From patchwork Tue Jun 24 22:53:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Baryshkov X-Patchwork-Id: 899478 Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E7DBD25BEED for ; Tue, 24 Jun 2025 22:53:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750805611; cv=none; b=Uqmq0+dWmSEA8S8x4/v6IkVtBy2ou18JiF1f/MTUaQM9RMEmKwQ9t1Eqtnto1/MQEsEutapEC3QoKVoo9uVLq9leP5SXNJT47tCc5OCBK6Xfs4Mfua0H9zlc5mgXePILhqC7F8GZkaZmOmisVJIFZSCH1V85sHuVC19uJ3C31wg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750805611; c=relaxed/simple; bh=t/rZg2mXoS35Z6g/Fc1ahHAw8Dong0aRc6LecgnXaBA=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=N/s5v3Y2wkeoN8k8A6Eaxi3Tp0IER56YtoD7DsphMCn8U7JY5O1qHWVERgl/3DXmfM6QMYzWUQyPeExaf911rs+bL8uTqAsSi1adqNgwhNZuDfJgrzXMfQzTLRgoHbR+amdWrwhTvc+diOfWWr85NvQEYsF4SyqZ/piNE+JaquM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com; spf=pass smtp.mailfrom=oss.qualcomm.com; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b=UpsLtGOp; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b="UpsLtGOp" Received: from pps.filterd (m0279863.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 55OFcGcb031297 for ; Tue, 24 Jun 2025 22:53:28 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= /47YVhRJHDkRQwljfohl4e6sBDrvrN8mrp2H+cyoRUY=; b=UpsLtGOphCfC/MZK CdD1TgsjzeHahCrZkUMFA/+NMhTfGkS+ZkCXATYs9GWw6WcH3wQm3enIdAqN6LM4 KiM9gnqtHPvtr9nUi0N4rE/96Uok3wGV1xpZi7Z+EcMiOlJ1m3/r+TzDLHad4spm rICWHPEMsyNebWaBTRhi9ltzHhFRy1v58gnPoSopwHCuA8Pf6G8Gq/RqEiC0rjGD 3wuaSZYs0ecMewsY2hEMLwtX88QLIAuUZaPH82UpcAMr0isD5j1rxmmPSGHi7/uV 6Wxk37sQGvq2vx5zhnVRzGI70YWMRVArA9ujlY3Rbx7dZYR2DJ7BA7m8q48uJ08+ 3ytqSA== Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 47emcmqfgx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Tue, 24 Jun 2025 22:53:28 +0000 (GMT) Received: by mail-qt1-f198.google.com with SMTP id d75a77b69052e-4a71914dd25so137127861cf.2 for ; Tue, 24 Jun 2025 15:53:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750805607; x=1751410407; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/47YVhRJHDkRQwljfohl4e6sBDrvrN8mrp2H+cyoRUY=; b=fNYlqB6Wgk8TjuP2ijCBI1MMW7vf+h/IQDnvNDGRBXUCwpg5664aCedkNSgRMSs/1F SrFLmQGPJOXVvcc/ZysTFEHPF8oOFiXoZCR4PTDdHv1uS7moKQStTJnAuAtVpK+GAEI/ Hqm9dPuozbcYK5y3DIHEiI+ONyIeHZR2OsHjzM4lJ4GPZZyUon6wrTa2Y1oaSCWq2yFO P25SnOO2fG45zEnmLPZJEZ0XIhjWdHqWm5+xo9LBS38wjWl3qFa0SSf7Y6uIrOqmV0Zb Y9Mq60hKULAiGB1/BybKWhtSw+lcr19Mb1cBitqIFQvjPz116QYTEGOMWNCHj4/P42vL Fi+g== X-Forwarded-Encrypted: i=1; AJvYcCWNX0f59CVxs49a35nG7+y7SLbLNXF0c//UEvQV6hb9Ui3IiZp33i7AzB6eWCo6cYjnSx33A/wQBMjk50oA@vger.kernel.org X-Gm-Message-State: AOJu0YwBXw2B2g0E/IBuprax1xOgsuGf8oaz7cMvkuwtwAv5ZZkm45m2 /+lu95QJWFZLVoOsFCE6s1QfTqdibhy7dfHXEIs3epS17vZZCv46cFlgl1CvMyKYjXQMXHfe8kU mW6NAOUHH/l4MeKze6r1S3afzdQzTq6mVEWyBLbyrTvkTxnZKcPXmzx69wjIAyHIlCbgE X-Gm-Gg: ASbGncvkqFtz/1gMLS3mLjOy/hjtq2oroB6KeADfZLV34ciaeogpUCVlcmybbyJneSX NoJr/5m6ynO2UTl6fgxlWjTDgMzFUMcZd3kbtQFRMGb8qvaPkmwB1NcX7ovicmJbw4YZqQJZOe8 W0r50pJrGnVH/EORtEw+XC4k+za1NkGpKqqoQoeJUmRaeNqneTd9L1GiIwISGj5tt88J7gbALK1 4qULGDkb+0FzKaax3RDftFc9bVd0iH8rKdGdkShQEnSS1w8ydGmmjGFvQqj7l0dRR9Q++4LswTo T22rYWpZQzhxhNrFE41lTCwLnsaWfMGEglwOkBpKBcwiAPAOVtMylT2K3ldjhcE5vzJdKpEj+37 vS3N8w0VC410uct6qDG6oTxmcFJFifh12j4M= X-Received: by 2002:a05:620a:2815:b0:7d4:6f:a3f3 with SMTP id af79cd13be357-7d42974bbd3mr120817885a.44.1750805606656; Tue, 24 Jun 2025 15:53:26 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG94M3DQjJxjlOh+Wa7ZVDN2Ra0eLm5I+n3Okv+Uk1a/lJierkVbRDFtP5lW0t+YOyOA7SF3A== X-Received: by 2002:a05:620a:2815:b0:7d4:6f:a3f3 with SMTP id af79cd13be357-7d42974bbd3mr120814485a.44.1750805606292; Tue, 24 Jun 2025 15:53:26 -0700 (PDT) Received: from umbar.lan (2001-14ba-a0c3-3a00-264b-feff-fe8b-be8a.rev.dnainternet.fi. [2001:14ba:a0c3:3a00:264b:feff:fe8b:be8a]) by smtp.gmail.com with ESMTPSA id 38308e7fff4ca-32b97f5980bsm17843851fa.7.2025.06.24.15.53.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Jun 2025 15:53:25 -0700 (PDT) From: Dmitry Baryshkov Date: Wed, 25 Jun 2025 01:53:20 +0300 Subject: [PATCH v4 1/8] efi: efivars: don't crash in efivar_set_variable{,_locked} in r/o case Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250625-more-qseecom-v4-1-aacca9306cee@oss.qualcomm.com> References: <20250625-more-qseecom-v4-0-aacca9306cee@oss.qualcomm.com> In-Reply-To: <20250625-more-qseecom-v4-0-aacca9306cee@oss.qualcomm.com> To: Bjorn Andersson , Maximilian Luz , Konrad Dybcio , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Ard Biesheuvel , Konrad Dybcio Cc: Johan Hovold , Steev Klimaszewski , linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, linux-efi@vger.kernel.org X-Mailer: b4 0.14.2 X-Developer-Signature: v=1; a=openpgp-sha256; l=1258; i=dmitry.baryshkov@oss.qualcomm.com; h=from:subject:message-id; bh=t/rZg2mXoS35Z6g/Fc1ahHAw8Dong0aRc6LecgnXaBA=; b=owEBbQGS/pANAwAKAYs8ij4CKSjVAcsmYgBoWyxivcQKN9slXayTHROefKCDktNqjipS1qirs xkySAckA9+JATMEAAEKAB0WIQRMcISVXLJjVvC4lX+LPIo+Aiko1QUCaFssYgAKCRCLPIo+Aiko 1S5PCACYyB2xDS0iQyM+NvelIhDHfQwbdUlUaEjQVCCSve1uwzQm/XLjA3raAXOL+c0KmJtILQI rEOrfxnDr9JDHnVkBtOpy0n3O8UAmA7jXvjl6uC0eFJJaSmChTl+tIOc+2U3qKHv2YgtPIjB60G GpTQdxl/X27iK9dHsROC0Xs44R05PsOlrsnqZGynae9K/yHc/P11ES21H+crbemKyW94PS+AyI0 IIfUaLZrbZVe2OWBk5OAv37znQIV02F63t43l2cx7u225Ra3V5W6E2QlvGYcEcVcBLpXUxDU5/S 66JuoPiykkS2Vynu1gZ8bY55D1WC0SItw8fZdmAaaAktc2ae X-Developer-Key: i=dmitry.baryshkov@oss.qualcomm.com; a=openpgp; fpr=8F88381DD5C873E4AE487DA5199BF1243632046A X-Proofpoint-GUID: ht9pKB88AGI_Iqt_nV--vKd8pfgSGC9f X-Proofpoint-ORIG-GUID: ht9pKB88AGI_Iqt_nV--vKd8pfgSGC9f X-Authority-Analysis: v=2.4 cv=J+eq7BnS c=1 sm=1 tr=0 ts=685b2c68 cx=c_pps a=mPf7EqFMSY9/WdsSgAYMbA==:117 a=xqWC_Br6kY4A:10 a=IkcTkHD0fZMA:10 a=6IFa9wvqVegA:10 a=VwQbUJbxAAAA:8 a=zitRP-D0AAAA:8 a=EUspDBNiAAAA:8 a=2-Wz6HayXEhRivmEhXsA:9 a=QEXdDO2ut3YA:10 a=dawVfQjAaf238kedN5IG:22 a=xwnAI6pc5liRhupp6brZ:22 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjI0MDE4MiBTYWx0ZWRfXzcu0Xc6Oj9Og LWrs1+jiFrTgkQ7RdjBIVcUV4my3YnpVm2EPvoGVehuHsXusfvmDlvx46L7zeB3Zsx5vbG8XLxS kMVu4xERfop7JlwRkXXHMXKl+wSOOkHan8OoR90RCHo6JSUYOIgpci+U6JlmLK2mhPWRusgnSev NkZCW2dJCeAF1LQk8b+83xn3FHvtHUiI/vdHsUAgowsRjOedHD4YUixgzRCZEWgij9bBo4p3/ro 7n9Vqpx7C7ot3iV2B65on0g3x4PeQk37g9I0NdhUp7XJIps/gD5b9KsDyePdPES8nUduDH/I1Op x2rJjuHZ9rOpntEGLoH+eov7Y2iioMVhEswM4xImG2MQ6ccs2iANJiY7ckK6mEMZj2YVWeGlTJb LG9Wp5d96a9qWu8N3QtCFirUHo2DnV9jyADFehnb8rhstWOFNWk6uWo92tcBSMUvt7qLXaIe X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.1.7,FMLib:17.12.80.40 definitions=2025-06-24_06,2025-06-23_07,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 mlxlogscore=999 adultscore=0 impostorscore=0 clxscore=1015 spamscore=0 malwarescore=0 phishscore=0 priorityscore=1501 suspectscore=0 mlxscore=0 lowpriorityscore=0 classifier=spam authscore=0 authtc=n/a authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2505280000 definitions=main-2506240182 If efivar implementation doesn't provide write support, then calling efivar_set_variable() (e.g. when PM8xxx RTC driver tries to update the RTC offset) will crash the system. Prevent that by checking that set_variable callback is actually provided and fail with an EFI_WRITE_PROTECTED if it is not. Fixes: 472831d4c4b2 ("efi: vars: Add thin wrapper around EFI get/set variable interface") Reported-by: Johan Hovold Closes: https://lore.kernel.org/r/aFlps9iUcD42vN4w@hovoldconsulting.com Signed-off-by: Dmitry Baryshkov --- drivers/firmware/efi/vars.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/firmware/efi/vars.c b/drivers/firmware/efi/vars.c index 3700e98697676d8e6f04f061f447391503f9abba..11c5f785c09364f61642d82416822cb2e1a027fd 100644 --- a/drivers/firmware/efi/vars.c +++ b/drivers/firmware/efi/vars.c @@ -227,6 +227,8 @@ efi_status_t efivar_set_variable_locked(efi_char16_t *name, efi_guid_t *vendor, setvar = __efivars->ops->set_variable_nonblocking; if (!setvar || !nonblocking) setvar = __efivars->ops->set_variable; + if (!setvar) + return EFI_WRITE_PROTECTED; return setvar(name, vendor, attr, data_size, data); } From patchwork Tue Jun 24 22:53:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Baryshkov X-Patchwork-Id: 899477 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EAB1625B677 for ; Tue, 24 Jun 2025 22:53:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.180.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750805615; cv=none; b=UzK685/uSTFwZ1xn0Ytet9uNRYerYX6xe5TckeRMPGL/rg01YMeTjj2RZQWq/vC5y4cjBQQpG3vXNVMSmU2anCRlzdkbgvHH5MxO5svObQIRBdB3thjI1fTcPN0MfrM55z4ror1/5hFgaXvjBSm0RzmcZ5WVrifBHCW65f2Ephw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750805615; c=relaxed/simple; bh=TpzKss6UqA2cLICb253kuxKt/G/KQj9NlkXx3BbhyVI=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=k6HyUyKM/g6U5KN6kzUUVga9ctmggn+3wSU/mBV/jS4riuMzr1gLGGsL2oYCkppxfnKHzDBs1K10GE+Pr0D8HR/D1m2XkXS/o70vM6BM3TomFhVdcOmiZu18ww7ZTfgLi9zJnN381yLgv7z9f/kecFDxmWuUnqnbyBBchaBxnWQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com; spf=pass smtp.mailfrom=oss.qualcomm.com; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b=b88fe+lX; arc=none smtp.client-ip=205.220.180.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b="b88fe+lX" Received: from pps.filterd (m0279869.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 55OGku0b021903 for ; Tue, 24 Jun 2025 22:53:33 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= Q1+TTvG9KmmMqdJiHEKwEMvDzCclBDjJoltJ98B9ai0=; b=b88fe+lX1wJgTans u6vR+95b7xnUYDSFX8fAXT/rBgu6W5FoaA/OcW7euaanH8AyvR5qpwrdj4KTg+fL YiL9x7TF2k95M6pa1FtozBBqNcxYwcZjiLilTi+IjeU35yS6iISo2LHA/fsUBo2f tIrIep8pv5yq6Voe/XfTA0leM1opIkazOJqFvo5//m5VF9f3lftK1yx107Ffo1Xx ZtXmuhAa+/SiSTdOm1MYfCTVa7lHr/P9wBGeScSll+Z9YPCDQgfjvbm8pPZ7W5yH UODU0XDvjvZpbJK5qOKk9p/T/oct9RbFYNSpqgDqET3yaIRbWzS3Su008zFmn0NO hzf71Q== Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 47f3bgdus5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Tue, 24 Jun 2025 22:53:32 +0000 (GMT) Received: by mail-qk1-f200.google.com with SMTP id af79cd13be357-7d0aa9cdecdso470125685a.3 for ; Tue, 24 Jun 2025 15:53:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750805611; x=1751410411; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Q1+TTvG9KmmMqdJiHEKwEMvDzCclBDjJoltJ98B9ai0=; b=qd1S3BYnqFJ2aqvgjgcDOg4kACclyKfyVk35fvnBWDwCsPjDW0L1BLkvMEHXJ/tlkq fbpHJUztEGkgzrBfqn/B7l62DtaBF9kWrGz/4HQB4raTSQlfVzxpU4JzFgmREVM1H3hx GW1Uh07TqJFTNsUHRTvtVjJTztpC3dF2KiiJ9ohasLuQrLXNApz14XzvsyDJgpVkoL3A x35YiPluM/ZA9jmHZt4cHP6bKGVDn4m1v5b9X6oZkw+vWQP0hCzsbuN3FBJQzOKQt1mH utXyyKh8HUDkhqFkhrIo/AAIGl6TMt7YTlfS90YE3h3kAzd0dqrZBBSu6Ow+/5VK8w4F wbHg== X-Forwarded-Encrypted: i=1; AJvYcCWuAapN2DyAXsMHq+NovZzY1TOv/EUZ5OxKEUwidPxXPdcAOGfM+VDRrElOB5xctSGH3zyxSZUpa8HtX3tP@vger.kernel.org X-Gm-Message-State: AOJu0YzsMwZjOFhbpN2ZAFF8FxsRV/uDh1o56GIb1wQZGkQRgbSU8wjT nTF/51XVLp1DKTbG6BqEEwujdFrBGijqcGtQaH53j08exOkdGh9A7p/+X1N5LdEwm6HjSIjs9w3 3+ReaQlFM6vVY0EB7HodgYPwgtbgqTOTdXr7MFy1hcEBvolcjiX8Kd2EfKJxRsyZSG9bX X-Gm-Gg: ASbGncu5I1IPU7/Yhc0hbUPKZQ+St2/J3YyBJdpOjojHwwczIJtWzlBM+CZsQrzSV0y GrTTBLOjDeq2sVbMA3B7cTaISByjeuqDFs0luzeupFK3ToqXX/ZCGNsXT+FdSUOCGSBAr9K4Mta KaDj2ahYy3RCyWX6gjOXA+zWBhqJoWqo83mLjjUgE1dS4j0VuiV1Q6hqzyrXzrZGgehxSJqIFY5 RYUe2pNP9xBmn4tdQ8BE242RT5uaze0LXOsTLRFUU0uIF7Dp7s5qQx1G0tPzAmeUHwpBqWhlFY+ NgwAYxijfGv81UqWceFiP3Qhz83DX6GvQ1jFt1VMdPrPze697exJobXBoiXmDx6EjTpqRe3qKIo Ta3sNitWBjOGWkBe3+mikRggdPiG0tcH6W2M= X-Received: by 2002:a05:620a:4591:b0:7d4:bc9:de7a with SMTP id af79cd13be357-7d4297103d3mr126984185a.4.1750805611614; Tue, 24 Jun 2025 15:53:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEP5iqcSJE9XJE1gL9pGZTU4bZ49tSTbYK91N0UVTEUFririsFG0S0LsnEPN2FuMB1s0FTIHw== X-Received: by 2002:a05:620a:4591:b0:7d4:bc9:de7a with SMTP id af79cd13be357-7d4297103d3mr126982085a.4.1750805611199; Tue, 24 Jun 2025 15:53:31 -0700 (PDT) Received: from umbar.lan (2001-14ba-a0c3-3a00-264b-feff-fe8b-be8a.rev.dnainternet.fi. [2001:14ba:a0c3:3a00:264b:feff:fe8b:be8a]) by smtp.gmail.com with ESMTPSA id 38308e7fff4ca-32b97f5980bsm17843851fa.7.2025.06.24.15.53.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Jun 2025 15:53:30 -0700 (PDT) From: Dmitry Baryshkov Date: Wed, 25 Jun 2025 01:53:22 +0300 Subject: [PATCH v4 3/8] firmware: qcom: uefisecapp: add support for R/O UEFI vars Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250625-more-qseecom-v4-3-aacca9306cee@oss.qualcomm.com> References: <20250625-more-qseecom-v4-0-aacca9306cee@oss.qualcomm.com> In-Reply-To: <20250625-more-qseecom-v4-0-aacca9306cee@oss.qualcomm.com> To: Bjorn Andersson , Maximilian Luz , Konrad Dybcio , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Ard Biesheuvel , Konrad Dybcio Cc: Johan Hovold , Steev Klimaszewski , linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, linux-efi@vger.kernel.org, Konrad Dybcio X-Mailer: b4 0.14.2 X-Developer-Signature: v=1; a=openpgp-sha256; l=2930; i=dmitry.baryshkov@oss.qualcomm.com; h=from:subject:message-id; bh=TpzKss6UqA2cLICb253kuxKt/G/KQj9NlkXx3BbhyVI=; b=owEBbQGS/pANAwAKAYs8ij4CKSjVAcsmYgBoWyxigvWyn4A+onkiU+AFmVnTp+eG/+F69fK94 JtVCN4LCVmJATMEAAEKAB0WIQRMcISVXLJjVvC4lX+LPIo+Aiko1QUCaFssYgAKCRCLPIo+Aiko 1ZhwB/49S5NGzvatWyOAaoIdQKCjjG9EEZ6OG66sXVZht8tAHyXEhVQmxE27iZqgsflAmoTqgQW 4KIpuExKh2ber1GsFTblUrTDPl0ZT/ICK95AHQsby0oIrKMZ5vHxnoHVTu48YtoPcc0jiywKYM+ UZJYxaMAFAxpv+OlrbddVdJKRWpd0vkf+vrrwnWJi456aKJRpqbQM+HfXwtHNYp5dM8DwTtXMcv 44ZUXjJlRu5tMe1sA/N2Ve2mclA6cMf4bkeJgU0Rj99Rg9NhPivnrL0PONtpck6fl+zjaK/z1Sj 1L3L8j+hcZrmgNJ6SvfMWtwJUx01YJfOwDfj2H2ceocdZUky X-Developer-Key: i=dmitry.baryshkov@oss.qualcomm.com; a=openpgp; fpr=8F88381DD5C873E4AE487DA5199BF1243632046A X-Proofpoint-ORIG-GUID: oPbW-S1MdApJVudAZD46uD5qblx82fhU X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjI0MDE4MiBTYWx0ZWRfX3Y0J65GUvil6 YV+XNAh+vS7ibhij2CL+P3qMf94ig3sjzZhg/IaGNhb24MrOtwGvrPFtRBKdH8YyQ+57DQyCW4M Ectjz3cc84C0oixWDsOgTqvSpEiiCezYKtfrF2a0Q57iWcI2/x/seARw59kNwZw4Nkz6tdCOpua 3LFG0nGXB8iZ0ov/fVLwFRTWf2ErqcFFKI3qifUviy7tuWzCsETbdy6rc/QvGlUH1iqBpOaZ3zC Iqj/+eJzu285o5FOtR1Llbbdgxmbm6oLlz161qd5CyhPHbeeCI9lGPHYSoBMF3uG8BS+n6ZB24i D7Stcptb6z9JnyAY6c/DL+JC8WgT/B5k8a5hXTiOcW11oDUgo+LFdkwWOP77hMCpW85nR6VA7np kjcwr/p7n9dThibAgglKDRFSVKaBEehsnye4+46JdPB5dQVZ6Jw7jOqLXyC8SVZGCvAYPks0 X-Authority-Analysis: v=2.4 cv=L4kdQ/T8 c=1 sm=1 tr=0 ts=685b2c6c cx=c_pps a=hnmNkyzTK/kJ09Xio7VxxA==:117 a=xqWC_Br6kY4A:10 a=IkcTkHD0fZMA:10 a=6IFa9wvqVegA:10 a=EUspDBNiAAAA:8 a=hoImanld2GFzOgiN87EA:9 a=QEXdDO2ut3YA:10 a=PEH46H7Ffwr30OY-TuGO:22 X-Proofpoint-GUID: oPbW-S1MdApJVudAZD46uD5qblx82fhU X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.1.7,FMLib:17.12.80.40 definitions=2025-06-24_06,2025-06-23_07,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 malwarescore=0 bulkscore=0 clxscore=1015 suspectscore=0 adultscore=0 priorityscore=1501 impostorscore=0 lowpriorityscore=0 spamscore=0 phishscore=0 mlxlogscore=999 classifier=spam authscore=0 authtc=n/a authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2505280000 definitions=main-2506240182 For some platforms (e.g. Lenovo Yoga C630) we don't yet know a way to update variables in the permanent storage. However being able to read the vars is still useful as it allows us to get e.g. RTC offset. Add a quirk for QSEECOM specifying that UEFI variables for this platform should be registered in read-only mode. Reviewed-by: Konrad Dybcio Signed-off-by: Dmitry Baryshkov --- drivers/firmware/qcom/qcom_qseecom_uefisecapp.c | 18 +++++++++++++++++- include/linux/firmware/qcom/qcom_qseecom.h | 2 ++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/qcom/qcom_qseecom_uefisecapp.c b/drivers/firmware/qcom/qcom_qseecom_uefisecapp.c index 98a463e9774bf04f2deb0f7fa1318bd0d2edfa49..05f700dcb8cf3189f640237ff0e045564abb8264 100644 --- a/drivers/firmware/qcom/qcom_qseecom_uefisecapp.c +++ b/drivers/firmware/qcom/qcom_qseecom_uefisecapp.c @@ -792,6 +792,12 @@ static efi_status_t qcuefi_query_variable_info(u32 attr, u64 *storage_space, u64 return status; } +static const struct efivar_operations qcom_efivars_ro_ops = { + .get_variable = qcuefi_get_variable, + .get_next_variable = qcuefi_get_next_variable, + .query_variable_info = qcuefi_query_variable_info, +}; + static const struct efivar_operations qcom_efivar_ops = { .get_variable = qcuefi_get_variable, .set_variable = qcuefi_set_variable, @@ -804,7 +810,9 @@ static const struct efivar_operations qcom_efivar_ops = { static int qcom_uefisecapp_probe(struct auxiliary_device *aux_dev, const struct auxiliary_device_id *aux_dev_id) { + unsigned long *quirks = aux_dev->dev.platform_data; struct qcom_tzmem_pool_config pool_config; + const struct efivar_operations *ops; struct qcuefi_client *qcuefi; int status; @@ -829,7 +837,15 @@ static int qcom_uefisecapp_probe(struct auxiliary_device *aux_dev, if (status) return status; - status = efivars_register(&qcuefi->efivars, &qcom_efivar_ops); + if (quirks && + *quirks & QCOM_QSEECOM_QUIRK_RO_UEFIVARS) { + dev_dbg(&aux_dev->dev, "R/O UEFI vars implementation\n"); + ops = &qcom_efivars_ro_ops; + } else { + ops = &qcom_efivar_ops; + } + + status = efivars_register(&qcuefi->efivars, ops); if (status) qcuefi_set_reference(NULL); diff --git a/include/linux/firmware/qcom/qcom_qseecom.h b/include/linux/firmware/qcom/qcom_qseecom.h index 3387897bf36843cccd0bd933dd562390bf674b14..8d6d660e854fdb0fabbef10ab5ee6ff23ad79826 100644 --- a/include/linux/firmware/qcom/qcom_qseecom.h +++ b/include/linux/firmware/qcom/qcom_qseecom.h @@ -51,4 +51,6 @@ static inline int qcom_qseecom_app_send(struct qseecom_client *client, return qcom_scm_qseecom_app_send(client->app_id, req, req_size, rsp, rsp_size); } +#define QCOM_QSEECOM_QUIRK_RO_UEFIVARS BIT(0) + #endif /* __QCOM_QSEECOM_H */ From patchwork Tue Jun 24 22:53:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Baryshkov X-Patchwork-Id: 899476 Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 604BE25D213 for ; Tue, 24 Jun 2025 22:53:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750805618; cv=none; b=o8Z+l1PwcMub4peVWguzuDHBGQjfXnifGdhq5Yuxv8zDfvNmNwi0S58QJH8ntNuQNqOWgKO7/Eebdj/bLD35wE2yEmRzXYG2NLnjYXIaLe9Z5GMYPgc7h5mLaO5mQIcjcaOoqv4v4vkNm6QUd64Sq3wwbJbzMVyd3HzOWcJy8is= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750805618; c=relaxed/simple; bh=W0YLJNz5/2SAiapxbVHEzsfqeAiPqnoxKuIVDr0TVNM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=kIFseV0rDbCBHOVMhORfCN5EfIxPvRkiVFyU6fJzAXVcN/zbHYUFhpRKmqzUmBc9aqXfJyIlbkMwrLzUzlm2L7gwrl6oCbidRRU/fzAuQ6vKYGD3iTfZzu74dz9JNoy+Bi1k8ovsQmzsQv5ugGYaQjbgTOgD6qA0xU6mL0VI7dQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com; spf=pass smtp.mailfrom=oss.qualcomm.com; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b=jgTEzcUQ; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b="jgTEzcUQ" Received: from pps.filterd (m0279867.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 55OJJ9f8030162 for ; Tue, 24 Jun 2025 22:53:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= 3PYGYwAigTe4Xg8FBE8LvVKj2tXUXuFCqznUuXtFksk=; b=jgTEzcUQJEULxLqC XiSOzdXI0rEcSbcfgr0UxPef2I6p2NEV0dA49pvPKa+GHnfoKPiO20rjwmGGx+0B EIcAzPOFOwhqWG7OQSpig5Fg3NP5wzHIIVL8m9tHge2IBm2O35XN+q6N7eo0WB30 gwtZPyEIJNX4PUpcuVdslWnYQ17WjP+Y2AgMpsYNhpSCZlom1s7rYeDTIptBEGWC Y8I5MGHFGfA6xtLwTZn6xjwErx0a6oL1uIDQSkS7x/MsW6jC04r9XlB5GScX+mcY rNB6T/h40ya7HpKijr70bxU/6ucoOLL4DTVPsnB154xLKnybLFZUQnas+Zfp3NdV PyiV7g== Received: from mail-qt1-f197.google.com (mail-qt1-f197.google.com [209.85.160.197]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 47g22q8dvb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Tue, 24 Jun 2025 22:53:36 +0000 (GMT) Received: by mail-qt1-f197.google.com with SMTP id d75a77b69052e-4a58cd9b142so16497461cf.0 for ; Tue, 24 Jun 2025 15:53:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750805615; x=1751410415; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3PYGYwAigTe4Xg8FBE8LvVKj2tXUXuFCqznUuXtFksk=; b=M/TudOnIhJ/FGjuuDsYd+mgsExTYwP/KFCBW7BFPgk2cgsT89gh7/ZB8z0HxvaD2tr k8H6Mtcx1RE79abbHoT+fU49B98Dxf/iVdvirZ+qATBjZSACKNjXZaJGS/+AplZ5CkWA fQQkJDmaeZ4bDoEjouDsYS3H+cnxE+IpS8D422hxoRUv031SwAj6TH7+L45fF4BW7i+L rPmViPZl3dO9b8tR6aCgMcAjouaJFCN65IMp0q5nKXuI7IcpUPDgZTX0/Q1ZQcz3P79K 1kOG2sCdxVTHUBTVxcgVFXZ3uqR9PAnArEmeySR0l5gR5oqc8Gf8Kfg9Is1fzedSk01P 0YWw== X-Forwarded-Encrypted: i=1; AJvYcCUPDwmq8VekRIrUTeWCMHqRhbvQmOzpE4TSfkMWzltR+v32cgt1CfvshEZfu0aPkcYH+yKgsFUVRwslCJ98@vger.kernel.org X-Gm-Message-State: AOJu0YwQUQKpBWatOmt4XfmR1YgteYJr6TvRwsTnk0O2Bguigt5XFMPM ksA+k3MjLq27JV5T/GUy8lPXqvTpno6+3iwmOhEMoMRnEbK6a4JQ+fvVxT7YqWV5F19ZoAp4kPI 8tYqmCQpasfAAXuHQ27ZuMlueexpXmCeKRG7W87BNxcDHVrR1a7ESBqreMsXxmUqm0yeG X-Gm-Gg: ASbGncv4lfoaxqWLCty65rJeg3PjBWQk9qI9Hso1qiCxpqXRyyjUuCAB/PDEoPoQlBW iV6uYwVcipbxJbRvdhNC4h64RaSHuBqcgfWdbKhXlDfcvK9p1qQhnwb9fcEBUQT2U31xJFBuIwm VD9Iny4MEMEfD6xzy90kSrjxkOIvvh47r/BvPWEY2KoJraufzwHbDxnXVOFSn76czm8s8M3Ptu6 PrGY2PFWwq8NduvgE9XhxKZjKMnnIulavrCaiHlWAu90gxMNIbYr6sscKzyvQC9PmugtnqRn7aN xV+vbPpQMTJiBwbkarblkz0RPpON8T3gctL8NtuA+OHaq5qtFcx2fPCLsnb2rfiL1aiVorBYsBV CqNs4XUjb90Caq8mXBOsJpi7aSnRsARTiUZQ= X-Received: by 2002:a05:620a:4050:b0:7c7:b4aa:85bc with SMTP id af79cd13be357-7d429660e04mr113562185a.17.1750805615320; Tue, 24 Jun 2025 15:53:35 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG41nDKvy8NSvFSuE+GkqRN5rEbL009m+aNzEf5Aeh6gwiaJ1JjFjqhlwEUZpFQ41nVpXLjzw== X-Received: by 2002:a05:620a:4050:b0:7c7:b4aa:85bc with SMTP id af79cd13be357-7d429660e04mr113559785a.17.1750805614907; Tue, 24 Jun 2025 15:53:34 -0700 (PDT) Received: from umbar.lan (2001-14ba-a0c3-3a00-264b-feff-fe8b-be8a.rev.dnainternet.fi. [2001:14ba:a0c3:3a00:264b:feff:fe8b:be8a]) by smtp.gmail.com with ESMTPSA id 38308e7fff4ca-32b97f5980bsm17843851fa.7.2025.06.24.15.53.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Jun 2025 15:53:34 -0700 (PDT) From: Dmitry Baryshkov Date: Wed, 25 Jun 2025 01:53:24 +0300 Subject: [PATCH v4 5/8] firmware; qcom: scm: enable QSEECOM on SC8280XP CRD Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250625-more-qseecom-v4-5-aacca9306cee@oss.qualcomm.com> References: <20250625-more-qseecom-v4-0-aacca9306cee@oss.qualcomm.com> In-Reply-To: <20250625-more-qseecom-v4-0-aacca9306cee@oss.qualcomm.com> To: Bjorn Andersson , Maximilian Luz , Konrad Dybcio , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Ard Biesheuvel , Konrad Dybcio Cc: Johan Hovold , Steev Klimaszewski , linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, linux-efi@vger.kernel.org X-Mailer: b4 0.14.2 X-Developer-Signature: v=1; a=openpgp-sha256; l=1087; i=dmitry.baryshkov@oss.qualcomm.com; h=from:subject:message-id; bh=W0YLJNz5/2SAiapxbVHEzsfqeAiPqnoxKuIVDr0TVNM=; b=owEBbQGS/pANAwAKAYs8ij4CKSjVAcsmYgBoWyxj0Fb4cA5VMjgnwN72vznUyGiXQ/4qhUCvh dIttwizDleJATMEAAEKAB0WIQRMcISVXLJjVvC4lX+LPIo+Aiko1QUCaFssYwAKCRCLPIo+Aiko 1Rm9B/9T0FUesziKizU38v76pcYTiA6w4sBqSbxkzsktq0nA2q0sSBVPUtwLWt/yJTIVokgN04M MFcYDkc/AS1ImaYPtlBWux5XC4SJCh5Nvbclq5BxJDQ22fkijV0vrgTxkfYyn4V1FuzupIeWoQw Bx2Bzktqtj5ShsO6vI99DSh0LYEp9cDpfWoQoNbfVvQnwKvRKKaoSzqe5u5sJ3O47RY2qiOQOlj cRIPTCdVRn/bREB+itNQJVAkcUc7TqVPcxixkQYqtMS7Th7Bdk0bxLnR8ru6bEsFnVz5bXKEmaI ynV0525X9ouUotWTbiY7J8Vn41M2wQYrYfMAUj6zMaXXHDub X-Developer-Key: i=dmitry.baryshkov@oss.qualcomm.com; a=openpgp; fpr=8F88381DD5C873E4AE487DA5199BF1243632046A X-Authority-Analysis: v=2.4 cv=cuqbk04i c=1 sm=1 tr=0 ts=685b2c70 cx=c_pps a=EVbN6Ke/fEF3bsl7X48z0g==:117 a=xqWC_Br6kY4A:10 a=IkcTkHD0fZMA:10 a=6IFa9wvqVegA:10 a=EUspDBNiAAAA:8 a=GpPnMnrImHjYsJApwW0A:9 a=QEXdDO2ut3YA:10 a=a_PwQJl-kcHnX1M80qC6:22 X-Proofpoint-GUID: TZc_Da1HidHauC6lbkzsY8N4cnejhhYx X-Proofpoint-ORIG-GUID: TZc_Da1HidHauC6lbkzsY8N4cnejhhYx X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjI0MDE4MiBTYWx0ZWRfX/MF3QytkeS/s jEv7Wvir1bgXeeLnDiUZ2bhLs2riizT357SFMCynZh3gSSCCAXs6Uc8Ck+vNSTWkFNuvyWdOIsx ayA5BgAZT09xP5NLqeHtGhC45Ct5C8Eyz1YN6G9jxn87HYJ4tw2BMCTbb2SHkCQWljbdE5BfOLW eH0GGrl8Om5WvhjmEtv0otRW5BkTgJzMAPzUJxL2uxlmvHt0GKHBd/5AimIiVjfu4jSbuF+ZZee RDuYgayj1sfztzDCqr/G2RPyw4rj8RX3rHY6ZvhpJCTun+Lbt8ShHIgZ0tSCmXBsjsrx+hQqKjT STslOmkxjLHZeoMdVxHXCKYnyQJr+N1IJl/0TORWHXQ17m8ojjd4oPFy9hDJuZg/Hls+hUz9hGF 9NqxTYBz9ZByBYNYKZrO/y4q/lmu2X4VLudqwQZNtboU8+QJqrKfxVYFmB0WiJj2zfSRQvTb X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.1.7,FMLib:17.12.80.40 definitions=2025-06-24_06,2025-06-23_07,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 phishscore=0 priorityscore=1501 bulkscore=0 mlxlogscore=999 malwarescore=0 adultscore=0 suspectscore=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 impostorscore=0 classifier=spam authscore=0 authtc=n/a authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2505280000 definitions=main-2506240182 As reported by Johan, this platform also doesn't currently support updating of the UEFI variables. In preparation to reworking match list for QSEECOM mark this platform as supporting QSEECOM with R/O UEFI variables. Signed-off-by: Dmitry Baryshkov --- drivers/firmware/qcom/qcom_scm.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c index dbb77c3f69ddaa931e7faa73911207a83634bda1..27ef2497089e11b5a902d949de2e16b7443a2ca4 100644 --- a/drivers/firmware/qcom/qcom_scm.c +++ b/drivers/firmware/qcom/qcom_scm.c @@ -2005,6 +2005,7 @@ static const struct of_device_id qcom_scm_qseecom_allowlist[] __maybe_unused = { { .compatible = "microsoft,romulus13", }, { .compatible = "microsoft,romulus15", }, { .compatible = "qcom,sc8180x-primus" }, + { .compatible = "qcom,sc8280xp-crd", .data = &qcom_qseecom_ro_uefi, }, { .compatible = "qcom,x1e001de-devkit" }, { .compatible = "qcom,x1e80100-crd" }, { .compatible = "qcom,x1e80100-qcp" }, From patchwork Tue Jun 24 22:53:26 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Baryshkov X-Patchwork-Id: 899475 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7984525E44B for ; Tue, 24 Jun 2025 22:53:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.180.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750805623; cv=none; b=pUKL0XAZJ2xqkER+YwxCL+NfiQcxg/Q/Gsbj7YE+7p3mf25res9i24pVenIuiRgJPQb/Nq2bpc52DFc8m4Tj30C79fwtaUBnHWoFDWI21cZ/ImT+L8WtBzPPYfYAuUjj6tTmSGgABC60uEUs1mp8by/dR5EN1yV5lT+XvydNQds= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750805623; c=relaxed/simple; bh=fzBC2xoL+zqcCdvdFp6QOzxB8vCAph7pd10rAyAoyFQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=UsXbEujh09YRPM9vNgcwSPsGEPp+UOsX6I7Yr1OsylDe5AgzLqt5nJtRfDWvbh/6b4cpxt+/KoZQBAXCWmhCo2ikWiaydQ3xAHOt9QtcdYAbar75oTFGTMkZhwYC/LkXUGs4rbeL0My2Itm0OjDMMe/qi0jEDYAI08rVsgNSZZs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com; spf=pass smtp.mailfrom=oss.qualcomm.com; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b=GZXI4aAg; arc=none smtp.client-ip=205.220.180.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b="GZXI4aAg" Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 55OGjhLa008088 for ; Tue, 24 Jun 2025 22:53:40 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= 8NIM9T6hNdyQApd2V3NHJVIC0mrVXV0ISFYbKqPxryc=; b=GZXI4aAgC5zdYbkB RWawKfyY6Gszevvpx/HE1AhxdO1l3b1aQvRiwdVVQH+cdZtvNoh7mEy24yq16o7c IOOSt6yDbJcCw/Lc3ZbOeCJ1a/OtGzSWyxDyhmarWdFHPXJd98uArZUm6JcSJHfy +ZxufvRbZHJltHsoWkPK84LPlboRVv0PqTI4i3GQoVTb5RgssSmWk3EJYLR/TXUw JU/zTRfNKDp/2sdn/xJhcKtahfsOIzDCuarTuWOqRphDxt8h1lvLd3MdX4SVyXRl 3xxXxi5pFLnAXnRQaD7+pX4oeAykFg7bGjJFIjHYOv24iQTyLQGkNB52dexFJqI1 JI5fsg== Received: from mail-qk1-f198.google.com (mail-qk1-f198.google.com [209.85.222.198]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 47f7ttw2y2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Tue, 24 Jun 2025 22:53:40 +0000 (GMT) Received: by mail-qk1-f198.google.com with SMTP id af79cd13be357-7d400a4d4f2so172740285a.3 for ; Tue, 24 Jun 2025 15:53:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750805619; x=1751410419; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8NIM9T6hNdyQApd2V3NHJVIC0mrVXV0ISFYbKqPxryc=; b=aysZdI7870YXR1mnvl70vjcCX4LKlwuJiuQ2DHCcidI1mkBCX6ViLmFbYft8ygL3uz uyoxWRaVwE1itqg9AFMcPfeX1KjsKxzQrGwXYZ1+/bn1Vwmcg0bfwsJGearudlassqH3 