Originally, we early load partial firmware to know its capability before
register_hw(), because it can save some loading time. However, a platform
can enable SECURITY_LOADPIN_ENFORCE that disallows to load firmware
partially, so we load full firmware instead in this kind of platform.
The costs of loading partial and full firmware are about 10us and 100us in
10+ years old computer, so I think this isn't very critical for users.
We are still thinking if we can fork a work during PCI probe to load
firmware and register_hw(), but this will be a big change of initial flow.
Before the implement, this patchset can let driver works as expectation and
avoid kernel warning if SECURITY_LOADPIN_ENFORCE is enabled.
Zong-Zhe Yang (2):
wifi: rtw89: don't request partial firmware if
SECURITY_LOADPIN_ENFORCE
wifi: rtw89: request full firmware only once if it's early requested
drivers/net/wireless/realtek/rtw89/core.c | 6 ++-
drivers/net/wireless/realtek/rtw89/fw.c | 60 +++++++++++++++++------
drivers/net/wireless/realtek/rtw89/fw.h | 22 +++++++--
3 files changed, 69 insertions(+), 19 deletions(-)
--
2.25.1
From: Zong-Zhe Yang <[email protected]>
Under some condition, we now have to do early request full firmware when
rtw89_early_fw_feature_recognize(). In this case, we can avoid requesting
full firmware twice during probing driver. So, we pass out full firmware
from rtw89_early_fw_feature_recognize() if it's requested successfully.
And then, if firmware is settled, we have no need to request full firmware
again during normal initizating flow.
Setting firmware flow is updated to be as the following.
platform | early recognizing | normally initizating
-----------------------------------------------------------------------
deny reading | request full FW | (no more FW requesting)
partial file | | (obtain FW from early pahse)
-----------------------------------------------------------------------
able to read | request partial FW | async request full FW
partial file | (quite small chunk) |
Signed-off-by: Zong-Zhe Yang <[email protected]>
Signed-off-by: Ping-Ke Shih <[email protected]>
---
drivers/net/wireless/realtek/rtw89/core.c | 6 ++++-
drivers/net/wireless/realtek/rtw89/fw.c | 28 +++++++++++++++++++----
drivers/net/wireless/realtek/rtw89/fw.h | 7 +++---
3 files changed, 32 insertions(+), 9 deletions(-)
diff --git a/drivers/net/wireless/realtek/rtw89/core.c b/drivers/net/wireless/realtek/rtw89/core.c
index 5ab95250755df..931aff8b5dc95 100644
--- a/drivers/net/wireless/realtek/rtw89/core.c
+++ b/drivers/net/wireless/realtek/rtw89/core.c
@@ -3420,6 +3420,7 @@ struct rtw89_dev *rtw89_alloc_ieee80211_hw(struct device *device,
u32 bus_data_size,
const struct rtw89_chip_info *chip)
{
+ const struct firmware *firmware;
struct ieee80211_hw *hw;
struct rtw89_dev *rtwdev;
struct ieee80211_ops *ops;
@@ -3427,7 +3428,7 @@ struct rtw89_dev *rtw89_alloc_ieee80211_hw(struct device *device,
u32 early_feat_map = 0;
bool no_chanctx;
- rtw89_early_fw_feature_recognize(device, chip, &early_feat_map);
+ firmware = rtw89_early_fw_feature_recognize(device, chip, &early_feat_map);
ops = kmemdup(&rtw89_ops, sizeof(rtw89_ops), GFP_KERNEL);
if (!ops)
@@ -3454,6 +3455,7 @@ struct rtw89_dev *rtw89_alloc_ieee80211_hw(struct device *device,
rtwdev->dev = device;
rtwdev->ops = ops;
rtwdev->chip = chip;
+ rtwdev->fw.firmware = firmware;
rtw89_debug(rtwdev, RTW89_DBG_FW, "probe driver %s chanctx\n",
no_chanctx ? "without" : "with");
@@ -3462,6 +3464,7 @@ struct rtw89_dev *rtw89_alloc_ieee80211_hw(struct device *device,
err:
kfree(ops);
+ release_firmware(firmware);
return NULL;
}
EXPORT_SYMBOL(rtw89_alloc_ieee80211_hw);
@@ -3469,6 +3472,7 @@ EXPORT_SYMBOL(rtw89_alloc_ieee80211_hw);
void rtw89_free_ieee80211_hw(struct rtw89_dev *rtwdev)
{
kfree(rtwdev->ops);
+ release_firmware(rtwdev->fw.firmware);
ieee80211_free_hw(rtwdev->hw);
}
EXPORT_SYMBOL(rtw89_free_ieee80211_hw);
diff --git a/drivers/net/wireless/realtek/rtw89/fw.c b/drivers/net/wireless/realtek/rtw89/fw.c
index f5daea0d4f93c..de1f23779fc62 100644
--- a/drivers/net/wireless/realtek/rtw89/fw.c
+++ b/drivers/net/wireless/realtek/rtw89/fw.c
@@ -273,9 +273,10 @@ static void rtw89_fw_recognize_features(struct rtw89_dev *rtwdev)
}
}
-void rtw89_early_fw_feature_recognize(struct device *device,
- const struct rtw89_chip_info *chip,
- u32 *early_feat_map)
+const struct firmware *
+rtw89_early_fw_feature_recognize(struct device *device,
+ const struct rtw89_chip_info *chip,
+ u32 *early_feat_map)
{
union rtw89_compat_fw_hdr buf = {};
const struct firmware *firmware;
@@ -300,7 +301,7 @@ void rtw89_early_fw_feature_recognize(struct device *device,
if (ret) {
dev_err(device, "failed to early request firmware: %d\n", ret);
- return;
+ return NULL;
}
if (full_req)
@@ -322,7 +323,11 @@ void rtw89_early_fw_feature_recognize(struct device *device,
}
out:
+ if (full_req)
+ return firmware;
+
release_firmware(firmware);
+ return NULL;
}
int rtw89_fw_recognize(struct rtw89_dev *rtwdev)
@@ -629,6 +634,13 @@ int rtw89_load_firmware(struct rtw89_dev *rtwdev)
fw->rtwdev = rtwdev;
init_completion(&fw->completion);
+ if (fw->firmware) {
+ rtw89_debug(rtwdev, RTW89_DBG_FW,
+ "full firmware has been early requested\n");
+ complete_all(&fw->completion);
+ return 0;
+ }
+
ret = request_firmware_nowait(THIS_MODULE, true, fw_name, rtwdev->dev,
GFP_KERNEL, fw, rtw89_load_firmware_cb);
if (ret) {
@@ -645,8 +657,14 @@ void rtw89_unload_firmware(struct rtw89_dev *rtwdev)
rtw89_wait_firmware_completion(rtwdev);
- if (fw->firmware)
+ if (fw->firmware) {
release_firmware(fw->firmware);
+
+ /* assign NULL back in case rtw89_free_ieee80211_hw()
+ * try to release the same one again.
