Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Luis R. Rodriguez]

On Wed, Apr 25, 2018 at 01:00:09AM -0400, Mimi Zohar wrote:
> On Tue, 2018-04-24 at 23:42 +0000, Luis R. Rodriguez wrote:
> > On Tue, Apr 24, 2018 at 12:07:01PM -0400, Mimi Zohar wrote:
> > > On Tue, 2018-04-24 at 17:09 +0200, Hans de Goede wrote:
> > > > On 23-04-18 23:11, Luis R. Rodriguez wrote:
> > > > > Hans, please see use of READING_FIRMWARE_PREALLOC_BUFFER, we'll need a new ID
> > > > > and security for this type of request so IMA can reject it if the policy is
> > > > > configured for it.
> > > > 
> > > > Hmm, interesting, actually it seems like the whole existence
> > > > of READING_FIRMWARE_PREALLOC_BUFFER is a mistake, 
> > 
> > request_firmware_into_buf() was merged without my own review, however,
> > the ID thing did get review from Mimi:
> > 
> > https://patchwork.kernel.org/patch/9074611/
> > 
> > The ID is not for IMA alone, its for any LSM to decide what to do.
> > Note Mimi asked for READING_FIRMWARE_DMA if such buffer was in DMA,
> > otherise READING_FIRMWARE_PREALLOC_BUFFER was suggested.
> > 
> > Mimi why did you want a separate ID for it back before?
> 
> The point of commit a098ecd2fa7d ("firmware: support loading into a
> pre-allocated buffer") is to avoid reading the firmware into kernel
> memory and then copying it "to it's final resting place".  My concern
> is that if the device driver has access to the buffer, it could access
> the buffer prior to the firmware's signature having been verified by
> the kernel.

If request_firmware_into_buf() is used and the firmware was found in
/lib/firmware/ paths then the driver will *not* use the firmware prior
to any LSM doing any firmware signature verification because
kernel_read_file_from_path() and in turn security_kernel_read_file().

The firmware API has a fallback mechanism [0] though, and if that is used then
security_kernel_post_read_file() is used once the firmware is loaded through
the sysfs interface *prior* to handing the firmware data to the driver. As
Hans noted though security_kernel_post_read_file() currently *only* uses
READING_FIRMWARE, so this needs to be fixed. Also note though that LSMs
get a hint of what is going to happen *soon* prior to the fallback
mechanism kicking on as we travere the /lib/firmware/ paths for direct
filesystem loading.

If this is not sufficient to cover LSM appraisals *one* option could be to
have security_kernel_read_file() return a special error of some sort
for READING_FIRMWARE_PREALLOC_BUFFER so that kernel_read_file_from_path()
users could *know* to fatally give up.

Currently the device drivers using request_firmware_into_buf() can end up
getting the buffer with firmware stashed in it without having the kernel do any
firmware signature verification at all through its LSMs. The LSM hooks added to
the firmware loader long ago by Kees via commit 6593d9245bc66 ("firmware_class:
perform new LSM checks") on v3.17 added an LSM for direct filesystem lookups,
but on the fallback mechanism seems to have only added a post LSM hook
security_kernel_fw_from_file().

There is also a custom fallback mechanism [1] which can be used if the path to
the firmware may be out of the /lib/firmware/ paths or perhaps the firmware
requires some very custom fetching of some sort. The only thing this does
though is just *not* issue a uevent when we don't find the firmware and also
sets the timeout to a practically never-ending value. The custom fallback
mechanism is only usable for request_firmware_nowait() though. In retrospect
the custom fallback mechanism is pure crap and these days we've acknowledged
that even in crazy custom firmware fetching cases folks should be able to
accomplish this by relying on uevents and using the firmwared [2] or forking
it, or a different similar proprietary similar solution, which would just
monitor for uevents for firmware and just Do The Right Thing (TM).

Consider some mobile devices which may want to fetch it from some custom
partition which only it can know how to get.

There is a kernel config option which enables the fallback mechanism always,
This is now easily readable as follows:

drivers/base/firmware_loader/fallback_table.c

struct firmware_fallback_config fw_fallback_config = {
	.force_sysfs_fallback = IS_ENABLED(CONFIG_FW_LOADER_USER_HELPER_FALLBACK),
	.loading_timeout = 60,
	.old_timeout = 60,
};

Even if this is used we always do direct fs lookups first.

Android became the primary user of CONFIG_FW_LOADER_USER_HELPER_FALLBACK.

It would be good for us to hear from Android folks if their current use of
request_firmware_into_buf() is designed in practice to *never* use the direct
filesystem firmware loading interface, and always rely instead on the
fallback mechanism.

That would answer help your appraisal question in practice today.

[0] https://www.kernel.org/doc/html/latest/driver-api/firmware/fallback-mechanisms.html
[1] https://www.kernel.org/doc/html/latest/driver-api/firmware/fallback-mechanisms.html#firmware-custom-fallback-mechanism
[2] https://github.com/teg/firmwared

> In tightly controlled environments interested in limiting which signed
> firmware version is loaded, require's the device driver not having
> access to the buffer until after the signature has been verified by
> the kernel (eg. IMA-appraisal).

We may need more work for this for request_firmware_into_buf().

> > I should note now that request_firmware_into_buf() and its
> > READING_FIRMWARE_PREALLOC_BUFFER was to enable a driver on memory constrained
> > devices. The files are large (commit says 16 MiB).
> > 
> > I've heard of larger possible files with remoteproc and with Android using
> > the custom fallback mechanism -- which could mean a proprietary tool
> > fetching firmware from a random special place on a device.
> > 
> > I could perhaps imagine an LSM which may be aware of such type of
> > arrangement may want to do its own vetting of some sort, but this
> > would not be specific to READING_FIRMWARE_PREALLOC_BUFFER, but rather
> > the custom fallback mechaism.
> > 
> > Whether or not the buffer was preallocated by the driver seems a little
> > odd for security folks to do something different with it. Security LSM
> > folks please chime in.
> > 
> > I could see a bit more of a use case for an ID for firmware scraped
> > from EFI, which Hans' patch will provide. But that *also* should get
> > good review from other LSM folks.
> > 
> > One of the issues with accepting more IDs loosely is where do we
> > stop though? If no one really is using READING_FIRMWARE_PREALLOC_BUFFER
> > I'd say lets remove it. Likewise, for this EFI thing I'd like an idea
> > if we really are going to have users for it.
> > 
> > If its of any help --
> > 
> > drivers/soc/qcom/mdt_loader.c is the only driver currently using
> > request_firmware_into_buf() however I'll note qcom_mdt_load() is used in many
> > other drivers so they are wrappers around request_firmware_into_buf():
> > 
> > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:   * adreno_request_fw() handles this, but qcom_mdt_load() does
> > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:          ret = qcom_mdt_load(dev, fw, fwname, GPU_PAS_ID,
> > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:          ret = qcom_mdt_load(dev, fw, newname, GPU_PAS_ID,
> > drivers/media/platform/qcom/venus/firmware.c:   ret = qcom_mdt_load(dev, mdt, fwname, VENUS_PAS_ID, mem_va, mem_phys,
> > drivers/remoteproc/qcom_adsp_pil.c:     return qcom_mdt_load(adsp->dev, fw, rproc->firmware, adsp->pas_id,
> > drivers/remoteproc/qcom_wcnss.c:        return qcom_mdt_load(wcnss->dev, fw, rproc->firmware, WCNSS_PAS_ID,
> > 
> > Are we going to add more IDs for more types of firmware?
> > What type of *different* decisions could LSMs take if the firmware
> > was being written to a buffer? Or in this new case that is coming
> > up, if the file came scraping EFI, would having that information
> > be useful?
> > 
> > > > As such the current IMA code (from v4.17-rc2) actually does
> > > > not handle READING_FIRMWARE_PREALLOC_BUFFER at all, 
> > > 
> > > Right, it doesn't yet address READING_FIRMWARE_PREALLOC_BUFFER, but
> > > should.
> > > 
> > > Depending on whether the device requesting the firmware has access to
> > > the DMA memory, before the signature verification, 
> > 
> > It would seem from the original patch review about READING_FIRMWARE_PREALLOC_BUFFER
> > that this is not a DMA buffer.
> 
> The call sequence:
> qcom_mdt_load() -> qcom_scm_pas_init_image() -> dma_alloc_coherent()
> 
> If dma_alloc_coherent() isn't allocating a DMA buffer, then the
> function name is misleading/confusing.

Hah, by *definition* the device *and* processor has immediate access
to data written *immediately* when dma_alloc_coherent() is used. From
Documentation/DMA-API.txt:

-----------------------------------------------------------------------
Part Ia - Using large DMA-coherent buffers                                      
------------------------------------------                                      
                                                                                
::                                                                              
                                                                                
        void *                                                                  
        dma_alloc_coherent(struct device *dev, size_t size,                     
                           dma_addr_t *dma_handle, gfp_t flag)                  
                                                                                
Consistent memory is memory for which a write by either the device or           
the processor can immediately be read by the processor or device                
without having to worry about caching effects.  (You may however need           
to make sure to flush the processor's write buffers before telling              
devices to read that memory.)  
------------------------------------------------------------------------

Is ptr below

	ret = request_firmware_into_buf(&seg_fw, fw_name, dev,  
					ptr, phdr->p_filesz); 

Also part of the DMA buffer allocated earlier via:

        ret = qcom_scm_pas_init_image(pas_id, fw->data, fw->size);              

Android folks?

> > The device driver should have access to the buffer pointer with write given
> > that with request_firmware_into_buf() the driver is giving full write access to
> > the memory pointer so that the firmware API can stuff the firmware it finds
> > there.
> > 
> > Firmware signature verification would be up to the device hardware to do upon
> > load *after* request_firmware_into_buf().
> 
> We're discussing the kernel's signature verification, not the device
> hardware's signature verification.  Can the device driver access the
> buffer, before IMA-appraisal has verified the firmware's signature?

It will depend on the above question.

  Luis

> 
> Mimi
> 
> > 
> >   Luis
> > 
> > > will determine how
> > > IMA-appraisal addresses READING_FIRMWARE_PREALLOC_BUFFER.
> > > 
> > > Mimi
> > > 
> > > > here
> > > > are bits of code from: security/integrity/ima/ima_main.c:
> > > > 
> > > > static int read_idmap[READING_MAX_ID] = {
> > > >          [READING_FIRMWARE] = FIRMWARE_CHECK,
> > > >          [READING_MODULE] = MODULE_CHECK,
> > > >          [READING_KEXEC_IMAGE] = KEXEC_KERNEL_CHECK,
> > > >          [READING_KEXEC_INITRAMFS] = KEXEC_INITRAMFS_CHECK,
> > > >          [READING_POLICY] = POLICY_CHECK
> > > > };
> > > > 
> > > > int ima_post_read_file(struct file *file, void *buf, loff_t size,
> > > > 	...
> > > >          if (!file && read_id == READING_FIRMWARE) {
> > > >                  if ((ima_appraise & IMA_APPRAISE_FIRMWARE) &&
> > > >                      (ima_appraise & IMA_APPRAISE_ENFORCE))
> > > >                          return -EACCES; /* INTEGRITY_UNKNOWN */
> > > >                  return 0;
> > > >          }
> > > > 
> > > > Which show that the IMA code is not handling
> > > > READING_FIRMWARE_PREALLOC_BUFFER as it should (I believe it
> > > > should handle it the same as READING_FIRMWARE).
> > > > 
> > > > Now we could fix that, but the only user of
> > > > READING_FIRMWARE_PREALLOC_BUFFER is the code which originally
> > > > introduced it:
> > > > 
> > > > https://patchwork.kernel.org/patch/9162011/
> > > > 
> > > > So I believe it might be better to instead replace it
> > > > with just READING_FIRMWARE and find another way to tell
> > > > kernel_read_file() that there is a pre-allocated buffer,
> > > > perhaps the easiest way there is that  *buf must be
> > > > NULL when the caller wants kernel_read_file() to
> > > > vmalloc the mem. This would of course require auditing
> > > > all callers that the buf which the pass in is initialized
> > > > to NULL.
> > > > 
> > > > Either way adding a third READING_FIRMWARE_FOO to the
> > > > kernel_read_file_id enum seems like a bad idea, from
> > > > the IMA pov firmware is firmware.
> > > > 
> > > > What this whole exercise has shown me though is that
> > > > I need to call security_kernel_post_read_file() when
> > > > loading EFI embedded firmware. I will add a call to
> > > > security_kernel_post_read_file() for v4 of the patch-set.
> > > > 
> > > > > Please Cc Kees in future patches.
> > > > 
> > > > Will do.
> > > > 
> > > > Regards,
> > > > 
> > > > Hans
> > > > 
> > > 
> > > 
> > 
> 
> 

-- 
Do not panic

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Luis R. Rodriguez]

Android folks, poke below. otherwise we'll have no option but to seriously
consider Mimi's patch to prevent these calls when IMA appraisal is enforced:

http://lkml.kernel.org/r/1525182503-13849-7-git-send-email-zohar@linux.vnet.ibm.com

Please read below....

On Wed, Apr 25, 2018 at 05:55:57PM +0000, Luis R. Rodriguez wrote:
> On Wed, Apr 25, 2018 at 01:00:09AM -0400, Mimi Zohar wrote:
> > On Tue, 2018-04-24 at 23:42 +0000, Luis R. Rodriguez wrote:
> > > On Tue, Apr 24, 2018 at 12:07:01PM -0400, Mimi Zohar wrote:
> > > > On Tue, 2018-04-24 at 17:09 +0200, Hans de Goede wrote:
> > > If its of any help --
> > > 
> > > drivers/soc/qcom/mdt_loader.c is the only driver currently using
> > > request_firmware_into_buf() however I'll note qcom_mdt_load() is used in many
> > > other drivers so they are wrappers around request_firmware_into_buf():
> > > 
> > > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:   * adreno_request_fw() handles this, but qcom_mdt_load() does
> > > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:          ret = qcom_mdt_load(dev, fw, fwname, GPU_PAS_ID,
> > > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:          ret = qcom_mdt_load(dev, fw, newname, GPU_PAS_ID,
> > > drivers/media/platform/qcom/venus/firmware.c:   ret = qcom_mdt_load(dev, mdt, fwname, VENUS_PAS_ID, mem_va, mem_phys,
> > > drivers/remoteproc/qcom_adsp_pil.c:     return qcom_mdt_load(adsp->dev, fw, rproc->firmware, adsp->pas_id,
> > > drivers/remoteproc/qcom_wcnss.c:        return qcom_mdt_load(wcnss->dev, fw, rproc->firmware, WCNSS_PAS_ID,
> > > 
> > > > > As such the current IMA code (from v4.17-rc2) actually does
> > > > > not handle READING_FIRMWARE_PREALLOC_BUFFER at all, 
> > > > 
> > > > Right, it doesn't yet address READING_FIRMWARE_PREALLOC_BUFFER, but
> > > > should.
> > > > 
> > > > Depending on whether the device requesting the firmware has access to
> > > > the DMA memory, before the signature verification, 
> > > 
> > > It would seem from the original patch review about READING_FIRMWARE_PREALLOC_BUFFER
> > > that this is not a DMA buffer.

To be very clear I believe Stephen implied this was not DMA buffer. Mimi
asked for READING_FIRMWARE_DMA if it was:

https://patchwork.kernel.org/patch/9074611/

> > The call sequence:
> > qcom_mdt_load() -> qcom_scm_pas_init_image() -> dma_alloc_coherent()
> > 
> > If dma_alloc_coherent() isn't allocating a DMA buffer, then the
> > function name is misleading/confusing.
> 
> Hah, by *definition* the device *and* processor has immediate access
> to data written *immediately* when dma_alloc_coherent() is used. From
> Documentation/DMA-API.txt:
> 
> -----------------------------------------------------------------------
> Part Ia - Using large DMA-coherent buffers                                      
> ------------------------------------------                                      
>                                                                                 
> ::                                                                              
>                                                                                 
>         void *                                                                  
>         dma_alloc_coherent(struct device *dev, size_t size,                     
>                            dma_addr_t *dma_handle, gfp_t flag)                  
>                                                                                 
> Consistent memory is memory for which a write by either the device or           
> the processor can immediately be read by the processor or device                
> without having to worry about caching effects.  (You may however need           
> to make sure to flush the processor's write buffers before telling              
> devices to read that memory.)  
> ------------------------------------------------------------------------
> 
> Is ptr below
> 
> 	ret = request_firmware_into_buf(&seg_fw, fw_name, dev,  
> 					ptr, phdr->p_filesz); 
> 
> Also part of the DMA buffer allocated earlier via:
> 
>         ret = qcom_scm_pas_init_image(pas_id, fw->data, fw->size);              
> 
> Android folks?

Android folks?

> > > The device driver should have access to the buffer pointer with write given
> > > that with request_firmware_into_buf() the driver is giving full write access to
> > > the memory pointer so that the firmware API can stuff the firmware it finds
> > > there.
> > > 
> > > Firmware signature verification would be up to the device hardware to do upon
> > > load *after* request_firmware_into_buf().
> > 
> > We're discussing the kernel's signature verification, not the device
> > hardware's signature verification.  Can the device driver access the
> > buffer, before IMA-appraisal has verified the firmware's signature?
> 
> It will depend on the above question.

  Luis

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Martijn Coenen]

On Thu, May 3, 2018 at 5:21 PM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> Android folks, poke below. otherwise we'll have no option but to seriously
> consider Mimi's patch to prevent these calls when IMA appraisal is enforced:

Sorry, figuring out who's the right person to answer this, will get
back to you ASAP.

Martijn

>
> http://lkml.kernel.org/r/1525182503-13849-7-git-send-email-zohar@linux.vnet.ibm.com
>
> Please read below....
>
> On Wed, Apr 25, 2018 at 05:55:57PM +0000, Luis R. Rodriguez wrote:
>> On Wed, Apr 25, 2018 at 01:00:09AM -0400, Mimi Zohar wrote:
>> > On Tue, 2018-04-24 at 23:42 +0000, Luis R. Rodriguez wrote:
>> > > On Tue, Apr 24, 2018 at 12:07:01PM -0400, Mimi Zohar wrote:
>> > > > On Tue, 2018-04-24 at 17:09 +0200, Hans de Goede wrote:
>> > > If its of any help --
>> > >
>> > > drivers/soc/qcom/mdt_loader.c is the only driver currently using
>> > > request_firmware_into_buf() however I'll note qcom_mdt_load() is used in many
>> > > other drivers so they are wrappers around request_firmware_into_buf():
>> > >
>> > > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:   * adreno_request_fw() handles this, but qcom_mdt_load() does
>> > > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:          ret = qcom_mdt_load(dev, fw, fwname, GPU_PAS_ID,
>> > > drivers/gpu/drm/msm/adreno/a5xx_gpu.c:          ret = qcom_mdt_load(dev, fw, newname, GPU_PAS_ID,
>> > > drivers/media/platform/qcom/venus/firmware.c:   ret = qcom_mdt_load(dev, mdt, fwname, VENUS_PAS_ID, mem_va, mem_phys,
>> > > drivers/remoteproc/qcom_adsp_pil.c:     return qcom_mdt_load(adsp->dev, fw, rproc->firmware, adsp->pas_id,
>> > > drivers/remoteproc/qcom_wcnss.c:        return qcom_mdt_load(wcnss->dev, fw, rproc->firmware, WCNSS_PAS_ID,
>> > >
>> > > > > As such the current IMA code (from v4.17-rc2) actually does
>> > > > > not handle READING_FIRMWARE_PREALLOC_BUFFER at all,
>> > > >
>> > > > Right, it doesn't yet address READING_FIRMWARE_PREALLOC_BUFFER, but
>> > > > should.
>> > > >
>> > > > Depending on whether the device requesting the firmware has access to
>> > > > the DMA memory, before the signature verification,
>> > >
>> > > It would seem from the original patch review about READING_FIRMWARE_PREALLOC_BUFFER
>> > > that this is not a DMA buffer.
>
> To be very clear I believe Stephen implied this was not DMA buffer. Mimi
> asked for READING_FIRMWARE_DMA if it was:
>
> https://patchwork.kernel.org/patch/9074611/
>
>> > The call sequence:
>> > qcom_mdt_load() -> qcom_scm_pas_init_image() -> dma_alloc_coherent()
>> >
>> > If dma_alloc_coherent() isn't allocating a DMA buffer, then the
>> > function name is misleading/confusing.
>>
>> Hah, by *definition* the device *and* processor has immediate access
>> to data written *immediately* when dma_alloc_coherent() is used. From
>> Documentation/DMA-API.txt:
>>
>> -----------------------------------------------------------------------
>> Part Ia - Using large DMA-coherent buffers
>> ------------------------------------------
>>
>> ::
>>
>>         void *
>>         dma_alloc_coherent(struct device *dev, size_t size,
>>                            dma_addr_t *dma_handle, gfp_t flag)
>>
>> Consistent memory is memory for which a write by either the device or
>> the processor can immediately be read by the processor or device
>> without having to worry about caching effects.  (You may however need
>> to make sure to flush the processor's write buffers before telling
>> devices to read that memory.)
>> ------------------------------------------------------------------------
>>
>> Is ptr below
>>
>>       ret = request_firmware_into_buf(&seg_fw, fw_name, dev,
>>                                       ptr, phdr->p_filesz);
>>
>> Also part of the DMA buffer allocated earlier via:
>>
>>         ret = qcom_scm_pas_init_image(pas_id, fw->data, fw->size);
>>
>> Android folks?
>
> Android folks?
>
>> > > The device driver should have access to the buffer pointer with write given
>> > > that with request_firmware_into_buf() the driver is giving full write access to
>> > > the memory pointer so that the firmware API can stuff the firmware it finds
>> > > there.
>> > >
>> > > Firmware signature verification would be up to the device hardware to do upon
>> > > load *after* request_firmware_into_buf().
>> >
>> > We're discussing the kernel's signature verification, not the device
>> > hardware's signature verification.  Can the device driver access the
>> > buffer, before IMA-appraisal has verified the firmware's signature?
>>
>> It will depend on the above question.
>
>   Luis

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Martijn Coenen]

On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> Android became the primary user of CONFIG_FW_LOADER_USER_HELPER_FALLBACK.
>
> It would be good for us to hear from Android folks if their current use of
> request_firmware_into_buf() is designed in practice to *never* use the direct
> filesystem firmware loading interface, and always rely instead on the
> fallback mechanism.