COy2yPLRuc573pDp53uRb3ZnNEK9ehfpPMw9vFoddYrYJsWHP5UficDFWYms9DUCE3Jg bHiPA0pOK6uw/HX45/cBE8Yof3b1IimGVdLbsTWPwBD5U808vUbtbS2DIlvGyb4iWcbi guI82GTdHeko4ORr6+laBHlwDqVywgX3MTDlGHJ1IgFkep0JnPkR5/Q/9UInaaJ5q0qA WnZA== X-Forwarded-Encrypted: i=1; AJvYcCVbyYjcMT5aJBhru2FTft/VwOVbYHy+m9vhrR5yOwkZ6atg0XYkNezVBYajQC6BWJ1RwGS0qEUfVwgiyVUf@vger.kernel.org X-Gm-Message-State: AOJu0YzgRnWIo1ZHXwl+9wERz5VfnEOcYoQanFtRbIr1uJTuKeyxtHEm LICVMgaC+N5IuqfALz3RwVdd+oLD+kPTIqk6g1q5AXfJdCNA6RzkPwqUStqpzy57oa6Dolf1kB0 T53ksTEQMixbc197bcnFjpbZqIWYkty7UTwJoTRb9ZKRKnA7HJI3fWLnBw9o778DoDrG3 X-Gm-Gg: ASbGncuiMzvCHU2pe8iaDUVdOiRjDcyPp4DfbBtirA3Hp9948Zq5uJgM2+cenRN4ZXh V8zoOUmr3yXAflny1x8SwKVkF1cXU/dpXfRA7RYqK4YRogSKCW7Sz76v+bVfmhfiKzL0qokYZkw wsstPwGoLChAblkFP+Gs+ag4uoV+EyPLBin8wu82r4hrbW7KcGLiPlINkr3Cn8cfwNAasVNcalB H/t5N7bH+ObEGSaNDjp2hEMibqqHq9gjbC6FEqWAdlKmJxGk7wYkxH3hobqqoiCS/O+0y7W1REL Xd8WBGyhqCCkiei2CFeCj1UTEDsPPpJtyK3SVVz0VqhmTSR0EAo7wBQlPdsZwILhduHUyq+RSQM 6zLW+9oFTGdI8cD5fJyl0EaHGma25WEOhT0Y= X-Received: by 2002:a05:620a:489a:b0:7c5:4463:29a3 with SMTP id af79cd13be357-7d4296eaeb3mr136492185a.25.1750805619199; Tue, 24 Jun 2025 15:53:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEArHTt7L3yra76vcOX9pHi5y0XwXAgplfEwKMaA+D1SyjqM/8XRnYIHLsA2KpxGeCCOQTelQ== X-Received: by 2002:a05:620a:489a:b0:7c5:4463:29a3 with SMTP id af79cd13be357-7d4296eaeb3mr136488985a.25.1750805618744; Tue, 24 Jun 2025 15:53:38 -0700 (PDT) Received: from umbar.lan (2001-14ba-a0c3-3a00-264b-feff-fe8b-be8a.rev.dnainternet.fi. [2001:14ba:a0c3:3a00:264b:feff:fe8b:be8a]) by smtp.gmail.com with ESMTPSA id 38308e7fff4ca-32b97f5980bsm17843851fa.7.2025.06.24.15.53.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Jun 2025 15:53:37 -0700 (PDT) From: Dmitry Baryshkov Date: Wed, 25 Jun 2025 01:53:26 +0300 Subject: [PATCH v4 7/8] firmware: qcom: scm: rework QSEECOM allowlist Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250625-more-qseecom-v4-7-aacca9306cee@oss.qualcomm.com> References: <20250625-more-qseecom-v4-0-aacca9306cee@oss.qualcomm.com> In-Reply-To: <20250625-more-qseecom-v4-0-aacca9306cee@oss.qualcomm.com> To: Bjorn Andersson , Maximilian Luz , Konrad Dybcio , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Ard Biesheuvel , Konrad Dybcio Cc: Johan Hovold , Steev Klimaszewski , linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, linux-efi@vger.kernel.org, Dmitry Baryshkov , Konrad Dybcio X-Mailer: b4 0.14.2 X-Developer-Signature: v=1; a=openpgp-sha256; l=4931; i=dmitry.baryshkov@oss.qualcomm.com; h=from:subject:message-id; bh=cWoHO0MsVGuzMZsWaCgpVEQsk3VIUIcF/KJvccYMdzs=; b=owEBbQGS/pANAwAKAYs8ij4CKSjVAcsmYgBoWyxjQwD68t32h8d/QHOesm1x5z3pruiLn7HRU w9Ub4Us1bCJATMEAAEKAB0WIQRMcISVXLJjVvC4lX+LPIo+Aiko1QUCaFssYwAKCRCLPIo+Aiko 1RH2B/98/HW2wQwAkPEHQXtfRUHSuLSmvcQvdNliBhX9EGiDR26KoItjdnPz353c2hroFgqzkyt 5MlUIJNAARicuZ17oB8HsJAs1Fj6/kHYJil96po9yxEFUGO7CJgkVZRuDY7/RCN1mlcWlhaK53N RANcoWMs068o6HEAQblUSEMpUgB8kgxm0C/TsClgmyO9Z0ridT6n/pxmSDzhRhxPSFG5wwkpcyL mW5abuK1SGFEoUXfafScbF6uJ9/jkWQDpFWBFj1NNFrNNrfDDxhpMNJ/RkG6m7O1qDTmbQTetWy HVzEhf+q9fJ+pJl9Cx/AN1hUGGAfCt06PlpPPAcH/pCuW4qY X-Developer-Key: i=dmitry.baryshkov@oss.qualcomm.com; a=openpgp; fpr=8F88381DD5C873E4AE487DA5199BF1243632046A X-Authority-Analysis: v=2.4 cv=QINoRhLL c=1 sm=1 tr=0 ts=685b2c74 cx=c_pps a=qKBjSQ1v91RyAK45QCPf5w==:117 a=xqWC_Br6kY4A:10 a=IkcTkHD0fZMA:10 a=6IFa9wvqVegA:10 a=KKAkSRfTAAAA:8 a=EUspDBNiAAAA:8 a=-DwM1zgTEUuOfulMvEAA:9 a=QEXdDO2ut3YA:10 a=NFOGd7dJGGMPyQGDc5-O:22 a=cvBusfyB2V15izCimMoJ:22 X-Proofpoint-ORIG-GUID: hZM1-ezws1Qvs7iNXP891FOKB05InVRb X-Proofpoint-GUID: hZM1-ezws1Qvs7iNXP891FOKB05InVRb X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjI0MDE4MiBTYWx0ZWRfX4R1NHgUqsNg3 YaYTyW+AfsHsRFKveV4sNBBHpqg2OHtt7OPbiGcL8hylXbJ2hUUOgwYcJI0a6CDpqtylNN1cPM5 01AG9IA2gFq1lnimcsHBHSihZZf0nJ3S+XIgfppV42dxTGm84tmmvjA3gGHrKBX7j4IZeLeskE6 6T8NKIJr1dpb/69o60fhdB+SRZzJibfFhcOjvvTi4JaR2MYfZQKU8IxooxUZM7BnfPCsUeuF2+S BIIqQuJSgt65yrUH//PAoX11R4b2z2NuUHPjELbV3J7rbA9tft4BlrDFrz09W828ZZYcodaazhX IWZOeo7ZN4aLh0SzK4QYTU+WXoV5rYjsXZxPO4O1GpxEzeedBBalwfnm+VsRGsDrWx97VeYXC1p DIFfbQ9PVOHUOFH6R2xxRy4PI8UhariT4X7U5Ks1EejRLX6aEO/xwsZvnCIjeLC1+Ufcj2eH X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.1.7,FMLib:17.12.80.40 definitions=2025-06-24_06,2025-06-23_07,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 priorityscore=1501 malwarescore=0 adultscore=0 mlxscore=0 clxscore=1015 mlxlogscore=999 bulkscore=0 suspectscore=0 phishscore=0 impostorscore=0 lowpriorityscore=0 classifier=spam authscore=0 authtc=n/a authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2505280000 definitions=main-2506240182 From: Dmitry Baryshkov Listing individual machines in qcom_scm_qseecom_allowlist doesn't scale. Allow it to function as allow and disallow list at the same time by the means of the match->data and list the SoC families instead of devices. In case a particular device has buggy or incompatible firmware user still can disable QSEECOM by specifying qcom_scm.qseecom=off kernel param and (in the longer term) adding machine-specific entry to the qcom_scm_qseecom_allowlist table. Signed-off-by: Dmitry Baryshkov Reviewed-by: Konrad Dybcio Signed-off-by: Dmitry Baryshkov --- drivers/firmware/qcom/qcom_scm.c | 49 ++++++++++++++---------------- include/linux/firmware/qcom/qcom_qseecom.h | 1 + 2 files changed, 24 insertions(+), 26 deletions(-) diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c index 5bf59eba2a863ba16e59df7fa2de1c50b0a218d0..025f834e95b537b76d41b59b63871a4ce5bed717 100644 --- a/drivers/firmware/qcom/qcom_scm.c +++ b/drivers/firmware/qcom/qcom_scm.c @@ -1981,6 +1981,7 @@ int qcom_scm_qseecom_app_send(u32 app_id, void *req, size_t req_size, } EXPORT_SYMBOL_GPL(qcom_scm_qseecom_app_send); +static unsigned long qcom_qseecom_disable = QCOM_QSEECOM_QUIRK_DISABLE; static unsigned long qcom_qseecom_ro_uefi = QCOM_QSEECOM_QUIRK_RO_UEFIVARS; static char *qseecom = "auto"; @@ -1989,32 +1990,20 @@ module_param(qseecom, charp, 0); /* * We do not yet support re-entrant calls via the qseecom interface. To prevent - * any potential issues with this, only allow validated machines for now. Users + * any potential issues with this, only allow validated platforms for now. Users * still can manually enable or disable it via the qcom_scm.qseecom modparam. + * + * To disable QSEECOM for a particular machine, add compatible entry and set + * data to &qcom_qseecom_disable. */ static const struct of_device_id qcom_scm_qseecom_allowlist[] __maybe_unused = { - { .compatible = "asus,vivobook-s15" }, - { .compatible = "asus,zenbook-a14-ux3407qa" }, - { .compatible = "asus,zenbook-a14-ux3407ra" }, - { .compatible = "dell,xps13-9345" }, - { .compatible = "hp,elitebook-ultra-g1q" }, - { .compatible = "hp,omnibook-x14" }, - { .compatible = "huawei,gaokun3" }, - { .compatible = "lenovo,flex-5g" }, - { .compatible = "lenovo,thinkpad-t14s" }, - { .compatible = "lenovo,thinkpad-x13s", }, { .compatible = "lenovo,yoga-c630", .data = &qcom_qseecom_ro_uefi, }, - { .compatible = "lenovo,yoga-slim7x" }, - { .compatible = "microsoft,arcata", }, - { .compatible = "microsoft,blackrock" }, - { .compatible = "microsoft,romulus13", }, - { .compatible = "microsoft,romulus15", }, - { .compatible = "qcom,sc8180x-primus" }, + { .compatible = "qcom,sc8180x", }, + { .compatible = "qcom,sc8280xp", }, { .compatible = "qcom,sc8280xp-crd", .data = &qcom_qseecom_ro_uefi, }, - { .compatible = "qcom,x1e001de-devkit" }, - { .compatible = "qcom,x1e80100-crd" }, - { .compatible = "qcom,x1e80100-qcp" }, - { .compatible = "qcom,x1p42100-crd" }, + { .compatible = "qcom,sdm845", .data = &qcom_qseecom_disable, }, + { .compatible = "qcom,x1e80100", }, + { .compatible = "qcom,x1p42100", }, { } }; @@ -2046,12 +2035,22 @@ static bool qcom_scm_qseecom_machine_is_allowed(struct device *scm_dev, match = of_match_node(qcom_scm_qseecom_allowlist, np); of_node_put(np); - if (match && match->data) + if (!match) { + dev_info(scm_dev, "qseecom: untested machine, skipping\n"); + return false; + } + + if (match->data) *quirks = *(unsigned long *)(match->data); else *quirks = 0; - return match; + if (*quirks & QCOM_QSEECOM_QUIRK_DISABLE) { + dev_info(scm_dev, "qseecom: disabled by the quirk\n"); + return false; + } + + return true; } static void qcom_scm_qseecom_free(void *data) @@ -2086,10 +2085,8 @@ static int qcom_scm_qseecom_init(struct qcom_scm *scm) dev_info(scm->dev, "qseecom: found qseecom with version 0x%x\n", version); - if (!qcom_scm_qseecom_machine_is_allowed(scm->dev, &quirks)) { - dev_info(scm->dev, "qseecom: untested machine, skipping\n"); + if (!qcom_scm_qseecom_machine_is_allowed(scm->dev, &quirks)) return 0; - } /* * Set up QSEECOM interface device. All application clients will be diff --git a/include/linux/firmware/qcom/qcom_qseecom.h b/include/linux/firmware/qcom/qcom_qseecom.h index 8d6d660e854fdb0fabbef10ab5ee6ff23ad79826..d48044ece20cc9ebac3357a642dc671c349d4343 100644 --- a/include/linux/firmware/qcom/qcom_qseecom.h +++ b/include/linux/firmware/qcom/qcom_qseecom.h @@ -52,5 +52,6 @@ static inline int qcom_qseecom_app_send(struct qseecom_client *client, } #define QCOM_QSEECOM_QUIRK_RO_UEFIVARS BIT(0) +#define QCOM_QSEECOM_QUIRK_DISABLE BIT(1) #endif /* __QCOM_QSEECOM_H */