Commit 318d9784 authored by Mark Pearson's avatar Mark Pearson Committed by Hans de Goede

platform/x86: think-lmi: Add bulk save feature

On Lenovo platforms there is a limitation in the number of times an
attribute can be saved. This is an architectural limitation and it limits
the number of attributes that can be modified to 48.
A solution for this is instead of the attribute being saved after every
modification allow a user to bulk set the attributes and then trigger a
final save. This allows unlimited attributes.

This patch introduces a save_settings attribute that can be configured to
either single or bulk mode by the user.
Single mode is the default but customers who want to avoid the 48
attribute limit can enable bulk mode.

Displaying the save_settings attribute will display the enabled mode.

When in bulk mode writing 'save' to the save_settings attribute will
trigger a save. Once this has been done a reboot is required before more
attributes can be modified.
Signed-off-by: default avatarMark Pearson <mpearson-lenovo@squebb.ca>
Link: https://lore.kernel.org/r/20230919141530.4805-1-mpearson-lenovo@squebb.caReviewed-by: default avatarHans de Goede <hdegoede@redhat.com>
Signed-off-by: default avatarHans de Goede <hdegoede@redhat.com>
parent 423c3361
......@@ -383,6 +383,36 @@ Description:
Note that any changes to this attribute requires a reboot
for changes to take effect.
What: /sys/class/firmware-attributes/*/attributes/save_settings
Date: August 2023
KernelVersion: 6.6
Contact: Mark Pearson <mpearson-lenovo@squebb.ca>
Description:
On Lenovo platforms there is a limitation in the number of times an attribute can be
saved. This is an architectural limitation and it limits the number of attributes
that can be modified to 48.
A solution for this is instead of the attribute being saved after every modification,
to allow a user to bulk set the attributes, and then trigger a final save. This allows
unlimited attributes.
Read the attribute to check what save mode is enabled (single or bulk).
E.g:
# cat /sys/class/firmware-attributes/thinklmi/attributes/save_settings
single
Write the attribute with 'bulk' to enable bulk save mode.
Write the attribute with 'single' to enable saving, after every attribute set.
The default setting is single mode.
E.g:
# echo bulk > /sys/class/firmware-attributes/thinklmi/attributes/save_settings
When in bulk mode write 'save' to trigger a save of all currently modified attributes.
Note, once a save has been triggered, in bulk mode, attributes can no longer be set and
will return a permissions error. This is to prevent users hitting the 48+ save limitation
(which requires entering the BIOS to clear the error condition)
E.g:
# echo save > /sys/class/firmware-attributes/thinklmi/attributes/save_settings
What: /sys/class/firmware-attributes/*/attributes/debug_cmd
Date: July 2021
KernelVersion: 5.14
......
......@@ -985,6 +985,13 @@ static ssize_t current_value_store(struct kobject *kobj,
if (!tlmi_priv.can_set_bios_settings)
return -EOPNOTSUPP;
/*
* If we are using bulk saves a reboot should be done once save has
* been called
*/
if (tlmi_priv.save_mode == TLMI_SAVE_BULK && tlmi_priv.reboot_required)
return -EPERM;
new_setting = kstrdup(buf, GFP_KERNEL);
if (!new_setting)
return -ENOMEM;
......@@ -1011,10 +1018,11 @@ static ssize_t current_value_store(struct kobject *kobj,
ret = tlmi_simple_call(LENOVO_SET_BIOS_SETTING_CERT_GUID, set_str);
if (ret)
goto out;
ret = tlmi_simple_call(LENOVO_SAVE_BIOS_SETTING_CERT_GUID,
tlmi_priv.pwd_admin->save_signature);
if (ret)
goto out;
if (tlmi_priv.save_mode == TLMI_SAVE_BULK)
tlmi_priv.save_required = true;
else
ret = tlmi_simple_call(LENOVO_SAVE_BIOS_SETTING_CERT_GUID,
tlmi_priv.pwd_admin->save_signature);
} else if (tlmi_priv.opcode_support) {
/*
* If opcode support is present use that interface.
......@@ -1033,14 +1041,17 @@ static ssize_t current_value_store(struct kobject *kobj,
if (ret)
goto out;
if (tlmi_priv.pwd_admin->valid && tlmi_priv.pwd_admin->password[0]) {
ret = tlmi_opcode_setting("WmiOpcodePasswordAdmin",
tlmi_priv.pwd_admin->password);
if (ret)
goto out;
if (tlmi_priv.save_mode == TLMI_SAVE_BULK) {
tlmi_priv.save_required = true;
} else {
if (tlmi_priv.pwd_admin->valid && tlmi_priv.pwd_admin->password[0]) {
ret = tlmi_opcode_setting("WmiOpcodePasswordAdmin",
tlmi_priv.pwd_admin->password);
if (ret)
goto out;
}
ret = tlmi_save_bios_settings("");
}
ret = tlmi_save_bios_settings("");
} else { /* old non-opcode based authentication method (deprecated) */
if (tlmi_priv.pwd_admin->valid && tlmi_priv.pwd_admin->password[0]) {
auth_str = kasprintf(GFP_KERNEL, "%s,%s,%s;",
......@@ -1068,10 +1079,14 @@ static ssize_t current_value_store(struct kobject *kobj,
if (ret)
goto out;
if (auth_str)
ret = tlmi_save_bios_settings(auth_str);
else
ret = tlmi_save_bios_settings("");
if (tlmi_priv.save_mode == TLMI_SAVE_BULK) {
tlmi_priv.save_required = true;
} else {
if (auth_str)
ret = tlmi_save_bios_settings(auth_str);
else
ret = tlmi_save_bios_settings("");
}
}
if (!ret && !tlmi_priv.pending_changes) {
tlmi_priv.pending_changes = true;
......@@ -1152,6 +1167,107 @@ static ssize_t pending_reboot_show(struct kobject *kobj, struct kobj_attribute *
static struct kobj_attribute pending_reboot = __ATTR_RO(pending_reboot);
static const char * const save_mode_strings[] = {
[TLMI_SAVE_SINGLE] = "single",
[TLMI_SAVE_BULK] = "bulk",
[TLMI_SAVE_SAVE] = "save"
};
static ssize_t save_settings_show(struct kobject *kobj, struct kobj_attribute *attr,
char *buf)
{
/* Check that setting is valid */
if (WARN_ON(tlmi_priv.save_mode < TLMI_SAVE_SINGLE ||
tlmi_priv.save_mode > TLMI_SAVE_BULK))
return -EIO;
return sysfs_emit(buf, "%s\n", save_mode_strings[tlmi_priv.save_mode]);
}
static ssize_t save_settings_store(struct kobject *kobj, struct kobj_attribute *attr,
const char *buf, size_t count)
{
char *auth_str = NULL;
int ret = 0;
int cmd;
cmd = sysfs_match_string(save_mode_strings, buf);
if (cmd < 0)
return cmd;
/* Use lock in case multiple WMI operations needed */
mutex_lock(&tlmi_mutex);
switch (cmd) {
case TLMI_SAVE_SINGLE:
case TLMI_SAVE_BULK:
tlmi_priv.save_mode = cmd;
goto out;
case TLMI_SAVE_SAVE:
/* Check if supported*/
if (!tlmi_priv.can_set_bios_settings ||
tlmi_priv.save_mode == TLMI_SAVE_SINGLE) {
ret = -EOPNOTSUPP;
goto out;
}
/* Check there is actually something to save */
if (!tlmi_priv.save_required) {
ret = -ENOENT;
goto out;
}
/* Check if certificate authentication is enabled and active */
if (tlmi_priv.certificate_support && tlmi_priv.pwd_admin->cert_installed) {
if (!tlmi_priv.pwd_admin->signature ||
!tlmi_priv.pwd_admin->save_signature) {
ret = -EINVAL;
goto out;
}
ret = tlmi_simple_call(LENOVO_SAVE_BIOS_SETTING_CERT_GUID,
tlmi_priv.pwd_admin->save_signature);
if (ret)
goto out;
} else if (tlmi_priv.opcode_support) {
if (tlmi_priv.pwd_admin->valid && tlmi_priv.pwd_admin->password[0]) {
ret = tlmi_opcode_setting("WmiOpcodePasswordAdmin",
tlmi_priv.pwd_admin->password);
if (ret)
goto out;
}
ret = tlmi_save_bios_settings("");
} else { /* old non-opcode based authentication method (deprecated) */
if (tlmi_priv.pwd_admin->valid && tlmi_priv.pwd_admin->password[0]) {
auth_str = kasprintf(GFP_KERNEL, "%s,%s,%s;",
tlmi_priv.pwd_admin->password,
encoding_options[tlmi_priv.pwd_admin->encoding],
tlmi_priv.pwd_admin->kbdlang);
if (!auth_str) {
ret = -ENOMEM;
goto out;
}
}
if (auth_str)
ret = tlmi_save_bios_settings(auth_str);
else
ret = tlmi_save_bios_settings("");
}
tlmi_priv.save_required = false;
tlmi_priv.reboot_required = true;
if (!ret && !tlmi_priv.pending_changes) {
tlmi_priv.pending_changes = true;
/* let userland know it may need to check reboot pending again */
kobject_uevent(&tlmi_priv.class_dev->kobj, KOBJ_CHANGE);
}
break;
}
out:
mutex_unlock(&tlmi_mutex);
kfree(auth_str);
return ret ?: count;
}
static struct kobj_attribute save_settings = __ATTR_RW(save_settings);
/* ---- Debug interface--------------------------------------------------------- */
static ssize_t debug_cmd_store(struct kobject *kobj, struct kobj_attribute *attr,
const char *buf, size_t count)
......@@ -1221,6 +1337,8 @@ static void tlmi_release_attr(void)
}
}
sysfs_remove_file(&tlmi_priv.attribute_kset->kobj, &pending_reboot.attr);
sysfs_remove_file(&tlmi_priv.attribute_kset->kobj, &save_settings.attr);
if (tlmi_priv.can_debug_cmd && debug_support)
sysfs_remove_file(&tlmi_priv.attribute_kset->kobj, &debug_cmd.attr);
......@@ -1302,6 +1420,10 @@ static int tlmi_sysfs_init(void)
if (ret)
goto fail_create_attr;
ret = sysfs_create_file(&tlmi_priv.attribute_kset->kobj, &save_settings.attr);
if (ret)
goto fail_create_attr;
if (tlmi_priv.can_debug_cmd && debug_support) {
ret = sysfs_create_file(&tlmi_priv.attribute_kset->kobj, &debug_cmd.attr);
if (ret)
......
......@@ -27,6 +27,19 @@ enum level_option {
TLMI_LEVEL_MASTER,
};
/*
* There are a limit on the number of WMI operations you can do if you use
* the default implementation of saving on every set. This is due to a
* limitation in EFI variable space used.
* Have a 'bulk save' mode where you can manually trigger the save, and can
* therefore set unlimited variables - for users that need it.
*/
enum save_mode {
TLMI_SAVE_SINGLE,
TLMI_SAVE_BULK,
TLMI_SAVE_SAVE,
};
/* password configuration details */
struct tlmi_pwdcfg_core {
uint32_t password_mode;
......@@ -86,6 +99,9 @@ struct think_lmi {
bool can_debug_cmd;
bool opcode_support;
bool certificate_support;
enum save_mode save_mode;
bool save_required;
bool reboot_required;
struct tlmi_attr_setting *setting[TLMI_SETTINGS_COUNT];
struct device *class_dev;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment