When running qemu with edk2 efi firmware on aarch64 the efi
variable store in pflash can get corrupted.  qemu not doing
proper block writes -- flush all or nothing to storage -- is
a hot candidate for being the root cause.

This little series tries to fix that with an update buffer
where block writes are staged, so we can commit or discard
the changes when the block write is completed or canceled.

v2:
 - add patch to use ldn_{be,le}_p and stn_{be,le}_p
 - add/update tracing

Gerd Hoffmann (3):
  hw/pflash: refactor pflash_data_write()
  hw/pflash: use ldn_{be,le}_p and stn_{be,le}_p
  hw/pflash: implement update buffer for block writes

 hw/block/pflash_cfi01.c | 171 +++++++++++++++++++++-------------------
 hw/block/pflash_cfi02.c |   2 +-
 hw/block/trace-events   |   7 +-
 3 files changed, 97 insertions(+), 83 deletions(-)

-- 
2.43.0

08.01.2024 19:08, Gerd Hoffmann:
> When running qemu with edk2 efi firmware on aarch64 the efi
> variable store in pflash can get corrupted.  qemu not doing
> proper block writes -- flush all or nothing to storage -- is
> a hot candidate for being the root cause.
> 
> This little series tries to fix that with an update buffer
> where block writes are staged, so we can commit or discard
> the changes when the block write is completed or canceled.

It looks like we can pick this up for stable too.  It's not
usual to pick up new features for stable, but this one fixes
actual bug and if not applied, can easily lead to data corruption.

I'd pick it up for 8.2.x and 8.1.x at least.

Thoughts?

Thanks,

/mjt

On Sat, Jan 20, 2024 at 01:18:14PM +0300, Michael Tokarev wrote:
> 08.01.2024 19:08, Gerd Hoffmann:
> > When running qemu with edk2 efi firmware on aarch64 the efi
> > variable store in pflash can get corrupted.  qemu not doing
> > proper block writes -- flush all or nothing to storage -- is
> > a hot candidate for being the root cause.
> > 
> > This little series tries to fix that with an update buffer
> > where block writes are staged, so we can commit or discard
> > the changes when the block write is completed or canceled.
> 
> It looks like we can pick this up for stable too.  It's not
> usual to pick up new features for stable, but this one fixes
> actual bug and if not applied, can easily lead to data corruption.
> 
> I'd pick it up for 8.2.x and 8.1.x at least.

Well, it turned out there was a edk2 bug causing flash corruption.
While debugging edk2 I was using a qemu build with fixed pflash.

So on one hand I don't know for sure whenever the incorrect block
flash emulation /alone/ can cause pflash corruption too.

On the other hand the edk2 debugging session also was a stress
test for the pflash fix, so I'm pretty confident it works
correctly.

I think it makes sense to include it.

take care,
  Gerd

On 8/1/24 17:08, Gerd Hoffmann wrote:

> Gerd Hoffmann (3):
>    hw/pflash: refactor pflash_data_write()
>    hw/pflash: use ldn_{be,le}_p and stn_{be,le}_p
>    hw/pflash: implement update buffer for block writes

Series:

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>

and queued, thanks!