From nobody Wed Oct 16 14:32:05 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XTD1y0ZK7z5Yb3H;
	Wed, 16 Oct 2024 14:32:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4XTD1x6B0Sz4RKg;
	Wed, 16 Oct 2024 14:32:05 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1729089125;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=V+6b7ARLGLYLedIXChYsNzUpfp2sOD1FZuAInOKiSpI=;
	b=sPVJD232vffaeWh90XTbe1WdAtb5tdPxUnzewWXJZSfGjMRSYFBNXQjm+nWJf48KHZD/gB
	CvT7UhXCh+x0BEo9tRhcG3oQIeDC/YyT6Ai6MNNZUyojbw9UJTu0Ycdx/4Wou8aJwAWTb4
	k0IF249Cwh/GQ6VIw1Jr71tNtfh5lOMHZG18apqJe5I+7P+07gbGfbKC1EhGlkYIRF8JKF
	UB15B1zaopk8yk6x2cmpXAPvR3t6GleqlqqJifLUvhQpmJnom5gnS4CDANIrC4ITG+X2OH
	LWJplmxaOC8lR2ybNnnXNmftmBn//+Ywr9K2YM18iJzvouusWtSNnYrnEqyPjg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1729089125;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=V+6b7ARLGLYLedIXChYsNzUpfp2sOD1FZuAInOKiSpI=;
	b=srYHGGBcgcI7MDLxiZWnOPdQS3uk6vbLtQjHr+A3gFwXclonUUUFIfbNEyIrHrOcqmRv9M
	0yj9dBoryizmIR0HlTFwUwFRS9Zncjuba/ynIIgZYPkOvLyCpq9he4o6orxEDW2DFjTElO
	Vi3kGSfTdrJ3K1SkheFrQpVCaftcud/ETSFgCV7mDRxRVEaiR4YkiPszek+BY8JZGSa3MM
	FDe8SxdwPmyJtzVKkG2axW9Q9WiBP2KLed/qW/0E8I+uLJxiy2unubVwU+CxRUsrOwxKNc
	tMcZPkFd0+BEkryaNKYUflV3RMUuH/bieZOrhPj+2rBnq6MDmI9B+R7QPsi37w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1729089125; a=rsa-sha256; cv=none;
	b=YanM1dazo8Kzffz2HeQsa+rtClVJ4A7clqJl+x3x3MbSwjWNUKNI0COulr9z8+dWDpOwni
	qUxfGpXa1B0OyNSM3od6Wo+yxAwkC62dPtJNHvi7kh0+qzMYdcaHJzw8FbrQOfPLnpZ2Ag
	4TvscxqVv9I1vQtw2mDLkIMS1vzH1PPKNoCi57a08Tu1UvRej13WgtCIX1NzeiT5Ta1ll7
	3U77JiJBcyavff5/d7GFbvHL1XlvCFbWjQ6YVPqTUv8LmW3931bZmr2Wts8R+AMM9fi29+
	ugNgk7mbcSnvpFkc7peH5akTeA7b1BpMDMxk3Ie8D3tVKBXOCjVdwka5yadJPA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XTD1x51FKz187l;
	Wed, 16 Oct 2024 14:32:05 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 49GEW5Ns089650;
	Wed, 16 Oct 2024 14:32:05 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 49GEW5JC089647;
	Wed, 16 Oct 2024 14:32:05 GMT
	(envelope-from git)
Date: Wed, 16 Oct 2024 14:32:05 GMT
Message-Id: <202410161432.49GEW5JC089647@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Warner Losh <imp@FreeBSD.org>
Subject: git: 2ca7b03d6275 - stable/14 - firmware: load binary
  firmware files
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: imp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 2ca7b03d62750bc29d35b4b58dadf7f7a9520a01
Auto-Submitted: auto-generated

The branch stable/14 has been updated by imp:

URL: https://cgit.FreeBSD.org/src/commit/?id=2ca7b03d62750bc29d35b4b58dadf7f7a9520a01

commit 2ca7b03d62750bc29d35b4b58dadf7f7a9520a01
Author:     Warner Losh <imp@FreeBSD.org>
AuthorDate: 2024-02-29 16:36:20 +0000
Commit:     Warner Losh <imp@FreeBSD.org>
CommitDate: 2024-10-16 14:19:21 +0000

    firmware: load binary firmware files
    
    When we can't find a .ko module to satisfy the firmware request, try
    harder by looking for a file to read in directly. We compose this file's
    name by appending the imagename parameter to the firmware path
    (currently hard-wired to be /boot/firmware, future plans are for a
    path). Allow this file to be unloaded when firmware_put() releases the
    last reference, but we don't need to do the indirection and dance we
    need to do when unloading the .ko that will unregister the firmware.
    
