Last active
September 18, 2020 11:21
-
-
Save lucab/1a75bd6e8e6eb069874333410dca5b43 to your computer and use it in GitHub Desktop.
1877995 quickfixes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From 700abbf35b5848fea0364778145d9b70c6d9aa95 Mon Sep 17 00:00:00 2001 | |
From: Luca BRUNO <luca.bruno@coreos.com> | |
Date: Thu, 17 Sep 2020 16:09:51 +0000 | |
Subject: [PATCH] vendor/vmw_backdoor: quickfix to skip performing iopl | |
This is a quickfix to avoid performing an `iopl`, which is blocked by | |
kernel_lockdown under SecureBoot. | |
Refs: | |
* https://bugzilla.redhat.com/show_bug.cgi?id=1877995 | |
* https://github.com/lucab/vmw_backdoor-rs/issues/6 | |
* https://github.com/coreos/ignition/issues/1092 | |
--- | |
vendor/vmw_backdoor/.cargo-checksum.json | 2 +- | |
vendor/vmw_backdoor/src/backdoor.rs | 5 ++++- | |
2 files changed, 5 insertions(+), 2 deletions(-) | |
diff --git a/vendor/vmw_backdoor/.cargo-checksum.json b/vendor/vmw_backdoor/.cargo-checksum.json | |
index 8ad2ae7..8b84aa7 100644 | |
--- a/vendor/vmw_backdoor/.cargo-checksum.json | |
+++ b/vendor/vmw_backdoor/.cargo-checksum.json | |
@@ -1 +1 @@ | |
-{"files":{"COPYRIGHT":"2ff7da7108334444f5766cd065d0ee5b12fa7f6c1633446b53eb3ef4dbab65ae","Cargo.lock":"3dd6e01ab9290fb30a8d5dfd1920aca0e8d1a472b250d49cca68657c76526753","Cargo.toml":"bbee31b1bd137783ee5d2b7407cc13cc597053e487521b9ad3fbde67cf1d461f","LICENSE-APACHE-2.0":"cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30","LICENSE-MIT":"cb5aedb296c5246d1f22e9099f925a65146f9f0d6b4eebba97fd27a6cdbbab2d","README.md":"3515627e9358d043127d1657b090b10786c21225cfec90b66b55df0768384ee7","build.rs":"e1602b93c1979c11cf8b44452639ba0851c7f1d4550c9c583bbcaec223443608","examples/check-backdoor.rs":"5c350a3fdf4d600c9a806261a6a15c3349dc665fc9c93cf6e0971217b95a69c0","examples/get-guestinfo.rs":"adf5ee55ee617dad41d5892de11f92020468e5ccf29bbe8a770d629fbbaf5b51","examples/log.rs":"a6633e1f920680a1ca83fb7b09fca5db4734e41ac85e0f1b05edf89c3d6fad83","examples/report-agent.rs":"293f0144b302bdc3ab59b387bc9ab8ba3858dd1a068b8fd1636f3adaac8c5037","src/asm/mod.rs":"e0c313723042b3564a13e5f2e7c274b587a85b56c58cba99073012aa68ddb12b","src/asm/x86_64-linux.s":"01635098b699002f9f6f8a952cfbdaf13f91f7583a3ae79f298c45e9b4683f5e","src/backdoor.rs":"a714c7c6706cde95bba50bf36cd257763352e3be55895976b859105c7be06690","src/erpc.rs":"324c72a15b4a50c5320c0bf6fb9e6d41dc2083fdb8a440cfc50e663e9fe6ad2d","src/error.rs":"cb3fd4763b60db8cbeda4c9abc0754a947258da5e5ed8d72fddc6b63d6c179ab","src/lib.rs":"35e1400c2b2d6e0e695ee15327a6f2057cd9e57623a514a0912fabcd35f6290c","src/low_bw.rs":"77e8586255483a5305aaaa12d325e586e890f78bc07647d5fce744dc7b2dd78a"},"package":"62a285ffd5ddbf0d4fb5f5d581498b4340678ca82d41da2e3678600591c0583e"} | |
\ No newline at end of file | |