It's hard to answer this question for Android in general. As far as I
can tell the reasons we use CONFIG_FW_LOADER_USER_HELPER(_FALLBACK)
are:
1) We have multiple different paths on our devices where firmware can
be located, and the direct loader only supports one custom path
2) Most of those paths are not mounted by the time the corresponding
drivers are loaded, because pretty much all Android kernels today are
built without module support, and therefore drivers are loaded well
before the firmware partition is mounted
3) I think we use _FALLBACK because doing this with uevents is just
the easiest thing to do; our init code has a firmware helper that
deals with this and searches the paths that we care about

2) will change at some point, because Android is moving towards a
model where device-specific peripheral drivers will be loaded as
modules, and since those modules would likely come from the same
partition as the firmware, it's possible that the direct load would
succeed (depending on whether the custom path is configured there or
not). But I don't think we can rely on the direct loader even in those
cases, unless we could configure it with multiple custom paths.

I have no reason to believe request_firmware_into_buf() is special in
this regard; drivers that depend on it may have their corresponding
firmware in different locations, so just depending on the direct
loader would not be good enough.

>
> Is ptr below
>
>         ret = request_firmware_into_buf(&seg_fw, fw_name, dev,
>                                         ptr, phdr->p_filesz);
>
> Also part of the DMA buffer allocated earlier via:
>
>         ret = qcom_scm_pas_init_image(pas_id, fw->data, fw->size);
>
> Android folks?

I think the Qualcomm folks owning this (Andy, David, Bjorn, already
cc'd here) are better suited to answer that question.

Thanks,
Martijn

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Luis R. Rodriguez]

On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> > Android became the primary user of CONFIG_FW_LOADER_USER_HELPER_FALLBACK.
> >
> > It would be good for us to hear from Android folks if their current use of
> > request_firmware_into_buf() is designed in practice to *never* use the direct
> > filesystem firmware loading interface, and always rely instead on the
> > fallback mechanism.
> 
> It's hard to answer this question for Android in general. As far as I
> can tell the reasons we use CONFIG_FW_LOADER_USER_HELPER(_FALLBACK)
> are:
> 1) We have multiple different paths on our devices where firmware can
> be located, and the direct loader only supports one custom path
> 2) Most of those paths are not mounted by the time the corresponding
> drivers are loaded, because pretty much all Android kernels today are
> built without module support, and therefore drivers are loaded well
> before the firmware partition is mounted
> 3) I think we use _FALLBACK because doing this with uevents is just
> the easiest thing to do; our init code has a firmware helper that
> deals with this and searches the paths that we care about
> 
> 2) will change at some point, because Android is moving towards a
> model where device-specific peripheral drivers will be loaded as
> modules, and since those modules would likely come from the same
> partition as the firmware, it's possible that the direct load would
> succeed (depending on whether the custom path is configured there or
> not). But I don't think we can rely on the direct loader even in those
> cases, unless we could configure it with multiple custom paths.
> 
> I have no reason to believe request_firmware_into_buf() is special in
> this regard; drivers that depend on it may have their corresponding
> firmware in different locations, so just depending on the direct
> loader would not be good enough.

Thanks! This is very useful! This provides yet-another justification and use
case to document for the fallback mechanism. I'll go and extend it.

> >
> > Is ptr below
> >
> >         ret = request_firmware_into_buf(&seg_fw, fw_name, dev,
> >                                         ptr, phdr->p_filesz);
> >
> > Also part of the DMA buffer allocated earlier via:
> >
> >         ret = qcom_scm_pas_init_image(pas_id, fw->data, fw->size);
> >
> > Android folks?
> 
> I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> cc'd here) are better suited to answer that question.

Andy, David, Bjorn?

  Luis

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Luis R. Rodriguez]

On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> > > Android became the primary user of CONFIG_FW_LOADER_USER_HELPER_FALLBACK.
> > >
> > > It would be good for us to hear from Android folks if their current use of
> > > request_firmware_into_buf() is designed in practice to *never* use the direct
> > > filesystem firmware loading interface, and always rely instead on the
> > > fallback mechanism.
> > 
> > It's hard to answer this question for Android in general. As far as I
> > can tell the reasons we use CONFIG_FW_LOADER_USER_HELPER(_FALLBACK)
> > are:
> > 1) We have multiple different paths on our devices where firmware can
> > be located, and the direct loader only supports one custom path

FWIW I'd love to consider patches to address this, if this is something
you may find a need for in the future to *avoid* the fallback, however
would like a clean solution.

> > 2) Most of those paths are not mounted by the time the corresponding
> > drivers are loaded, because pretty much all Android kernels today are
> > built without module support, and therefore drivers are loaded well
> > before the firmware partition is mounted

I've given this some more thought and you can address this with initramfs,
this is how other Linux distributions are addressing this. One way to
address this automatically is to scrape the drivers built-in or needed early on
boot in initamfs and if the driver has a MODULE_FIRMWARE() its respective
firmware is added to initramfs as well.

If you *don't* use initramfs, then yes you can obviously run into issues
where your firmware may not be accessible if the driver is somehow loaded
early.

> > 3) I think we use _FALLBACK because doing this with uevents is just
> > the easiest thing to do; our init code has a firmware helper that
> > deals with this and searches the paths that we care about
> > 
> > 2) will change at some point, because Android is moving towards a
> > model where device-specific peripheral drivers will be loaded as
> > modules, and since those modules would likely come from the same
> > partition as the firmware, it's possible that the direct load would
> > succeed (depending on whether the custom path is configured there or
> > not). But I don't think we can rely on the direct loader even in those
> > cases, unless we could configure it with multiple custom paths.

Using initramfs will help, but because of the custom path needs -- you're
right, we don't have anything for that yet, its also a bit unclear if
something nice and clean can be drawn up for it. So perhaps dealing with
the fallback mechanism is the way to go for this for sure, since we already
have support for it.

Just keep in mind that the fallback mechanism costs you about ~13436 bytes.

So, if someone comes up with a clean interface for custom paths I'd love
to consider it to avoid those 13436 bytes.

  Luis

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Luis R. Rodriguez]

On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> > > Is ptr below
> > >
> > >         ret = request_firmware_into_buf(&seg_fw, fw_name, dev,
> > >                                         ptr, phdr->p_filesz);
> > >
> > > Also part of the DMA buffer allocated earlier via:
> > >
> > >         ret = qcom_scm_pas_init_image(pas_id, fw->data, fw->size);
> > >
> > > Android folks?
> > 
> > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> > cc'd here) are better suited to answer that question.
> 
> Andy, David, Bjorn?

Andy, David, Bjorn?

Note: as-is we have no option but to assume this is DMA memory for now.
We cannot keep IMA's guarantees with the current prealloc firmware API
buffer, so I've suggested:

a) The prealloc buffer API be expanded to enable the caller to descrbe it
b) Have the qcom driver say this is DMA
c) IMA would reject it to ensure it stays true to what it needs to gaurantee

d) Future platforms which want to use IMA but want to trust DMA buffers
   would need to devise a way to describe IMA can trust some of these
   calls.

I'll leave it up to you guys (Andy, David, Bjorn) to come up with the code for
d) once and if you guys want to use IMA later.  But since what is pressing here
is to stay to true to IMA, with a-c IMA would reject such calls for now.

  Luis

Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Luis R. Rodriguez]

On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > > 
> > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> > > cc'd here) are better suited to answer that question.
> > 
> > Andy, David, Bjorn?
> 
> Andy, David, Bjorn?

A month now with no answer...

Perhaps someone who has this hardware can find out empirically for us, as
follows (mm folks is this right?):

page = virt_to_page(address);
if (!page)
   fail closed...
if (page_zone(page) == ZONE_DMA || page_zone(page) == ZONE_DMA32)
	this is a DMA buffer
else
	not DMA!

Note that when request_firmware_into_buf() was being reviewed Mimi had asked back
in 2016 [0] that if a DMA buffer was going to be used READING_FIRMWARE_DMA should be
used otherwise READING_FIRMWARE_PREALLOC_BUFFER was fine.

If it is a DMA buffer *now*, why / how did this change?

[0] https://patchwork.kernel.org/patch/9074611/

  Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Ard Biesheuvel]

On 6 June 2018 at 22:32, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
>> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
>> > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
>> > >
>> > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
>> > > cc'd here) are better suited to answer that question.
>> >
>> > Andy, David, Bjorn?
>>
>> Andy, David, Bjorn?
>
> A month now with no answer...
>
> Perhaps someone who has this hardware can find out empirically for us, as
> follows (mm folks is this right?):
>
> page = virt_to_page(address);
> if (!page)
>    fail closed...
> if (page_zone(page) == ZONE_DMA || page_zone(page) == ZONE_DMA32)
>         this is a DMA buffer
> else
>         not DMA!
>

As I replied in the other thread, this code makes no sense.

In general, any address covered by the kernel direct mapping can be
passed to the streaming DMA api and be mapped for device read xor
device write. Only DMA mappings that will be accessed randomly by the
device and the CPU at the same time require the use of
dma_alloc_coherent(), so it can take special precautions (e.g, create
an uncached mapping if DMA is non cache coherent)

The DMA zone thing is primarily about reserving low memory ranges for
DMA because some hardware may not have sufficient address lines wired
up to access all of DRAM.

> Note that when request_firmware_into_buf() was being reviewed Mimi had asked back
> in 2016 [0] that if a DMA buffer was going to be used READING_FIRMWARE_DMA should be
> used otherwise READING_FIRMWARE_PREALLOC_BUFFER was fine.
>
> If it is a DMA buffer *now*, why / how did this change?
>
> [0] https://patchwork.kernel.org/patch/9074611/
>
>   Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Luis R. Rodriguez]

On Wed, Jun 06, 2018 at 10:41:07PM +0200, Ard Biesheuvel wrote:
> On 6 June 2018 at 22:32, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> > On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
> >> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> >> > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> >> > >
> >> > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> >> > > cc'd here) are better suited to answer that question.
> >> >
> >> > Andy, David, Bjorn?
> >>
> >> Andy, David, Bjorn?
> >
> > A month now with no answer...
> >
> > Perhaps someone who has this hardware can find out empirically for us, as
> > follows (mm folks is this right?):
> >
> > page = virt_to_page(address);
> > if (!page)
> >    fail closed...
> > if (page_zone(page) == ZONE_DMA || page_zone(page) == ZONE_DMA32)
> >         this is a DMA buffer
> > else
> >         not DMA!
> >
> 
> As I replied in the other thread, this code makes no sense.

OK thanks. If we can't figure it out in code we will have no option
but to expect the worst, specially considering the silence.

> In general, any address covered by the kernel direct mapping can be
> passed to the streaming DMA api and be mapped for device read xor
> device write.

Right, thanks for the details -- on the other thread [0] you've clarified
that with streaming DMA API the CPU *should not* use the buffer and so
*should *be "safe", however that's still a judgement and design call.

[0] https://lkml.kernel.org/r/20180606220605.GJ4511@wotan.suse.de

> Only DMA mappings that will be accessed randomly by the
> device and the CPU at the same time require the use of
> dma_alloc_coherent(), so it can take special precautions (e.g, create
> an uncached mapping if DMA is non cache coherent)

Right and the qcom drivers *does not* use the streaming DMA API, it uses
use dma_alloc_coherent() which explicitly allows the CPU to *immediately*
have access the buffer. We have no control over the CPU and have no ways
to vet that the data we give is complete and correct.

> The DMA zone thing is primarily about reserving low memory ranges for
> DMA because some hardware may not have sufficient address lines wired
> up to access all of DRAM.

Right.

The point to all this is that it is up to LSMs to decide and trust something,
and in this case, even with the streaming DMA API in mind, it is up to LSMs
to decide. In this case we have only *one* user of request_firmware_into_buf()
and code inspection is finding that very likely the dma_alloc_coherent() calls
on the path is actually using this same coherent DMA buffer for firmware.

> > Note that when request_firmware_into_buf() was being reviewed Mimi had asked back
> > in 2016 [0] that if a DMA buffer was going to be used READING_FIRMWARE_DMA should be
> > used otherwise READING_FIRMWARE_PREALLOC_BUFFER was fine.
> >
> > If it is a DMA buffer *now*, why / how did this change?
> >
> > [0] https://patchwork.kernel.org/patch/9074611/

So it is *specially* very odd and disappointing that even though Mimi
*specifically* asked a long time ago that if a DMA buffer would be used it
should be annotated as such with READING_FIRMWARE_DMA, why the annotation
continued forward with READING_FIRMWARE_PREALLOC_BUFFER instead.

Just as Mimi asked for READING_FIRMWARE_DMA it would seem we could reasonably also
ask now or READING_FIRMWARE_DMA_COHERENT and READING_FIRMWARE_DMA_STREAM and some
LSMs will just reject these calls. We don't need READING_FIRMWARE_DMA_STREAM now
as request_firmware_into_buf() users are using dma_alloc_coherent() so we are
trying to determine if request_firmware_into_buf() should pass:

	READING_FIRMWARE_DMA_COHERENT

Given no one is providing a clear answer, and we cannot easily describe the
buffer at run time we'll just move forward with READING_FIRMWARE_DMA_COHERENT.

  Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Ard Biesheuvel]

On 7 June 2018 at 00:29, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> On Wed, Jun 06, 2018 at 10:41:07PM +0200, Ard Biesheuvel wrote:
>> On 6 June 2018 at 22:32, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
>> > On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
>> >> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
>> >> > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
>> >> > >
>> >> > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
>> >> > > cc'd here) are better suited to answer that question.
>> >> >
>> >> > Andy, David, Bjorn?
>> >>
>> >> Andy, David, Bjorn?
>> >
>> > A month now with no answer...
>> >
>> > Perhaps someone who has this hardware can find out empirically for us, as
>> > follows (mm folks is this right?):
>> >
>> > page = virt_to_page(address);
>> > if (!page)
>> >    fail closed...
>> > if (page_zone(page) == ZONE_DMA || page_zone(page) == ZONE_DMA32)
>> >         this is a DMA buffer
>> > else
>> >         not DMA!
>> >
>>
>> As I replied in the other thread, this code makes no sense.
>
> OK thanks. If we can't figure it out in code we will have no option
> but to expect the worst, specially considering the silence.
>
>> In general, any address covered by the kernel direct mapping can be
>> passed to the streaming DMA api and be mapped for device read xor
>> device write.
>
> Right, thanks for the details -- on the other thread [0] you've clarified
> that with streaming DMA API the CPU *should not* use the buffer and so
> *should *be "safe", however that's still a judgement and design call.
>

True.

> [0] https://lkml.kernel.org/r/20180606220605.GJ4511@wotan.suse.de
>
>> Only DMA mappings that will be accessed randomly by the
>> device and the CPU at the same time require the use of
>> dma_alloc_coherent(), so it can take special precautions (e.g, create
>> an uncached mapping if DMA is non cache coherent)
>
> Right and the qcom drivers *does not* use the streaming DMA API, it uses
> use dma_alloc_coherent() which explicitly allows the CPU to *immediately*
> have access the buffer. We have no control over the CPU and have no ways
> to vet that the data we give is complete and correct.
>

Do you mean 'device' rather than 'CPU' here? The CPU always has access
to memory allocation, but the device generally can only access the
buffer after it has been mapped.

Do note that especially in pc-centric code (which uses cache coherent
DMA that is mapped 1:1 between the CPU physical address space and the
DMA address space), you can actually get away with ignoring map/unmap
entirely, in which case this becomes a 'should' as well.

>> The DMA zone thing is primarily about reserving low memory ranges for
>> DMA because some hardware may not have sufficient address lines wired
>> up to access all of DRAM.
>
> Right.
>
> The point to all this is that it is up to LSMs to decide and trust something,
> and in this case, even with the streaming DMA API in mind, it is up to LSMs
> to decide. In this case we have only *one* user of request_firmware_into_buf()
> and code inspection is finding that very likely the dma_alloc_coherent() calls
> on the path is actually using this same coherent DMA buffer for firmware.
>
>> > Note that when request_firmware_into_buf() was being reviewed Mimi had asked back
>> > in 2016 [0] that if a DMA buffer was going to be used READING_FIRMWARE_DMA should be
>> > used otherwise READING_FIRMWARE_PREALLOC_BUFFER was fine.
>> >
>> > If it is a DMA buffer *now*, why / how did this change?
>> >
>> > [0] https://patchwork.kernel.org/patch/9074611/
>
> So it is *specially* very odd and disappointing that even though Mimi
> *specifically* asked a long time ago that if a DMA buffer would be used it
> should be annotated as such with READING_FIRMWARE_DMA, why the annotation
> continued forward with READING_FIRMWARE_PREALLOC_BUFFER instead.
>
> Just as Mimi asked for READING_FIRMWARE_DMA it would seem we could reasonably also
> ask now or READING_FIRMWARE_DMA_COHERENT and READING_FIRMWARE_DMA_STREAM and some
> LSMs will just reject these calls. We don't need READING_FIRMWARE_DMA_STREAM now
> as request_firmware_into_buf() users are using dma_alloc_coherent() so we are
> trying to determine if request_firmware_into_buf() should pass:
>
>         READING_FIRMWARE_DMA_COHERENT
>
> Given no one is providing a clear answer, and we cannot easily describe the
> buffer at run time we'll just move forward with READING_FIRMWARE_DMA_COHERENT.
>

I seriously wonder whether the QCOM code cannot switch to the
streaming API instead. That is generally preferred anyway (for
performance, although that should not matter for loading firmware) but
also removes this single wart for which we have to invent new flags
and new security code plus the associated validation overhead.

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Luis R. Rodriguez]

On Thu, Jun 07, 2018 at 12:41:12AM +0200, Ard Biesheuvel wrote:
> On 7 June 2018 at 00:29, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> > Given no one is providing a clear answer, and we cannot easily describe the
> > buffer at run time we'll just move forward with READING_FIRMWARE_DMA_COHERENT.
> 
> I seriously wonder whether the QCOM code cannot switch to the
> streaming API instead. That is generally preferred anyway (for
> performance, although that should not matter for loading firmware) but
> also removes this single wart for which we have to invent new flags
> and new security code plus the associated validation overhead.

Given 1 month and no response I don't think we can count on that at this point.

  Luis

-- 
Do not panic

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Bjorn Andersson]

On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:

> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > > > 
> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> > > > cc'd here) are better suited to answer that question.
> > > 
> > > Andy, David, Bjorn?
> > 
> > Andy, David, Bjorn?
> 
> A month now with no answer...
> 

The patch at the top of this thread doesn't interest me and you didn't
bother sending your question To me.

As a matter of fact I'm confused to what the actual question is.

> Perhaps someone who has this hardware can find out empirically for us, as
> follows (mm folks is this right?):
> 
> page = virt_to_page(address);
> if (!page)
>    fail closed...
> if (page_zone(page) == ZONE_DMA || page_zone(page) == ZONE_DMA32)
> 	this is a DMA buffer
> else
> 	not DMA!
> 

Where do you want to put this?

> Note that when request_firmware_into_buf() was being reviewed Mimi had asked back
> in 2016 [0] that if a DMA buffer was going to be used READING_FIRMWARE_DMA should be
> used otherwise READING_FIRMWARE_PREALLOC_BUFFER was fine.
> 
> If it is a DMA buffer *now*, why / how did this change?
> 

>From what I can see [0] says is to use READING_FIRMWARE_PREALLOC_BUFFER
regardless of where the memory comes from.

Regards,
Bjorn

> [0] https://patchwork.kernel.org/patch/9074611/
> 
>   Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Ard Biesheuvel]

On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
>
>> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
>> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
>> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
>> > > >
>> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
>> > > > cc'd here) are better suited to answer that question.
>> > >
>> > > Andy, David, Bjorn?
>> >
>> > Andy, David, Bjorn?
>>
>> A month now with no answer...
>>
>
> The patch at the top of this thread doesn't interest me and you didn't
> bother sending your question To me.
>
> As a matter of fact I'm confused to what the actual question is.
>

The actual question is whether it is really required that the firmware
is loaded by the kernel into a buffer that is already mapped for DMA
at that point, and thus accessible by the device.

To me, it is not entirely clear what the nature is of the firmware
that we are talking about, since it seems to be getting passed to the
secure world as well?

In any case, the preferred model in terms of validation/sig checking is

1) allocate a CPU accessible buffer

2) request the firmware into it (which may include a sig check under the hood)

3) map the buffer for DMA to the device so it can load the firmware.

4) kick off the DMA transfer.

The use of dma_alloc_coherent() for this purpose seems unnecessary,
given that the DMA transfer is not bidirectional. Would it be possible
to replace it with something like the above sequence?

-- 
Ard.



