Received: by 10.223.185.116 with SMTP id b49csp5537462wrg; Tue, 27 Feb 2018 15:23:53 -0800 (PST) X-Google-Smtp-Source: AG47ELvKV07JOKsbdbElTOgeLY+uy5Yl5NlwVh7GQ10x9ziF8b0+8Zs+MeJHZccZ9/zwtHzyV9co X-Received: by 10.167.131.86 with SMTP id z22mr5650972pfm.185.1519773833356; Tue, 27 Feb 2018 15:23:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519773833; cv=none; d=google.com; s=arc-20160816; b=hFDByuCdDFROnrIVnSmLLMFl/EtlOqIjd7tzIRxEPWPz+YlA0XKVzs/CtmUwxGDqzz mC6PLpa0kS4PFIWfJgCd2YvDunFqbnXEq6Ff2iS8LvEs+6mxYsvK4U4B+6RLF20J6lhe 1WfUBmK+Ns3KtNfp+6mXHxbzKrTzAb3m0BIGGNXgsyzwOi1uq44MgXxC5SFA9gmW7BKM aGEzaLqNhPK1FCtocVMF8OtkP6L2zO0xNtMhZStq/qHZXHhrPyd3B0XoKZLddADh9WaX b04zy5zspVUmBXqCJfHphR5zktfls0u8BpSngJLTv17mqtxN1huQApQ1A7Ge7jc8PZpA 5BKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=n8EnnNxSSc251rNtaSoWTmEtd2dYo9VgVPZgpBBMfUk=; b=ztxkfZoEZIC/LPAU8mgvGesk6yHFsQZqN2YlaYb/aGIiVPx1Rp9Z0JRjbnKAXhC8I/ t/GaFlSYgyJL5yPnqPDr+OQxTC+QbyK6xLsbdi4PTZWHJGmVBie5T8RTyM6OQepw7/H9 r+udaX6KvNUlpJiHqoXd9dcOktyPVQ4pXZjAyvZRj7uXYCzQjBFjAl55xLoxtGoHBzFV luGr87punobOglby3kw26kHnT+fblrd/mjJdisQLoUWJFGDbKfKSwJLbQx1xEyy0zyiJ qeIOVO3ZFLksXxcRKo+wc/lr4Vk0nsZcEdWRR+EDFkTQXBiwAOKzDJxDB+QICUnuNFHV R6tw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=UugIFv7V; dkim=fail header.i=@chromium.org header.s=google header.b=gRjpjXyQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1-v6si212228pla.496.2018.02.27.15.23.38; Tue, 27 Feb 2018 15:23:53 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=UugIFv7V; dkim=fail header.i=@chromium.org header.s=google header.b=gRjpjXyQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752355AbeB0XWe (ORCPT + 99 others); Tue, 27 Feb 2018 18:22:34 -0500 Received: from mail-ua0-f195.google.com ([209.85.217.195]:46164 "EHLO mail-ua0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752336AbeB0XWb (ORCPT ); Tue, 27 Feb 2018 18:22:31 -0500 Received: by mail-ua0-f195.google.com with SMTP id n48so357599uae.13 for ; Tue, 27 Feb 2018 15:22:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=n8EnnNxSSc251rNtaSoWTmEtd2dYo9VgVPZgpBBMfUk=; b=UugIFv7VTlPMUL1z5D3eibQAHii8LUTZc1vK2gSDePlP4qBe7Pp6mS59xaI57LXrnW mk2sKN/A2hCDhPe9uplgnOpEBL9LCizm2LiZyndOdL6m1BLA1NaV/9u2uAqCx4UYHEE5 Sexd4chKhfoOpC/mQV329e9mtv6bt4CHV8dtQ2kf36uzO/UZFtXpKPswCfThV9ywJxRv xlbx1j6AJpuSl4TcSHmwQ8+5Q1HFntcynimzDgYnjvl/3It9vYOBSyntAs3Iqu1ze5PX cJ1GOINfgQm84bgqMAkhhlMumCf3giTyZiIVjwP67V6SQYqHrCiFs17cBt0SWzCEeQu7 PEqg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=n8EnnNxSSc251rNtaSoWTmEtd2dYo9VgVPZgpBBMfUk=; b=gRjpjXyQUAO/f1vcBReRwtPev+p3We4ofshDHfdWz0tzS41bKQ3nM6DQ6gOlpNfgqA DOJizio11gBYfIQEWNzaQo7xbg41MPiQ8Im8uN1ta5zDlUhYrfZ/G1knu17SfKkYb3kS lDi1d4SBi4Z+C8DV5Kla4Gtyyjp+UinLb5kjc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=n8EnnNxSSc251rNtaSoWTmEtd2dYo9VgVPZgpBBMfUk=; b=tMloZ+7mQQiEdRbN4DeBRtX/lahuCOqL2YSPxJd853om/4CJJsmNlLUxythk6yjTpJ UBCnOCxTtlYYzvzd/8+zW1uUP6gbN5O5nQ9CgHvzeaeEec8IONK/6BFZ26OtREZKQ96k xzhW2AGllYBtg4nJUFauzg3jw9XXhABHuMXtC03Zuv4g5e2WVPctSTzOlekLGvVc1rU3 YltzWcm2Mjx1AgsbfLVV0gitOxwgkB9ve6X5CRPvhk8fPmPjRbIIbfDTK7WP7gJJR7Sj KbU/FAiIJ2NPGqYZ2GpbpX+uDAo/duobimVjoCpPkvgrYk3RI1NFUf3NDpnLNKO+xRa8 1zAA== X-Gm-Message-State: APf1xPCGeYgIh/xed82ZfZ3apXsw78MMP6/dg3l9dRcbeOFDR+g6K9Oo vFp34SuX4mI/Yix/z2dXBwG7/LxfLPEz+nKZ6/YgDQ== X-Received: by 10.159.38.51 with SMTP id 48mr13009831uag.193.1519773749607; Tue, 27 Feb 2018 15:22:29 -0800 (PST) MIME-Version: 1.0 Received: by 10.31.242.140 with HTTP; Tue, 27 Feb 2018 15:22:28 -0800 (PST) In-Reply-To: <20180224024613.24078-9-mcgrof@kernel.org> References: <20180224024613.24078-1-mcgrof@kernel.org> <20180224024613.24078-9-mcgrof@kernel.org> From: Kees Cook Date: Tue, 27 Feb 2018 15:22:28 -0800 X-Google-Sender-Auth: gZ2QiIUd233qgCL1C_MxxKu1taw Message-ID: Subject: Re: [PATCH v2 08/11] firmware: enable run time change of forcing fallback loader To: "Luis R. Rodriguez" Cc: Greg KH , Andrew Morton , Shuah Khan , Martin Fuzzey , Mimi Zohar , David Howells , pali.rohar@gmail.com, Takashi Iwai , arend.vanspriel@broadcom.com, =?UTF-8?B?UmFmYcWCIE1pxYJlY2tp?= , nbroeking@me.com, Vikram Mulukutla , stephen.boyd@linaro.org, Mark Brown , Dmitry Torokhov , David Woodhouse , Linus Torvalds , Abhay_Salunke@dell.com, bjorn.andersson@linaro.org, jewalt@lgsinnovations.com, LKML , "linux-fsdevel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 23, 2018 at 6:46 PM, Luis R. Rodriguez wrote: > Currently one requires to test four kernel configurations to test the > firmware API completely: > > 0) > CONFIG_FW_LOADER=y > > 1) > o CONFIG_FW_LOADER=y > o CONFIG_FW_LOADER_USER_HELPER=y > > 2) > o CONFIG_FW_LOADER=y > o CONFIG_FW_LOADER_USER_HELPER=y > o CONFIG_FW_LOADER_USER_HELPER_FALLBACK=y > > 3) When CONFIG_FW_LOADER=m the built-in stuff is disabled, we have > no current tests for this. > > We can reduce the requirements to three kernel configurations by making > fw_config.force_sysfs_fallback a proc knob we flip on off. For kernels that > disable CONFIG_IKCONFIG_PROC this can also enable one to inspect if > CONFIG_FW_LOADER_USER_HELPER_FALLBACK was enabled at build time by checking > the proc value at boot time. You'll still need compile tests of each configuration, but I love that this will give one kernel to test them all. Acked-by: Kees Cook -Kees > > Signed-off-by: Luis R. Rodriguez > --- > drivers/base/firmware_fallback.c | 1 + > drivers/base/firmware_fallback.h | 4 +++- > drivers/base/firmware_fallback_table.c | 17 +++++++++++++++++ > kernel/sysctl.c | 11 +++++++++++ > 4 files changed, 32 insertions(+), 1 deletion(-) > > diff --git a/drivers/base/firmware_fallback.c b/drivers/base/firmware_fallback.c > index 47690207e0ee..cbce9a950cd8 100644 > --- a/drivers/base/firmware_fallback.c > +++ b/drivers/base/firmware_fallback.c > @@ -7,6 +7,7 @@ > #include > #include > #include > +#include > > #include "firmware_fallback.h" > #include "firmware_loader.h" > diff --git a/drivers/base/firmware_fallback.h b/drivers/base/firmware_fallback.h > index 550498c7fa4c..ca7e69a8417b 100644 > --- a/drivers/base/firmware_fallback.h > +++ b/drivers/base/firmware_fallback.h > @@ -12,12 +12,14 @@ > * > * @force_sysfs_fallback: force the sysfs fallback mechanism to be used > * as if one had enabled CONFIG_FW_LOADER_USER_HELPER_FALLBACK=y. > + * Useful to help debug a CONFIG_FW_LOADER_USER_HELPER_FALLBACK=y > + * functionality on a kernel where that config entry has been disabled. > * @old_timeout: for internal use > * @loading_timeout: the timeout to wait for the fallback mechanism before > * giving up, in seconds. > */ > struct firmware_fallback_config { > - const bool force_sysfs_fallback; > + unsigned int force_sysfs_fallback; > int old_timeout; > int loading_timeout; > }; > diff --git a/drivers/base/firmware_fallback_table.c b/drivers/base/firmware_fallback_table.c > index 53cc4e492520..77300d5e9c52 100644 > --- a/drivers/base/firmware_fallback_table.c > +++ b/drivers/base/firmware_fallback_table.c > @@ -19,6 +19,9 @@ > /* Module or buit-in */ > #ifdef CONFIG_FW_LOADER_USER_HELPER > > +static unsigned int zero; > +static unsigned int one = 1; > + > struct firmware_fallback_config fw_fallback_config = { > .force_sysfs_fallback = IS_ENABLED(CONFIG_FW_LOADER_USER_HELPER_FALLBACK), > .loading_timeout = 60, > @@ -26,4 +29,18 @@ struct firmware_fallback_config fw_fallback_config = { > }; > EXPORT_SYMBOL_GPL(fw_fallback_config); > > +struct ctl_table firmware_config_table[] = { > + { > + .procname = "force_sysfs_fallback", > + .data = &fw_fallback_config.force_sysfs_fallback, > + .maxlen = sizeof(unsigned int), > + .mode = 0644, > + .proc_handler = proc_douintvec_minmax, > + .extra1 = &zero, > + .extra2 = &one, > + }, > + { } > +}; > +EXPORT_SYMBOL_GPL(firmware_config_table); > + > #endif > diff --git a/kernel/sysctl.c b/kernel/sysctl.c > index acdf4e85c0a1..aa8355953fcf 100644 > --- a/kernel/sysctl.c > +++ b/kernel/sysctl.c > @@ -253,6 +253,10 @@ extern struct ctl_table random_table[]; > extern struct ctl_table epoll_table[]; > #endif > > +#ifdef CONFIG_FW_LOADER_USER_HELPER > +extern struct ctl_table firmware_config_table[]; > +#endif > + > #ifdef HAVE_ARCH_PICK_MMAP_LAYOUT > int sysctl_legacy_va_layout; > #endif > @@ -748,6 +752,13 @@ static struct ctl_table kern_table[] = { > .mode = 0555, > .child = usermodehelper_table, > }, > +#ifdef CONFIG_FW_LOADER_USER_HELPER > + { > + .procname = "firmware_config", > + .mode = 0555, > + .child = firmware_config_table, > + }, > +#endif > { > .procname = "overflowuid", > .data = &overflowuid, > -- > 2.16.2 > -- Kees Cook Pixel Security