From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752601AbcGKSmD (ORCPT <rfc822;w@1wt.eu>);
	Mon, 11 Jul 2016 14:42:03 -0400
Received: from mail-wm0-f42.google.com ([74.125.82.42]:37569 "EHLO
	mail-wm0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752575AbcGKSmA convert rfc822-to-8bit (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 11 Jul 2016 14:42:00 -0400
MIME-Version: 1.0
In-Reply-To: <1468088355-18484-1-git-send-email-mic@digikod.net>
References: <1468088355-18484-1-git-send-email-mic@digikod.net>
From: Kees Cook <keescook@chromium.org>
Date: Mon, 11 Jul 2016 14:41:57 -0400
X-Google-Sender-Auth: FSFfLIdonO9W_0XruRJdVk0H68U
Message-ID: <CAGXu5jLmB-0FzZaxqetnAZEYj0MGKkgADue44gWmydwkfpq6xg@mail.gmail.com>
Subject: Re: [PATCH v1] module: Fully remove the kernel_module_from_file hook
To: =?UTF-8?B?TWlja2HDq2wgU2FsYcO8bg==?= <mic@digikod.net>,
        James Morris <jmorris@namei.org>
Cc: LKML <linux-kernel@vger.kernel.org>, Mimi Zohar <zohar@linux.vnet.ibm.com>,
        "Luis R . Rodriguez" <mcgrof@kernel.org>,
        Rusty Russell <rusty@rustcorp.com.au>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "# 3.4.x" <stable@vger.kernel.org>,
        linux-security-module <linux-security-module@vger.kernel.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8BIT
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat, Jul 9, 2016 at 2:19 PM, Mickaël Salaün <mic@digikod.net> wrote:
> Fixes: a1db74209483 ("module: replace copy_module_from_fd with kernel version")

Oh, hrm, was that still in there? Thanks for the catch!

Acked-by: Kees Cook <keescook@chromium.org>

-Kees

>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Luis R. Rodriguez <mcgrof@kernel.org>
> Cc: Rusty Russell <rusty@rustcorp.com.au>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> ---
>  include/linux/lsm_hooks.h | 1 -
>  include/linux/security.h  | 1 -
>  2 files changed, 2 deletions(-)
>
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index 7ae397669d8b..58c777ec8bcf 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1455,7 +1455,6 @@ union security_list_options {
>         int (*kernel_act_as)(struct cred *new, u32 secid);
>         int (*kernel_create_files_as)(struct cred *new, struct inode *inode);
>         int (*kernel_module_request)(char *kmod_name);
> -       int (*kernel_module_from_file)(struct file *file);
>         int (*kernel_read_file)(struct file *file, enum kernel_read_file_id id);
>         int (*kernel_post_read_file)(struct file *file, char *buf, loff_t size,
>                                      enum kernel_read_file_id id);
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 14df373ff2ca..2b8c7d2a3fd8 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -307,7 +307,6 @@ void security_transfer_creds(struct cred *new, const struct cred *old);
>  int security_kernel_act_as(struct cred *new, u32 secid);
>  int security_kernel_create_files_as(struct cred *new, struct inode *inode);
>  int security_kernel_module_request(char *kmod_name);
> -int security_kernel_module_from_file(struct file *file);
>  int security_kernel_read_file(struct file *file, enum kernel_read_file_id id);
>  int security_kernel_post_read_file(struct file *file, char *buf, loff_t size,
>                                    enum kernel_read_file_id id);
> --
> 2.8.1
>



-- 
Kees Cook
Chrome OS & Brillo Security