>> Perhaps someone who has this hardware can find out empirically for us, as
>> follows (mm folks is this right?):
>>
>> page = virt_to_page(address);
>> if (!page)
>>    fail closed...
>> if (page_zone(page) == ZONE_DMA || page_zone(page) == ZONE_DMA32)
>>       this is a DMA buffer
>> else
>>       not DMA!
>>
>
> Where do you want to put this?
>
>> Note that when request_firmware_into_buf() was being reviewed Mimi had asked back
>> in 2016 [0] that if a DMA buffer was going to be used READING_FIRMWARE_DMA should be
>> used otherwise READING_FIRMWARE_PREALLOC_BUFFER was fine.
>>
>> If it is a DMA buffer *now*, why / how did this change?
>>
>
> From what I can see [0] says is to use READING_FIRMWARE_PREALLOC_BUFFER
> regardless of where the memory comes from.
>
> Regards,
> Bjorn
>
>> [0] https://patchwork.kernel.org/patch/9074611/
>>
>>   Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Greg Kroah-Hartman]

On Thu, Jun 07, 2018 at 06:23:01PM +0200, Ard Biesheuvel wrote:
> On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> > On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
> >
> >> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
> >> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> >> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> >> > > >
> >> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> >> > > > cc'd here) are better suited to answer that question.
> >> > >
> >> > > Andy, David, Bjorn?
> >> >
> >> > Andy, David, Bjorn?
> >>
> >> A month now with no answer...
> >>
> >
> > The patch at the top of this thread doesn't interest me and you didn't
> > bother sending your question To me.
> >
> > As a matter of fact I'm confused to what the actual question is.
> >
> 
> The actual question is whether it is really required that the firmware
> is loaded by the kernel into a buffer that is already mapped for DMA
> at that point, and thus accessible by the device.
> 
> To me, it is not entirely clear what the nature is of the firmware
> that we are talking about, since it seems to be getting passed to the
> secure world as well?
> 
> In any case, the preferred model in terms of validation/sig checking is
> 
> 1) allocate a CPU accessible buffer
> 
> 2) request the firmware into it (which may include a sig check under the hood)
> 
> 3) map the buffer for DMA to the device so it can load the firmware.
> 
> 4) kick off the DMA transfer.
> 
> The use of dma_alloc_coherent() for this purpose seems unnecessary,
> given that the DMA transfer is not bidirectional. Would it be possible
> to replace it with something like the above sequence?

Why not just use kmalloc, it will always return a DMAable buffer.

Is the problem that vmalloc() might not?

We need to drop the whole DMA zone crud, it confuses everyone who sees
it and was primarily for really really old systems.

greg k-h

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Ard Biesheuvel]

On 7 June 2018 at 18:33, Greg Kroah-Hartman <gregkh@linuxfoundation.org> wrote:
> On Thu, Jun 07, 2018 at 06:23:01PM +0200, Ard Biesheuvel wrote:
>> On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
>> > On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
>> >
>> >> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
>> >> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
>> >> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
>> >> > > >
>> >> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
>> >> > > > cc'd here) are better suited to answer that question.
>> >> > >
>> >> > > Andy, David, Bjorn?
>> >> >
>> >> > Andy, David, Bjorn?
>> >>
>> >> A month now with no answer...
>> >>
>> >
>> > The patch at the top of this thread doesn't interest me and you didn't
>> > bother sending your question To me.
>> >
>> > As a matter of fact I'm confused to what the actual question is.
>> >
>>
>> The actual question is whether it is really required that the firmware
>> is loaded by the kernel into a buffer that is already mapped for DMA
>> at that point, and thus accessible by the device.
>>
>> To me, it is not entirely clear what the nature is of the firmware
>> that we are talking about, since it seems to be getting passed to the
>> secure world as well?
>>
>> In any case, the preferred model in terms of validation/sig checking is
>>
>> 1) allocate a CPU accessible buffer
>>
>> 2) request the firmware into it (which may include a sig check under the hood)
>>
>> 3) map the buffer for DMA to the device so it can load the firmware.
>>
>> 4) kick off the DMA transfer.
>>
>> The use of dma_alloc_coherent() for this purpose seems unnecessary,
>> given that the DMA transfer is not bidirectional. Would it be possible
>> to replace it with something like the above sequence?
>
> Why not just use kmalloc, it will always return a DMAable buffer.
>

On a PC maybe. But there are plenty of systems where bidirectional DMA
mappings require uncached memory (i.e., if the device doesn't snoop
the caches), in which case a kmalloc'ed buffer is useless.
dma_alloc_coherent() hides the platform constraints from the driver,
so it is a very useful abstraction for this use case.

> Is the problem that vmalloc() might not?
>
> We need to drop the whole DMA zone crud, it confuses everyone who sees
> it and was primarily for really really old systems.
>

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Greg Kroah-Hartman]

On Thu, Jun 07, 2018 at 06:43:05PM +0200, Ard Biesheuvel wrote:
> On 7 June 2018 at 18:33, Greg Kroah-Hartman <gregkh@linuxfoundation.org> wrote:
> > On Thu, Jun 07, 2018 at 06:23:01PM +0200, Ard Biesheuvel wrote:
> >> On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> >> > On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
> >> >
> >> >> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
> >> >> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> >> >> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> >> >> > > >
> >> >> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> >> >> > > > cc'd here) are better suited to answer that question.
> >> >> > >
> >> >> > > Andy, David, Bjorn?
> >> >> >
> >> >> > Andy, David, Bjorn?
> >> >>
> >> >> A month now with no answer...
> >> >>
> >> >
> >> > The patch at the top of this thread doesn't interest me and you didn't
> >> > bother sending your question To me.
> >> >
> >> > As a matter of fact I'm confused to what the actual question is.
> >> >
> >>
> >> The actual question is whether it is really required that the firmware
> >> is loaded by the kernel into a buffer that is already mapped for DMA
> >> at that point, and thus accessible by the device.
> >>
> >> To me, it is not entirely clear what the nature is of the firmware
> >> that we are talking about, since it seems to be getting passed to the
> >> secure world as well?
> >>
> >> In any case, the preferred model in terms of validation/sig checking is
> >>
> >> 1) allocate a CPU accessible buffer
> >>
> >> 2) request the firmware into it (which may include a sig check under the hood)
> >>
> >> 3) map the buffer for DMA to the device so it can load the firmware.
> >>
> >> 4) kick off the DMA transfer.
> >>
> >> The use of dma_alloc_coherent() for this purpose seems unnecessary,
> >> given that the DMA transfer is not bidirectional. Would it be possible
> >> to replace it with something like the above sequence?
> >
> > Why not just use kmalloc, it will always return a DMAable buffer.
> >
> 
> On a PC maybe. But there are plenty of systems where bidirectional DMA
> mappings require uncached memory (i.e., if the device doesn't snoop
> the caches), in which case a kmalloc'ed buffer is useless.
> dma_alloc_coherent() hides the platform constraints from the driver,
> so it is a very useful abstraction for this use case.

kmalloc should always return a DMAble buffer.  If that is not true, we
have a _LOT_ of broken drivers.  What systems is this not true on, and
how are you running USB on them?  :)

thanks,

greg k-h

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Bjorn Andersson]

On Tue 08 May 09:10 PDT 2018, Luis R. Rodriguez wrote:

> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > > On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
[..]
> > > 2) Most of those paths are not mounted by the time the corresponding
> > > drivers are loaded, because pretty much all Android kernels today are
> > > built without module support, and therefore drivers are loaded well
> > > before the firmware partition is mounted
> 
> I've given this some more thought and you can address this with initramfs,
> this is how other Linux distributions are addressing this. One way to
> address this automatically is to scrape the drivers built-in or needed early on
> boot in initamfs and if the driver has a MODULE_FIRMWARE() its respective
> firmware is added to initramfs as well.
> 

That could be done, but it would not change the fact that the
/sys/class/firmware is ABI and you may not break it.


And it doesn't change the fact that the ramdisk would have to be over
100mb to facilitate this.

> If you *don't* use initramfs, then yes you can obviously run into issues
> where your firmware may not be accessible if the driver is somehow loaded
> early.
> 

This is still a problem that lacks a solution.

> > > 3) I think we use _FALLBACK because doing this with uevents is just
> > > the easiest thing to do; our init code has a firmware helper that
> > > deals with this and searches the paths that we care about
> > > 
> > > 2) will change at some point, because Android is moving towards a
> > > model where device-specific peripheral drivers will be loaded as
> > > modules, and since those modules would likely come from the same
> > > partition as the firmware, it's possible that the direct load would
> > > succeed (depending on whether the custom path is configured there or
> > > not). But I don't think we can rely on the direct loader even in those
> > > cases, unless we could configure it with multiple custom paths.
> 
> Using initramfs will help, but because of the custom path needs -- you're
> right, we don't have anything for that yet, its also a bit unclear if
> something nice and clean can be drawn up for it. So perhaps dealing with
> the fallback mechanism is the way to go for this for sure, since we already
> have support for it.
> 
> Just keep in mind that the fallback mechanism costs you about ~13436 bytes.
> 

Remember that putting the firmware in the ramdisk would cost about
10000x (yes, ten thousand times) more ram.

> So, if someone comes up with a clean interface for custom paths I'd love
> to consider it to avoid those 13436 bytes.
> 

Combined with a way of synchronizing this with the availability of the
firmware, this would be a nice thing!

Regards,
Bjorn

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Ard Biesheuvel]

On 7 June 2018 at 18:49, Greg Kroah-Hartman <gregkh@linuxfoundation.org> wrote:
> On Thu, Jun 07, 2018 at 06:43:05PM +0200, Ard Biesheuvel wrote:
>> On 7 June 2018 at 18:33, Greg Kroah-Hartman <gregkh@linuxfoundation.org> wrote:
>> > On Thu, Jun 07, 2018 at 06:23:01PM +0200, Ard Biesheuvel wrote:
>> >> On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
>> >> > On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
>> >> >
>> >> >> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
>> >> >> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
>> >> >> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
>> >> >> > > >
>> >> >> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
>> >> >> > > > cc'd here) are better suited to answer that question.
>> >> >> > >
>> >> >> > > Andy, David, Bjorn?
>> >> >> >
>> >> >> > Andy, David, Bjorn?
>> >> >>
>> >> >> A month now with no answer...
>> >> >>
>> >> >
>> >> > The patch at the top of this thread doesn't interest me and you didn't
>> >> > bother sending your question To me.
>> >> >
>> >> > As a matter of fact I'm confused to what the actual question is.
>> >> >
>> >>
>> >> The actual question is whether it is really required that the firmware
>> >> is loaded by the kernel into a buffer that is already mapped for DMA
>> >> at that point, and thus accessible by the device.
>> >>
>> >> To me, it is not entirely clear what the nature is of the firmware
>> >> that we are talking about, since it seems to be getting passed to the
>> >> secure world as well?
>> >>
>> >> In any case, the preferred model in terms of validation/sig checking is
>> >>
>> >> 1) allocate a CPU accessible buffer
>> >>
>> >> 2) request the firmware into it (which may include a sig check under the hood)
>> >>
>> >> 3) map the buffer for DMA to the device so it can load the firmware.
>> >>
>> >> 4) kick off the DMA transfer.
>> >>
>> >> The use of dma_alloc_coherent() for this purpose seems unnecessary,
>> >> given that the DMA transfer is not bidirectional. Would it be possible
>> >> to replace it with something like the above sequence?
>> >
>> > Why not just use kmalloc, it will always return a DMAable buffer.
>> >
>>
>> On a PC maybe. But there are plenty of systems where bidirectional DMA
>> mappings require uncached memory (i.e., if the device doesn't snoop
>> the caches), in which case a kmalloc'ed buffer is useless.
>> dma_alloc_coherent() hides the platform constraints from the driver,
>> so it is a very useful abstraction for this use case.
>
> kmalloc should always return a DMAble buffer.  If that is not true, we
> have a _LOT_ of broken drivers.  What systems is this not true on, and
> how are you running USB on them?  :)
>

Non-cache coherent EHCI and XHCI work absolutely fine in Linux. The
driver stack is perfectly well behaved, in the sense that it uses
dma_alloc_coherent() for the data structures that are shared between
the CPUs and the host controller.

