From: Mimi Zohar <zohar@linux.vnet.ibm.com> To: Hans de Goede <hdegoede@redhat.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>, "Luis R . Rodriguez" <mcgrof@kernel.org>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, "H . Peter Anvin" <hpa@zytor.com> Cc: Peter Jones <pjones@redhat.com>, Dave Olsthoorn <dave@bewaar.me>, Will Deacon <will.deacon@arm.com>, Andy Lutomirski <luto@kernel.org>, Matt Fleming <matt@codeblueprint.co.uk>, David Howells <dhowells@redhat.com>, Josh Triplett <josh@joshtriplett.org>, dmitry.torokhov@gmail.com, mfuzzey@parkeon.com, Kalle Valo <kvalo@codeaurora.org>, Arend Van Spriel <arend.vanspriel@broadcom.com>, Linus Torvalds <torvalds@linux-foundation.org>, nbroeking@me.com, bjorn.andersson@linaro.org, Torsten Duwe <duwe@suse.de>, Kees Cook <keescook@chromium.org>, x86@kernel.org, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module <linux-security-module@vger.kernel.org> Subject: Re: [PATCH v5 2/5] efi: Add embedded peripheral firmware support Date: Tue, 01 May 2018 10:36:14 -0400 [thread overview] Message-ID: <1525185374.5669.49.camel@linux.vnet.ibm.com> (raw) In-Reply-To: <20180429093558.5411-3-hdegoede@redhat.com> [Cc'ing linux-security] On Sun, 2018-04-29 at 11:35 +0200, Hans de Goede wrote: [...] > diff --git a/drivers/base/firmware_loader/fallback_efi.c b/drivers/base/firmware_loader/fallback_efi.c > new file mode 100644 > index 000000000000..82ba82f48a79 > --- /dev/null > +++ b/drivers/base/firmware_loader/fallback_efi.c > @@ -0,0 +1,51 @@ > +// SPDX-License-Identifier: GPL-2.0 > + > +#include <linux/efi_embedded_fw.h> > +#include <linux/property.h> > +#include <linux/security.h> > +#include <linux/vmalloc.h> > + > +#include "fallback.h" > +#include "firmware.h" > + > +int fw_get_efi_embedded_fw(struct device *dev, struct fw_priv *fw_priv, > + enum fw_opt *opt_flags, int ret) > +{ > + enum kernel_read_file_id id = READING_FIRMWARE; Please define a new kernel_read_file_id for this (eg. READING_FIRMWARE_EFI_EMBEDDED). > + size_t size, max = INT_MAX; > + int rc; > + > + if (!dev) > + return ret; > + > + if (!device_property_read_bool(dev, "efi-embedded-firmware")) > + return ret; Instead of calling security_kernel_post_read_file(), either in device_property_read_bool() or here call security_kernel_read_file(). The pre read call is for deciding whether to allow this call independent of the firmware being loaded, whereas the post security call is currently being used by IMA-appraisal for verifying a signature. There might be other LSMs using the post hook as well. As there is no kernel signature associated with this firmware, use the security pre read_file hook. thanks, Mimi > + > + *opt_flags |= FW_OPT_NO_WARN | FW_OPT_NOCACHE | FW_OPT_NOFALLBACK; > + > + /* Already populated data member means we're loading into a buffer */ > + if (fw_priv->data) { > + id = READING_FIRMWARE_PREALLOC_BUFFER; > + max = fw_priv->allocated_size; > + } > + > + rc = efi_get_embedded_fw(fw_priv->fw_name, &fw_priv->data, &size, max); > + if (rc) { > + dev_warn(dev, "Firmware %s not in EFI\n", fw_priv->fw_name); > + return ret; > + } > + > + rc = security_kernel_post_read_file(NULL, fw_priv->data, size, id); > + if (rc) { > + if (id != READING_FIRMWARE_PREALLOC_BUFFER) { > + vfree(fw_priv->data); > + fw_priv->data = NULL; > + } > + return rc; > + } > + > + dev_dbg(dev, "using efi-embedded fw %s\n", fw_priv->fw_name); > + fw_priv->size = size; > + fw_state_done(fw_priv); > + return 0; > +}
