Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp3861553rdb; Mon, 11 Dec 2023 02:02:51 -0800 (PST) X-Google-Smtp-Source: AGHT+IE2qZoKEpeiXo+YcuNFDKzqrc5UzOPBpC3bFoJPvRFK6oTrC4+3iprWabMvIPpcrTLjb0dr X-Received: by 2002:a05:6a21:a587:b0:18c:fc4:df13 with SMTP id gd7-20020a056a21a58700b0018c0fc4df13mr6326538pzc.27.1702288970954; Mon, 11 Dec 2023 02:02:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702288970; cv=none; d=google.com; s=arc-20160816; b=LweDn5hhFNN1u183D3y7NmOP7QDMzXL1MhH64g2K6eY5naexzVOd22bw7GdGhYiPor rJzz5t6ap/mqsU+a1v/guBWTV5t13N/d9yUU9KZlbbFavvons+87lEy+bpkE6iAxXQXs +l5Lvcpmyx+GrvkpFJ5ostODCRi+8quACMCXQekWaFP+UUfb7CVDfTrHqQayJq/3WVaq cKSV7fASNTYLJ8qB1pJiOPAbn5ea5iN45vOVL+KdPDMAJkMbjCT0T1YFY7gOqoVDwTnm 3OvojAtqyjJIS4AgU5LOtYeYw27oe3iaPyOrHyYnomKrzINZfmlH7JOCC7w4dtYNFPwt ioRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=NWeHN/nXySJYsfLFX1Or0MnlFwqelwm3LUVwPXTlvsE=; fh=IUujnh3HeahO0UbLUvvY/NuDJHLziiQdIJnjT5dN9kI=; b=OC8rze7Ju6AyX1CR7UVyzbyp0p1RmBdX6fpkwJkil4ZBfQpcceM8Fuo4qBsWmoYxEC TOmFD2DtMCntLhq3ICA1UyfAmtByLiYXxjqZ5X2abXvBD9lXAJmvH9B2FhTWIg8bKRZV mPjmad6LjZEIcFxlcFyjrrn3ar11CaZLhQq+Z+zomuI20kQVbN/lNSymdRAr6GssoqGl ahyvxfyKzwa0q+CGlCV2CIQVpPNk3qgSgwAqkHs+jww24pNlL6f/fEQoixPm0XYBLguY Vj8C47k23cOpvL8VUAamxQOA/fr1z5VgLJ9gd/mNhYdTE44VKqI6gIgbwhvSgc0UUtu3 hw+g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fICvlCcO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id q5-20020a632a05000000b005c6fc5d7a58si4538283pgq.356.2023.12.11.02.02.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Dec 2023 02:02:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fICvlCcO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id F29DF80716C4; Mon, 11 Dec 2023 02:02:47 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234705AbjLKKCd (ORCPT + 99 others); Mon, 11 Dec 2023 05:02:33 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47320 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232148AbjLKKCc (ORCPT ); Mon, 11 Dec 2023 05:02:32 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D1C87B8 for ; Mon, 11 Dec 2023 02:02:38 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 74909C433D9; Mon, 11 Dec 2023 10:02:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1702288958; bh=eAwxe+wbZjnFN8IQhgxn8NYgDvrFF2z1Bra2csTbQ4U=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=fICvlCcOS+b9q410MSV2ASCjV4ED9iDh8/Ge0iqss0UlInytbPmbBLFNAdqLMNuN5 bDyVbcKA9p+saXmMvnMHs+/qFE5o73lqjWk7VxUvZdsssu2Kpn4fNW5U2mqFEQ1JZ1 XMOlXMGHQYmEwz/YM9q3iq4TuGw1arewsUTGLd/+6JiHK4UlDh8ALaZJtcaMkqk6GG bNZke65K6R6pSVIdp8LgnbKk5sEqHKq8566gGupGXBF00HPa5NylBPCZ6QFXrCylMN OIrdm7S+5MLRdabXlaPO2VBVNYemIOD80E2IIoUDUHChBVxkFO9OywuX3f1PgDRLpX LhB5aHnrfSItg== Received: by mail-lf1-f50.google.com with SMTP id 2adb3069b0e04-50c05ea5805so4958400e87.0; Mon, 11 Dec 2023 02:02:38 -0800 (PST) X-Gm-Message-State: AOJu0Yy15zmwBTPRu4qE3zo2Omyjrh7JieNangVGChSSGPUkGx1ozvVs OG7o+NFWPciJxXtvpjGBPI4nlRkr1oMhPr30Rfk= X-Received: by 2002:a19:8c4d:0:b0:50b:f803:460b with SMTP id i13-20020a198c4d000000b0050bf803460bmr1462938lfj.11.1702288956536; Mon, 11 Dec 2023 02:02:36 -0800 (PST) MIME-Version: 1.0 References: <20231013074540.8980-1-masahisa.kojima@linaro.org> <20231013074540.8980-5-masahisa.kojima@linaro.org> In-Reply-To: <20231013074540.8980-5-masahisa.kojima@linaro.org> From: Ard Biesheuvel Date: Mon, 11 Dec 2023 11:02:25 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v9 4/6] efivarfs: automatically update super block flag To: Masahisa Kojima Cc: Jens Wiklander , Jan Kiszka , Sumit Garg , linux-kernel@vger.kernel.org, op-tee@lists.trustedfirmware.org, Ilias Apalodimas , Johan Hovold , Randy Dunlap , Heinrich Schuchardt , Jonathan Cameron , Jeremy Kerr , linux-efi@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Mon, 11 Dec 2023 02:02:48 -0800 (PST) On Fri, 13 Oct 2023 at 09:47, Masahisa Kojima wrote: > > efivar operation is updated when the tee_stmm_efi module is probed. > tee_stmm_efi module supports SetVariable runtime service, > but user needs to manually remount the efivarfs as RW to enable > the write access if the previous efivar operation does not support > SerVariable and efivarfs is mounted as read-only. > > This commit notifies the update of efivar operation to > efivarfs subsystem, then drops SB_RDONLY flag if the efivar > operation supports SetVariable. > > Signed-off-by: Masahisa Kojima