    Sponsored by:           Netflix
    Reviewed by:            manu, jhb
    Differential Revision:  https://reviews.freebsd.org/D43555
    
    (cherry picked from commit c7b1e980ae16c094e64f318ad2feb98e17bd8f2f)
---
 sys/kern/subr_firmware.c | 122 +++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 114 insertions(+), 8 deletions(-)

diff --git a/sys/kern/subr_firmware.c b/sys/kern/subr_firmware.c
index 6947bcb110e4..138eb6a7fcd8 100644
--- a/sys/kern/subr_firmware.c
+++ b/sys/kern/subr_firmware.c
@@ -30,6 +30,7 @@
 #include <sys/param.h>
 #include <sys/errno.h>
 #include <sys/eventhandler.h>
+#include <sys/fcntl.h>
 #include <sys/firmware.h>
 #include <sys/kernel.h>
 #include <sys/linker.h>
@@ -37,9 +38,12 @@
 #include <sys/malloc.h>
 #include <sys/module.h>
 #include <sys/mutex.h>
+#include <sys/namei.h>
 #include <sys/priv.h>
 #include <sys/proc.h>
 #include <sys/queue.h>
+#include <sys/sbuf.h>
+#include <sys/sysctl.h>
 #include <sys/systm.h>
 #include <sys/taskqueue.h>
 
@@ -86,8 +90,9 @@ struct priv_fw {
 	 */
 	struct priv_fw	*parent;
 
-	int 		flags;	/* record FIRMWARE_UNLOAD requests */
-#define FW_UNLOAD	0x100
+	int 		flags;
+#define FW_BINARY	0x080	/* Firmware directly loaded, file == NULL */
+#define FW_UNLOAD	0x100	/* record FIRMWARE_UNLOAD requests */
 
 	/*
 	 * 'file' is private info managed by the autoload/unload code.
@@ -121,7 +126,8 @@ static LIST_HEAD(, priv_fw) firmware_table;
 
 /*
  * Firmware module operations are handled in a separate task as they
- * might sleep and they require directory context to do i/o.
+ * might sleep and they require directory context to do i/o. We also
+ * use this when loading binaries directly.
  */
 static struct taskqueue *firmware_tq;
 static struct task firmware_unload_task;
@@ -134,6 +140,11 @@ MTX_SYSINIT(firmware, &firmware_mtx, "firmware table", MTX_DEF);
 
 static MALLOC_DEFINE(M_FIRMWARE, "firmware", "device firmware images");
 
+static uint64_t firmware_max_size = 8u << 20; /* Default to 8MB cap */
+SYSCTL_U64(_debug, OID_AUTO, firmware_max_size,
+    CTLFLAG_RWTUN, &firmware_max_size, 0,
+    "Max size permitted for a firmware file.");
+
 /*
  * Helper function to lookup a name.
  * As a side effect, it sets the pointer to a free slot, if any.
@@ -241,6 +252,85 @@ struct fw_loadimage {
 	uint32_t	flags;
 };
 