For the actual data that gets passed over USB, streaming DMA is used
rather than coherent aka consistent aka bidirectional DMA, and that
works fine with kmalloc'ed buffers, since you can use bounce buffering
if the memory is not accessible to the device directly.

That also means that you may prefer to allocate from a special DMA
zone to prevent his, i.e., to ensure that the memory passed into the
streaming DMA api does not require bounce buffering in the first
place.

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Bjorn Andersson]

On Thu 07 Jun 09:23 PDT 2018, Ard Biesheuvel wrote:

> On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> > On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
> >
> >> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
> >> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> >> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> >> > > >
> >> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> >> > > > cc'd here) are better suited to answer that question.
> >> > >
> >> > > Andy, David, Bjorn?
> >> >
> >> > Andy, David, Bjorn?
> >>
> >> A month now with no answer...
> >>
> >
> > The patch at the top of this thread doesn't interest me and you didn't
> > bother sending your question To me.
> >
> > As a matter of fact I'm confused to what the actual question is.
> >
> 

Thanks Ard, for filling in.

> The actual question is whether it is really required that the firmware
> is loaded by the kernel into a buffer that is already mapped for DMA
> at that point, and thus accessible by the device.
> 

"The device" here refers to additional CPUs found in the Qualcomm SoCs,
which executes firmware from the system's DDR memory.

> To me, it is not entirely clear what the nature is of the firmware
> that we are talking about, since it seems to be getting passed to the
> secure world as well?
> 
> In any case, the preferred model in terms of validation/sig checking is
> 
> 1) allocate a CPU accessible buffer
> 
> 2) request the firmware into it (which may include a sig check under the hood)
> 
> 3) map the buffer for DMA to the device so it can load the firmware.
> 
> 4) kick off the DMA transfer.
> 

I think these steps would relate to devices where we load firmware into
the device. Here we're loading the firmware into DDR, setting up memory
protection (locking out Linux), verifying the firmware and booting the
CPU off the loaded and verified firmware.

> The use of dma_alloc_coherent() for this purpose seems unnecessary,
> given that the DMA transfer is not bidirectional. Would it be possible
> to replace it with something like the above sequence?
> 

The majority of these firmwares are position dependent, so we need to
use reserved-memory carveouts to position these. The prior art of
allocating this memory was dma_alloc_coherent(), but as this has size
limitations we currently use memremap() to map these memory regions.

There are some firmware that are position independent, so allocating the
memory for these dynamically would be preferred, but as the any accesses
to this memory region while the device is running would cause access
violations we've been using dma_alloc_coherent(). (Although I think
we've now reverted to using reserved-memory and memremap for these as
well, as Arnd requested that we don't pass the dma_addr_t to our secure
world firmware authenticator - i.e. we have no way of benefiting from
CMA).


So it's this memremap() region that we pass to
request_firmware_into_buf() currently, the previously mentioned
dma_alloc_coherent() region is used as we invoke the secure world
operation to set up the firmware authentication.

Regards,
Bjorn

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Bjorn Andersson]

On Thu 07 Jun 09:33 PDT 2018, Greg Kroah-Hartman wrote:

> On Thu, Jun 07, 2018 at 06:23:01PM +0200, Ard Biesheuvel wrote:
> > On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> > > On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
> > >
> > >> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
> > >> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > >> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > >> > > >
> > >> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> > >> > > > cc'd here) are better suited to answer that question.
> > >> > >
> > >> > > Andy, David, Bjorn?
> > >> >
> > >> > Andy, David, Bjorn?
> > >>
> > >> A month now with no answer...
> > >>
> > >
> > > The patch at the top of this thread doesn't interest me and you didn't
> > > bother sending your question To me.
> > >
> > > As a matter of fact I'm confused to what the actual question is.
> > >
> > 
> > The actual question is whether it is really required that the firmware
> > is loaded by the kernel into a buffer that is already mapped for DMA
> > at that point, and thus accessible by the device.
> > 
> > To me, it is not entirely clear what the nature is of the firmware
> > that we are talking about, since it seems to be getting passed to the
> > secure world as well?
> > 
> > In any case, the preferred model in terms of validation/sig checking is
> > 
> > 1) allocate a CPU accessible buffer
> > 
> > 2) request the firmware into it (which may include a sig check under the hood)
> > 
> > 3) map the buffer for DMA to the device so it can load the firmware.
> > 
> > 4) kick off the DMA transfer.
> > 
> > The use of dma_alloc_coherent() for this purpose seems unnecessary,
> > given that the DMA transfer is not bidirectional. Would it be possible
> > to replace it with something like the above sequence?
> 
> Why not just use kmalloc, it will always return a DMAable buffer.
> 

For the buffers being targeted by request_firmware_into_buf() the
problem is that some of them has requirements of physical placement and
they are all too big for kmalloc() (i.e. tens of mb).


For the dma_alloc_coherent() buffer that was mentioned earlier, which is
not related to the firmware loading, it's not used because the buffer is
passed to secure world, which temporarily locks Linux out from the
memory region. Traditionally this region was kmalloc'ed downstream, but
due to speculative access violations this code moved to use the DMA
streaming API, although there's no actual DMA going on.

For this a way to allocate a chunk of physical memory dynamically and
then unmapping and remapping it dynamically in Linux sounds like a
solution, instead of (ab)using the DMA API. This could also serve as
basis for the firmware memory, where firmware is position independent -
in which case this would be passed to request_firmware_into_buf().

Regards,
Bjorn

Re: [PATCH v3 2/5] efi: Add embedded peripheral firmware support

[Luis R. Rodriguez]

On Thu, Jun 07, 2018 at 09:49:50AM -0700, Bjorn Andersson wrote:
> On Tue 08 May 09:10 PDT 2018, Luis R. Rodriguez wrote:
> 
> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > > > On Wed, Apr 25, 2018 at 10:55 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> [..]
> > > > 2) Most of those paths are not mounted by the time the corresponding
> > > > drivers are loaded, because pretty much all Android kernels today are
> > > > built without module support, and therefore drivers are loaded well
> > > > before the firmware partition is mounted
> > 
> > I've given this some more thought and you can address this with initramfs,
> > this is how other Linux distributions are addressing this. One way to
> > address this automatically is to scrape the drivers built-in or needed early on
> > boot in initamfs and if the driver has a MODULE_FIRMWARE() its respective
> > firmware is added to initramfs as well.
> > 
> 
> That could be done, but it would not change the fact that the
> /sys/class/firmware is ABI and you may not break it.

Right, this is now well documented and also the latest changes to the firmware
API have made the sysfs fallback loader an option through a sysctl knob. The
code should be much easier to follow and test now.

> And it doesn't change the fact that the ramdisk would have to be over
> 100mb to facilitate this.

Indeed, this is now acknowledged in the latest Kconfig for the firmware loader.

> > If you *don't* use initramfs, then yes you can obviously run into issues
> > where your firmware may not be accessible if the driver is somehow loaded
> > early.
> > 
> 
> This is still a problem that lacks a solution.

The firmwared solution capturing uevents and using the sysfs fallback
mechanism should resolve this. Its also now properly documented on the
firmware loader Kconfig.

> > > > 3) I think we use _FALLBACK because doing this with uevents is just
> > > > the easiest thing to do; our init code has a firmware helper that
> > > > deals with this and searches the paths that we care about
> > > > 
> > > > 2) will change at some point, because Android is moving towards a
> > > > model where device-specific peripheral drivers will be loaded as
> > > > modules, and since those modules would likely come from the same
> > > > partition as the firmware, it's possible that the direct load would
> > > > succeed (depending on whether the custom path is configured there or
> > > > not). But I don't think we can rely on the direct loader even in those
> > > > cases, unless we could configure it with multiple custom paths.
> > 
> > Using initramfs will help, but because of the custom path needs -- you're
> > right, we don't have anything for that yet, its also a bit unclear if
> > something nice and clean can be drawn up for it. So perhaps dealing with
> > the fallback mechanism is the way to go for this for sure, since we already
> > have support for it.
> > 
> > Just keep in mind that the fallback mechanism costs you about ~13436 bytes.
> > 
> 
> Remember that putting the firmware in the ramdisk would cost about
> 10000x (yes, ten thousand times) more ram.

Indeed, this is now documented on the Kconfig too.

> > So, if someone comes up with a clean interface for custom paths I'd love
> > to consider it to avoid those 13436 bytes.
> > 
> 
> Combined with a way of synchronizing this with the availability of the
> firmware, this would be a nice thing!

The firmwared solution seems to be the way to go for now.

  Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Ard Biesheuvel]

On 7 June 2018 at 20:21, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> On Thu 07 Jun 09:33 PDT 2018, Greg Kroah-Hartman wrote:
>
>> On Thu, Jun 07, 2018 at 06:23:01PM +0200, Ard Biesheuvel wrote:
>> > On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
>> > > On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
>> > >
>> > >> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
>> > >> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
>> > >> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
>> > >> > > >
>> > >> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
>> > >> > > > cc'd here) are better suited to answer that question.
>> > >> > >
>> > >> > > Andy, David, Bjorn?
>> > >> >
>> > >> > Andy, David, Bjorn?
>> > >>
>> > >> A month now with no answer...
>> > >>
>> > >
>> > > The patch at the top of this thread doesn't interest me and you didn't
>> > > bother sending your question To me.
>> > >
>> > > As a matter of fact I'm confused to what the actual question is.
>> > >
>> >
>> > The actual question is whether it is really required that the firmware
>> > is loaded by the kernel into a buffer that is already mapped for DMA
>> > at that point, and thus accessible by the device.
>> >
>> > To me, it is not entirely clear what the nature is of the firmware
>> > that we are talking about, since it seems to be getting passed to the
>> > secure world as well?
>> >
>> > In any case, the preferred model in terms of validation/sig checking is
>> >
>> > 1) allocate a CPU accessible buffer
>> >
>> > 2) request the firmware into it (which may include a sig check under the hood)
>> >
>> > 3) map the buffer for DMA to the device so it can load the firmware.
>> >
>> > 4) kick off the DMA transfer.
>> >
>> > The use of dma_alloc_coherent() for this purpose seems unnecessary,
>> > given that the DMA transfer is not bidirectional. Would it be possible
>> > to replace it with something like the above sequence?
>>
>> Why not just use kmalloc, it will always return a DMAable buffer.
>>
>
> For the buffers being targeted by request_firmware_into_buf() the
> problem is that some of them has requirements of physical placement and
> they are all too big for kmalloc() (i.e. tens of mb).
>
>
> For the dma_alloc_coherent() buffer that was mentioned earlier, which is
> not related to the firmware loading, it's not used because the buffer is
> passed to secure world, which temporarily locks Linux out from the
> memory region. Traditionally this region was kmalloc'ed downstream, but
> due to speculative access violations this code moved to use the DMA
> streaming API, although there's no actual DMA going on.
>

OK, so you are relying on the fact that dma_alloc_coherent() gives you
a device mapping (because the qcom_scm device is described as non
cache coherent), but this sounds risky to me. The linear alias of that
memory will still be mapped cacheable, and could potentially still be
accessed speculatively AFAIK.

