linux/drivers/base/firmware_loader/fallback.c
<<
>>
Prefs 
   1// SPDX-License-Identifier: GPL-2.0
   2
   3#include <linux/types.h>
   4#include <linux/kconfig.h>
   5#include <linux/list.h>
   6#include <linux/slab.h>
   7#include <linux/security.h>
   8#include <linux/highmem.h>
   9#include <linux/umh.h>
  10#include <linux/sysctl.h>
  11#include <linux/vmalloc.h>
  12#include <linux/module.h>
  13
  14#include "fallback.h"
  15#include "firmware.h"
  16
  17/*
  18 * firmware fallback mechanism
  19 */
  20
  21MODULE_IMPORT_NS(FIRMWARE_LOADER_PRIVATE);
  22
  23extern struct firmware_fallback_config fw_fallback_config;
  24
  25/* These getters are vetted to use int properly */
  26static inline int __firmware_loading_timeout(void)
  27{
  28        return fw_fallback_config.loading_timeout;
  29}
  30
  31/* These setters are vetted to use int properly */
  32static void __fw_fallback_set_timeout(int timeout)
  33{
  34        fw_fallback_config.loading_timeout = timeout;
  35}
  36
  37/*
  38 * use small loading timeout for caching devices' firmware because all these
  39 * firmware images have been loaded successfully at lease once, also system is
  40 * ready for completing firmware loading now. The maximum size of firmware in
  41 * current distributions is about 2M bytes, so 10 secs should be enough.
  42 */
  43void fw_fallback_set_cache_timeout(void)
  44{
  45        fw_fallback_config.old_timeout = __firmware_loading_timeout();
  46        __fw_fallback_set_timeout(10);
  47}
  48
  49/* Restores the timeout to the value last configured during normal operation */
  50void fw_fallback_set_default_timeout(void)
  51{
  52        __fw_fallback_set_timeout(fw_fallback_config.old_timeout);
  53}
  54
  55static long firmware_loading_timeout(void)
  56{
  57        return __firmware_loading_timeout() > 0 ?
  58                __firmware_loading_timeout() * HZ : MAX_JIFFY_OFFSET;
  59}
  60
  61static inline bool fw_sysfs_done(struct fw_priv *fw_priv)
  62{
  63        return __fw_state_check(fw_priv, FW_STATUS_DONE);
  64}
  65
  66static inline bool fw_sysfs_loading(struct fw_priv *fw_priv)
  67{
  68        return __fw_state_check(fw_priv, FW_STATUS_LOADING);
  69}
  70
  71static inline int fw_sysfs_wait_timeout(struct fw_priv *fw_priv,  long timeout)
  72{
  73        return __fw_state_wait_common(fw_priv, timeout);
  74}
  75
  76struct fw_sysfs {
  77        bool nowait;
  78        struct device dev;
  79        struct fw_priv *fw_priv;
  80        struct firmware *fw;
  81};
  82
  83static struct fw_sysfs *to_fw_sysfs(struct device *dev)
  84{
  85        return container_of(dev, struct fw_sysfs, dev);
  86}
  87
  88static void __fw_load_abort(struct fw_priv *fw_priv)
  89{
  90        /*
  91         * There is a small window in which user can write to 'loading'
  92         * between loading done/aborted and disappearance of 'loading'
  93         */
  94        if (fw_state_is_aborted(fw_priv) || fw_sysfs_done(fw_priv))
  95                return;
  96
  97        fw_state_aborted(fw_priv);
  98}
  99
 100static void fw_load_abort(struct fw_sysfs *fw_sysfs)
 101{
 102        struct fw_priv *fw_priv = fw_sysfs->fw_priv;
 103
 104        __fw_load_abort(fw_priv);
 105}
 106
 107static LIST_HEAD(pending_fw_head);
 108
 109void kill_pending_fw_fallback_reqs(bool only_kill_custom)
 110{
 111        struct fw_priv *fw_priv;
 112        struct fw_priv *next;
 113
 114        mutex_lock(&fw_lock);
 115        list_for_each_entry_safe(fw_priv, next, &pending_fw_head,
 116                                 pending_list) {
 117                if (!fw_priv->need_uevent || !only_kill_custom)
 118                         __fw_load_abort(fw_priv);
 119        }
 120        mutex_unlock(&fw_lock);
 121}
 122
 123static ssize_t timeout_show(struct class *class, struct class_attribute *attr,
 124                            char *buf)
 125{
 126        return sysfs_emit(buf, "%d\n", __firmware_loading_timeout());
 127}
 128
 129/**
 130 * timeout_store() - set number of seconds to wait for firmware
 131 * @class: device class pointer
 132 * @attr: device attribute pointer
 133 * @buf: buffer to scan for timeout value
 134 * @count: number of bytes in @buf
 135 *
 136 *      Sets the number of seconds to wait for the firmware.  Once
 137 *      this expires an error will be returned to the driver and no
 138 *      firmware will be provided.
