linux-modules.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: linux-security-module@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>,
	"Luis R. Rodriguez" <mcgrof@suse.com>,
	kexec@lists.infradead.org, linux-modules@vger.kernel.org,
	fsdevel@vger.kernel.org, David Howells <dhowells@redhat.com>,
	David Woodhouse <dwmw2@infradead.org>,
	Kees Cook <keescook@chromium.org>,
	Dmitry Torokhov <dmitry.torokhov@gmail.com>
Subject: [RFC PATCH 0/5] vfs: support for a common kernel file loader (step 1)
Date: Fri,  8 Jan 2016 14:21:59 -0500	[thread overview]
Message-ID: <1452280924-28774-1-git-send-email-zohar@linux.vnet.ibm.com> (raw)

For a while it was looked down upon to directly read files from Linux.
These days there exists a few mechanisms in the kernel that do just this
though to load a file into a local buffer. There are minor but important
checks differences on each, we should take all the best practices from
each of them, generalize them and make all places in the kernel that
read a file use it.[1]

One difference is the method for opening the file.  In some cases we
have a file, while in other cases we have a pathname or a file descriptor.

Another difference is the security hook calls, or lack of them.  In
some versions there is a post file read hook, while in others there
is a pre file read hook.

This patch set is the first attempt at resolving these differences.  It
does not attempt to merge the different methods of opening a file, but
defines a single common kernel file read function with two wrappers.
Although this patch set defines two new security hooks for pre and post
file read, it does not attempt to merge the existing security hooks.
That is left as future work.

These patches are based on top of the "ima: measuring/appraising files
read by the kernel".  The latest version of these patches can be found
in the next-kernel-read branch of:
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git

Mimi Zohar (5):
  vfs: define a generic function to read a file from the kernel
  firmware: replace call to fw_read_file_contents() with kernel version
  kexec: replace call to copy_file_from_fd() with kernel version
  ima: replace call to integrity_read_file() with kernel version
  module: replace copy_module_from_fd with kernel version

 drivers/base/firmware_class.c         | 51 +++++--------------
 fs/exec.c                             | 96 +++++++++++++++++++++++++++++++++++
 include/linux/fs.h                    |  3 ++
 include/linux/ima.h                   |  7 +--
 include/linux/lsm_hooks.h             | 19 +++++++
 include/linux/security.h              | 14 +++--
 kernel/kexec_file.c                   | 76 +++------------------------
 kernel/module.c                       | 67 +++---------------------
 security/integrity/ima/ima.h          |  1 -
 security/integrity/ima/ima_appraise.c |  7 ---
 security/integrity/ima/ima_fs.c       | 15 +++---
 security/integrity/ima/ima_main.c     | 21 ++++----
 security/integrity/ima/ima_policy.c   | 16 +++---
 security/integrity/integrity.h        | 12 ++---
 security/security.c                   | 46 ++++++++++++-----
 15 files changed, 217 insertions(+), 234 deletions(-)

-- 
2.1.0


             reply	other threads:[~2016-01-08 19:23 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-01-08 19:21 Mimi Zohar [this message]
2016-01-08 19:22 ` [RFC PATCH 1/5] vfs: define a generic function to read a file from the kernel Mimi Zohar
2016-01-08 20:24   ` Kees Cook
2016-01-08 20:29     ` Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 2/5] firmware: replace call to fw_read_file_contents() with kernel version Mimi Zohar
2016-01-08 20:26   ` Kees Cook
2016-01-08 20:36     ` Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 3/5] kexec: replace call to copy_file_from_fd() " Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 4/5] ima: replace call to integrity_read_file() " Mimi Zohar
2016-01-08 19:22 ` [RFC PATCH 5/5] module: replace copy_module_from_fd " Mimi Zohar
2016-01-08 19:32 ` [RFC PATCH 0/5] vfs: support for a common kernel file loader (step 1) Mimi Zohar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1452280924-28774-1-git-send-email-zohar@linux.vnet.ibm.com \
    --to=zohar@linux.vnet.ibm.com \
    --cc=dhowells@redhat.com \
    --cc=dmitry.torokhov@gmail.com \
    --cc=dwmw2@infradead.org \
    --cc=fsdevel@vger.kernel.org \
    --cc=keescook@chromium.org \
    --cc=kexec@lists.infradead.org \
    --cc=linux-modules@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mcgrof@suse.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).