Unfortunately, I have identified a problem with this approach. There are cases where there are multiple instances of struct superblock are associated with the efivarfs file system [0]. So I reworked the patch a little - please take the time to double check that I did not make any mistakes here. [0] https://lore.kernel.org/linux-efi/20231208163925.3225018-8-ardb@google.com/T/#u > --- > drivers/firmware/efi/efi.c | 6 ++++++ > drivers/firmware/efi/vars.c | 8 ++++++++ > fs/efivarfs/super.c | 33 +++++++++++++++++++++++++++++++++ > include/linux/efi.h | 8 ++++++++ > 4 files changed, 55 insertions(+) > > diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c > index 53ae25bbb6ac..d2eec5ed8e5e 100644 > --- a/drivers/firmware/efi/efi.c > +++ b/drivers/firmware/efi/efi.c > @@ -32,6 +32,7 @@ > #include > #include > #include > +#include > > #include > > @@ -187,6 +188,9 @@ static const struct attribute_group efi_subsys_attr_group = { > .is_visible = efi_attr_is_visible, > }; > > +struct blocking_notifier_head efivar_ops_nh; > +EXPORT_SYMBOL_GPL(efivar_ops_nh); > + > static struct efivars generic_efivars; > static struct efivar_operations generic_ops; > > @@ -427,6 +431,8 @@ static int __init efisubsys_init(void) > platform_device_register_simple("efivars", 0, NULL, 0); > } > > + BLOCKING_INIT_NOTIFIER_HEAD(&efivar_ops_nh); > + > error = sysfs_create_group(efi_kobj, &efi_subsys_attr_group); > if (error) { > pr_err("efi: Sysfs attribute export failed with error %d.\n", > diff --git a/drivers/firmware/efi/vars.c b/drivers/firmware/efi/vars.c > index e9dc7116daf1..f654e6f6af87 100644 > --- a/drivers/firmware/efi/vars.c > +++ b/drivers/firmware/efi/vars.c > @@ -63,6 +63,7 @@ int efivars_register(struct efivars *efivars, > const struct efivar_operations *ops) > { > int rv; > + int event; > > if (down_interruptible(&efivars_lock)) > return -EINTR; > @@ -77,6 +78,13 @@ int efivars_register(struct efivars *efivars, > > __efivars = efivars; > > + if (efivar_supports_writes()) > + event = EFIVAR_OPS_RDWR; > + else > + event = EFIVAR_OPS_RDONLY; > + > + blocking_notifier_call_chain(&efivar_ops_nh, event, NULL); > + > pr_info("Registered efivars operations\n"); > rv = 0; > out: > diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c > index e028fafa04f3..0f6e4d223aea 100644 > --- a/fs/efivarfs/super.c > +++ b/fs/efivarfs/super.c > @@ -14,11 +14,36 @@ > #include > #include > #include > +#include > > #include "internal.h" > > LIST_HEAD(efivarfs_list); > > +struct efivarfs_info { > + struct super_block *sb; > + struct notifier_block nb; > +}; > + > +static struct efivarfs_info info; > + > +static int efivarfs_ops_notifier(struct notifier_block *nb, unsigned long event, > + void *data) > +{ > + switch (event) { > + case EFIVAR_OPS_RDONLY: > + info.sb->s_flags |= SB_RDONLY; > + break; > + case EFIVAR_OPS_RDWR: > + info.sb->s_flags &= ~SB_RDONLY; > + break; > + default: > + return NOTIFY_DONE; > + } > + > + return NOTIFY_OK; > +} > + > static void efivarfs_evict_inode(struct inode *inode) > { > clear_inode(inode); > @@ -255,6 +280,12 @@ static int efivarfs_fill_super(struct super_block *sb, struct fs_context *fc) > if (!root) > return -ENOMEM; > > + info.sb = sb; > + info.nb.notifier_call = efivarfs_ops_notifier; > + err = blocking_notifier_chain_register(&efivar_ops_nh, &info.nb); > + if (err) > + return err; > + > INIT_LIST_HEAD(&efivarfs_list); > > err = efivar_init(efivarfs_callback, (void *)sb, true, &efivarfs_list); > @@ -281,6 +312,8 @@ static int efivarfs_init_fs_context(struct fs_context *fc) > > static void efivarfs_kill_sb(struct super_block *sb) > { > + blocking_notifier_chain_unregister(&efivar_ops_nh, &info.nb); > + info.sb = NULL; > kill_litter_super(sb); > > if (!efivar_is_available()) > diff --git a/include/linux/efi.h b/include/linux/efi.h > index 4776a3dd9a72..489707b9b0b0 100644 > --- a/include/linux/efi.h > +++ b/include/linux/efi.h > @@ -1355,6 +1355,14 @@ bool efi_config_table_is_usable(const efi_guid_t *guid, unsigned long table) > > umode_t efi_attr_is_visible(struct kobject *kobj, struct attribute *attr, int n); > > +/* > + * efivar ops event type > + */ > +#define EFIVAR_OPS_RDONLY 0 > +#define EFIVAR_OPS_RDWR 1 > + > +extern struct blocking_notifier_head efivar_ops_nh; > + > void efivars_generic_ops_register(void); > void efivars_generic_ops_unregister(void); > > -- > 2.30.2 >