WARNING: multiple messages have this Message-ID (diff)
From: zohar@linux.vnet.ibm.com (Mimi Zohar) To: linux-security-module@vger.kernel.org Subject: [PATCH v5 2/5] efi: Add embedded peripheral firmware support Date: Tue, 01 May 2018 10:36:14 -0400 [thread overview] Message-ID: <1525185374.5669.49.camel@linux.vnet.ibm.com> (raw) In-Reply-To: <20180429093558.5411-3-hdegoede@redhat.com> [Cc'ing linux-security] On Sun, 2018-04-29 at 11:35 +0200, Hans de Goede wrote: [...] > diff --git a/drivers/base/firmware_loader/fallback_efi.c b/drivers/base/firmware_loader/fallback_efi.c > new file mode 100644 > index 000000000000..82ba82f48a79 > --- /dev/null > +++ b/drivers/base/firmware_loader/fallback_efi.c > @@ -0,0 +1,51 @@ > +// SPDX-License-Identifier: GPL-2.0 > + > +#include <linux/efi_embedded_fw.h> > +#include <linux/property.h> > +#include <linux/security.h> > +#include <linux/vmalloc.h> > + > +#include "fallback.h" > +#include "firmware.h" > + > +int fw_get_efi_embedded_fw(struct device *dev, struct fw_priv *fw_priv, > + enum fw_opt *opt_flags, int ret) > +{ > + enum kernel_read_file_id id = READING_FIRMWARE; Please define a new kernel_read_file_id for this (eg. READING_FIRMWARE_EFI_EMBEDDED). > + size_t size, max = INT_MAX; > + int rc; > + > + if (!dev) > + return ret; > + > + if (!device_property_read_bool(dev, "efi-embedded-firmware")) > + return ret; Instead of calling security_kernel_post_read_file(), either in device_property_read_bool() or here call security_kernel_read_file(). The pre read call is for deciding whether to allow this call independent of the firmware being loaded, whereas the post security call is currently being used by IMA-appraisal for verifying a signature. ?There might be other LSMs using the post hook as well. ?As there is no kernel signature associated with this firmware, use the security pre read_file hook. thanks, Mimi > + > + *opt_flags |= FW_OPT_NO_WARN | FW_OPT_NOCACHE | FW_OPT_NOFALLBACK; > + > + /* Already populated data member means we're loading into a buffer */ > + if (fw_priv->data) { > + id = READING_FIRMWARE_PREALLOC_BUFFER; > + max = fw_priv->allocated_size; > + } > + > + rc = efi_get_embedded_fw(fw_priv->fw_name, &fw_priv->data, &size, max); > + if (rc) { > + dev_warn(dev, "Firmware %s not in EFI\n", fw_priv->fw_name); > + return ret; > + } > + > + rc = security_kernel_post_read_file(NULL, fw_priv->data, size, id); > + if (rc) { > + if (id != READING_FIRMWARE_PREALLOC_BUFFER) { > + vfree(fw_priv->data); > + fw_priv->data = NULL; > + } > + return rc; > + } > + > + dev_dbg(dev, "using efi-embedded fw %s\n", fw_priv->fw_name); > + fw_priv->size = size; > + fw_state_done(fw_priv); > + return 0; > +} -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2018-05-01 14:36 UTC|newest] Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-04-29 9:35 [PATCH v5 0/5] efi/firmware/platform-x86: Add EFI embedded fw support Hans de Goede 2018-04-29 9:35 ` [PATCH v5 1/5] efi: Export boot-services code and data as debugfs-blobs Hans de Goede 2018-04-29 9:35 ` [PATCH v5 2/5] efi: Add embedded peripheral firmware support Hans de Goede 2018-05-01 14:36 ` Mimi Zohar [this message] 2018-05-01 14:36 ` Mimi Zohar 2018-05-01 19:11 ` Hans de Goede 2018-05-01 19:11 ` Hans de Goede 2018-05-01 19:27 ` Mimi Zohar 2018-05-01 19:27 ` Mimi Zohar 2018-05-03 22:23 ` Luis R. Rodriguez 2018-05-03 22:23 ` Luis R. Rodriguez 2018-05-03 22:23 ` Luis R. Rodriguez 2018-05-03 23:02 ` Mimi Zohar 2018-05-03 23:02 ` Mimi Zohar 2018-05-03 23:02 ` Mimi Zohar 2018-05-01 19:29 ` Andy Lutomirski 2018-05-01 19:29 ` Andy Lutomirski 2018-05-01 19:29 ` Andy Lutomirski 2018-05-01 20:06 ` Lukas Wunner 2018-05-01 20:06 ` Lukas Wunner 2018-05-01 20:06 ` Lukas Wunner 2018-05-02 14:49 ` Hans de Goede 2018-05-02 14:49 ` Hans de Goede 2018-05-02 14:49 ` Hans de Goede 2018-05-03 22:31 ` Luis R. Rodriguez 2018-05-03 22:31 ` Luis R. Rodriguez 2018-05-03 22:31 ` Luis R. Rodriguez 2018-05-03 22:35 ` Andy Lutomirski 2018-05-03 22:35 ` Andy Lutomirski 2018-05-03 22:35 ` Andy Lutomirski 2018-05-13 11:41 ` Hans de Goede 2018-05-13 11:41 ` Hans de Goede 2018-05-13 11:41 ` Hans de Goede 2018-05-13 11:05 ` Hans de Goede 2018-05-13 11:05 ` Hans de Goede 2018-05-13 11:05 ` Hans de Goede 2018-05-03 23:29 ` Luis R. Rodriguez 2018-05-03 23:29 ` Luis R. Rodriguez 2018-05-04 5:54 ` Ard Biesheuvel 2018-05-04 5:54 ` Ard Biesheuvel 2018-05-08 17:12 ` Luis R. Rodriguez 2018-05-08 17:12 ` Luis R. Rodriguez 2018-05-13 14:10 ` Hans de Goede 2018-05-13 14:10 ` Hans de Goede 2018-05-04 5:56 ` Ard Biesheuvel 2018-05-04 5:56 ` Ard Biesheuvel 2018-05-13 11:03 ` Hans de Goede 2018-05-13 11:03 ` Hans de Goede 2018-05-13 11:43 ` Ard Biesheuvel 2018-05-13 11:43 ` Ard Biesheuvel 2018-05-13 13:26 ` Hans de Goede 2018-05-13 13:26 ` Hans de Goede 2018-04-29 9:35 ` [PATCH v5 3/5] platform/x86: Rename silead_dmi to touchscreen_dmi Hans de Goede 2018-04-29 9:35 ` [PATCH v5 4/5] platform/x86: touchscreen_dmi: Add EFI embedded firmware info support Hans de Goede 2018-04-29 9:35 ` [PATCH v5 5/5] platform/x86: touchscreen_dmi: Add info for the Chuwi Vi8 Plus tablet Hans de Goede
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1525185374.5669.49.camel@linux.vnet.ibm.com \ --to=zohar@linux.vnet.ibm.com \ --cc=ard.biesheuvel@linaro.org \ --cc=arend.vanspriel@broadcom.com \ --cc=bjorn.andersson@linaro.org \ --cc=dave@bewaar.me \ --cc=dhowells@redhat.com \ --cc=dmitry.torokhov@gmail.com \ --cc=duwe@suse.de \ --cc=gregkh@linuxfoundation.org \ --cc=hdegoede@redhat.com \ --cc=hpa@zytor.com \ --cc=josh@joshtriplett.org \ --cc=keescook@chromium.org \ --cc=kvalo@codeaurora.org \ --cc=linux-efi@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-security-module@vger.kernel.org \ --cc=luto@kernel.org \ --cc=matt@codeblueprint.co.uk \ --cc=mcgrof@kernel.org \ --cc=mfuzzey@parkeon.com \ --cc=mingo@redhat.com \ --cc=nbroeking@me.com \ --cc=pjones@redhat.com \ --cc=tglx@linutronix.de \ --cc=torvalds@linux-foundation.org \ --cc=will.deacon@arm.com \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.