[PATCH 0/4] Fix misused kernel_read_file() enums

Greg Kroah-Hartman gregkh at linuxfoundation.org
Tue Jul 7 09:31:31 UTC 2020


On Tue, Jul 07, 2020 at 01:19:22AM -0700, Kees Cook wrote:
> Hi,
> 
> In looking for closely at the additions that got made to the
> kernel_read_file() enums, I noticed that FIRMWARE_PREALLOC_BUFFER
> and FIRMWARE_EFI_EMBEDDED were added, but they are not appropriate
> *kinds* of files for the LSM to reason about. They are a "how" and
> "where", respectively. Remove these improper aliases and refactor the
> code to adapt to the changes.
> 
> Additionally adds in missing calls to security_kernel_post_read_file()
> in the platform firmware fallback path (to match the sysfs firmware
> fallback path) and in module loading. I considered entirely removing
> security_kernel_post_read_file() hook since it is technically unused,
> but IMA probably wants to be able to measure EFI-stored firmware images,
> so I wired it up and matched it for modules, in case anyone wants to
> move the module signature checks out of the module core and into an LSM
> to avoid the current layering violations.
> 
> This touches several trees, and I suspect it would be best to go through
> James's LSM tree.
> 
> Thanks!
> 
> -Kees
> 
> Kees Cook (4):
>   firmware_loader: EFI firmware loader must handle pre-allocated buffer
>   fs: Remove FIRMWARE_PREALLOC_BUFFER from kernel_read_file() enums
>   fs: Remove FIRMWARE_EFI_EMBEDDED from kernel_read_file() enums
>   module: Add hook for security_kernel_post_read_file()

Looks good to me, thanks for fixing this up:

Reviewed-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>



More information about the Linux-security-module-archive mailing list