kernel. However, this has not been an issue for the existing settings we have in CONFIG_CMDLINE. In the case of the parameters questioned by this ticket, you would have to change CONFIG_CMDLINE if you want to disable serial console or change the early boot console font - not things we do often.

Overall Paul agrees with this plan of action.

So the next steps I propose are:

  • remove these parameters from OFW
  • do a new OFW release for XO-1.75
  • I'll then update the XO-1.75 kernel branch to remove these parameters from olpc.fth, and put them in CONFIG_CMDLINE. This bug will then be fixed for XO-1.75 for 11.3.0.
  • I'll note on #11214 what needs to be done for XO-1 and XO-1.5 for future releases once new firmwares are built for those laptops, and I'll follow through at a later date.

  Changed 3 years ago by wmb@…

svn 2586 removes the kernel cmdline in secure mode.

  Changed 3 years ago by dsd

  • next_action changed from diagnose to add to build
  • milestone changed from 1.75-firmware to 11.3.0

Fixed in firmware Q4B12 and arm-3.0-wip 85701bccc

  Changed 3 years ago by dsd

  • next_action changed from add to build to test in build

test in 11.3.0 candidate build 882

  Changed 3 years ago by wmb@…

  • owner changed from wmb@… to greenfeld
  • status changed from assigned to new

  Changed 3 years ago by greenfeld

  • status changed from new to closed
  • next_action changed from test in build to no action
  • resolution set to fixed

We seem to properly get console data in both secure and insecure mode on an XO-1.75 in 11.3.0 os883 with Q4C02.

Note: See TracTickets for help on using tickets.