Linux-EFI Archive on
 help / color / Atom feed
From: Hans de Goede <>
To: Ard Biesheuvel <>,
	Darren Hart <>,
	Andy Shevchenko <>,
	Luis Chamberlain <>,
	Greg Kroah-Hartman <>,
	"Rafael J . Wysocki" <>,
	Thomas Gleixner <>,
	Ingo Molnar <>, Borislav Petkov <>,
	"H . Peter Anvin" <>,
	Jonathan Corbet <>,
	Dmitry Torokhov <>
Cc: Hans de Goede <>,
	Peter Jones <>, Dave Olsthoorn <>,,,,,,
Subject: [PATCH v11 00/10] efi/firmware/platform-x86: Add EFI embedded fw support
Date: Sat, 11 Jan 2020 15:56:53 +0100
Message-ID: <> (raw)

Hi All,

Here is v11 of my patch-set to add support for EFI embedded fw to the
kernel. This version has been rebased on Ardb's latest efi/next branch to
fix a (trivial) conflict caused by the
"efi/libstub: Remove 'sys_table_arg' from all function prototypes" commit in
efi/next. The only other change in v11 is dropping a few empty lines which
snuck into the "test_firmware: add support for firmware_request_platform"

I believe that this series is ready for merging now, patches 3-8
and patches 9-10 depend on the first 2 patches, so we need to get those
merged first.

Ingo, can you create an immutable branch targetting 5.6 for Greg /
the driver-platform-x86 maintainers with these 2 patches in it ?

Note as mentioned I've based this version on Ard's efi/next branch so
if you decide to do the immutable-branch directly on yop of 5.5-rc1 you need
to manually fixup a conflict (or I can send you a version based on 5.5-rc1).

Once the immutable-branch is in place then Greg can merge 3-8 through his
driver core tree and 9 and 10 can be merged through the drivers-platform-x86
tree (there are no compile time dependencies between these 2 sets).




Changes in v11:
- Rebase on top of Ardb's efi/next
- Drop a couple of empty lines which snuck into:
  "test_firmware: add support for firmware_request_platform"

Changes in v10:
- Rebase on top of 5.5-rc1

Changes in v9:
- Add 2 new patches adding selftests
- At least touchscreen_dmi.c uses the same dmi_table for its own private
  data and the fw_desc structs, putting the fw_desc struct first in the
  data driver_data points to so that the dmi_table can be shared with
  efi_check_for_embedded_firmwares(). But not all entries there have
  embedded-fw so in some cases the fw_desc is empty (zero-ed out).
  This can lead to a possible crash because fw_desc->length now is
  less then 8, so if the segment size is close enough to a multiple of the
  page_size, then the memcmp to check the prefix my segfault. Crashing the
  machine. v9 checks for and skips these empty fw_desc entries avoiding this.
- Add static inline wrapper for firmware_request_platform() to firmware.h,
  for when CONFIG_FW_LOADER is not set

Changes in v8:
- Add pr_warn if there are mode then EFI_DEBUGFS_MAX_BLOBS boot service segments
- Document how the EFI debugfs boot_service_code? files can be used to check for
  embedded firmware
- Properly deal with the case of an EFI segment being smaller then the fw we
  are looking for
- Log a warning when efi_get_embedded_fw get called while we did not (yet)
  check for embedded firmwares
- Only build fallback_platform.c if CONFIG_EFI_EMBEDDED_FIRMWARE is defined,
  otherwise make firmware_fallback_platform() a static inline stub

Changes in v7:
- Split drivers/firmware/efi and drivers/base/firmware_loader changes into
  2 patches
- Use new, standalone, lib/crypto/sha256.c code
- Address kdoc comments from Randy Dunlap
- Add new FW_OPT_FALLBACK_PLATFORM flag and firmware_request_platform()
  _request_firmware() wrapper, as requested by Luis R. Rodriguez
- Stop using "efi-embedded-firmware" device-property, now that drivers need to
  use the new firmware_request_platform() to enable fallback to a device fw
  copy embedded in the platform's main firmware, we no longer need a property
  on the device to trigger this behavior
- Use security_kernel_load_data instead of calling
  security_kernel_read_file with a NULL file pointer argument
- Move the docs to Documentation/driver-api/firmware/fallback-mechanisms.rst
- Document the new firmware_request_platform() function in
- Add 2 new patches for the silead and chipone-icn8505 touchscreen drivers
  to use the new firmware_request_platform() method
- Rebased on top of 5.4-rc1

