| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <104a1eea-6b55-d857-04b9-d13aed9a36fd@broadcom.com>
Date: Wed, 13 May 2020 11:57:09 -0700
From: Scott Branden <scott.branden@...adcom.com>
To: Mimi Zohar <zohar@...nel.org>,
Luis Chamberlain <mcgrof@...nel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
David Brown <david.brown@...aro.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Shuah Khan <shuah@...nel.org>, bjorn.andersson@...aro.org,
Shuah Khan <skhan@...uxfoundation.org>,
Arnd Bergmann <arnd@...db.de>
Cc: "Rafael J . Wysocki" <rafael@...nel.org>,
linux-kernel@...r.kernel.org, linux-arm-msm@...r.kernel.org,
linux-fsdevel@...r.kernel.org,
BCM Kernel Feedback <bcm-kernel-feedback-list@...adcom.com>,
Olof Johansson <olof@...om.net>,
Andrew Morton <akpm@...ux-foundation.org>,
Dan Carpenter <dan.carpenter@...cle.com>,
Colin Ian King <colin.king@...onical.com>,
Kees Cook <keescook@...omium.org>,
Takashi Iwai <tiwai@...e.de>, linux-kselftest@...r.kernel.org,
Andy Gross <agross@...nel.org>,
linux-security-module <linux-security-module@...r.kernel.org>,
linux-integrity <linux-integrity@...r.kernel.org>
Subject: Re: [PATCH v5 1/7] fs: introduce kernel_pread_file* support
On 2020-05-13 11:53 a.m., Scott Branden wrote:
> Hi Mimi,
>
> On 2020-05-13 11:39 a.m., Mimi Zohar wrote:
>> [Cc'ing linux-security-module, linux-integrity]
>>
>> On Thu, 2020-05-07 at 17:27 -0700, Scott Branden wrote:
>>> Add kernel_pread_file* support to kernel to allow for partial read
>>> of files with an offset into the file. Existing kernel_read_file
>>> functions call new kernel_pread_file functions with offset=0 and
>>> flags=KERNEL_PREAD_FLAG_WHOLE.
>>>
>>> Signed-off-by: Scott Branden <scott.branden@...adcom.com>
>>> ---
>> <snip>
>>
>>> @@ -941,14 +955,16 @@ int kernel_read_file(struct file *file, void
>>> **buf, loff_t *size,
> The checkpatch shows this as kernel_read_file when it is actually the
> new function kernel_pread_file.
typo: "checkpatch" should be "patch diff"
> Please see the call to kernel_pread_file from kernel_read_file in the
> complete patch rather this snippet.
>>> if (bytes == 0)
>>> break;
>>> +
>>> + buf_pos += bytes;
>>> }
>>> - if (pos != i_size) {
>>> + if (pos != read_end) {
>>> ret = -EIO;
>>> goto out_free;
>>> }
>>> - ret = security_kernel_post_read_file(file, *buf, i_size, id);
>>> + ret = security_kernel_post_read_file(file, *buf, alloc_size, id);
>>> if (!ret)
>>> *size = pos;
>> Prior to the patch set that introduced this security hook, firmware
>> would be read twice, once for measuring/appraising the firmware and
>> again reading the file contents into memory. Partial reads will break
>> both IMA's measuring the file and appraising the file signatures.
> The partial file read support is needed for request_firmware_into_buf
> from drivers. The EXPORT_SYMBOL_GPL is being removed so that
> there can be no abuse of the partial file read support. Such file
> integrity checks are not needed for this use case. The partial file
> (firmware image) is actually downloaded in portions and verified on
> the device it is loaded to.
>
> Regards,
> Scott
Powered by blists - more mailing lists