> For this a way to allocate a chunk of physical memory dynamically and
> then unmapping and remapping it dynamically in Linux sounds like a
> solution, instead of (ab)using the DMA API. This could also serve as
> basis for the firmware memory, where firmware is position independent -
> in which case this would be passed to request_firmware_into_buf().
>

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Vlastimil Babka]

On 06/07/2018 06:33 PM, Greg Kroah-Hartman wrote:
> On Thu, Jun 07, 2018 at 06:23:01PM +0200, Ard Biesheuvel wrote:
>> On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
>>> On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
>>>
>>>> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
>>>>> On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
>>>>>> On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
>>>>>>>
>>>>>>> I think the Qualcomm folks owning this (Andy, David, Bjorn, already
>>>>>>> cc'd here) are better suited to answer that question.
>>>>>>
>>>>>> Andy, David, Bjorn?
>>>>>
>>>>> Andy, David, Bjorn?
>>>>
>>>> A month now with no answer...
>>>>
>>>
>>> The patch at the top of this thread doesn't interest me and you didn't
>>> bother sending your question To me.
>>>
>>> As a matter of fact I'm confused to what the actual question is.
>>>
>>
>> The actual question is whether it is really required that the firmware
>> is loaded by the kernel into a buffer that is already mapped for DMA
>> at that point, and thus accessible by the device.
>>
>> To me, it is not entirely clear what the nature is of the firmware
>> that we are talking about, since it seems to be getting passed to the
>> secure world as well?
>>
>> In any case, the preferred model in terms of validation/sig checking is
>>
>> 1) allocate a CPU accessible buffer
>>
>> 2) request the firmware into it (which may include a sig check under the hood)
>>
>> 3) map the buffer for DMA to the device so it can load the firmware.
>>
>> 4) kick off the DMA transfer.
>>
>> The use of dma_alloc_coherent() for this purpose seems unnecessary,
>> given that the DMA transfer is not bidirectional. Would it be possible
>> to replace it with something like the above sequence?
> 
> Why not just use kmalloc, it will always return a DMAable buffer.

DMAble in what sense? For devices that can't handle physical addresses
above 16M you need to pass __GFP_DMA to get those, from ZONE_DMA.
Otherwise it can return anything from lowmem. That's for x86_64, some
other arches have different DMA zone.

> Is the problem that vmalloc() might not?

vmalloc() could only be used as an alternative if you used kvmalloc(),
otherwise kmalloc() won't give you anything from vmalloc

> We need to drop the whole DMA zone crud, it confuses everyone who sees
> it and was primarily for really really old systems.

Yeah that would be nice.

> greg k-h
> 

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Luis R. Rodriguez]

On Thu, Jun 07, 2018 at 11:06:11AM -0700, Bjorn Andersson wrote:
> On Thu 07 Jun 09:23 PDT 2018, Ard Biesheuvel wrote:
> 
> > On 7 June 2018 at 18:18, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> > > On Wed 06 Jun 13:32 PDT 2018, Luis R. Rodriguez wrote:
> > >
> > >> On Fri, Jun 01, 2018 at 09:23:46PM +0200, Luis R. Rodriguez wrote:
> > >> > On Tue, May 08, 2018 at 03:38:05PM +0000, Luis R. Rodriguez wrote:
> > >> > > On Fri, May 04, 2018 at 12:44:37PM -0700, Martijn Coenen wrote:
> > >> > > >
> > >> > > > I think the Qualcomm folks owning this (Andy, David, Bjorn, already
> > >> > > > cc'd here) are better suited to answer that question.
> > >> > >
> > >> > > Andy, David, Bjorn?
> > >> >
> > >> > Andy, David, Bjorn?
> > >>
> > >> A month now with no answer...
>
> So it's this memremap() region that we pass to
> request_firmware_into_buf() currently, the previously mentioned
> dma_alloc_coherent() region is used as we invoke the secure world
> operation to set up the firmware authentication.

memremap() is for IO memory, and in that sense it is also not much different
from DMA memory in terms of the concerns Mimi has for LSMs and what guarantees
LSMs can make to users.

Regardless of the device, once you write certain data to the IO memory we cannot
be sure the device will wait for all IO to be written, this will be device specific.

As such I would suggest READING_IOMEM for this case have request_firmware_into_buf()
use it.

With that said, since we have only one user of this caller, a future rename
to reflect its current actual use would be good. The rename can wait though.

  Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Bjorn Andersson]

On Thu 07 Jun 11:42 PDT 2018, Ard Biesheuvel wrote:

> On 7 June 2018 at 20:21, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> > On Thu 07 Jun 09:33 PDT 2018, Greg Kroah-Hartman wrote:
[..]
> >>
> >> Why not just use kmalloc, it will always return a DMAable buffer.
> >>
> >
> > For the buffers being targeted by request_firmware_into_buf() the
> > problem is that some of them has requirements of physical placement and
> > they are all too big for kmalloc() (i.e. tens of mb).
> >
> >
> > For the dma_alloc_coherent() buffer that was mentioned earlier, which is
> > not related to the firmware loading, it's not used because the buffer is
> > passed to secure world, which temporarily locks Linux out from the
> > memory region. Traditionally this region was kmalloc'ed downstream, but
> > due to speculative access violations this code moved to use the DMA
> > streaming API, although there's no actual DMA going on.
> >
> 
> OK, so you are relying on the fact that dma_alloc_coherent() gives you
> a device mapping (because the qcom_scm device is described as non
> cache coherent), but this sounds risky to me. The linear alias of that
> memory will still be mapped cacheable, and could potentially still be
> accessed speculatively AFAIK.
> 

Yes and we are aware of the risk of having the linear alias present, but
have yet to find a suitable way to handle this.

The proposed mechanism was to use reserved-memory and memremap() the
region while it should be available in Linux, but while this would work
for some cases (e.g. memory regions for semi-static firmware executed by
co-processors) it doesn't handle the scenarios where the memory-need is
dynamic.

So suggestions are very welcome on how to better handle this.

Regards,
Bjorn

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Luis R. Rodriguez]

On Mon, Jun 25, 2018 at 05:08:08PM -0700, Bjorn Andersson wrote:
> On Thu 07 Jun 11:42 PDT 2018, Ard Biesheuvel wrote:
> 
> > On 7 June 2018 at 20:21, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> > > On Thu 07 Jun 09:33 PDT 2018, Greg Kroah-Hartman wrote:
> [..]
> > >>
> > >> Why not just use kmalloc, it will always return a DMAable buffer.
> > >>
> > >
> > > For the buffers being targeted by request_firmware_into_buf() the
> > > problem is that some of them has requirements of physical placement and
> > > they are all too big for kmalloc() (i.e. tens of mb).
> > >
> > >
> > > For the dma_alloc_coherent() buffer that was mentioned earlier, which is
> > > not related to the firmware loading, it's not used because the buffer is
> > > passed to secure world, which temporarily locks Linux out from the
> > > memory region. Traditionally this region was kmalloc'ed downstream, but
> > > due to speculative access violations this code moved to use the DMA
> > > streaming API, although there's no actual DMA going on.
> > >
> > 
> > OK, so you are relying on the fact that dma_alloc_coherent() gives you
> > a device mapping (because the qcom_scm device is described as non
> > cache coherent), but this sounds risky to me. The linear alias of that
> > memory will still be mapped cacheable, and could potentially still be
> > accessed speculatively AFAIK.
> > 
> 
> Yes and we are aware of the risk of having the linear alias present, but
> have yet to find a suitable way to handle this.
> 
> The proposed mechanism was to use reserved-memory and memremap() the
> region while it should be available in Linux,

That's still IO memory, and so it would be up to the specific device if
or not it could access the memory before a full write is done.

> but while this would work
> for some cases (e.g. memory regions for semi-static firmware executed by
> co-processors) it doesn't handle the scenarios where the memory-need is
> dynamic.
> 
> So suggestions are very welcome on how to better handle this.

I *believe* Vlastimil's seems to suggest kvmalloc(), but note that if getting the
memory to be contiguous fails, it would fallback to a non-contiguous (vmalloc)
allocation.

  Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Ard Biesheuvel]

On 27 June 2018 at 20:00, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> On Mon, Jun 25, 2018 at 05:08:08PM -0700, Bjorn Andersson wrote:
>> On Thu 07 Jun 11:42 PDT 2018, Ard Biesheuvel wrote:
>>
>> > On 7 June 2018 at 20:21, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
>> > > On Thu 07 Jun 09:33 PDT 2018, Greg Kroah-Hartman wrote:
>> [..]
>> > >>
>> > >> Why not just use kmalloc, it will always return a DMAable buffer.
>> > >>
>> > >
>> > > For the buffers being targeted by request_firmware_into_buf() the
>> > > problem is that some of them has requirements of physical placement and
>> > > they are all too big for kmalloc() (i.e. tens of mb).
>> > >
>> > >
>> > > For the dma_alloc_coherent() buffer that was mentioned earlier, which is
>> > > not related to the firmware loading, it's not used because the buffer is
>> > > passed to secure world, which temporarily locks Linux out from the
>> > > memory region. Traditionally this region was kmalloc'ed downstream, but
>> > > due to speculative access violations this code moved to use the DMA
>> > > streaming API, although there's no actual DMA going on.
>> > >
>> >
>> > OK, so you are relying on the fact that dma_alloc_coherent() gives you
>> > a device mapping (because the qcom_scm device is described as non
>> > cache coherent), but this sounds risky to me. The linear alias of that
>> > memory will still be mapped cacheable, and could potentially still be
>> > accessed speculatively AFAIK.
>> >
>>
>> Yes and we are aware of the risk of having the linear alias present, but
>> have yet to find a suitable way to handle this.
>>
>> The proposed mechanism was to use reserved-memory and memremap() the
>> region while it should be available in Linux,
>
> That's still IO memory, and so it would be up to the specific device if
> or not it could access the memory before a full write is done.
>

The risk here is about having aliases with mismatched attributes,
which may result in loss of coherency and corrupt your data. This is
not about the risk of loading a file with an invalid signature

And what do you mean by 'IO memory'? Bus masters that are not behind
an IOMMU can access all of the kernel's memory all of the time,
regardless of whether and how it chooses to use it. So from a security
perspective, there is no distinction, and you can only distinguish
between before and after informing the device where it can find the
firmware buffer in memory.

