Hi,
On 10-01-19 09:16, Chi-Hsien Lin wrote:
A "Firmware crash fix" to me sounds like a potential security issue, yet
It is a functional bug that causes wifi to stop working correctly. Not a
security hole. We did upstream firmware for security issues.
Even if this is just a functional bug it would be still nice to also
have bugfixes like this available to the millions of users who get
their firmware through linux-firmware.
Also if this bug us remotely triggerable it allows a denial-of-service
attack and thus still is a security issue.
Another example is the firmware for the wifi on the Raspberry Pi 3B+ which
is *years* older in linux-firmware.
Could you please specify the source (link) of the firmware you're
referring to?
linux-firmware has:
[hans@shalem ~]$ strings /lib/firmware/brcm/brcmfmac43455-sdio.bin | tail -n1
43455c0-roml/sdio-ag-p2p-pno-aoe-pktfilter-keepalive-mchan-pktctx-proptxstatus-ampduhostreorder-lpc-pwropt-txbf-wnm-okc-ccx-ltecx-wfds-wl11u-mfp-tdls-ve
Version: 7.45.18.0 CRC: d7226371 Date: Sun 2015-03-01 07:31:57 PST Ucode Ver: 1026.2 FWID: 01-6a2c8ad4
Where as: https://community.cypress.com/docs/DOC-15932 has:
[hans@shalem Download]$ strings firmware/brcmfmac43455-sdio.bin | tail -n2
43455c0-roml/43455_sdio-pno-aoe-pktfilter-pktctx-wfds-mfp-dfsradar-wowlpf-idsup-idauth-noclminc-clm_min-obss-obssdump-swdiv-gtkoe-roamprof-txbf-ve-sae-sr Version:
7.45.173 (r707987 CY) CRC: 7beaf14c Date: Fri 2018-09-21 04:12:04 PDT Ucode Ver: 1043.2116 FWID 01-d2799ea2
So the linux firmware version is *three and a half* years out of date!
I must say these whole shenanigans with the firmware causing
linux-firmware to
have way too old firmware versions makes me very unhappy. I'm at the point
where I'm telling friends to not buy any hardware with Cypress wifi in
there
because of this and because of the *complete* lack of bluetooth firmware.
We did work with HTC to upstream their bluetooth firmware to
linux-firmware, although I admit that most of the bluetooth firmware are
only available through hardware vendors.
Bluetooth firmware files are specific to vendor board designs. When
there is an update, the hardware (device/board) vendor qualifies the
firmware and release through their preferred channel (in HTC's case they
chose to upstream it).
I'm aware that the bluetooth patchram files may have board specific
elements too them (most are generic but some contain board specific
workarounds), this is also why for USB bluetooth adapters the kernel
includes the vendorid-productid in the filename, as can be seen with
for example the HTC vive bluetooth firmware.
A community member has made bluetooth patchram files from the Windows
drivers with the filenames expected by Linux available for Linux users here:
https://github.com/winterheart/broadcom-bt-firmware/tree/master/
These files come with/under the following license:
https://github.com/winterheart/broadcom-bt-firmware/blob/master/LICENSE.broadcom_bcm20702
Which indicates that even though these files are distributed through vendor
channels for Windows, Broadcom and now Cypress holds the rights on these files.
So it is within Cypress power to give permission to distribute these files under the
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/LICENCE.cypress
license. That is all we are asking for.
We are not asking you to do special Linux builds, Linux can use the per
board Windows files just fine, all we need is permission to distribute this
and then Linux users will run their boards with the same qualified firmware
files as are being used under Windows.
Actually by not allowing us to provide these files you run the risk of users
grabbing a random file from somewhere and renaming it, potentially having it
not match the board the user is using.
Regards,
Hans
