From: Bjorn Andersson <bjorn.andersson@linaro.org>
To: "Luis R. Rodriguez" <mcgrof@kernel.org>
Cc: Martijn Coenen <maco@android.com>,
Andy Gross <andy.gross@linaro.org>,
David Brown <david.brown@linaro.org>,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
Stephen Boyd <sboyd@kernel.org>,
Vikram Mulukutla <markivx@codeaurora.org>,
Arve Hj?nnev?g <arve@android.com>, Todd Kjos <tkjos@android.com>,
Andrew Morton <akpm@linux-foundation.org>,
linux-security-module@vger.kernel.org,
Chris Wright <chrisw@sous-sol.org>,
David Howells <dhowells@redhat.com>,
Alan Cox <alan@linux.intel.com>,
Kees Cook <keescook@chromium.org>,
Hans de Goede <hdegoede@redhat.com>,
Darren Hart <dvhart@infradead.org>,
Andy Shevchenko <andy@infradead.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Thomas Gleixner <tglx@linut>
Subject: Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support
Date: Thu, 7 Jun 2018 09:49:50 -0700 [thread overview]
Message-ID: <20180607164950.GP510@tuxbook-pro> (raw)
In-Reply-To: <20180508161037.GE27853@wotan.suse.de>
On Tue 08 May 09:10 PDT 2018, Luis R. Rodriguez wrote:
> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > > On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
[..]
> > > 2) Most of those paths are not mounted by the time the corresponding
> > > drivers are loaded, because pretty much all Android kernels today are
> > > built without module support, and therefore drivers are loaded well
> > > before the firmware partition is mounted
>
> I've given this some more thought and you can address this with initramfs,
> this is how other Linux distributions are addressing this. One way to
> address this automatically is to scrape the drivers built-in or needed early on
> boot in initamfs and if the driver has a MODULE_FIRMWARE() its respective
> firmware is added to initramfs as well.
>
That could be done, but it would not change the fact that the
/sys/class/firmware is ABI and you may not break it.
And it doesn't change the fact that the ramdisk would have to be over
100mb to facilitate this.
> If you *don't* use initramfs, then yes you can obviously run into issues
> where your firmware may not be accessible if the driver is somehow loaded
> early.
>
This is still a problem that lacks a solution.
> > > 3) I think we use _FALLBACK because doing this with uevents is just
> > > the easiest thing to do; our init code has a firmware helper that
> > > deals with this and searches the paths that we care about
> > >
> > > 2) will change at some point, because Android is moving towards a
> > > model where device-specific peripheral drivers will be loaded as
> > > modules, and since those modules would likely come from the same
> > > partition as the firmware, it's possible that the direct load would
> > > succeed (depending on whether the custom path is configured there or
> > > not). But I don't think we can rely on the direct loader even in those
> > > cases, unless we could configure it with multiple custom paths.
>
> Using initramfs will help, but because of the custom path needs -- you're
> right, we don't have anything for that yet, its also a bit unclear if
> something nice and clean can be drawn up for it. So perhaps dealing with
> the fallback mechanism is the way to go for this for sure, since we already
> have support for it.
>
> Just keep in mind that the fallback mechanism costs you about ~13436 bytes.
>
Remember that putting the firmware in the ramdisk would cost about
10000x (yes, ten thousand times) more ram.
> So, if someone comes up with a clean interface for custom paths I'd love
> to consider it to avoid those 13436 bytes.
>
Combined with a way of synchronizing this with the availability of the
firmware, this would be a nice thing!
Regards,
Bjorn
WARNING: multiple messages have this Message-ID (diff)
From: bjorn.andersson@linaro.org (Bjorn Andersson)
To: linux-security-module@vger.kernel.org
Subject: [PATCH v3 2/5] efi: Add embedded peripheral firmware support
Date: Thu, 7 Jun 2018 09:49:50 -0700 [thread overview]
Message-ID: <20180607164950.GP510@tuxbook-pro> (raw)
In-Reply-To: <20180508161037.GE27853@wotan.suse.de>
On Tue 08 May 09:10 PDT 2018, Luis R. Rodriguez wrote:
> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > > On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
[..]
> > > 2) Most of those paths are not mounted by the time the corresponding
> > > drivers are loaded, because pretty much all Android kernels today are
> > > built without module support, and therefore drivers are loaded well
> > > before the firmware partition is mounted
>
> I've given this some more thought and you can address this with initramfs,
> this is how other Linux distributions are addressing this. One way to
> address this automatically is to scrape the drivers built-in or needed early on
> boot in initamfs and if the driver has a MODULE_FIRMWARE() its respective
> firmware is added to initramfs as well.
>
That could be done, but it would not change the fact that the
/sys/class/firmware is ABI and you may not break it.
And it doesn't change the fact that the ramdisk would have to be over
100mb to facilitate this.
> If you *don't* use initramfs, then yes you can obviously run into issues
> where your firmware may not be accessible if the driver is somehow loaded
> early.
>
This is still a problem that lacks a solution.
> > > 3) I think we use _FALLBACK because doing this with uevents is just
> > > the easiest thing to do; our init code has a firmware helper that
> > > deals with this and searches the paths that we care about
> > >
> > > 2) will change at some point, because Android is moving towards a
> > > model where device-specific peripheral drivers will be loaded as
> > > modules, and since those modules would likely come from the same
> > > partition as the firmware, it's possible that the direct load would
> > > succeed (depending on whether the custom path is configured there or
> > > not). But I don't think we can rely on the direct loader even in those
> > > cases, unless we could configure it with multiple custom paths.
>
> Using initramfs will help, but because of the custom path needs -- you're
> right, we don't have anything for that yet, its also a bit unclear if
> something nice and clean can be drawn up for it. So perhaps dealing with
> the fallback mechanism is the way to go for this for sure, since we already
> have support for it.
>
> Just keep in mind that the fallback mechanism costs you about ~13436 bytes.
>
Remember that putting the firmware in the ramdisk would cost about
10000x (yes, ten thousand times) more ram.
> So, if someone comes up with a clean interface for custom paths I'd love
> to consider it to avoid those 13436 bytes.
>
Combined with a way of synchronizing this with the availability of the
firmware, this would be a nice thing!
Regards,
Bjorn
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: Bjorn Andersson <bjorn.andersson@linaro.org>
To: "Luis R. Rodriguez" <mcgrof@kernel.org>
Cc: Martijn Coenen <maco@android.com>,
Andy Gross <andy.gross@linaro.org>,
David Brown <david.brown@linaro.org>,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
Stephen Boyd <sboyd@kernel.org>,
Vikram Mulukutla <markivx@codeaurora.org>,
Arve Hj?nnev?g <arve@android.com>, Todd Kjos <tkjos@android.com>,
Andrew Morton <akpm@linux-foundation.org>,
linux-security-module@vger.kernel.org,
Chris Wright <chrisw@sous-sol.org>,
David Howells <dhowells@redhat.com>,
Alan Cox <alan@linux.intel.com>,
Kees Cook <keescook@chromium.org>,
Hans de Goede <hdegoede@redhat.com>,
Darren Hart <dvhart@infradead.org>,
Andy Shevchenko <andy@infradead.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H . Peter Anvin" <hpa@zytor.com>,
platform-driver-x86@vger.kernel.org,
LKML <linux-kernel@vger.kernel.org>,
Peter Jones <pjones@redhat.com>, Dave Olsthoorn <dave@bewaar.me>,
Will Deacon <will.deacon@arm.com>,
Andy Lutomirski <luto@kernel.org>,
Matt Fleming <matt@codeblueprint.co.uk>,
Josh Triplett <josh@joshtriplett.org>,
dmitry.torokhov@gmail.com, mfuzzey@parkeon.com,
Kalle Valo <kvalo@codeaurora.org>,
Arend Van Spriel <arend.vanspriel@broadcom.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
nbroeking@me.com, Torsten Duwe <duwe@suse.de>,
x86@kernel.org, linux-efi <linux-efi@vger.kernel.org>,
"open list:ANDROID DRIVERS" <devel@driverdev.osuosl.org>,
linux-arm-msm@vger.kernel.org
Subject: Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support
Date: Thu, 7 Jun 2018 09:49:50 -0700 [thread overview]
Message-ID: <20180607164950.GP510@tuxbook-pro> (raw)
In-Reply-To: <20180508161037.GE27853@wotan.suse.de>
On Tue 08 May 09:10 PDT 2018, Luis R. Rodriguez wrote:
> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > > On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
[..]
> > > 2) Most of those paths are not mounted by the time the corresponding
> > > drivers are loaded, because pretty much all Android kernels today are
> > > built without module support, and therefore drivers are loaded well
> > > before the firmware partition is mounted
>
> I've given this some more thought and you can address this with initramfs,
> this is how other Linux distributions are addressing this. One way to
> address this automatically is to scrape the drivers built-in or needed early on
> boot in initamfs and if the driver has a MODULE_FIRMWARE() its respective
> firmware is added to initramfs as well.
>
That could be done, but it would not change the fact that the
/sys/class/firmware is ABI and you may not break it.
And it doesn't change the fact that the ramdisk would have to be over
100mb to facilitate this.
> If you *don't* use initramfs, then yes you can obviously run into issues
> where your firmware may not be accessible if the driver is somehow loaded
> early.
>
This is still a problem that lacks a solution.
> > > 3) I think we use _FALLBACK because doing this with uevents is just
> > > the easiest thing to do; our init code has a firmware helper that
> > > deals with this and searches the paths that we care about
> > >
> > > 2) will change at some point, because Android is moving towards a
> > > model where device-specific peripheral drivers will be loaded as
> > > modules, and since those modules would likely come from the same
> > > partition as the firmware, it's possible that the direct load would
> > > succeed (depending on whether the custom path is configured there or
> > > not). But I don't think we can rely on the direct loader even in those
> > > cases, unless we could configure it with multiple custom paths.
>
> Using initramfs will help, but because of the custom path needs -- you're
> right, we don't have anything for that yet, its also a bit unclear if
> something nice and clean can be drawn up for it. So perhaps dealing with
> the fallback mechanism is the way to go for this for sure, since we already
> have support for it.
>
> Just keep in mind that the fallback mechanism costs you about ~13436 bytes.
>
Remember that putting the firmware in the ramdisk would cost about
10000x (yes, ten thousand times) more ram.
> So, if someone comes up with a clean interface for custom paths I'd love
> to consider it to avoid those 13436 bytes.
>
Combined with a way of synchronizing this with the availability of the
firmware, this would be a nice thing!
Regards,
Bjorn
next prev parent reply other threads:[~2018-06-07 16:49 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-08 17:40 [PATCH v3 0/5] efi/firmware/platform-x86: Add EFI embedded fw support Hans de Goede
2018-04-08 17:40 ` [PATCH v3 1/5] efi: Export boot-services code and data as debugfs-blobs Hans de Goede
2018-04-16 8:23 ` Ard Biesheuvel
2018-04-16 8:23 ` Ard Biesheuvel
2018-04-24 13:11 ` Hans de Goede
2018-04-24 13:11 ` Hans de Goede
2018-04-23 11:55 ` Greg Kroah-Hartman
2018-04-23 11:55 ` Greg Kroah-Hartman
2018-04-08 17:40 ` [PATCH v3 2/5] efi: Add embedded peripheral firmware support Hans de Goede
2018-04-16 8:28 ` Ard Biesheuvel
2018-04-16 8:28 ` Ard Biesheuvel
2018-04-24 13:17 ` Hans de Goede
2018-04-24 13:17 ` Hans de Goede
2018-04-17 0:17 ` Luis R. Rodriguez
2018-04-17 0:17 ` Luis R. Rodriguez
2018-04-17 8:58 ` Hans de Goede
2018-04-17 8:58 ` Hans de Goede
2018-04-17 9:19 ` Hans de Goede
2018-04-17 9:19 ` Hans de Goede
2018-04-23 21:11 ` Luis R. Rodriguez
2018-04-23 21:11 ` Luis R. Rodriguez
2018-04-24 15:09 ` Hans de Goede
2018-04-24 15:09 ` Hans de Goede
2018-04-24 16:07 ` Mimi Zohar
2018-04-24 16:07 ` Mimi Zohar
2018-04-24 18:33 ` Hans de Goede
2018-04-24 18:33 ` Hans de Goede
2018-04-24 23:42 ` Luis R. Rodriguez
2018-04-24 23:42 ` Luis R. Rodriguez
2018-04-24 23:42 ` Luis R. Rodriguez
2018-04-25 5:00 ` Mimi Zohar
2018-04-25 5:00 ` Mimi Zohar
2018-04-25 5:00 ` Mimi Zohar
2018-04-25 17:55 ` Luis R. Rodriguez
2018-04-25 17:55 ` Luis R. Rodriguez
2018-04-25 17:55 ` Luis R. Rodriguez
2018-05-04 0:21 ` Luis R. Rodriguez
2018-05-04 0:21 ` Luis R. Rodriguez
2018-05-04 0:21 ` Luis R. Rodriguez
2018-05-04 15:26 ` Martijn Coenen
2018-05-04 15:26 ` Martijn Coenen
2018-05-04 15:26 ` Martijn Coenen
2018-05-04 19:44 ` Martijn Coenen
2018-05-04 19:44 ` Martijn Coenen
2018-05-04 19:44 ` Martijn Coenen
2018-05-08 15:38 ` Luis R. Rodriguez
2018-05-08 15:38 ` Luis R. Rodriguez
2018-05-08 15:38 ` Luis R. Rodriguez
2018-05-08 16:10 ` Luis R. Rodriguez
2018-05-08 16:10 ` Luis R. Rodriguez
2018-05-08 16:10 ` Luis R. Rodriguez
2018-06-07 16:49 ` Bjorn Andersson [this message]
2018-06-07 16:49 ` Bjorn Andersson
2018-06-07 16:49 ` Bjorn Andersson
2018-06-07 18:22 ` Luis R. Rodriguez
2018-06-07 18:22 ` Luis R. Rodriguez
2018-06-07 18:22 ` Luis R. Rodriguez
2018-06-01 19:23 ` Luis R. Rodriguez
2018-06-01 19:23 ` Luis R. Rodriguez
2018-06-01 19:23 ` Luis R. Rodriguez
2018-06-06 20:32 ` Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()? Luis R. Rodriguez
2018-06-06 20:32 ` Luis R. Rodriguez
2018-06-06 20:32 ` Luis R. Rodriguez
2018-06-06 20:41 ` Ard Biesheuvel
2018-06-06 22:29 ` Luis R. Rodriguez
2018-06-06 22:41 ` Ard Biesheuvel
2018-06-06 22:55 ` Luis R. Rodriguez
2018-06-07 16:18 ` Bjorn Andersson
2018-06-07 16:18 ` Bjorn Andersson
2018-06-07 16:18 ` Bjorn Andersson
2018-06-07 16:18 ` Bjorn Andersson
2018-06-07 16:23 ` Ard Biesheuvel
2018-06-07 16:33 ` Greg Kroah-Hartman
2018-06-07 16:43 ` Ard Biesheuvel
2018-06-07 16:49 ` Greg Kroah-Hartman
2018-06-07 16:56 ` Ard Biesheuvel
2018-06-07 18:21 ` Bjorn Andersson
2018-06-07 18:42 ` Ard Biesheuvel
2018-06-26 0:08 ` Bjorn Andersson
2018-06-27 18:00 ` Luis R. Rodriguez
2018-06-27 22:21 ` Ard Biesheuvel
2018-06-27 23:33 ` Luis R. Rodriguez
2018-06-27 23:42 ` Ard Biesheuvel
2018-06-27 23:50 ` Luis R. Rodriguez
2018-06-08 6:41 ` Vlastimil Babka
2018-06-08 6:41 ` Vlastimil Babka
2018-06-08 6:41 ` Vlastimil Babka
2018-06-07 18:06 ` Bjorn Andersson
2018-06-18 23:49 ` Luis R. Rodriguez
2018-06-07 16:33 ` [PATCH v3 2/5] efi: Add embedded peripheral firmware support Bjorn Andersson
2018-06-07 16:33 ` Bjorn Andersson
2018-06-07 16:33 ` Bjorn Andersson
2018-04-08 17:40 ` [PATCH v3 3/5] platform/x86: Rename silead_dmi to touchscreen_dmi Hans de Goede
2018-04-09 8:07 ` Andy Shevchenko
2018-04-09 8:07 ` Andy Shevchenko
2018-04-20 0:20 ` Darren Hart
2018-04-20 0:20 ` Darren Hart
2018-04-08 17:40 ` [PATCH v3 4/5] platform/x86: touchscreen_dmi: Add EFI embedded firmware info support Hans de Goede
2018-04-08 17:40 ` [PATCH v3 5/5] platform/x86: touchscreen_dmi: Add info for the Chuwi Vi8 Plus tablet Hans de Goede
2018-04-09 8:10 ` Andy Shevchenko
2018-04-09 8:10 ` Andy Shevchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180607164950.GP510@tuxbook-pro \
--to=bjorn.andersson@linaro.org \
--cc=akpm@linux-foundation.org \
--cc=alan@linux.intel.com \
--cc=andy.gross@linaro.org \
--cc=andy@infradead.org \
--cc=ard.biesheuvel@linaro.org \
--cc=arve@android.com \
--cc=chrisw@sous-sol.org \
--cc=david.brown@linaro.org \
--cc=dhowells@redhat.com \
--cc=dvhart@infradead.org \
--cc=gregkh@linuxfoundation.org \
--cc=hdegoede@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-security-module@vger.kernel.org \
--cc=maco@android.com \
--cc=markivx@codeaurora.org \
--cc=mcgrof@kernel.org \
--cc=sboyd@kernel.org \
--cc=tglx@linut \
--cc=tkjos@android.com \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.