So given that we are dealing here with other masters that can change
all of your memory behind your back, including the actual code you are
running that implements the signature check, I wonder if there is a
point to obsessing about this use case from a validation point of
view. The higher privilege level protects itself by doing its own
signature check, and doing the same at a lower privilege level seems
redundant to me.

>> but while this would work
>> for some cases (e.g. memory regions for semi-static firmware executed by
>> co-processors) it doesn't handle the scenarios where the memory-need is
>> dynamic.
>>
>> So suggestions are very welcome on how to better handle this.
>
> I *believe* Vlastimil's seems to suggest kvmalloc(), but note that if getting the
> memory to be contiguous fails, it would fallback to a non-contiguous (vmalloc)
> allocation.
>
>   Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Luis R. Rodriguez]

On Thu, Jun 28, 2018 at 12:21:47AM +0200, Ard Biesheuvel wrote:
> On 27 June 2018 at 20:00, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> > On Mon, Jun 25, 2018 at 05:08:08PM -0700, Bjorn Andersson wrote:
> >> On Thu 07 Jun 11:42 PDT 2018, Ard Biesheuvel wrote:
> >>
> >> > On 7 June 2018 at 20:21, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
> >> > > On Thu 07 Jun 09:33 PDT 2018, Greg Kroah-Hartman wrote:
> >> [..]
> >> > >>
> >> > >> Why not just use kmalloc, it will always return a DMAable buffer.
> >> > >>
> >> > >
> >> > > For the buffers being targeted by request_firmware_into_buf() the
> >> > > problem is that some of them has requirements of physical placement and
> >> > > they are all too big for kmalloc() (i.e. tens of mb).
> >> > >
> >> > >
> >> > > For the dma_alloc_coherent() buffer that was mentioned earlier, which is
> >> > > not related to the firmware loading, it's not used because the buffer is
> >> > > passed to secure world, which temporarily locks Linux out from the
> >> > > memory region. Traditionally this region was kmalloc'ed downstream, but
> >> > > due to speculative access violations this code moved to use the DMA
> >> > > streaming API, although there's no actual DMA going on.
> >> > >
> >> >
> >> > OK, so you are relying on the fact that dma_alloc_coherent() gives you
> >> > a device mapping (because the qcom_scm device is described as non
> >> > cache coherent), but this sounds risky to me. The linear alias of that
> >> > memory will still be mapped cacheable, and could potentially still be
> >> > accessed speculatively AFAIK.
> >> >
> >>
> >> Yes and we are aware of the risk of having the linear alias present, but
> >> have yet to find a suitable way to handle this.
> >>
> >> The proposed mechanism was to use reserved-memory and memremap() the
> >> region while it should be available in Linux,
> >
> > That's still IO memory, and so it would be up to the specific device if
> > or not it could access the memory before a full write is done.
> >
> 
> The risk here is about having aliases with mismatched attributes,
> which may result in loss of coherency and corrupt your data.

That risk is a perhaps a practical risk.

> This is
> not about the risk of loading a file with an invalid signature

This is a theoretical risk LSMs wish to determine and based on information
assess what to do.

> And what do you mean by 'IO memory'? Bus masters that are not behind
> an IOMMU can access all of the kernel's memory all of the time,
> regardless of whether and how it chooses to use it. So from a security
> perspective, there is no distinction, and you can only distinguish
> between before and after informing the device where it can find the
> firmware buffer in memory.

I mean that using memremap() or ioremap() will is designed to give
hardware access to memory for IO purposes, and how writes occur
will vary, and as such we cannot give LSMs guarantees over that
the firmware API will finish a write and that the data provided
really is correct.

> So given that we are dealing here with other masters that can change
> all of your memory behind your back, including the actual code you are
> running that implements the signature check, 

LSMs have the option to trust the kernel, its about context and letting LSMs
decide. They have the right to not trust IO devices to a memory segment, as it
could break guarantees the kernel is making, so this is not about trust or
not, its about *information* and letting LSMs choose.

> I wonder if there is a
> point to obsessing about this use case from a validation point of
> view. The higher privilege level protects itself by doing its own
> signature check, and doing the same at a lower privilege level seems
> redundant to me.

Its up to LSMs to implement the policy.

> >> but while this would work
> >> for some cases (e.g. memory regions for semi-static firmware executed by
> >> co-processors) it doesn't handle the scenarios where the memory-need is
> >> dynamic.
> >>
> >> So suggestions are very welcome on how to better handle this.
> >
> > I *believe* Vlastimil's seems to suggest kvmalloc(), but note that if getting the
> > memory to be contiguous fails, it would fallback to a non-contiguous (vmalloc)
> > allocation.

I gave this some though and this obviously is just as good as trying to just use
kmalloc() as that is what is desired, the issue however *ensuring* that the allocation
will succeed. The only thing that I can think of there is somehow hinting upon boot
to reserve a special allocation for later use. If not at boot, perhaps a hint to
eventually give back the desired contigious allocation, but its beyond me if any
of this is in fact possible.

  Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Ard Biesheuvel]

On 28 June 2018 at 01:33, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
> On Thu, Jun 28, 2018 at 12:21:47AM +0200, Ard Biesheuvel wrote:
>> On 27 June 2018 at 20:00, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
>> > On Mon, Jun 25, 2018 at 05:08:08PM -0700, Bjorn Andersson wrote:
>> >> On Thu 07 Jun 11:42 PDT 2018, Ard Biesheuvel wrote:
>> >>
>> >> > On 7 June 2018 at 20:21, Bjorn Andersson <bjorn.andersson@linaro.org> wrote:
>> >> > > On Thu 07 Jun 09:33 PDT 2018, Greg Kroah-Hartman wrote:
>> >> [..]
>> >> > >>
>> >> > >> Why not just use kmalloc, it will always return a DMAable buffer.
>> >> > >>
>> >> > >
>> >> > > For the buffers being targeted by request_firmware_into_buf() the
>> >> > > problem is that some of them has requirements of physical placement and
>> >> > > they are all too big for kmalloc() (i.e. tens of mb).
>> >> > >
>> >> > >
>> >> > > For the dma_alloc_coherent() buffer that was mentioned earlier, which is
>> >> > > not related to the firmware loading, it's not used because the buffer is
>> >> > > passed to secure world, which temporarily locks Linux out from the
>> >> > > memory region. Traditionally this region was kmalloc'ed downstream, but
>> >> > > due to speculative access violations this code moved to use the DMA
>> >> > > streaming API, although there's no actual DMA going on.
>> >> > >
>> >> >
>> >> > OK, so you are relying on the fact that dma_alloc_coherent() gives you
>> >> > a device mapping (because the qcom_scm device is described as non
>> >> > cache coherent), but this sounds risky to me. The linear alias of that
>> >> > memory will still be mapped cacheable, and could potentially still be
>> >> > accessed speculatively AFAIK.
>> >> >
>> >>
>> >> Yes and we are aware of the risk of having the linear alias present, but
>> >> have yet to find a suitable way to handle this.
>> >>
>> >> The proposed mechanism was to use reserved-memory and memremap() the
>> >> region while it should be available in Linux,
>> >
>> > That's still IO memory, and so it would be up to the specific device if
>> > or not it could access the memory before a full write is done.
>> >
>>
>> The risk here is about having aliases with mismatched attributes,
>> which may result in loss of coherency and corrupt your data.
>
> That risk is a perhaps a practical risk.
>
>> This is
>> not about the risk of loading a file with an invalid signature
>
> This is a theoretical risk LSMs wish to determine and based on information
> assess what to do.
>
>> And what do you mean by 'IO memory'? Bus masters that are not behind
>> an IOMMU can access all of the kernel's memory all of the time,
>> regardless of whether and how it chooses to use it. So from a security
>> perspective, there is no distinction, and you can only distinguish
>> between before and after informing the device where it can find the
>> firmware buffer in memory.
>
> I mean that using memremap() or ioremap() will is designed to give
> hardware access to memory for IO purposes, and how writes occur
> will vary, and as such we cannot give LSMs guarantees over that
> the firmware API will finish a write and that the data provided
> really is correct.
>

No, memremap() and ioremap() give the *CPU* access to memory. Other
bus masters can freely access memory [unless they are behind an IOMMU]

>> So given that we are dealing here with other masters that can change
>> all of your memory behind your back, including the actual code you are
>> running that implements the signature check,
>
> LSMs have the option to trust the kernel, its about context and letting LSMs
> decide. They have the right to not trust IO devices to a memory segment, as it
> could break guarantees the kernel is making, so this is not about trust or
> not, its about *information* and letting LSMs choose.
>

But what point is there to letting LSMs decide that they do not trust
an I/O device if there is nothing we can do about it? How can we
prevent such an I/O device from modifying our memory?

>> I wonder if there is a
>> point to obsessing about this use case from a validation point of
>> view. The higher privilege level protects itself by doing its own
>> signature check, and doing the same at a lower privilege level seems
>> redundant to me.
>
> Its up to LSMs to implement the policy.
>
>> >> but while this would work
>> >> for some cases (e.g. memory regions for semi-static firmware executed by
>> >> co-processors) it doesn't handle the scenarios where the memory-need is
>> >> dynamic.
>> >>
>> >> So suggestions are very welcome on how to better handle this.
>> >
>> > I *believe* Vlastimil's seems to suggest kvmalloc(), but note that if getting the
>> > memory to be contiguous fails, it would fallback to a non-contiguous (vmalloc)
>> > allocation.
>
> I gave this some though and this obviously is just as good as trying to just use
> kmalloc() as that is what is desired, the issue however *ensuring* that the allocation
> will succeed. The only thing that I can think of there is somehow hinting upon boot
> to reserve a special allocation for later use. If not at boot, perhaps a hint to
> eventually give back the desired contigious allocation, but its beyond me if any
> of this is in fact possible.
>
>   Luis

Re: Do Qualcomm drivers use DMA buffers for request_firmware_into_buf()?

[Luis R. Rodriguez]

On Thu, Jun 28, 2018 at 01:42:52AM +0200, Ard Biesheuvel wrote:
> But what point is there to letting LSMs decide that they do not trust
> an I/O device if there is nothing we can do about it? How can we
> prevent such an I/O device from modifying our memory?

Simply LSMs can opt to not trust such setup. Its their choice.
The solution to addressing the concern is orthogonal to their
choice.

  Luis