 139 *
 140 *      Note: zero means 'wait forever'.
 141 **/
 142static ssize_t timeout_store(struct class *class, struct class_attribute *attr,
 143                             const char *buf, size_t count)
 144{
 145        int tmp_loading_timeout = simple_strtol(buf, NULL, 10);
 146
 147        if (tmp_loading_timeout < 0)
 148                tmp_loading_timeout = 0;
 149
 150        __fw_fallback_set_timeout(tmp_loading_timeout);
 151
 152        return count;
 153}
 154static CLASS_ATTR_RW(timeout);
 155
 156static struct attribute *firmware_class_attrs[] = {
 157        &class_attr_timeout.attr,
 158        NULL,
 159};
 160ATTRIBUTE_GROUPS(firmware_class);
 161
 162static void fw_dev_release(struct device *dev)
 163{
 164        struct fw_sysfs *fw_sysfs = to_fw_sysfs(dev);
 165
 166        kfree(fw_sysfs);
 167}
 168
 169static int do_firmware_uevent(struct fw_sysfs *fw_sysfs, struct kobj_uevent_env *env)
 170{
 171        if (add_uevent_var(env, "FIRMWARE=%s", fw_sysfs->fw_priv->fw_name))
 172                return -ENOMEM;
 173        if (add_uevent_var(env, "TIMEOUT=%i", __firmware_loading_timeout()))
 174                return -ENOMEM;
 175        if (add_uevent_var(env, "ASYNC=%d", fw_sysfs->nowait))
 176                return -ENOMEM;
 177
 178        return 0;
 179}
 180
 181static int firmware_uevent(struct device *dev, struct kobj_uevent_env *env)
 182{
 183        struct fw_sysfs *fw_sysfs = to_fw_sysfs(dev);
 184        int err = 0;
 185
 186        mutex_lock(&fw_lock);
 187        if (fw_sysfs->fw_priv)
 188                err = do_firmware_uevent(fw_sysfs, env);
 189        mutex_unlock(&fw_lock);
 190        return err;
 191}
 192
 193static struct class firmware_class = {
 194        .name           = "firmware",
 195        .class_groups   = firmware_class_groups,
 196        .dev_uevent     = firmware_uevent,
 197        .dev_release    = fw_dev_release,
 198};
 199
 200int register_sysfs_loader(void)
 201{
 202        return class_register(&firmware_class);
 203}
 204
 205void unregister_sysfs_loader(void)
 206{
 207        class_unregister(&firmware_class);
 208}
 209
 210static ssize_t firmware_loading_show(struct device *dev,
 211                                     struct device_attribute *attr, char *buf)
 212{
 213        struct fw_sysfs *fw_sysfs = to_fw_sysfs(dev);
 214        int loading = 0;
 215
 216        mutex_lock(&fw_lock);
 217        if (fw_sysfs->fw_priv)
 218                loading = fw_sysfs_loading(fw_sysfs->fw_priv);
 219        mutex_unlock(&fw_lock);
 220
 221        return sysfs_emit(buf, "%d\n", loading);
 222}
 223
 224/**
 225 * firmware_loading_store() - set value in the 'loading' control file
 226 * @dev: device pointer
 227 * @attr: device attribute pointer
 228 * @buf: buffer to scan for loading control value
 229 * @count: number of bytes in @buf
 230 *
 231 *      The relevant values are:
 232 *
 233 *       1: Start a load, discarding any previous partial load.