+{"files":{"COPYRIGHT":"2ff7da7108334444f5766cd065d0ee5b12fa7f6c1633446b53eb3ef4dbab65ae","Cargo.lock":"3dd6e01ab9290fb30a8d5dfd1920aca0e8d1a472b250d49cca68657c76526753","Cargo.toml":"bbee31b1bd137783ee5d2b7407cc13cc597053e487521b9ad3fbde67cf1d461f","LICENSE-APACHE-2.0":"cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30","LICENSE-MIT":"cb5aedb296c5246d1f22e9099f925a65146f9f0d6b4eebba97fd27a6cdbbab2d","README.md":"3515627e9358d043127d1657b090b10786c21225cfec90b66b55df0768384ee7","build.rs":"e1602b93c1979c11cf8b44452639ba0851c7f1d4550c9c583bbcaec223443608","examples/check-backdoor.rs":"5c350a3fdf4d600c9a806261a6a15c3349dc665fc9c93cf6e0971217b95a69c0","examples/get-guestinfo.rs":"adf5ee55ee617dad41d5892de11f92020468e5ccf29bbe8a770d629fbbaf5b51","examples/log.rs":"a6633e1f920680a1ca83fb7b09fca5db4734e41ac85e0f1b05edf89c3d6fad83","examples/report-agent.rs":"293f0144b302bdc3ab59b387bc9ab8ba3858dd1a068b8fd1636f3adaac8c5037","src/asm/mod.rs":"e0c313723042b3564a13e5f2e7c274b587a85b56c58cba99073012aa68ddb12b","src/asm/x86_64-linux.s":"01635098b699002f9f6f8a952cfbdaf13f91f7583a3ae79f298c45e9b4683f5e","src/backdoor.rs":"84095ad3a42418d4ca18b38c7240ed9dfc2cf2b86fb80cfcd6ebe6f4220aec85","src/erpc.rs":"324c72a15b4a50c5320c0bf6fb9e6d41dc2083fdb8a440cfc50e663e9fe6ad2d","src/error.rs":"cb3fd4763b60db8cbeda4c9abc0754a947258da5e5ed8d72fddc6b63d6c179ab","src/lib.rs":"35e1400c2b2d6e0e695ee15327a6f2057cd9e57623a514a0912fabcd35f6290c","src/low_bw.rs":"77e8586255483a5305aaaa12d325e586e890f78bc07647d5fce744dc7b2dd78a"},"package":"62a285ffd5ddbf0d4fb5f5d581498b4340678ca82d41da2e3678600591c0583e"} | |
diff --git a/vendor/vmw_backdoor/src/backdoor.rs b/vendor/vmw_backdoor/src/backdoor.rs | |
index d84bbbc..030d468 100644 | |
--- a/vendor/vmw_backdoor/src/backdoor.rs | |
+++ b/vendor/vmw_backdoor/src/backdoor.rs | |
@@ -69,7 +69,9 @@ impl BackdoorGuard { | |
EnhancedChan::open(self) | |
} | |
- pub(crate) fn change_io_access(acquire: bool) -> Result<(), VmwError> { | |
+ pub(crate) fn change_io_access(_acquire: bool) -> Result<(), VmwError> { | |
+ // XXX(lucab): quickfix for https://github.com/lucab/vmw_backdoor-rs/issues/6. | |
+ /* | |
// NOTE(lucab): `ioperm()` is not enough here, as the backdoor | |
// protocol uses a dynamic range of I/O ports. | |
let level = if acquire { 0b11 } else { 0b00 }; | |
@@ -77,6 +79,7 @@ impl BackdoorGuard { | |
if err != 0 { | |
return Err(format!("iopl failed, errno={}", err).into()); | |
}; | |
+ */ | |
Ok(()) | |
} | |
-- | |
2.27.0 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From 069ab246129be6860aed3389c526543afa87e712 Mon Sep 17 00:00:00 2001 | |
From: Luca BRUNO <luca.bruno@coreos.com> | |
Date: Thu, 17 Sep 2020 16:07:59 +0000 | |
Subject: [PATCH] vendor/vmw-guestinfo: quickfix to skip performing iopl | |
