Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp1373279rwb; Thu, 19 Jan 2023 09:45:19 -0800 (PST) X-Google-Smtp-Source: AMrXdXvp31cs4hdyFikkjQGXj64YQtk678yNp/WzFIWWfi7xBuKEmCG/MTlP9UfBTr51S/u1jVP6 X-Received: by 2002:a17:90a:d344:b0:229:4b4f:99e7 with SMTP id i4-20020a17090ad34400b002294b4f99e7mr12542612pjx.16.1674150319347; Thu, 19 Jan 2023 09:45:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674150319; cv=none; d=google.com; s=arc-20160816; b=X3B9LGDqF53iHWibTapnOE9eFbVaqbxcQ2Y5pl3d9KH9eM/iv7/1OJ4BzPoCyMlrJB uTpDwXkSpQeutc+ufGwWl/bGHuqqzNv0B38HpS0/8kCRikeuh0rtpdoyF20wFFVbV2+Y jCE0SHM+kLBwKQXBMaIlvApm4CfEQK8w4zwdHOuox/1KaDQ++MDXHPQi36KMUf0HcGFj bsbGEOyRYvBVzcnbkObJsbY0dynQ/qqfRTDokTLl9IgQArvbV7bohI60hyQAQo5gvwbl YYmwxvfK2l5vUeu14nI2VRLut1LkzgzIoi8Rpi/5qWUd/e5G+iVUmTZBoqh6o6cyRisX Hp3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=fJ0JG+1+vzDx+1woc5zISYYnWWHU/+tyzkwsQk+BhPQ=; b=CbuVqitC0YbzFLgg1tJaaQtT1dYa/pRVWpyNLA2Vl/0LWShF8l3HUOjEcHSkqVaGO2 oAUk9sB6sTIBWtltEYJuFj+z+Z6hUdPS1jROBreIDs892llJwhmuL4tk65sMrf8ETSjI XZ3WbG+gbuPt5zLG3mk1n51413S4Fg7mWVCDpJWsKJIYpLmPGGrJOKgua0nFFEPSNOjz ZefH9hVsprFlp1Uu7caTzTNhcq1t9ex+UaiadZYQ4A+MROc2zACXSdW5hlGOxH6dXOd7 h1deNFgU25RW2hwlXBA2uYfeEMZLttuIQDo3cGAQBm1aUIr3SNfGCFevNw6mOaQ+TifJ 05pg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=HiutLUBg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v5-20020a17090a0c8500b00229a8c10f51si5302368pja.163.2023.01.19.09.45.13; Thu, 19 Jan 2023 09:45:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=HiutLUBg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230120AbjASRTe (ORCPT + 45 others); Thu, 19 Jan 2023 12:19:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60580 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229924AbjASRTc (ORCPT ); Thu, 19 Jan 2023 12:19:32 -0500 Received: from mail-wr1-x42c.google.com (mail-wr1-x42c.google.com [IPv6:2a00:1450:4864:20::42c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0306783DB; Thu, 19 Jan 2023 09:19:31 -0800 (PST) Received: by mail-wr1-x42c.google.com with SMTP id n7so2552047wrx.5; Thu, 19 Jan 2023 09:19:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=fJ0JG+1+vzDx+1woc5zISYYnWWHU/+tyzkwsQk+BhPQ=; b=HiutLUBgPNKoinxepplGwduI4t+6YJl/44EjhVyhwpIefpMjkY/j8ZBxN0L/qgCKM1 +ZQItAVsnNU27zgEcSz38sGnz3HBKHl5SSGgEJZNrzvOvBaHNO4YZ46BoYRs97u+qqET AXUrXtXaDbPLj6Z4yPBh6TyMdfk15W7KsJxFTu/StnAGeSatFGSw7yG6ULv8DvRVqhOh dlEV1pF/2wx2c90OAClSlkYyWqIvAdnm4LEMIYLHApBkS3fUTthqSWrqUrktb7yh5Jl6 u548RE7aoOxW/JvzvLr98mkcgWDEDH951UpcS7jlPr3pVTMLaq7wuPVNfmTJCbX1R5WP Kz5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=fJ0JG+1+vzDx+1woc5zISYYnWWHU/+tyzkwsQk+BhPQ=; b=MQiRTGJL75sIka8rFhxD3EsxIfvKWmaAWV9sj+6DTFUWuuoQo8fxwcYq3oPWTEXVI9 W6oqOVKArmRhRFYXYpDLdxYxm3hyBKHK8FStj6ADpcbPlFy+LAbZf8QMJ/nFF2/vv1sd a6yT1oSiHxzQ+u31yi/AQ2n5EuI7L1tWxGR+FjiPWHSsf5SgODns8IJg13CjVPoY2dhK dQc3/kLwiEmTLGHHhP8DxRAvPFKumlWUafH6mfPXvNW1Dq74fVdLEJ4EZNlgj/X/+tw9 jk+8FnUR08AvXn9kR7bIEWOLkbEorqVEK1l4ztaWBZ5XAqDt128QFbZJ4UzG2aIBqNyJ pTeQ== X-Gm-Message-State: AFqh2kqQl6wqz8De6EgxIgvl+szzEMB7grMwZShcPOhLCnXaX59zgw5G jwGiXhQJUvRtiW2cs7Vs6yp6vWpDFWEajA== X-Received: by 2002:a5d:508f:0:b0:2bd:cb39:2ca3 with SMTP id a15-20020a5d508f000000b002bdcb392ca3mr6141237wrt.59.1674148769369; Thu, 19 Jan 2023 09:19:29 -0800 (PST) Received: from [10.22.0.8] ([194.126.177.40]) by smtp.gmail.com with ESMTPSA id q12-20020adff50c000000b002be25db0b7bsm6024396wro.10.2023.01.19.09.19.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 19 Jan 2023 09:19:28 -0800 (PST) Message-ID: Date: Thu, 19 Jan 2023 18:19:22 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.6.1 Subject: Re: [PATCH 3/4] firmware: Add support for Qualcomm UEFI Secure Application To: Johan Hovold Cc: Ard Biesheuvel , Andy Gross , Bjorn Andersson , Konrad Dybcio , Rob Herring , Krzysztof Kozlowski , Steev Klimaszewski , Shawn Guo , Sudeep Holla , Cristian Marussi , Greg Kroah-Hartman , linux-arm-msm@vger.kernel.org, linux-efi@vger.kernel.org, devicetree@vger.kernel.org, linux-kernel@vger.kernel.org References: <20220723224949.1089973-1-luzmaximilian@gmail.com> <20220723224949.1089973-4-luzmaximilian@gmail.com> <2b0fdc2d-6457-059b-bbdf-27e7de59abeb@gmail.com> Content-Language: en-US From: Maximilian Luz In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1/19/23 17:47, Johan Hovold wrote: > On Wed, Jan 18, 2023 at 09:45:18PM +0100, Maximilian Luz wrote: >> On 1/17/23 09:24, Johan Hovold wrote: >>> On Sun, Jul 24, 2022 at 12:49:48AM +0200, Maximilian Luz wrote: > >>>> +module_platform_driver(qcom_uefisecapp_driver); >>> >>> I noticed that for efivarfs to work, you're currently relying on having >>> the firmware still claim that the variable services are supported in the >>> RT_PROP table so that efi core registers the default ops at subsys init >>> time (which are later overridden by this driver). >>> >>> Otherwise efivarfs may fail to initialise when built in: >>> >>> static __init int efivarfs_init(void) >>> { >>> if (!efivars_kobject()) >>> return -ENODEV; >>> >>> return register_filesystem(&efivarfs_type); >>> } >>> >>> module_init(efivarfs_init); >>> >>> With recent X13s firmware the corresponding bit in the RT_PROP table has >>> been cleared so that efivarfs would fail to initialise. Similar problem >>> when booting with 'efi=noruntime'. >>> >>> One way to handle this is to register also the qcom_uefisecapp_driver at >>> subsys init time and prevent it from being built as a module (e.g. as is >>> done for the SCM driver). I'm using the below patch for this currently. >> >> So I've had another look and I'm not sure this will work reliably: >> >> First, you are correct in case the RT_PROP table is cleared. In that >> case, using subsys_initcall() will move the efivar registration before >> the efivarfs_init() call. >> >> However, in case EFI indicates support for variables, we will then have >> generic_ops_register() and the uefisecapp's driver call running both in >> subsys_initcall(). So if I'm not mistaken, this could cause the generic >> ops to be registered after the uefisecapp ones, which we want to avoid. > > Good catch, I was using 'efi=noruntime' on the CRD so I did not notice > that race. > >> One solution is bumping uefisecapp to fs_initcall(). Or do you have any >> other suggestions? > > I think it would be best to avoid that if we can, but that should work. > > The problem here is that the firmware claims to support the EFI variable > services even when it clearly does not and the corresponding callbacks > just return EFI_UNSUPPORTED. As far as I understand, this is still spec > compliant though so we just need to handle that. > > One way to address this could be to have efi core not register the > default efivars ops in this case. That would require checking that the > services are indeed available by making one of those calls during > initialisation. > > This would however expose the fact that the Google SMI implementation > implicitly relies on overriding the default ops, but I think that's a > good thing as what we have now is racy in multiple ways. > > Instead I think we should move the efivarfs availability check from > module init to mount time. That should allow the Google driver, and your > SCM implementation, to continue to be built as modules. > > Any consumers (e.g. the Qualcomm RTC driver) would instead need to > check if efivars is available or else defer probe. > > Alternatively, it seems all efivars implementation would need to be > always-built in which is not ideal for generic kernels. > > I just posted a series here as food for thought: > > https://lore.kernel.org/r/20230119164255.28091-1-johan+linaro@kernel.org Thanks, I agree that those checks are probably the better option. Regards, Max