 234 *       0: Conclude the load and hand the data to the driver code.
 235 *      -1: Conclude the load with an error and discard any written data.
 236 **/
 237static ssize_t firmware_loading_store(struct device *dev,
 238                                      struct device_attribute *attr,
 239                                      const char *buf, size_t count)
 240{
 241        struct fw_sysfs *fw_sysfs = to_fw_sysfs(dev);
 242        struct fw_priv *fw_priv;
 243        ssize_t written = count;
 244        int loading = simple_strtol(buf, NULL, 10);
 245
 246        mutex_lock(&fw_lock);
 247        fw_priv = fw_sysfs->fw_priv;
 248        if (fw_state_is_aborted(fw_priv))
 249                goto out;
 250
 251        switch (loading) {
 252        case 1:
 253                /* discarding any previous partial load */
 254                if (!fw_sysfs_done(fw_priv)) {
 255                        fw_free_paged_buf(fw_priv);
 256                        fw_state_start(fw_priv);
 257                }
 258                break;
 259        case 0:
 260                if (fw_sysfs_loading(fw_priv)) {
 261                        int rc;
 262
 263                        /*
 264                         * Several loading requests may be pending on
 265                         * one same firmware buf, so let all requests
 266                         * see the mapped 'buf->data' once the loading
 267                         * is completed.
 268                         * */
 269                        rc = fw_map_paged_buf(fw_priv);
 270                        if (rc)
 271                                dev_err(dev, "%s: map pages failed\n",
 272                                        __func__);
 273                        else
 274                                rc = security_kernel_post_load_data(fw_priv->data,
 275                                                fw_priv->size,
 276                                                LOADING_FIRMWARE, "blob");
 277
 278                        /*
 279                         * Same logic as fw_load_abort, only the DONE bit
 280                         * is ignored and we set ABORT only on failure.
 281                         */
 282                        if (rc) {
 283                                fw_state_aborted(fw_priv);
 284                                written = rc;
 285                        } else {
 286                                fw_state_done(fw_priv);
 287                        }
 288                        break;
 289                }
 290                fallthrough;
 291        default:
 292                dev_err(dev, "%s: unexpected value (%d)\n", __func__, loading);
 293                fallthrough;
 294        case -1:
 295                fw_load_abort(fw_sysfs);
 296                break;
 297        }
 298out:
 299        mutex_unlock(&fw_lock);
 300        return written;
 301}
 302
 303static DEVICE_ATTR(loading, 0644, firmware_loading_show, firmware_loading_store);
 304
 305static void firmware_rw_data(struct fw_priv *fw_priv, char *buffer,
 306                           loff_t offset, size_t count, bool read)
 307{
 308        if (read)
 309                memcpy(buffer, fw_priv->data + offset, count);
 310        else
 311                memcpy(fw_priv->data + offset, buffer, count);
 312}
 313
 314static void firmware_rw(struct fw_priv *fw_priv, char *buffer,
 315                        loff_t offset, size_t count, bool read)
 316{
 317        while (count) {
 318                void *page_data;
 319                int page_nr = offset >> PAGE_SHIFT;
 320                int page_ofs = offset & (PAGE_SIZE-1);
 321                int page_cnt = min_t(size_t, PAGE_SIZE - page_ofs, count);
 322
 323                page_data = kmap(fw_priv->pages[page_nr]);
 324
 325                if (read)
 326                        memcpy(buffer, page_data + page_ofs, page_cnt);
 327                else
 328                        memcpy(page_data + page_ofs, buffer, page_cnt);