This is a quickfix to avoid performing an `iopl`, which is blocked by | |
kernel_lockdown under SecureBoot. | |
Refs: | |
* https://bugzilla.redhat.com/show_bug.cgi?id=1877995 | |
* https://github.com/lucab/vmw_backdoor-rs/issues/6 | |
* https://github.com/coreos/ignition/issues/1092 | |
--- | |
.../vmware/vmw-guestinfo/vmcheck/vmcheck.go | 11 +++++++---- | |
1 file changed, 7 insertions(+), 4 deletions(-) | |
diff --git a/vendor/github.com/vmware/vmw-guestinfo/vmcheck/vmcheck.go b/vendor/github.com/vmware/vmw-guestinfo/vmcheck/vmcheck.go | |
index c46cc5e4..9e974aee 100644 | |
--- a/vendor/github.com/vmware/vmw-guestinfo/vmcheck/vmcheck.go | |
+++ b/vendor/github.com/vmware/vmw-guestinfo/vmcheck/vmcheck.go | |
@@ -41,10 +41,13 @@ func IsVirtualWorld() (bool, error) { | |
// hypervisorPortCheck tests the availability of the HV port. | |
func hypervisorPortCheck() (bool, error) { | |
- // Privilege level 3 to access all ports above 0x3ff | |
- if err := openPortsAccess(); err != nil { | |
- return false, err | |
- } | |
+ // XXX(lucab): quickfix for https://github.com/coreos/ignition/issues/1092. | |
+ /* | |
+ // Privilege level 3 to access all ports above 0x3ff | |
+ if err := openPortsAccess(); err != nil { | |
+ return false, err | |
+ } | |
+ */ | |
p := &bdoor.BackdoorProto{} | |
-- | |
2.27.0 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# grep -o ignition.platform.id='[[:alnum:]]*' /proc/cmdline | |
ignition.platform.id=vmware | |
# mokutil --sb-state | |
SecureBoot enabled | |
# mkdir -p /etc/cmdline.d | |
# /usr/local/bin/afterburn exp rd-network-kargs --default-value 'dhcp,dhcp6' --cmdline | |
# find /etc/cmdline.d/ -type f -print -exec cat {} \; | |
/etc/cmdline.d/50-afterburn-network-kargs.conf | |
custom-check-for-1877995 | |
# /usr/local/bin/ignition --stage fetch-offline --clear-cache --log-to-stdout --platform vmware | |
INFO : Ignition v2.6.0-1-g069ab246 | |
INFO : Stage: fetch-offline | |
ERROR : unable to clear cache: remove /run/ignition.json: no such file or directory | |
INFO : reading system config file "/usr/lib/ignition/base.ign" | |
INFO : no config at "/usr/lib/ignition/base.ign" | |
DEBUG : parsed url from cmdline: "" | |
INFO : no config URL provided | |
INFO : reading system config file "/usr/lib/ignition/user.ign" | |
INFO : no config at "/usr/lib/ignition/user.ign" | |
DEBUG : using OVF environment from guestinfo | |
DEBUG : config successfully fetched | |
DEBUG : parsing config with SHA512: a2e44f9fab7e4b1e8b56ab74b35b5f2ef354de4eb40fe2bc4c22e818c37c46f5ad699b1e2d0c8d1d757d04eb08287bbcd75eecd3506a084d7e70323d936a2b39 | |
INFO : fetch-offline: fetch-offline passed | |
INFO : Ignition finished successfully |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment