* [RFC PATCH] efivarfs: define integrity_read method
@ 2017-07-06 12:14 Mimi Zohar
2017-07-06 12:45 ` Al Viro
0 siblings, 1 reply; 2+ messages in thread
From: Mimi Zohar @ 2017-07-06 12:14 UTC (permalink / raw)
To: linux-security-module
This patch defines an ->integrity_read file operation method to read data for
integrity hash collection.
(Posting separately for review, before being squashed with the others.)
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
---
fs/efivarfs/file.c | 29 +++++++++++++++++++++++++----
1 file changed, 25 insertions(+), 4 deletions(-)
diff --git a/fs/efivarfs/file.c b/fs/efivarfs/file.c
index 5f22e74bbade..b687c982e0a1 100644
--- a/fs/efivarfs/file.c
+++ b/fs/efivarfs/file.c
@@ -10,6 +10,7 @@
#include <linux/efi.h>
#include <linux/fs.h>
#include <linux/slab.h>
+#include <linux/uio.h>
#include <linux/mount.h>
#include "internal.h"
@@ -64,8 +65,9 @@ static ssize_t efivarfs_file_write(struct file *file,
return bytes;
}
-static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
- size_t count, loff_t *ppos)
+static ssize_t __efivarfs_file_read(struct file *file, char __user *userbuf,
+ size_t count, loff_t *ppos,
+ struct iov_iter *iter)
{
struct efivar_entry *var = file->private_data;
unsigned long datasize = 0;
@@ -96,14 +98,32 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
goto out_free;
memcpy(data, &attributes, sizeof(attributes));
- size = simple_read_from_buffer(userbuf, count, ppos,
- data, datasize + sizeof(attributes));
+
+ if (!iter)
+ size = simple_read_from_buffer(userbuf, count, ppos, data,
+ datasize + sizeof(attributes));
+ else
+ size = copy_to_iter(data, datasize + sizeof(attributes), iter);
out_free:
kfree(data);
return size;
}
+static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
+ size_t count, loff_t *ppos)
+{
+ return __efivarfs_file_read(file, userbuf, count, ppos, NULL);
+}
+
+static ssize_t efivarfs_file_read_iter(struct kiocb *iocb,
+ struct iov_iter *iter)
+{
+ struct file *file = iocb->ki_filp;
+
+ return __efivarfs_file_read(file, NULL, 0, NULL, iter);
+}
+
static int
efivarfs_ioc_getxflags(struct file *file, void __user *arg)
{
@@ -178,4 +198,5 @@ const struct file_operations efivarfs_file_operations = {
.write = efivarfs_file_write,
.llseek = no_llseek,
.unlocked_ioctl = efivarfs_file_ioctl,
+ .integrity_read = efivarfs_file_read_iter,
};
--
2.7.4
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [RFC PATCH] efivarfs: define integrity_read method
2017-07-06 12:14 [RFC PATCH] efivarfs: define integrity_read method Mimi Zohar
@ 2017-07-06 12:45 ` Al Viro
0 siblings, 0 replies; 2+ messages in thread
From: Al Viro @ 2017-07-06 12:45 UTC (permalink / raw)
To: linux-security-module
On Thu, Jul 06, 2017 at 08:14:01AM -0400, Mimi Zohar wrote:
> This patch defines an ->integrity_read file operation method to read data for
> integrity hash collection.
> -static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
> - size_t count, loff_t *ppos)
> +static ssize_t __efivarfs_file_read(struct file *file, char __user *userbuf,
> + size_t count, loff_t *ppos,
> + struct iov_iter *iter)
> {
> struct efivar_entry *var = file->private_data;
> unsigned long datasize = 0;
> @@ -96,14 +98,32 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
> goto out_free;
>
> memcpy(data, &attributes, sizeof(attributes));
> - size = simple_read_from_buffer(userbuf, count, ppos,
> - data, datasize + sizeof(attributes));
> +
> + if (!iter)
> + size = simple_read_from_buffer(userbuf, count, ppos, data,
> + datasize + sizeof(attributes));
> + else
> + size = copy_to_iter(data, datasize + sizeof(attributes), iter);
Egads... This kind of kludges is too ugly to exist. What the hell for? If you
want to define something that looks like ->read_iter(), bloody make it proper
read_iter. Really working one, that is - without this "our oh-so-special needs
do not include file position" crap.
Seriously, this kind of calling conventions alone is enough for a NAK with
extreme prejudice. Something like
ssize_t simple_read_iter_from_buffer(struct kiocb *iocb, struct iov_iter *to,
const void *from, size_t available)
{
loff_t pos = iocb->ki_pos;
size_t ret;
if (pos < 0)
return -EINVAL;
if (pos >= available)
return 0;
ret = copy_to_iter(to, from + pos, available - pos);
if (!ret && iov_iter_count(to))
return -EFAULT;
iocb->ki_pos = pos + ret;
return ret;
}
EXPORT_SYMBOL(simple_read_iter_from_buffer);
in fs/libfs.c and turn the efivarfs_file_read() into a real ->read_iter() by
replacing simple_read_from_buffer to simple_read_iter_from_buffer (and adjusting
the arguments, of course). All there is to it. Sheesh...
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-07-06 12:45 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-07-06 12:14 [RFC PATCH] efivarfs: define integrity_read method Mimi Zohar
2017-07-06 12:45 ` Al Viro
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).