 329
 330                kunmap(fw_priv->pages[page_nr]);
 331                buffer += page_cnt;
 332                offset += page_cnt;
 333                count -= page_cnt;
 334        }
 335}
 336
 337static ssize_t firmware_data_read(struct file *filp, struct kobject *kobj,
 338                                  struct bin_attribute *bin_attr,
 339                                  char *buffer, loff_t offset, size_t count)
 340{
 341        struct device *dev = kobj_to_dev(kobj);
 342        struct fw_sysfs *fw_sysfs = to_fw_sysfs(dev);
 343        struct fw_priv *fw_priv;
 344        ssize_t ret_count;
 345
 346        mutex_lock(&fw_lock);
 347        fw_priv = fw_sysfs->fw_priv;
 348        if (!fw_priv || fw_sysfs_done(fw_priv)) {
 349                ret_count = -ENODEV;
 350                goto out;
 351        }
 352        if (offset > fw_priv->size) {
 353                ret_count = 0;
 354                goto out;
 355        }
 356        if (count > fw_priv->size - offset)
 357                count = fw_priv->size - offset;
 358
 359        ret_count = count;
 360
 361        if (fw_priv->data)
 362                firmware_rw_data(fw_priv, buffer, offset, count, true);
 363        else
 364                firmware_rw(fw_priv, buffer, offset, count, true);
 365
 366out:
 367        mutex_unlock(&fw_lock);
 368        return ret_count;
 369}
 370
 371static int fw_realloc_pages(struct fw_sysfs *fw_sysfs, int min_size)
 372{
 373        int err;
 374
 375        err = fw_grow_paged_buf(fw_sysfs->fw_priv,
 376                                PAGE_ALIGN(min_size) >> PAGE_SHIFT);
 377        if (err)
 378                fw_load_abort(fw_sysfs);
 379        return err;
 380}
 381
 382/**
 383 * firmware_data_write() - write method for firmware
 384 * @filp: open sysfs file
 385 * @kobj: kobject for the device
 386 * @bin_attr: bin_attr structure
 387 * @buffer: buffer being written
 388 * @offset: buffer offset for write in total data store area
 389 * @count: buffer size
 390 *
 391 *      Data written to the 'data' attribute will be later handed to
 392 *      the driver as a firmware image.
 393 **/
 394static ssize_t firmware_data_write(struct file *filp, struct kobject *kobj,
 395                                   struct bin_attribute *bin_attr,
 396                                   char *buffer, loff_t offset, size_t count)
 397{
 398        struct device *dev = kobj_to_dev(kobj);
 399        struct fw_sysfs *fw_sysfs = to_fw_sysfs(dev);
 400        struct fw_priv *fw_priv;
 401        ssize_t retval;
 402
 403        if (!capable(CAP_SYS_RAWIO))
 404                return -EPERM;
 405
 406        mutex_lock(&fw_lock);
 407        fw_priv = fw_sysfs->fw_priv;
 408        if (!fw_priv || fw_sysfs_done(fw_priv)) {
 409                retval = -ENODEV;
 410                goto out;
 411        }
 412
 413        if (fw_priv->data) {
 414                if (offset + count > fw_priv->allocated_size) {
 415                        retval = -ENOMEM;
 416                        goto out;
 417                }
 418                firmware_rw_data(fw_priv, buffer, offset, count, false);
 419                retval = count;
 420        } else {
 421                retval = fw_realloc_pages(fw_sysfs, offset + count);
 422                if (retval)
 423                        goto out;
 424
 425                retval = count;
 426                firmware_rw(fw_priv, buffer, offset, count, false);
 427        }
 428
 429        fw_priv->size = max_t(size_t, offset + count, fw_priv->size);
 430out:
 431        mutex_unlock(&fw_lock);
 432        return retval;
 433}
 434
 435static struct bin_attribute firmware_attr_data = {
 436        .attr = { .name = "data", .mode = 0644 },
 437        .size = 0,
 438        .read = firmware_data_read,
 439        .write = firmware_data_write,
 440};
 441
 442static struct attribute *fw_dev_attrs[] = {
 443        &dev_attr_loading.attr,
 444        NULL
 445};
 446
 447static struct bin_attribute *fw_dev_bin_attrs[] = {
 448        &firmware_attr_data,
 449        NULL
 450};
 451
 452static const struct attribute_group fw_dev_attr_group = {
 453        .attrs = fw_dev_attrs,
 454        .bin_attrs = fw_dev_bin_attrs,
 455};
 456
 457static const struct attribute_group *fw_dev_attr_groups[] = {
 458        &fw_dev_attr_group,
 459        NULL
 460};
 461
 462static struct fw_sysfs *
 463fw_create_instance(struct firmware *firmware, const char *fw_name,
 464                   struct device *device, u32 opt_flags)
 465{
 466        struct fw_sysfs *fw_sysfs;
 467        struct device *f_dev;
 468
 469        fw_sysfs = kzalloc(sizeof(*fw_sysfs), GFP_KERNEL);
 470        if (!fw_sysfs) {
 471                fw_sysfs = ERR_PTR(-ENOMEM);
 472                goto exit;
 473        }
 474
 475        fw_sysfs->nowait = !!(opt_flags & FW_OPT_NOWAIT);
 476        fw_sysfs->fw = firmware;
 477        f_dev = &fw_sysfs->dev;
 478
 479        device_initialize(f_dev);
 480        dev_set_name(f_dev, "%s", fw_name);
 481        f_dev->parent = device;
 482        f_dev->class = &firmware_class;
 483        f_dev->groups = fw_dev_attr_groups;
 484exit:
 485        return fw_sysfs;
 486}
 487
 488/**
 489 * fw_load_sysfs_fallback() - load a firmware via the sysfs fallback mechanism
 490 * @fw_sysfs: firmware sysfs information for the firmware to load
 491 * @timeout: timeout to wait for the load
 492 *
 493 * In charge of constructing a sysfs fallback interface for firmware loading.
 494 **/
 495static int fw_load_sysfs_fallback(struct fw_sysfs *fw_sysfs, long timeout)
 496{
 497        int retval = 0;
 498        struct device *f_dev = &fw_sysfs->dev;
 499        struct fw_priv *fw_priv = fw_sysfs->fw_priv;
 500
 501        /* fall back on userspace loading */
 502        if (!fw_priv->data)
 503                fw_priv->is_paged_buf = true;
 504
 505        dev_set_uevent_suppress(f_dev, true);
 506
 507        retval = device_add(f_dev);
 508        if (retval) {
 509                dev_err(f_dev, "%s: device_register failed\n", __func__);
 510                goto err_put_dev;
 511        }
 512
 513        mutex_lock(&fw_lock);
 514        if (fw_state_is_aborted(fw_priv)) {
 515                mutex_unlock(&fw_lock);
 516                retval = -EINTR;
 517                goto out;
 518        }
 519        list_add(&fw_priv->pending_list, &pending_fw_head);
 520        mutex_unlock(&fw_lock);
 521
 522        if (fw_priv->opt_flags & FW_OPT_UEVENT) {
 523                fw_priv->need_uevent = true;
 524                dev_set_uevent_suppress(f_dev, false);
 525                dev_dbg(f_dev, "firmware: requesting %s\n", fw_priv->fw_name);
 526                kobject_uevent(&fw_sysfs->dev.kobj, KOBJ_ADD);
 527        } else {
 528                timeout = MAX_JIFFY_OFFSET;
 529        }
 530
 531        retval = fw_sysfs_wait_timeout(fw_priv, timeout);
 532        if (retval < 0 && retval != -ENOENT) {
 533                mutex_lock(&fw_lock);
 534                fw_load_abort(fw_sysfs);
 535                mutex_unlock(&fw_lock);
 536        }
 537
 538        if (fw_state_is_aborted(fw_priv)) {
 539                if (retval == -ERESTARTSYS)
 540                        retval = -EINTR;
 541        } else if (fw_priv->is_paged_buf && !fw_priv->data)
 542                retval = -ENOMEM;
 543
 544out:
 545        device_del(f_dev);
 546err_put_dev:
 547        put_device(f_dev);
 548        return retval;
 549}
 550
 551static int fw_load_from_user_helper(struct firmware *firmware,
 552                                    const char *name, struct device *device,
 553                                    u32 opt_flags)
 554{
 555        struct fw_sysfs *fw_sysfs;
 556        long timeout;
 557        int ret;
 558
 559        timeout = firmware_loading_timeout();
 560        if (opt_flags & FW_OPT_NOWAIT) {
 561                timeout = usermodehelper_read_lock_wait(timeout);
 562                if (!timeout) {
 563                        dev_dbg(device, "firmware: %s loading timed out\n",
 564                                name);
 565                        return -EBUSY;
 566                }
 567        } else {
 568                ret = usermodehelper_read_trylock();
 569                if (WARN_ON(ret)) {
 570                        dev_err(device, "firmware: %s will not be loaded\n",
 571                                name);
 572                        return ret;
 573                }
 574        }
 575
 576        fw_sysfs = fw_create_instance(firmware, name, device, opt_flags);
 577        if (IS_ERR(fw_sysfs)) {
 578                ret = PTR_ERR(fw_sysfs);
 579                goto out_unlock;
 580        }
 581
 582        fw_sysfs->fw_priv = firmware->priv;
 583        ret = fw_load_sysfs_fallback(fw_sysfs, timeout);
 584
 585        if (!ret)
 586                ret = assign_fw(firmware, device);
 587
 588out_unlock:
 589        usermodehelper_read_unlock();
 590
 591        return ret;
 592}
 593
 594static bool fw_force_sysfs_fallback(u32 opt_flags)
 595{
 596        if (fw_fallback_config.force_sysfs_fallback)
 597                return true;
 598        if (!(opt_flags & FW_OPT_USERHELPER))
 599                return false;
 600        return true;
 601}
 602
 603static bool fw_run_sysfs_fallback(u32 opt_flags)
 604{
 605        int ret;
 606
 607        if (fw_fallback_config.ignore_sysfs_fallback) {
 608                pr_info_once("Ignoring firmware sysfs fallback due to sysctl knob\n");
 609                return false;
 610        }
 611
 612        if ((opt_flags & FW_OPT_NOFALLBACK_SYSFS))
 613                return false;
 614
 615        /* Also permit LSMs and IMA to fail firmware sysfs fallback */
 616        ret = security_kernel_load_data(LOADING_FIRMWARE, true);
 617        if (ret < 0)
 618                return false;
 619
 620        return fw_force_sysfs_fallback(opt_flags);
 621}
 622
 623/**
 624 * firmware_fallback_sysfs() - use the fallback mechanism to find firmware
 625 * @fw: pointer to firmware image
 626 * @name: name of firmware file to look for
 627 * @device: device for which firmware is being loaded
 628 * @opt_flags: options to control firmware loading behaviour, as defined by
 629 *             &enum fw_opt
 630 * @ret: return value from direct lookup which triggered the fallback mechanism
 631 *
 632 * This function is called if direct lookup for the firmware failed, it enables
 633 * a fallback mechanism through userspace by exposing a sysfs loading
 634 * interface. Userspace is in charge of loading the firmware through the sysfs
 635 * loading interface. This sysfs fallback mechanism may be disabled completely
 636 * on a system by setting the proc sysctl value ignore_sysfs_fallback to true.
 637 * If this is false we check if the internal API caller set the
 638 * @FW_OPT_NOFALLBACK_SYSFS flag, if so it would also disable the fallback
 639 * mechanism. A system may want to enforce the sysfs fallback mechanism at all
 640 * times, it can do this by setting ignore_sysfs_fallback to false and
 641 * force_sysfs_fallback to true.
 642 * Enabling force_sysfs_fallback is functionally equivalent to build a kernel
 643 * with CONFIG_FW_LOADER_USER_HELPER_FALLBACK.
 644 **/
 645int firmware_fallback_sysfs(struct firmware *fw, const char *name,
 646                            struct device *device,
 647                            u32 opt_flags,
 648                            int ret)
 649{
 650        if (!fw_run_sysfs_fallback(opt_flags))
 651                return ret;
 652
 653        if (!(opt_flags & FW_OPT_NO_WARN))
 654                dev_warn(device, "Falling back to sysfs fallback for: %s\n",
 655                                 name);
 656        else
 657                dev_dbg(device, "Falling back to sysfs fallback for: %s\n",
 658                                name);
 659        return fw_load_from_user_helper(fw, name, device, opt_flags);
 660}
 661
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.