+static const char *fw_path = "/boot/firmware/";
+
+static void
+try_binary_file(const char *imagename, uint32_t flags)
+{
+	struct nameidata nd;
+	struct thread *td = curthread;
+	struct ucred *cred = td ? td->td_ucred : NULL;
+	struct sbuf *sb;
+	struct priv_fw *fp;
+	const char *fn;
+	struct vattr vattr;
+	void *data = NULL;
+	const struct firmware *fw;
+	int flags;
+	size_t resid;
+	int error;
+	bool warn = flags & FIRMWARE_GET_NOWARN;
+
+	/*
+	 * XXX TODO: Loop over some path instead of a single element path.
+	 * and fetch this path from the 'firmware_path' kenv the loader sets.
+	 */
+	sb = sbuf_new_auto();
+	sbuf_printf(sb, "%s%s", fw_path, imagename);
+	sbuf_finish(sb);
+	fn = sbuf_data(sb);
+	if (bootverbose)
+		printf("Trying to load binary firmware from %s\n", fn);
+
+	NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, fn);
+	flags = FREAD;
+	error = vn_open(&nd, &flags, 0, NULL);
+	if (error)
+		goto err;
+	NDFREE_PNBUF(&nd);
+	if (nd.ni_vp->v_type != VREG)
+		goto err2;
+	error = VOP_GETATTR(nd.ni_vp, &vattr, cred);
+	if (error)
+		goto err2;
+
+	/*
+	 * Limit this to something sane, 8MB by default.
+	 */
+	if (vattr.va_size > firmware_max_size) {
+		printf("Firmware %s is too big: %ld bytes, %ld bytes max.\n",
+		    fn, vattr.va_size, firmware_max_size);
+		goto err2;
+	}
+	data = malloc(vattr.va_size, M_FIRMWARE, M_WAITOK);
+	error = vn_rdwr(UIO_READ, nd.ni_vp, (caddr_t)data, vattr.va_size, 0,
+	    UIO_SYSSPACE, IO_NODELOCKED, cred, NOCRED, &resid, td);
+	/* XXX make data read only? */
+	VOP_UNLOCK(nd.ni_vp);
+	vn_close(nd.ni_vp, FREAD, cred, td);
+	nd.ni_vp = NULL;
+	if (error != 0 || resid != 0)
+		goto err;
+	fw = firmware_register(fn, data, vattr.va_size, 0, NULL);
+	if (fw == NULL)
+		goto err;
+	fp = PRIV_FW(fw);
+	fp->flags |= FW_BINARY;
+	if (bootverbose)
+		printf("%s: Loaded binary firmware using %s\n", imagename, fn);
+	sbuf_delete(sb);
+	return;
+
+err2: /* cleanup in vn_open through vn_close */
+	VOP_UNLOCK(nd.ni_vp);
+	vn_close(nd.ni_vp, FREAD, cred, td);
+err:
+	free(data, M_FIRMWARE);
+	if (bootverbose || warn)
+		printf("%s: could not load binary firmware %s either\n", imagename, fn);
+	sbuf_delete(sb);
+}
+
 static void
 loadimage(void *arg, int npending __unused)
 {
@@ -254,6 +344,7 @@ loadimage(void *arg, int npending __unused)
 		if (bootverbose || (fwli->flags & FIRMWARE_GET_NOWARN) == 0)
 			printf("%s: could not load firmware image, error %d\n",
 			    fwli->imagename, error);
+		try_binary_file(fwli->imagename, fwli->flags);
 		mtx_lock(&firmware_mtx);
 		goto done;
 	}
@@ -409,17 +500,32 @@ EVENTHANDLER_DEFINE(mountroot, firmware_mountroot, NULL, 0);
 static void
 unloadentry(void *unused1, int unused2)
 {
-	struct priv_fw *fp;
+	struct priv_fw *fp, *tmp;
 
 	mtx_lock(&firmware_mtx);
 restart:
-	LIST_FOREACH(fp, &firmware_table, link) {
-		if (fp->file == NULL || fp->refcnt != 0 ||
-		    (fp->flags & FW_UNLOAD) == 0)
+	LIST_FOREACH_SAFE(fp, &firmware_table, link, tmp) {
+		if (((fp->flags & FW_BINARY) == 0 && fp->file == NULL) ||
+		    fp->refcnt != 0 || (fp->flags & FW_UNLOAD) == 0)
+			continue;
+
+		/*
+		 * If we directly loaded the firmware, then we just need to
+		 * remove the entry from the list and free the entry and go to
+		 * the next one.  There's no need for the indirection of the kld
+		 * module case, we free memory and go to the next one.
+		 */
+		if ((fp->flags & FW_BINARY) != 0) {
+			LIST_REMOVE(fp, link);
+			free(__DECONST(char *, fp->fw.data), M_FIRMWARE);
+			free(__DECONST(char *, fp->fw.name), M_FIRMWARE);
+			free(fp, M_FIRMWARE);
 			continue;
+		}
 
 		/*
-		 * Found an entry. Now:
+		 * Found an entry.  This is the kld case, so we have a more
+		 * complex dance.  Now:
 		 * 1. make sure we scan the table again
 		 * 2. clear FW_UNLOAD so we don't try this entry again.
 		 * 3. release the lock while trying to unload the module.