From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Nayna Jain <nayna@linux.ibm.com>
Cc: linuxppc-dev@lists.ozlabs.org, linux-fsdevel@vger.kernel.org,
linux-efi@vger.kernel.org,
linux-security-module <linux-security-module@vger.kernel.org>,
linux-kernel@vger.kernel.org,
Michael Ellerman <mpe@ellerman.id.au>,
Dov Murik <dovmurik@linux.ibm.com>,
George Wilson <gcwilson@linux.ibm.com>,
gjoyce@ibm.com, Matthew Garrett <mjg59@srcf.ucam.org>,
Dave Hansen <dave.hansen@intel.com>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Paul Mackerras <paulus@samba.org>
Subject: Re: [RFC PATCH v2 2/3] fs: define a firmware security filesystem named fwsecurityfs
Date: Thu, 23 Jun 2022 10:54:22 +0200 [thread overview]
Message-ID: <YrQqPhi4+jHZ1WJc@kroah.com> (raw)
In-Reply-To: <20220622215648.96723-3-nayna@linux.ibm.com>
On Wed, Jun 22, 2022 at 05:56:47PM -0400, Nayna Jain wrote:
> securityfs is meant for linux security subsystems to expose policies/logs
> or any other information. However, there are various firmware security
> features which expose their variables for user management via kernel.
> There is currently no single place to expose these variables. Different
> platforms use sysfs/platform specific filesystem(efivarfs)/securityfs
> interface as find appropriate. Thus, there is a gap in kernel interfaces
> to expose variables for security features.
>
> Define a firmware security filesystem (fwsecurityfs) to be used for
> exposing variables managed by firmware and to be used by firmware
> enabled security features. These variables are platform specific.
> Filesystem provides platforms to implement their own underlying
> semantics by defining own inode and file operations.
>
> Similar to securityfs, the firmware security filesystem is recommended
> to be exposed on a well known mount point /sys/firmware/security.
> Platforms can define their own directory or file structure under this path.
>
> Example:
>
> # mount -t fwsecurityfs fwsecurityfs /sys/firmware/security
>
> # cd /sys/firmware/security/
>
> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
> ---
> fs/Kconfig | 1 +
> fs/Makefile | 1 +
> fs/fwsecurityfs/Kconfig | 14 +++
> fs/fwsecurityfs/Makefile | 10 +++
> fs/fwsecurityfs/inode.c | 159 +++++++++++++++++++++++++++++++++++
> fs/fwsecurityfs/internal.h | 13 +++
> fs/fwsecurityfs/super.c | 154 +++++++++++++++++++++++++++++++++
> include/linux/fwsecurityfs.h | 29 +++++++
> include/uapi/linux/magic.h | 1 +
> 9 files changed, 382 insertions(+)
> create mode 100644 fs/fwsecurityfs/Kconfig
> create mode 100644 fs/fwsecurityfs/Makefile
> create mode 100644 fs/fwsecurityfs/inode.c
> create mode 100644 fs/fwsecurityfs/internal.h
> create mode 100644 fs/fwsecurityfs/super.c
> create mode 100644 include/linux/fwsecurityfs.h
>
> diff --git a/fs/Kconfig b/fs/Kconfig
> index 5976eb33535f..19ea28143428 100644
> --- a/fs/Kconfig
> +++ b/fs/Kconfig
> @@ -276,6 +276,7 @@ config ARCH_HAS_GIGANTIC_PAGE
>
> source "fs/configfs/Kconfig"
> source "fs/efivarfs/Kconfig"
> +source "fs/fwsecurityfs/Kconfig"
>
> endmenu
>
> diff --git a/fs/Makefile b/fs/Makefile
> index 208a74e0b00e..5792cd0443cb 100644
> --- a/fs/Makefile
> +++ b/fs/Makefile
> @@ -137,6 +137,7 @@ obj-$(CONFIG_F2FS_FS) += f2fs/
> obj-$(CONFIG_CEPH_FS) += ceph/
> obj-$(CONFIG_PSTORE) += pstore/
> obj-$(CONFIG_EFIVAR_FS) += efivarfs/
> +obj-$(CONFIG_FWSECURITYFS) += fwsecurityfs/
> obj-$(CONFIG_EROFS_FS) += erofs/
> obj-$(CONFIG_VBOXSF_FS) += vboxsf/
> obj-$(CONFIG_ZONEFS_FS) += zonefs/
> diff --git a/fs/fwsecurityfs/Kconfig b/fs/fwsecurityfs/Kconfig
> new file mode 100644
> index 000000000000..f1665511eeb9
> --- /dev/null
> +++ b/fs/fwsecurityfs/Kconfig
> @@ -0,0 +1,14 @@
> +# SPDX-License-Identifier: GPL-2.0-only
> +#
> +# Copyright (C) 2022 IBM Corporation
> +# Author: Nayna Jain <nayna@linux.ibm.com>
> +#
> +
> +config FWSECURITYFS
> + bool "Enable the fwsecurityfs filesystem"
> + help
> + This will build the fwsecurityfs file system which is recommended
> + to be mounted on /sys/firmware/security. This can be used by
> + platforms to expose their variables which are managed by firmware.
> +
> + If you are unsure how to answer this question, answer N.
> diff --git a/fs/fwsecurityfs/Makefile b/fs/fwsecurityfs/Makefile
> new file mode 100644
> index 000000000000..b9931d180178
> --- /dev/null
> +++ b/fs/fwsecurityfs/Makefile
> @@ -0,0 +1,10 @@
> +# SPDX-License-Identifier: GPL-2.0-only
> +#
> +# Copyright (C) 2022 IBM Corporation
> +# Author: Nayna Jain <nayna@linux.ibm.com>
> +#
> +# Makefile for the firmware security filesystem
> +
> +obj-$(CONFIG_FWSECURITYFS) += fwsecurityfs.o
> +
> +fwsecurityfs-objs := inode.o super.o
> diff --git a/fs/fwsecurityfs/inode.c b/fs/fwsecurityfs/inode.c
> new file mode 100644
> index 000000000000..5d06dc0de059
> --- /dev/null
> +++ b/fs/fwsecurityfs/inode.c
> @@ -0,0 +1,159 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/*
> + * Copyright (C) 2022 IBM Corporation
> + * Author: Nayna Jain <nayna@linux.ibm.com>
> + */
> +
> +#include <linux/sysfs.h>
> +#include <linux/kobject.h>
> +#include <linux/fs.h>
> +#include <linux/fs_context.h>
> +#include <linux/mount.h>
> +#include <linux/pagemap.h>
> +#include <linux/init.h>
> +#include <linux/namei.h>
> +#include <linux/security.h>
> +#include <linux/lsm_hooks.h>
> +#include <linux/magic.h>
> +#include <linux/ctype.h>
> +#include <linux/fwsecurityfs.h>
> +
> +#include "internal.h"
> +
> +int fwsecurityfs_remove_file(struct dentry *dentry)
> +{
> + drop_nlink(d_inode(dentry));
> + dput(dentry);
> + return 0;
> +};
> +EXPORT_SYMBOL_GPL(fwsecurityfs_remove_file);
> +
> +int fwsecurityfs_create_file(const char *name, umode_t mode,
> + u16 filesize, struct dentry *parent,
> + struct dentry *dentry,
> + const struct file_operations *fops)
> +{
> + struct inode *inode;
> + int error;
> + struct inode *dir;
> +
> + if (!parent)
> + return -EINVAL;
> +
> + dir = d_inode(parent);
> + pr_debug("securityfs: creating file '%s'\n", name);
Did you forget to call simple_pin_fs() here or anywhere else?
And this can be just one function with the directory creation file, just
check the mode and you will be fine. Look at securityfs as an example
of how to make this simpler.
> diff --git a/fs/fwsecurityfs/super.c b/fs/fwsecurityfs/super.c
super.c and inode.c can be in the same file, these are tiny, just make
one file for the filesystem logic.
thanks,
greg k-h
WARNING: multiple messages have this Message-ID (diff)
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Nayna Jain <nayna@linux.ibm.com>
Cc: Matthew Garrett <mjg59@srcf.ucam.org>,
linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org,
Dov Murik <dovmurik@linux.ibm.com>,
Dave Hansen <dave.hansen@intel.com>,
linux-security-module <linux-security-module@vger.kernel.org>,
Paul Mackerras <paulus@samba.org>,
linux-fsdevel@vger.kernel.org,
George Wilson <gcwilson@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org, gjoyce@ibm.com
Subject: Re: [RFC PATCH v2 2/3] fs: define a firmware security filesystem named fwsecurityfs
Date: Thu, 23 Jun 2022 10:54:22 +0200 [thread overview]
Message-ID: <YrQqPhi4+jHZ1WJc@kroah.com> (raw)
In-Reply-To: <20220622215648.96723-3-nayna@linux.ibm.com>
On Wed, Jun 22, 2022 at 05:56:47PM -0400, Nayna Jain wrote:
> securityfs is meant for linux security subsystems to expose policies/logs
> or any other information. However, there are various firmware security
> features which expose their variables for user management via kernel.
> There is currently no single place to expose these variables. Different
> platforms use sysfs/platform specific filesystem(efivarfs)/securityfs
> interface as find appropriate. Thus, there is a gap in kernel interfaces
> to expose variables for security features.
>
> Define a firmware security filesystem (fwsecurityfs) to be used for
> exposing variables managed by firmware and to be used by firmware
> enabled security features. These variables are platform specific.
> Filesystem provides platforms to implement their own underlying
> semantics by defining own inode and file operations.
>
> Similar to securityfs, the firmware security filesystem is recommended
> to be exposed on a well known mount point /sys/firmware/security.
> Platforms can define their own directory or file structure under this path.
>
> Example:
>
> # mount -t fwsecurityfs fwsecurityfs /sys/firmware/security
>
> # cd /sys/firmware/security/
>
> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
> ---
> fs/Kconfig | 1 +
> fs/Makefile | 1 +
> fs/fwsecurityfs/Kconfig | 14 +++
> fs/fwsecurityfs/Makefile | 10 +++
> fs/fwsecurityfs/inode.c | 159 +++++++++++++++++++++++++++++++++++
> fs/fwsecurityfs/internal.h | 13 +++
> fs/fwsecurityfs/super.c | 154 +++++++++++++++++++++++++++++++++
> include/linux/fwsecurityfs.h | 29 +++++++
> include/uapi/linux/magic.h | 1 +
> 9 files changed, 382 insertions(+)
> create mode 100644 fs/fwsecurityfs/Kconfig
> create mode 100644 fs/fwsecurityfs/Makefile
> create mode 100644 fs/fwsecurityfs/inode.c
> create mode 100644 fs/fwsecurityfs/internal.h
> create mode 100644 fs/fwsecurityfs/super.c
> create mode 100644 include/linux/fwsecurityfs.h
>
> diff --git a/fs/Kconfig b/fs/Kconfig
> index 5976eb33535f..19ea28143428 100644
> --- a/fs/Kconfig
> +++ b/fs/Kconfig
> @@ -276,6 +276,7 @@ config ARCH_HAS_GIGANTIC_PAGE
>
> source "fs/configfs/Kconfig"
> source "fs/efivarfs/Kconfig"
> +source "fs/fwsecurityfs/Kconfig"
>
> endmenu
>
> diff --git a/fs/Makefile b/fs/Makefile
> index 208a74e0b00e..5792cd0443cb 100644
> --- a/fs/Makefile
> +++ b/fs/Makefile
> @@ -137,6 +137,7 @@ obj-$(CONFIG_F2FS_FS) += f2fs/
> obj-$(CONFIG_CEPH_FS) += ceph/
> obj-$(CONFIG_PSTORE) += pstore/
> obj-$(CONFIG_EFIVAR_FS) += efivarfs/
> +obj-$(CONFIG_FWSECURITYFS) += fwsecurityfs/
> obj-$(CONFIG_EROFS_FS) += erofs/
> obj-$(CONFIG_VBOXSF_FS) += vboxsf/
> obj-$(CONFIG_ZONEFS_FS) += zonefs/
> diff --git a/fs/fwsecurityfs/Kconfig b/fs/fwsecurityfs/Kconfig
> new file mode 100644
> index 000000000000..f1665511eeb9
> --- /dev/null
> +++ b/fs/fwsecurityfs/Kconfig
> @@ -0,0 +1,14 @@
> +# SPDX-License-Identifier: GPL-2.0-only
> +#
> +# Copyright (C) 2022 IBM Corporation
> +# Author: Nayna Jain <nayna@linux.ibm.com>
> +#
> +
> +config FWSECURITYFS
> + bool "Enable the fwsecurityfs filesystem"
> + help
> + This will build the fwsecurityfs file system which is recommended
> + to be mounted on /sys/firmware/security. This can be used by
> + platforms to expose their variables which are managed by firmware.
> +
> + If you are unsure how to answer this question, answer N.
> diff --git a/fs/fwsecurityfs/Makefile b/fs/fwsecurityfs/Makefile
> new file mode 100644
> index 000000000000..b9931d180178
> --- /dev/null
> +++ b/fs/fwsecurityfs/Makefile
> @@ -0,0 +1,10 @@
> +# SPDX-License-Identifier: GPL-2.0-only
> +#
> +# Copyright (C) 2022 IBM Corporation
> +# Author: Nayna Jain <nayna@linux.ibm.com>
> +#
> +# Makefile for the firmware security filesystem
> +
> +obj-$(CONFIG_FWSECURITYFS) += fwsecurityfs.o
> +
> +fwsecurityfs-objs := inode.o super.o
> diff --git a/fs/fwsecurityfs/inode.c b/fs/fwsecurityfs/inode.c
> new file mode 100644
> index 000000000000..5d06dc0de059
> --- /dev/null
> +++ b/fs/fwsecurityfs/inode.c
> @@ -0,0 +1,159 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/*
> + * Copyright (C) 2022 IBM Corporation
> + * Author: Nayna Jain <nayna@linux.ibm.com>
> + */
> +
> +#include <linux/sysfs.h>
> +#include <linux/kobject.h>
> +#include <linux/fs.h>
> +#include <linux/fs_context.h>
> +#include <linux/mount.h>
> +#include <linux/pagemap.h>
> +#include <linux/init.h>
> +#include <linux/namei.h>
> +#include <linux/security.h>
> +#include <linux/lsm_hooks.h>
> +#include <linux/magic.h>
> +#include <linux/ctype.h>
> +#include <linux/fwsecurityfs.h>
> +
> +#include "internal.h"
> +
> +int fwsecurityfs_remove_file(struct dentry *dentry)
> +{
> + drop_nlink(d_inode(dentry));
> + dput(dentry);
> + return 0;
> +};
> +EXPORT_SYMBOL_GPL(fwsecurityfs_remove_file);
> +
> +int fwsecurityfs_create_file(const char *name, umode_t mode,
> + u16 filesize, struct dentry *parent,
> + struct dentry *dentry,
> + const struct file_operations *fops)
> +{
> + struct inode *inode;
> + int error;
> + struct inode *dir;
> +
> + if (!parent)
> + return -EINVAL;
> +
> + dir = d_inode(parent);
> + pr_debug("securityfs: creating file '%s'\n", name);
Did you forget to call simple_pin_fs() here or anywhere else?
And this can be just one function with the directory creation file, just
check the mode and you will be fine. Look at securityfs as an example
of how to make this simpler.
> diff --git a/fs/fwsecurityfs/super.c b/fs/fwsecurityfs/super.c
super.c and inode.c can be in the same file, these are tiny, just make
one file for the filesystem logic.
thanks,
greg k-h
next prev parent reply other threads:[~2022-06-23 8:54 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-22 21:56 [RFC PATCH v2 0/3] powerpc/pseries: add support for local secure storage called Platform KeyStore(PKS) Nayna Jain
2022-06-22 21:56 ` Nayna Jain
2022-06-22 21:56 ` [RFC PATCH v2 1/3] powerpc/pseries: define driver for Platform KeyStore Nayna Jain
2022-06-22 21:56 ` Nayna Jain
2022-06-22 21:56 ` [RFC PATCH v2 2/3] fs: define a firmware security filesystem named fwsecurityfs Nayna Jain
2022-06-22 21:56 ` Nayna Jain
2022-06-22 22:29 ` Casey Schaufler
2022-06-22 22:29 ` Casey Schaufler
2022-06-23 1:50 ` Nayna
2022-06-23 1:50 ` Nayna
2022-06-23 8:54 ` Greg Kroah-Hartman [this message]
2022-06-23 8:54 ` Greg Kroah-Hartman
2022-06-23 13:23 ` James Bottomley
2022-06-23 13:23 ` James Bottomley
2022-06-26 15:48 ` Mimi Zohar
2022-06-26 15:48 ` Mimi Zohar
2022-06-27 7:37 ` Greg Kroah-Hartman
2022-06-27 7:37 ` Greg Kroah-Hartman
2022-06-28 13:25 ` Christian Brauner
2022-06-28 13:25 ` Christian Brauner
2022-06-23 22:18 ` kernel test robot
2022-06-22 21:56 ` [RFC PATCH v2 3/3] powerpc/pseries: expose authenticated variables stored in LPAR PKS Nayna Jain
2022-06-22 21:56 ` Nayna Jain
2022-06-23 2:36 ` Randy Dunlap
2022-06-23 2:36 ` Randy Dunlap
2022-06-27 21:10 ` [RFC PATCH v2 0/3] powerpc/pseries: add support for local secure storage called Platform KeyStore(PKS) Dave Hansen
2022-06-27 21:10 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YrQqPhi4+jHZ1WJc@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=benh@kernel.crashing.org \
--cc=dave.hansen@intel.com \
--cc=dovmurik@linux.ibm.com \
--cc=gcwilson@linux.ibm.com \
--cc=gjoyce@ibm.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mjg59@srcf.ucam.org \
--cc=mpe@ellerman.id.au \
--cc=nayna@linux.ibm.com \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.