Changes in v6:
-Rework code to remove casts from if (prefix == mem) comparison
-Use SHA256 hashes instead of crc32 sums
-Add new READING_FIRMWARE_EFI_EMBEDDED read_file_id and use it
-Call security_kernel_read_file(NULL, READING_FIRMWARE_EFI_EMBEDDED)
 to check if this is allowed before looking at EFI embedded fw
-Document why we are not using the PI Firmware Volume protocol

Changes in v5:

Changes in v4:
-Drop note in docs about EFI_FIRMWARE_VOLUME_PROTOCOL, it is not part of
 UEFI proper, so the EFI maintainers don't want us referring people to it
-Put the new fw_get_efi_embedded_fw() function in its own fallback_efi.c
 file which only gets built when EFI_EMBEDDED_FIRMWARE is selected
-Define an empty stub for fw_get_efi_embedded_fw() in fallback.h hwen
 EFI_EMBEDDED_FIRMWARE is not selected, to avoid the need for #ifdefs
 in firmware_loader/main.c
-Properly call security_kernel_post_read_file() on the firmware returned
 by efi_get_embedded_fw() to make sure that we are allowed to use it

Changes in v2:
-Rebased on driver-core/driver-core-next
-Add documentation describing the EFI embedded firmware mechanism to:
-Add a new EFI_EMBEDDED_FIRMWARE Kconfig bool and only build the embedded
 fw support if this is set. This is an invisible option which should be
 selected by drivers which need this
-Remove the efi_embedded_fw_desc and dmi_system_id-s for known devices
 from the efi-embedded-fw code, instead drivers using this are expected to
 export a dmi_system_id array, with each entries' driver_data pointing to a
 efi_embedded_fw_desc struct and register this with the efi-embedded-fw code
-Use kmemdup to make a copy instead of efi_mem_reserve()-ing the firmware,
 this avoids us messing with the EFI memmap and avoids the need to make
 changes to efi_mem_desc_lookup()
-Make the firmware-loader code only fallback to efi_get_embedded_fw() if the
 passed in device has the "efi-embedded-firmware" device-property bool set
-Skip usermodehelper fallback when "efi-embedded-firmware" device-property
 is set

             reply index

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-11 14:56 Hans de Goede [this message]
2020-01-11 14:56 ` [PATCH v11 01/10] efi: Export boot-services code and data as debugfs-blobs Hans de Goede
2020-01-11 14:56 ` [PATCH v11 02/10] efi: Add embedded peripheral firmware support Hans de Goede
2020-01-12 22:45   ` Andy Lutomirski
2020-01-14 12:25     ` Hans de Goede
2020-01-14 12:37       ` Andy Shevchenko
2020-01-17 20:06       ` Andy Lutomirski
2020-01-21 11:10         ` Hans de Goede
2020-01-11 14:56 ` [PATCH v11 03/10] firmware: Rename FW_OPT_NOFALLBACK to FW_OPT_NOFALLBACK_SYSFS Hans de Goede
2020-01-11 14:56 ` [PATCH v11 04/10] firmware: Add new platform fallback mechanism and firmware_request_platform() Hans de Goede
2020-01-12 22:54   ` Andy Lutomirski
2020-01-11 14:56 ` [PATCH v11 05/10] test_firmware: add support for firmware_request_platform Hans de Goede
2020-01-13 14:53   ` Luis Chamberlain
2020-01-13 15:22     ` Hans de Goede
2020-01-13 15:50       ` Luis Chamberlain
2020-01-11 14:56 ` [PATCH v11 06/10] selftests: firmware: Add firmware_request_platform tests Hans de Goede
2020-01-11 14:57 ` [PATCH v11 07/10] Input: silead - Switch to firmware_request_platform for retreiving the fw Hans de Goede
2020-01-11 14:57 ` [PATCH v11 08/10] Input: icn8505 " Hans de Goede
2020-01-11 14:57 ` [PATCH v11 09/10] platform/x86: touchscreen_dmi: Add EFI embedded firmware info support Hans de Goede
2020-01-11 14:57 ` [PATCH v11 10/10] platform/x86: touchscreen_dmi: Add info for the Chuwi Vi8 Plus tablet Hans de Goede

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-EFI Archive on

Archives are clonable:
	git clone --mirror linux-efi/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-efi linux-efi/ \
	public-inbox-index linux-efi

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone