firmware_loader: Add debug message with checksum for FW file

Message ID 20230224201918.411492-1-amadeuszx.slawinski@linux.intel.com
State New
Headers
Series firmware_loader: Add debug message with checksum for FW file |

Commit Message

Amadeusz Sławiński Feb. 24, 2023, 8:19 p.m. UTC
  Enable dynamic-debug logging of firmware filenames and SHA256 checksums
to clearly identify the firmware files that are loaded by the system.

Example output:
[   34.944619] firmware_class:_request_firmware: i915 0000:00:02.0: Loaded FW: i915/kbl_dmc_ver1_04.bin, sha256: 2cde41c3e5ad181423bcc3e98ff9c49f743c88f18646af4d0b3c3a9664b831a1
[   48.155884] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/cnl/dsp_basefw.bin, sha256: 43f6ac1b066e9bd0423d914960fbbdccb391af27d2b1da1085eee3ea8df0f357
[   49.579540] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/rt274-tplg.bin, sha256: 4b3580da96dc3d2c443ba20c6728d8b665fceb3ed57223c3a57582bbad8e2413
[   49.798196] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/hda-8086280c-tplg.bin, sha256: 5653172579b2be1b51fd69f5cf46e2bac8d63f2a1327924311c13b2f1fe6e601
[   49.859627] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/dmic-tplg.bin, sha256: 00fb7fbdb74683333400d7e46925dae60db448b88638efcca0b30215db9df63f

Reviewed-by: Russ Weight <russell.h.weight@intel.com>
Reviewed-by: Cezary Rojewski <cezary.rojewski@intel.com>
Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
---
 drivers/base/firmware_loader/main.c | 45 ++++++++++++++++++++++++++++-
 1 file changed, 44 insertions(+), 1 deletion(-)
  

Comments

Greg KH Feb. 24, 2023, 12:46 p.m. UTC | #1
On Fri, Feb 24, 2023 at 09:19:18PM +0100, Amadeusz Sławiński wrote:
> Enable dynamic-debug logging of firmware filenames and SHA256 checksums
> to clearly identify the firmware files that are loaded by the system.
> 
> Example output:
> [   34.944619] firmware_class:_request_firmware: i915 0000:00:02.0: Loaded FW: i915/kbl_dmc_ver1_04.bin, sha256: 2cde41c3e5ad181423bcc3e98ff9c49f743c88f18646af4d0b3c3a9664b831a1
> [   48.155884] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/cnl/dsp_basefw.bin, sha256: 43f6ac1b066e9bd0423d914960fbbdccb391af27d2b1da1085eee3ea8df0f357
> [   49.579540] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/rt274-tplg.bin, sha256: 4b3580da96dc3d2c443ba20c6728d8b665fceb3ed57223c3a57582bbad8e2413
> [   49.798196] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/hda-8086280c-tplg.bin, sha256: 5653172579b2be1b51fd69f5cf46e2bac8d63f2a1327924311c13b2f1fe6e601
> [   49.859627] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/dmic-tplg.bin, sha256: 00fb7fbdb74683333400d7e46925dae60db448b88638efcca0b30215db9df63f
> 
> Reviewed-by: Russ Weight <russell.h.weight@intel.com>
> Reviewed-by: Cezary Rojewski <cezary.rojewski@intel.com>
> Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
> ---
>  drivers/base/firmware_loader/main.c | 45 ++++++++++++++++++++++++++++-
>  1 file changed, 44 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
> index 017c4cdb219e..a6e1fb10763d 100644
> --- a/drivers/base/firmware_loader/main.c
> +++ b/drivers/base/firmware_loader/main.c
> @@ -791,6 +791,47 @@ static void fw_abort_batch_reqs(struct firmware *fw)
>  	mutex_unlock(&fw_lock);
>  }
>  
> +#if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG)
> +#include <crypto/hash.h>
> +#include <crypto/sha2.h>
> +#define SHA256_STRING_SIZE (SHA256_DIGEST_SIZE * 2)
> +static void fw_log_firmware_info(const struct firmware *fw, const char *name, struct device *device)
> +{
> +	char outbuf[SHA256_STRING_SIZE + 1];
> +	u8 sha256buf[SHA256_DIGEST_SIZE];

Nit, these are big, are you _SURE_ you can put them on the stack ok?
Why not dynamically allocate them?

> +	struct shash_desc *shash;
> +	struct crypto_shash *alg;
> +
> +	alg = crypto_alloc_shash("sha256", 0, 0);

Do we need to select this in the .config as well?

> +	if (!alg)
> +		return;
> +
> +	shash = kmalloc(sizeof(*shash) + crypto_shash_descsize(alg), GFP_KERNEL);

kmalloc_array()?

> +	if (!shash)
> +		goto out_alg;
> +
> +	shash->tfm = alg;
> +
> +	if (crypto_shash_digest(shash, fw->data, fw->size, sha256buf) < 0)
> +		goto out_shash;
> +
> +	for (int i = 0; i < SHA256_DIGEST_SIZE; i++)
> +		sprintf(&outbuf[i * 2], "%02x", sha256buf[i]);
> +	outbuf[SHA256_STRING_SIZE] = 0;
> +	dev_dbg(device, "Loaded FW: %s, sha256: %s\n", name, outbuf);
> +
> +out_shash:
> +	kfree(shash);
> +out_alg:
> +	crypto_free_shash(alg);

Otherwise, just tiny comments, overall this looks nice, thanks for doing
this.

greg k-h
  
Amadeusz Sławiński Feb. 24, 2023, 12:54 p.m. UTC | #2
On 2/24/2023 1:46 PM, Greg Kroah-Hartman wrote:
> On Fri, Feb 24, 2023 at 09:19:18PM +0100, Amadeusz Sławiński wrote:
>> Enable dynamic-debug logging of firmware filenames and SHA256 checksums
>> to clearly identify the firmware files that are loaded by the system.
>>
>> Example output:
>> [   34.944619] firmware_class:_request_firmware: i915 0000:00:02.0: Loaded FW: i915/kbl_dmc_ver1_04.bin, sha256: 2cde41c3e5ad181423bcc3e98ff9c49f743c88f18646af4d0b3c3a9664b831a1
>> [   48.155884] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/cnl/dsp_basefw.bin, sha256: 43f6ac1b066e9bd0423d914960fbbdccb391af27d2b1da1085eee3ea8df0f357
>> [   49.579540] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/rt274-tplg.bin, sha256: 4b3580da96dc3d2c443ba20c6728d8b665fceb3ed57223c3a57582bbad8e2413
>> [   49.798196] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/hda-8086280c-tplg.bin, sha256: 5653172579b2be1b51fd69f5cf46e2bac8d63f2a1327924311c13b2f1fe6e601
>> [   49.859627] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/dmic-tplg.bin, sha256: 00fb7fbdb74683333400d7e46925dae60db448b88638efcca0b30215db9df63f
>>
>> Reviewed-by: Russ Weight <russell.h.weight@intel.com>
>> Reviewed-by: Cezary Rojewski <cezary.rojewski@intel.com>
>> Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
>> ---
>>   drivers/base/firmware_loader/main.c | 45 ++++++++++++++++++++++++++++-
>>   1 file changed, 44 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
>> index 017c4cdb219e..a6e1fb10763d 100644
>> --- a/drivers/base/firmware_loader/main.c
>> +++ b/drivers/base/firmware_loader/main.c
>> @@ -791,6 +791,47 @@ static void fw_abort_batch_reqs(struct firmware *fw)
>>   	mutex_unlock(&fw_lock);
>>   }
>>   
>> +#if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG)
>> +#include <crypto/hash.h>
>> +#include <crypto/sha2.h>
>> +#define SHA256_STRING_SIZE (SHA256_DIGEST_SIZE * 2)
>> +static void fw_log_firmware_info(const struct firmware *fw, const char *name, struct device *device)
>> +{
>> +	char outbuf[SHA256_STRING_SIZE + 1];
>> +	u8 sha256buf[SHA256_DIGEST_SIZE];
> 
> Nit, these are big, are you _SURE_ you can put them on the stack ok?
> Why not dynamically allocate them?
> 

Well, those arrays are not that big? First one is 65 bytes and other one 
32. Although now that I looked again at the header, there is 
SHA256_BLOCK_SIZE define for string size, so I will change 
SHA256_STRING_SIZE to that instead.

>> +	struct shash_desc *shash;
>> +	struct crypto_shash *alg;
>> +
>> +	alg = crypto_alloc_shash("sha256", 0, 0);
> 
> Do we need to select this in the .config as well?
> 

Most likely.

>> +	if (!alg)
>> +		return;
>> +
>> +	shash = kmalloc(sizeof(*shash) + crypto_shash_descsize(alg), GFP_KERNEL);
> 
> kmalloc_array()?
> 

Yes.

>> +	if (!shash)
>> +		goto out_alg;
>> +
>> +	shash->tfm = alg;
>> +
>> +	if (crypto_shash_digest(shash, fw->data, fw->size, sha256buf) < 0)
>> +		goto out_shash;
>> +
>> +	for (int i = 0; i < SHA256_DIGEST_SIZE; i++)
>> +		sprintf(&outbuf[i * 2], "%02x", sha256buf[i]);
>> +	outbuf[SHA256_STRING_SIZE] = 0;
>> +	dev_dbg(device, "Loaded FW: %s, sha256: %s\n", name, outbuf);
>> +
>> +out_shash:
>> +	kfree(shash);
>> +out_alg:
>> +	crypto_free_shash(alg);
> 
> Otherwise, just tiny comments, overall this looks nice, thanks for doing
> this.
> 
> greg k-h
  
Greg KH Feb. 24, 2023, 1:04 p.m. UTC | #3
On Fri, Feb 24, 2023 at 01:54:33PM +0100, Amadeusz Sławiński wrote:
> On 2/24/2023 1:46 PM, Greg Kroah-Hartman wrote:
> > On Fri, Feb 24, 2023 at 09:19:18PM +0100, Amadeusz Sławiński wrote:
> > > Enable dynamic-debug logging of firmware filenames and SHA256 checksums
> > > to clearly identify the firmware files that are loaded by the system.
> > > 
> > > Example output:
> > > [   34.944619] firmware_class:_request_firmware: i915 0000:00:02.0: Loaded FW: i915/kbl_dmc_ver1_04.bin, sha256: 2cde41c3e5ad181423bcc3e98ff9c49f743c88f18646af4d0b3c3a9664b831a1
> > > [   48.155884] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/cnl/dsp_basefw.bin, sha256: 43f6ac1b066e9bd0423d914960fbbdccb391af27d2b1da1085eee3ea8df0f357
> > > [   49.579540] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/rt274-tplg.bin, sha256: 4b3580da96dc3d2c443ba20c6728d8b665fceb3ed57223c3a57582bbad8e2413
> > > [   49.798196] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/hda-8086280c-tplg.bin, sha256: 5653172579b2be1b51fd69f5cf46e2bac8d63f2a1327924311c13b2f1fe6e601
> > > [   49.859627] firmware_class:_request_firmware: snd_soc_avs 0000:00:1f.3: Loaded FW: intel/avs/dmic-tplg.bin, sha256: 00fb7fbdb74683333400d7e46925dae60db448b88638efcca0b30215db9df63f
> > > 
> > > Reviewed-by: Russ Weight <russell.h.weight@intel.com>
> > > Reviewed-by: Cezary Rojewski <cezary.rojewski@intel.com>
> > > Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
> > > ---
> > >   drivers/base/firmware_loader/main.c | 45 ++++++++++++++++++++++++++++-
> > >   1 file changed, 44 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
> > > index 017c4cdb219e..a6e1fb10763d 100644
> > > --- a/drivers/base/firmware_loader/main.c
> > > +++ b/drivers/base/firmware_loader/main.c
> > > @@ -791,6 +791,47 @@ static void fw_abort_batch_reqs(struct firmware *fw)
> > >   	mutex_unlock(&fw_lock);
> > >   }
> > > +#if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG)
> > > +#include <crypto/hash.h>
> > > +#include <crypto/sha2.h>
> > > +#define SHA256_STRING_SIZE (SHA256_DIGEST_SIZE * 2)
> > > +static void fw_log_firmware_info(const struct firmware *fw, const char *name, struct device *device)
> > > +{
> > > +	char outbuf[SHA256_STRING_SIZE + 1];
> > > +	u8 sha256buf[SHA256_DIGEST_SIZE];
> > 
> > Nit, these are big, are you _SURE_ you can put them on the stack ok?
> > Why not dynamically allocate them?
> > 
> 
> Well, those arrays are not that big? First one is 65 bytes and other one 32.

And how far down in the stack are you when a driver is requesting
firmware to be loaded?  Usually pretty deep :(

> Although now that I looked again at the header, there is SHA256_BLOCK_SIZE
> define for string size, so I will change SHA256_STRING_SIZE to that instead.

You are already dynamically allocating memory, just do it for all of
these please so we don't have to go fix this in a few years when some
codepath from a driver is found to have blown up the stack for this
debug information.

thanks,

greg k-h
  
Amadeusz Sławiński Feb. 27, 2023, 4:01 p.m. UTC | #4
On 2/24/2023 1:54 PM, Amadeusz Sławiński wrote:
> On 2/24/2023 1:46 PM, Greg Kroah-Hartman wrote:
>> On Fri, Feb 24, 2023 at 09:19:18PM +0100, Amadeusz Sławiński wrote:
>>> Enable dynamic-debug logging of firmware filenames and SHA256 checksums
>>> to clearly identify the firmware files that are loaded by the system.
>>>
>>> Example output:
>>> [   34.944619] firmware_class:_request_firmware: i915 0000:00:02.0: 
>>> Loaded FW: i915/kbl_dmc_ver1_04.bin, sha256: 
>>> 2cde41c3e5ad181423bcc3e98ff9c49f743c88f18646af4d0b3c3a9664b831a1
>>> [   48.155884] firmware_class:_request_firmware: snd_soc_avs 
>>> 0000:00:1f.3: Loaded FW: intel/avs/cnl/dsp_basefw.bin, sha256: 
>>> 43f6ac1b066e9bd0423d914960fbbdccb391af27d2b1da1085eee3ea8df0f357
>>> [   49.579540] firmware_class:_request_firmware: snd_soc_avs 
>>> 0000:00:1f.3: Loaded FW: intel/avs/rt274-tplg.bin, sha256: 
>>> 4b3580da96dc3d2c443ba20c6728d8b665fceb3ed57223c3a57582bbad8e2413
>>> [   49.798196] firmware_class:_request_firmware: snd_soc_avs 
>>> 0000:00:1f.3: Loaded FW: intel/avs/hda-8086280c-tplg.bin, sha256: 
>>> 5653172579b2be1b51fd69f5cf46e2bac8d63f2a1327924311c13b2f1fe6e601
>>> [   49.859627] firmware_class:_request_firmware: snd_soc_avs 
>>> 0000:00:1f.3: Loaded FW: intel/avs/dmic-tplg.bin, sha256: 
>>> 00fb7fbdb74683333400d7e46925dae60db448b88638efcca0b30215db9df63f
>>>
>>> Reviewed-by: Russ Weight <russell.h.weight@intel.com>
>>> Reviewed-by: Cezary Rojewski <cezary.rojewski@intel.com>
>>> Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
>>> ---
>>>   drivers/base/firmware_loader/main.c | 45 ++++++++++++++++++++++++++++-
>>>   1 file changed, 44 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/drivers/base/firmware_loader/main.c 
>>> b/drivers/base/firmware_loader/main.c
>>> index 017c4cdb219e..a6e1fb10763d 100644
>>> --- a/drivers/base/firmware_loader/main.c
>>> +++ b/drivers/base/firmware_loader/main.c
>>> @@ -791,6 +791,47 @@ static void fw_abort_batch_reqs(struct firmware 
>>> *fw)
>>>       mutex_unlock(&fw_lock);
>>>   }
>>> +#if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG)
>>> +#include <crypto/hash.h>
>>> +#include <crypto/sha2.h>
>>> +#define SHA256_STRING_SIZE (SHA256_DIGEST_SIZE * 2)
>>> +static void fw_log_firmware_info(const struct firmware *fw, const 
>>> char *name, struct device *device)
>>> +{
>>> +    char outbuf[SHA256_STRING_SIZE + 1];
>>> +    u8 sha256buf[SHA256_DIGEST_SIZE];
>>
>> Nit, these are big, are you _SURE_ you can put them on the stack ok?
>> Why not dynamically allocate them?
>>
> 
> Well, those arrays are not that big? First one is 65 bytes and other one 
> 32. Although now that I looked again at the header, there is 
> SHA256_BLOCK_SIZE define for string size, so I will change 
> SHA256_STRING_SIZE to that instead.
> 
>>> +    struct shash_desc *shash;
>>> +    struct crypto_shash *alg;
>>> +
>>> +    alg = crypto_alloc_shash("sha256", 0, 0);
>>
>> Do we need to select this in the .config as well?
>>
> 
> Most likely.
> 

So I'm having a bit of problem here, as something like:
diff --git a/drivers/base/firmware_loader/Kconfig 
b/drivers/base/firmware_loader/Kconfig
index 5166b323a0f8..95cf2d8af5c4 100644
--- a/drivers/base/firmware_loader/Kconfig
+++ b/drivers/base/firmware_loader/Kconfig
@@ -3,6 +3,8 @@ menu "Firmware loader"

  config FW_LOADER
         tristate "Firmware loading facility" if EXPERT
+       select CRYPTO_SHA256 if DYNAMIC_DEBUG
+       select CRYPTO if DYNAMIC_DEBUG
         default y
         help
           This enables the firmware loading facility in the kernel. The 
kernel
being the most simple potential fix doesn't seem to work due to circular 
dependencies. Seems like quite a few cryptography accelerators require 
FW_LOADER and it causes problems.

I tried few more things, but none of them seem to work. Any advice on 
what I can do here?

>>> +    if (!alg)
>>> +        return;
>>> +
>>> +    shash = kmalloc(sizeof(*shash) + crypto_shash_descsize(alg), 
>>> GFP_KERNEL);
>>
>> kmalloc_array()?
>>
> 
> Yes.
> 

And taking one more look, it isn't array allocation but struct followed 
by VLA used to store additional data, so it will stay as is.
  

Patch

diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
index 017c4cdb219e..a6e1fb10763d 100644
--- a/drivers/base/firmware_loader/main.c
+++ b/drivers/base/firmware_loader/main.c
@@ -791,6 +791,47 @@  static void fw_abort_batch_reqs(struct firmware *fw)
 	mutex_unlock(&fw_lock);
 }
 
+#if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG)
+#include <crypto/hash.h>
+#include <crypto/sha2.h>
+#define SHA256_STRING_SIZE (SHA256_DIGEST_SIZE * 2)
+static void fw_log_firmware_info(const struct firmware *fw, const char *name, struct device *device)
+{
+	char outbuf[SHA256_STRING_SIZE + 1];
+	u8 sha256buf[SHA256_DIGEST_SIZE];
+	struct shash_desc *shash;
+	struct crypto_shash *alg;
+
+	alg = crypto_alloc_shash("sha256", 0, 0);
+	if (!alg)
+		return;
+
+	shash = kmalloc(sizeof(*shash) + crypto_shash_descsize(alg), GFP_KERNEL);
+	if (!shash)
+		goto out_alg;
+
+	shash->tfm = alg;
+
+	if (crypto_shash_digest(shash, fw->data, fw->size, sha256buf) < 0)
+		goto out_shash;
+
+	for (int i = 0; i < SHA256_DIGEST_SIZE; i++)
+		sprintf(&outbuf[i * 2], "%02x", sha256buf[i]);
+	outbuf[SHA256_STRING_SIZE] = 0;
+	dev_dbg(device, "Loaded FW: %s, sha256: %s\n", name, outbuf);
+
+out_shash:
+	kfree(shash);
+out_alg:
+	crypto_free_shash(alg);
+
+}
+#else
+static void fw_log_firmware_info(const struct firmware *fw, const char *name,
+				 struct device *device)
+{}
+#endif
+
 /* called from request_firmware() and request_firmware_work_func() */
 static int
 _request_firmware(const struct firmware **firmware_p, const char *name,
@@ -861,11 +902,13 @@  _request_firmware(const struct firmware **firmware_p, const char *name,
 	revert_creds(old_cred);
 	put_cred(kern_cred);
 
- out:
+out:
 	if (ret < 0) {
 		fw_abort_batch_reqs(fw);
 		release_firmware(fw);
 		fw = NULL;
+	} else {
+		fw_log_firmware_info(fw, name, device);
 	}
 
 	*firmware_p = fw;