+ */
+ fw->firmware = NULL;
+ }
}
#define H2C_CAM_LEN 60
diff --git a/drivers/net/wireless/realtek/rtw89/fw.h b/drivers/net/wireless/realtek/rtw89/fw.h
index 5c4c7de1b4f5d..4d2f9ea9e0022 100644
--- a/drivers/net/wireless/realtek/rtw89/fw.h
+++ b/drivers/net/wireless/realtek/rtw89/fw.h
@@ -3444,9 +3444,10 @@ struct rtw89_fw_h2c_rf_get_mccch {
int rtw89_fw_check_rdy(struct rtw89_dev *rtwdev);
int rtw89_fw_recognize(struct rtw89_dev *rtwdev);
-void rtw89_early_fw_feature_recognize(struct device *device,
- const struct rtw89_chip_info *chip,
- u32 *early_feat_map);
+const struct firmware *
+rtw89_early_fw_feature_recognize(struct device *device,
+ const struct rtw89_chip_info *chip,
+ u32 *early_feat_map);
int rtw89_fw_download(struct rtw89_dev *rtwdev, enum rtw89_fw_type type);
int rtw89_load_firmware(struct rtw89_dev *rtwdev);
void rtw89_unload_firmware(struct rtw89_dev *rtwdev);
--
2.25.1
From: Zong-Zhe Yang <[email protected]>
Kernel logs on platform enabling SECURITY_LOADPIN_ENFORCE
------
```
LoadPin: firmware old-api-denied obj=<unknown> pid=810 cmdline="modprobe -q -- rtw89_8852ce"
rtw89_8852ce 0000:01:00.0: loading /lib/firmware/rtw89/rtw8852c_fw.bin failed with error -1
rtw89_8852ce 0000:01:00.0: Direct firmware load for rtw89/rtw8852c_fw.bin failed with error -1
rtw89_8852ce 0000:01:00.0: failed to early request firmware: -1
```
Trace
------
```
request_partial_firmware_into_buf()
> _request_firmware()
>> fw_get_filesystem_firmware()
>>> kernel_read_file_from_path_initns()
>>>> kernel_read_file()
>>>>> security_kernel_read_file()
// It will iterate enabled LSMs' hooks for kernel_read_file.
// With loadpin, it hooks loadpin_read_file.
```
If SECURITY_LOADPIN_ENFORCE is enabled, doing kernel_read_file() on partial
files will be denied and return -EPERM (-1). Then, the outer API based on it,
e.g. request_partial_firmware_into_buf(), will get the error.
In the case, we cannot get the firmware stuffs right, even though there might
be no error other than a permission issue on reading a partial file. So we have
to request full firmware if SECURITY_LOADPIN_ENFORCE is enabled. It makes us
still have a chance to do early firmware work on this kind of platforms.
Signed-off-by: Zong-Zhe Yang <[email protected]>
Signed-off-by: Ping-Ke Shih <[email protected]>
---
drivers/net/wireless/realtek/rtw89/fw.c | 30 +++++++++++++++++--------
drivers/net/wireless/realtek/rtw89/fw.h | 15 +++++++++++++
2 files changed, 36 insertions(+), 9 deletions(-)
diff --git a/drivers/net/wireless/realtek/rtw89/fw.c b/drivers/net/wireless/realtek/rtw89/fw.c
index 7e682709232d7..f5daea0d4f93c 100644
--- a/drivers/net/wireless/realtek/rtw89/fw.c
+++ b/drivers/net/wireless/realtek/rtw89/fw.c
@@ -277,25 +277,37 @@ void rtw89_early_fw_feature_recognize(struct device *device,
const struct rtw89_chip_info *chip,
u32 *early_feat_map)
{
- union {
- struct rtw89_mfw_hdr mfw_hdr;
- u8 fw_hdr[RTW89_FW_HDR_SIZE];
- } buf = {};
+ union rtw89_compat_fw_hdr buf = {};
const struct firmware *firmware;
+ bool full_req = false;
u32 ver_code;
int ret;
int i;
- ret = request_partial_firmware_into_buf(&firmware, chip->fw_name,
- device, &buf, sizeof(buf), 0);
+ /* If SECURITY_LOADPIN_ENFORCE is enabled, reading partial files will
+ * be denied (-EPERM). Then, we don't get right firmware things as
+ * expected. So, in this case, we have to request full firmware here.
+ */
+ if (IS_ENABLED(CONFIG_SECURITY_LOADPIN_ENFORCE))
+ full_req = true;
+
+ if (full_req)
+ ret = request_firmware(&firmware, chip->fw_name, device);
+ else
+ ret = request_partial_firmware_into_buf(&firmware, chip->fw_name,
+ device, &buf, sizeof(buf),
+ 0);
+
if (ret) {
dev_err(device, "failed to early request firmware: %d\n", ret);
return;
}
- ver_code = buf.mfw_hdr.sig != RTW89_MFW_SIG ?
- RTW89_FW_HDR_VER_CODE(&buf.fw_hdr) :
- RTW89_MFW_HDR_VER_CODE(&buf.mfw_hdr);
+ if (full_req)
+ ver_code = rtw89_compat_fw_hdr_ver_code(firmware->data);
+ else
+ ver_code = rtw89_compat_fw_hdr_ver_code(&buf);
+
if (!ver_code)
goto out;
diff --git a/drivers/net/wireless/realtek/rtw89/fw.h b/drivers/net/wireless/realtek/rtw89/fw.h
index 46d57414f24e2..5c4c7de1b4f5d 100644
--- a/drivers/net/wireless/realtek/rtw89/fw.h
+++ b/drivers/net/wireless/realtek/rtw89/fw.h
@@ -3291,6 +3291,21 @@ struct fwcmd_hdr {
__le32 hdr1;
};
+union rtw89_compat_fw_hdr {
+ struct rtw89_mfw_hdr mfw_hdr;
+ u8 fw_hdr[RTW89_FW_HDR_SIZE];
+};
+
+static inline u32 rtw89_compat_fw_hdr_ver_code(const void *fw_buf)
+{
+ const union rtw89_compat_fw_hdr *compat = (typeof(compat))fw_buf;
+
+ if (compat->mfw_hdr.sig == RTW89_MFW_SIG)
+ return RTW89_MFW_HDR_VER_CODE(&compat->mfw_hdr);
+ else
+ return RTW89_FW_HDR_VER_CODE(&compat->fw_hdr);
+}
+
#define RTW89_H2C_RF_PAGE_SIZE 500
#define RTW89_H2C_RF_PAGE_NUM 3
struct rtw89_fw_h2c_rf_reg_info {
--
2.25.1
Ping-Ke Shih <[email protected]> wrote:
> From: Zong-Zhe Yang <[email protected]>
>
> Kernel logs on platform enabling SECURITY_LOADPIN_ENFORCE
> ------
> ```
> LoadPin: firmware old-api-denied obj=<unknown> pid=810 cmdline="modprobe -q -- rtw89_8852ce"
> rtw89_8852ce 0000:01:00.0: loading /lib/firmware/rtw89/rtw8852c_fw.bin failed with error -1
> rtw89_8852ce 0000:01:00.0: Direct firmware load for rtw89/rtw8852c_fw.bin failed with error -1
> rtw89_8852ce 0000:01:00.0: failed to early request firmware: -1
> ```
>
> Trace
> ------
> ```
> request_partial_firmware_into_buf()
> > _request_firmware()
> >> fw_get_filesystem_firmware()
> >>> kernel_read_file_from_path_initns()
> >>>> kernel_read_file()
> >>>>> security_kernel_read_file()
> // It will iterate enabled LSMs' hooks for kernel_read_file.
> // With loadpin, it hooks loadpin_read_file.
> ```
>
> If SECURITY_LOADPIN_ENFORCE is enabled, doing kernel_read_file() on partial
> files will be denied and return -EPERM (-1). Then, the outer API based on it,
> e.g. request_partial_firmware_into_buf(), will get the error.
>
> In the case, we cannot get the firmware stuffs right, even though there might
> be no error other than a permission issue on reading a partial file. So we have
> to request full firmware if SECURITY_LOADPIN_ENFORCE is enabled. It makes us
> still have a chance to do early firmware work on this kind of platforms.
>
> Signed-off-by: Zong-Zhe Yang <[email protected]>
> Signed-off-by: Ping-Ke Shih <[email protected]>
2 patches applied to wireless-next.git, thanks.
3ddfe3bdd3cf wifi: rtw89: don't request partial firmware if SECURITY_LOADPIN_ENFORCE
13eb07e0be1b wifi: rtw89: request full firmware only once if it's early requested
--
https://patchwork.kernel.org/project/linux-wireless/patch/[email protected]/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches