From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Kees Cook <keescook@chromium.org>
Cc: "linux-fsdevel@vger.kernel.org" <fsdevel@vger.kernel.org>,
"Luis R. Rodriguez" <mcgrof@suse.com>,
Dmitry Torokhov <dmitry.torokhov@gmail.com>,
Kexec Mailing List <kexec@lists.infradead.org>,
David Howells <dhowells@redhat.com>,
linux-security-module <linux-security-module@vger.kernel.org>,
David Woodhouse <dwmw2@infradead.org>,
linux-modules@vger.kernel.org
Subject: Re: [RFC PATCH 2/5] firmware: replace call to fw_read_file_contents() with kernel version
Date: Fri, 08 Jan 2016 15:36:45 -0500 [thread overview]
Message-ID: <1452285405.2651.23.camel@linux.vnet.ibm.com> (raw)
In-Reply-To: <CAGXu5jKhjgqvSKiERuGojVX2AK8pubtUHJgR2S=rvbUOgdad3g@mail.gmail.com>
On Fri, 2016-01-08 at 12:26 -0800, Kees Cook wrote:
> On Fri, Jan 8, 2016 at 11:22 AM, Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> > Replace fw_read_file_contents() for reading a file with the common VFS
> > kernel_read_file() function. Call the existing firmware security hook
> > from security_kernel_post_read_file() until the LSMs have been converted.
> >
> > This patch retains the kernel_fw_from_file() hook, but removes the
> > security_kernel_fw_from_file() function.
> >
> > Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
> > ---
> > drivers/base/firmware_class.c | 51 +++++++++------------------------------
> > include/linux/ima.h | 6 -----
> > include/linux/security.h | 8 +-----
> > security/integrity/ima/ima_main.c | 18 ++++++--------
> > security/security.c | 24 ++++++++----------
> > 5 files changed, 30 insertions(+), 77 deletions(-)
> >
> > diff --git a/drivers/base/firmware_class.c b/drivers/base/firmware_class.c
> > index 3ca96a6..4e4e860 100644
> > --- a/drivers/base/firmware_class.c
> > +++ b/drivers/base/firmware_class.c
> > @@ -292,44 +292,10 @@ static const char * const fw_path[] = {
> > module_param_string(path, fw_path_para, sizeof(fw_path_para), 0644);
> > MODULE_PARM_DESC(path, "customized firmware image search path with a higher priority than default path");
> >
> > -static int fw_read_file_contents(struct file *file, struct firmware_buf *fw_buf)
> > -{
> > - int size;
> > - char *buf;
> > - int rc;
> > -
> > - if (!S_ISREG(file_inode(file)->i_mode))
> > - return -EINVAL;
> > - size = i_size_read(file_inode(file));
> > - if (size <= 0)
> > - return -EINVAL;
> > - buf = vmalloc(size);
> > - if (!buf)
> > - return -ENOMEM;
> > - rc = kernel_read(file, 0, buf, size);
> > - if (rc != size) {
> > - if (rc > 0)
> > - rc = -EIO;
> > - goto fail;
> > - }
> > - rc = ima_hash_and_process_file(file, buf, size, FIRMWARE_CHECK);
> > - if (rc)
> > - goto fail;
> > -
> > - rc = security_kernel_fw_from_file(file, buf, size);
> > - if (rc)
> > - goto fail;
> > - fw_buf->data = buf;
> > - fw_buf->size = size;
> > - return 0;
> > -fail:
> > - vfree(buf);
> > - return rc;
> > -}
> > -
> > static int fw_get_filesystem_firmware(struct device *device,
> > struct firmware_buf *buf)
> > {
> > + loff_t size;
> > int i, len;
> > int rc = -ENOENT;
> > char *path;
> > @@ -355,13 +321,18 @@ static int fw_get_filesystem_firmware(struct device *device,
> > file = filp_open(path, O_RDONLY, 0);
> > if (IS_ERR(file))
> > continue;
> > - rc = fw_read_file_contents(file, buf);
> > +
> > + buf->size = 0;
> > + rc = kernel_read_file(file, &buf->data, &size, UINT_MAX,
>
> Strictly speaking, the originally code would max at INT_MAX, no UINT_MAX.
hm, I must have taken it from firmware_buf->size, which is defined as
size_t (unsigned). Thanks for the correction.
Mimi
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
WARNING: multiple messages have this Message-ID (diff)
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Kees Cook <keescook@chromium.org>
Cc: linux-security-module <linux-security-module@vger.kernel.org>,
"Luis R. Rodriguez" <mcgrof@suse.com>,
Kexec Mailing List <kexec@lists.infradead.org>,
linux-modules@vger.kernel.org,
"linux-fsdevel@vger.kernel.org" <fsdevel@vger.kernel.org>,
David Howells <dhowells@redhat.com>,
David Woodhouse <dwmw2@infradead.org>,
Dmitry Torokhov <dmitry.torokhov@gmail.com>
Subject: Re: [RFC PATCH 2/5] firmware: replace call to fw_read_file_contents() with kernel version
Date: Fri, 08 Jan 2016 15:36:45 -0500 [thread overview]
Message-ID: <1452285405.2651.23.camel@linux.vnet.ibm.com> (raw)
In-Reply-To: <CAGXu5jKhjgqvSKiERuGojVX2AK8pubtUHJgR2S=rvbUOgdad3g@mail.gmail.com>
On Fri, 2016-01-08 at 12:26 -0800, Kees Cook wrote:
> On Fri, Jan 8, 2016 at 11:22 AM, Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> > Replace fw_read_file_contents() for reading a file with the common VFS
> > kernel_read_file() function. Call the existing firmware security hook
> > from security_kernel_post_read_file() until the LSMs have been converted.
> >
> > This patch retains the kernel_fw_from_file() hook, but removes the
> > security_kernel_fw_from_file() function.
> >
> > Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
> > ---
> > drivers/base/firmware_class.c | 51 +++++++++------------------------------
> > include/linux/ima.h | 6 -----
> > include/linux/security.h | 8 +-----
> > security/integrity/ima/ima_main.c | 18 ++++++--------
> > security/security.c | 24 ++++++++----------
> > 5 files changed, 30 insertions(+), 77 deletions(-)
> >
> > diff --git a/drivers/base/firmware_class.c b/drivers/base/firmware_class.c
> > index 3ca96a6..4e4e860 100644
> > --- a/drivers/base/firmware_class.c
> > +++ b/drivers/base/firmware_class.c
> > @@ -292,44 +292,10 @@ static const char * const fw_path[] = {
> > module_param_string(path, fw_path_para, sizeof(fw_path_para), 0644);
> > MODULE_PARM_DESC(path, "customized firmware image search path with a higher priority than default path");
> >
> > -static int fw_read_file_contents(struct file *file, struct firmware_buf *fw_buf)
> > -{
> > - int size;
> > - char *buf;
> > - int rc;
> > -
> > - if (!S_ISREG(file_inode(file)->i_mode))
> > - return -EINVAL;
> > - size = i_size_read(file_inode(file));
> > - if (size <= 0)
> > - return -EINVAL;
> > - buf = vmalloc(size);
> > - if (!buf)
> > - return -ENOMEM;
> > - rc = kernel_read(file, 0, buf, size);
> > - if (rc != size) {
> > - if (rc > 0)
> > - rc = -EIO;
> > - goto fail;
> > - }
> > - rc = ima_hash_and_process_file(file, buf, size, FIRMWARE_CHECK);
> > - if (rc)
> > - goto fail;
> > -
> > - rc = security_kernel_fw_from_file(file, buf, size);
> > - if (rc)
> > - goto fail;
> > - fw_buf->data = buf;
> > - fw_buf->size = size;
> > - return 0;
> > -fail:
> > - vfree(buf);
> > - return rc;
> > -}
> > -
> > static int fw_get_filesystem_firmware(struct device *device,
> > struct firmware_buf *buf)
> > {
> > + loff_t size;
> > int i, len;
> > int rc = -ENOENT;
> > char *path;
> > @@ -355,13 +321,18 @@ static int fw_get_filesystem_firmware(struct device *device,
> > file = filp_open(path, O_RDONLY, 0);
> > if (IS_ERR(file))
> > continue;
> > - rc = fw_read_file_contents(file, buf);
> > +
> > + buf->size = 0;
> > + rc = kernel_read_file(file, &buf->data, &size, UINT_MAX,
>
> Strictly speaking, the originally code would max at INT_MAX, no UINT_MAX.
hm, I must have taken it from firmware_buf->size, which is defined as
size_t (unsigned). Thanks for the correction.
Mimi
next prev parent reply other threads:[~2016-01-08 20:38 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-08 19:21 [RFC PATCH 0/5] vfs: support for a common kernel file loader (step 1) Mimi Zohar
2016-01-08 19:21 ` Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 1/5] vfs: define a generic function to read a file from the kernel Mimi Zohar
2016-01-08 19:22 ` Mimi Zohar
2016-01-08 20:24 ` Kees Cook
2016-01-08 20:24 ` Kees Cook
2016-01-08 20:29 ` Mimi Zohar
2016-01-08 20:29 ` Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 2/5] firmware: replace call to fw_read_file_contents() with kernel version Mimi Zohar
2016-01-08 19:22 ` Mimi Zohar
2016-01-08 20:26 ` Kees Cook
2016-01-08 20:26 ` Kees Cook
2016-01-08 20:36 ` Mimi Zohar [this message]
2016-01-08 20:36 ` Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 3/5] kexec: replace call to copy_file_from_fd() " Mimi Zohar
2016-01-08 19:22 ` Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 4/5] ima: replace call to integrity_read_file() " Mimi Zohar
2016-01-08 19:22 ` Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 5/5] module: replace copy_module_from_fd " Mimi Zohar
2016-01-08 19:22 ` Mimi Zohar
2016-01-08 19:32 ` [RFC PATCH 0/5] vfs: support for a common kernel file loader (step 1) Mimi Zohar
2016-01-08 19:32 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1452285405.2651.23.camel@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=dhowells@redhat.com \
--cc=dmitry.torokhov@gmail.com \
--cc=dwmw2@infradead.org \
--cc=fsdevel@vger.kernel.org \
--cc=keescook@chromium.org \
--cc=kexec@lists.infradead.org \
--cc=linux-modules@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mcgrof@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.