Documentation/driver-api/firmware/firmware-usage-guidelines.rst - linux - Git at Google

 ===================
 Firmware Guidelines
 ===================

 Users switching to a newer kernel should *not* have to install newer
 firmware files to keep their hardware working. At the same time updated
 firmware files must not cause any regressions for users of older kernel
 releases.

 Drivers that use firmware from linux-firmware should follow the rules in
 this guide. (Where there is limited control of the firmware,
 i.e. company doesn't support Linux, firmwares sourced from misc places,
 then of course these rules will not apply strictly.)

 * Firmware files shall be designed in a way that it allows checking for
   firmware ABI version changes. It is recommended that firmware files be
   versioned with at least a major/minor version. It is suggested that
   the firmware files in linux-firmware be named with some device
   specific name, and just the major version. The firmware version should
   be stored in the firmware header, or as an exception, as part of the
   firmware file name, in order to let the driver detact any non-ABI
   fixes/changes. The firmware files in linux-firmware should be
   overwritten with the newest compatible major version. Newer major
   version firmware shall remain compatible with all kernels that load
   that major number.

 * If the kernel support for the hardware is normally inactive, or the
   hardware isn't available for public consumption, this can
   be ignored, until the first kernel release that enables that hardware.
   This means no major version bumps without the kernel retaining
   backwards compatibility for the older major versions.  Minor version
   bumps should not introduce new features that newer kernels depend on
   non-optionally.

 * If a security fix needs lockstep firmware and kernel fixes in order to
   be successful, then all supported major versions in the linux-firmware
   repo that are required by currently supported stable/LTS kernels,
   should be updated with the security fix. The kernel patches should
   detect if the firmware is new enough to declare if the security issue
   is fixed.  All communications around security fixes should point at
   both the firmware and kernel fixes. If a security fix requires
   deprecating old major versions, then this should only be done as a
   last option, and be stated clearly in all communications.
	===================
	Firmware Guidelines
	===================

	Users switching to a newer kernel should not have to install newer
	firmware files to keep their hardware working. At the same time updated
	firmware files must not cause any regressions for users of older kernel
	releases.

	Drivers that use firmware from linux-firmware should follow the rules in
	this guide. (Where there is limited control of the firmware,
	i.e. company doesn't support Linux, firmwares sourced from misc places,
	then of course these rules will not apply strictly.)

	* Firmware files shall be designed in a way that it allows checking for
	firmware ABI version changes. It is recommended that firmware files be
	versioned with at least a major/minor version. It is suggested that
	the firmware files in linux-firmware be named with some device
	specific name, and just the major version. The firmware version should
	be stored in the firmware header, or as an exception, as part of the
	firmware file name, in order to let the driver detact any non-ABI
	fixes/changes. The firmware files in linux-firmware should be
	overwritten with the newest compatible major version. Newer major
	version firmware shall remain compatible with all kernels that load
	that major number.

	* If the kernel support for the hardware is normally inactive, or the
	hardware isn't available for public consumption, this can
	be ignored, until the first kernel release that enables that hardware.
	This means no major version bumps without the kernel retaining
	backwards compatibility for the older major versions. Minor version
	bumps should not introduce new features that newer kernels depend on
	non-optionally.

	* If a security fix needs lockstep firmware and kernel fixes in order to
	be successful, then all supported major versions in the linux-firmware
	repo that are required by currently supported stable/LTS kernels,
	should be updated with the security fix. The kernel patches should
	detect if the firmware is new enough to declare if the security issue
	is fixed. All communications around security fixes should point at
	both the firmware and kernel fixes. If a security fix requires
	deprecating old major versions, then this should only be done as a
	last option, and be stated clearly in all communications.