Re: [PATCH RFC] brcmfmac: sanitize DMI strings v2

From: Hans de Goede
Date: Tue May 07 2019 - 11:39:48 EST


On 06-05-19 21:30, Arend Van Spriel wrote:
+ Luis (for real this time)

On 5/6/2019 6:05 PM, Hans de Goede wrote:

On 06-05-19 17:24, Victor Bravo wrote:
On Mon, May 06, 2019 at 03:26:28PM +0300, Kalle Valo wrote:
Hans de Goede <hdegoede@xxxxxxxxxx> writes:

If we're going to do some filtering, then I suggest we play it safe and also
disallow other chars which may be used as a separator somewhere, specifically
':' and ','.

Currently upstream linux-firmware has these files which rely on the DMI

brcmfmac43430a0-sdio.ONDA-V80 PLUS.txt

The others are either part of the DMI override table for devices with unsuitable
DMI strings like "Default String"; or are device-tree based.

So as long as we don't break those 3 (or break the ONDA one but get a symlink
in place) we can sanitize a bit more then just non-printable and '/'.

Kalle, Arend, what is your opinion on this?

Note I do not expect the ONDA V80 Plus to have a lot of Linux users,
but it definitely has some.

To me having spaces in filenames is a bad idea, but on the other hand we
do have the "don't break existing setups" rule, so it's not so simple. I
vote for not allowing spaces, I think that's the best for the long run,
but don't know what Arend thinks.


Had a day off today so I did see some of the discussion, but was not able to chime in until now.

To be honest I always disliked spaces in filenames, but that does not necessarily make it a bad idea. What I would like to know is why built-in firmware can not deal with spaces in the firmware file names. I think Hans mentioned it in the thread and it crossed my mind as well last night. From driver perspective, being brcmfmac or any other for that matter, there is only one API to request firmware and in my opinion it should behave the same no matter where the firmware is coming from. I would prefer to fix that for built-in firmware, but we need to understand where this limitation is coming from. Hopefully Luis can elaborate on that.


I have found a fresh judicate on this:

It seems clear that we have to support at least spaces for some time
(maybe wih separate config option which will be deprecated but on by
defaut until old files are considered gone).

Ah that issue, well that is not really comparable in that case a lot of
peoples setups were completely broken by that commit and it was a
quite surprising behavior change in a userspace facing API.

The nvram loading path already does 2 tries, I really don't want to
unnecessary complicate it with a third try.

The Onda V80 Plus is a X86 based Windows / Android dual boot tablet,
as said before I do not expect a ton of users to be running regular
Linux on it.

Given Kalle's clear preference for getting rid of the spaces lets
just do that. But first we must get a symlink added to linux-firmware
using the name with the _, newer kernels requiring a newer linux-firmware
to match is not unheard of AFAIK, so combined with the limited amount
of users I think this is a reasonable compromise.

Right. In the brcm folder we have bcm4329-fullmac-4.bin for older kernels and brcmfmac4329-sdio.bin for later kernels when we switched to stricter firmware naming convention.

Kalle, do you agree with getting the symlink added to linux-firmware
ASAP as a fix for the V80 Plus issue; or do you want to see a fallback
to the un-cleaned name as you suggested before ?

How many releases have an issue and how many V80 Plus users running regular linux are actually using built-in firmware. And is it really a regression for them? Not saying it does not require fixing. However, as stated above I would prefer to fix the built-in firmware limitation if possible and backport that fix if it is only a few kernel releases provided stable allows such a backport.

The issue is not V80 Plus users running regular linux with built-in firmware.
The issue is that the 5.0+ kernel + a new enough linux-firmware will just
work on the V80 Plus, since linux-firmware contains a nvram file for the V80 Plus,
with the space in the name.

So if we replace the space with an _ then things will stop working for those
users. But we can avoid this by adding a compat symlink to linux-firmware, then
users will require a new linux-firmware together with the new kernel, but that
is not unheard of.

As for how many users / releases. Users who have a fresh Fedora 30 install or
a fresh install of a rolling-release distro may rely on things working ootb.

Users with an older Linux install will have manually added the nvram using
the non board specific name to get things to work, so I expect things to
stay working for them.

So taking the group of people putting regular Linux on a V80 Plus
and then taking the cross-section of the group with users with a very recent
install, I expect the amount of affected users to be very small and both
Fedora and rolling-release updates update linux-firmware regularly.

So IMHO we should be fine with the sanitizing of the DMI strings, combined
with pushing a compat patch to linux-firmware.