lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 07 Oct 2021 11:08:53 +0300
From:   Kalle Valo <kvalo@...eaurora.org>
To:     Jérôme Pouiller <jerome.pouiller@...abs.com>
Cc:     linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
        devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        "David S . Miller" <davem@...emloft.net>,
        devicetree@...r.kernel.org, Rob Herring <robh+dt@...nel.org>,
        linux-mmc@...r.kernel.org,
        Pali Rohár <pali@...nel.org>,
        Ulf Hansson <ulf.hansson@...aro.org>
Subject: Re: [PATCH v7 10/24] wfx: add fwio.c/fwio.h

Jérôme Pouiller <jerome.pouiller@...abs.com> writes:

> On Friday 1 October 2021 13:58:38 CEST Kalle Valo wrote:
>> Jerome Pouiller <Jerome.Pouiller@...abs.com> writes:
>> 
>> > From: Jérôme Pouiller <jerome.pouiller@...abs.com>
>> >
>> > Signed-off-by: Jérôme Pouiller <jerome.pouiller@...abs.com>
>> 
>> [...]
>> 
>> > +static int get_firmware(struct wfx_dev *wdev, u32 keyset_chip,
>> > +                     const struct firmware **fw, int *file_offset)
>> > +{
>> > +     int keyset_file;
>> > +     char filename[256];
>> > +     const char *data;
>> > +     int ret;
>> > +
>> > +     snprintf(filename, sizeof(filename), "%s_%02X.sec",
>> > +              wdev->pdata.file_fw, keyset_chip);
>> > +     ret = firmware_request_nowarn(fw, filename, wdev->dev);
>> > +     if (ret) {
>> > +             dev_info(wdev->dev, "can't load %s, falling back to %s.sec\n",
>> > +                      filename, wdev->pdata.file_fw);
>> > +             snprintf(filename, sizeof(filename), "%s.sec",
>> > +                      wdev->pdata.file_fw);
>> > +             ret = request_firmware(fw, filename, wdev->dev);
>> > +             if (ret) {
>> > +                     dev_err(wdev->dev, "can't load %s\n", filename);
>> > +                     *fw = NULL;
>> > +                     return ret;
>> > +             }
>> > +     }
>> 
>> How is this firmware file loading supposed to work? If I'm reading the
>> code right, the driver tries to load file "wfm_wf200_??.sec" but in
>> linux-firmware the file is silabs/wfm_wf200_C0.sec:
>> 
>> https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/silabs
>> 
>> That can't work automatically, unless I'm missing something of course.
>
> The firmware are signed. "C0" is the key used to sign this firmware. This
> key must match with the key burned into the chip. Fortunately, the driver
> is able to read the key accepted by the chip and automatically choose the
> right firmware.
>
> We could imagine to add a attribute in the DT to choose the firmware to
> load. However, it would be a pity to have to specify it manually whereas
> the driver is able to detect it automatically.
>
> Currently, the only possible key is C0. However, it exists some internal
> parts with other keys. In addition, it is theoretically possible to ask
> to Silabs to burn parts with a specific key in order to improve security
> of a product. 
>
> Obviously, for now, this feature mainly exists for the Silabs firmware
> developers who have to work with other keys.

My point above was about the directory "silabs". If I read the code
correctly, wfx driver tries to load "foo.bin" but in the linux-firmware
file is "silabs/foo.bin". So the should also include directory name in
the request and use "silabs/foo.bin".

>> Also I would prefer to use directory name as the driver name wfx, but I
>> guess silabs is also doable.
>
> I have no opinion.
>
>
>> Also I'm not seeing the PDS files in linux-firmware. The idea is that
>> when user installs an upstream kernel and the linux-firmware everything
>> will work automatically, without any manual file installations.
>
> WF200 is just a chip. Someone has to design an antenna before to be able
> to use.

Doesn't that apply to all wireless chips? :) Some store that information
to the EEPROM inside the chip, others somewhere outside of the chip.

> However, we have evaluation boards that have antennas and corresponding
> PDS files[1]. Maybe linux-firmware should include the PDS for these boards
> and the DT should contains the name of the design. eg:
>
>     compatible = "silabs,brd4001a", "silabs,wf200";
>
> So the driver will know which PDS it should use. 
>
> In fact, I am sure I had this idea in mind when I have started to write
> the wfx driver. But with the time I have forgotten it. 
>
> If you agree with that idea, I can work on it next week.

This sounds very similar what we have in ath10k, only that in ath10k we
call them board files. The way ath10k works is that we have board-2.bin
which is a container file containg multiple board files and then during
firmware initialisation ath10k automatically chooses the correct board
file based on various parameters like PCI subsystem ids, an id stored in
the eeprom, Device Tree etc. And then ath10k pushes the chosed board
file to the firmware.

-- 
https://patchwork.kernel.org/project/linux-wireless/list/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