| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Jul 2020 13:01:51 +0200
From: Hans de Goede <hdegoede@...hat.com>
To: Kees Cook <keescook@...omium.org>, James Morris <jmorris@...ei.org>
Cc: Luis Chamberlain <mcgrof@...nel.org>,
Mimi Zohar <zohar@...ux.ibm.com>,
Scott Branden <scott.branden@...adcom.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J. Wysocki" <rafael@...nel.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Jessica Yu <jeyu@...nel.org>,
Dmitry Kasatkin <dmitry.kasatkin@...il.com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Casey Schaufler <casey@...aufler-ca.com>,
"Eric W. Biederman" <ebiederm@...ssion.com>,
Peter Zijlstra <peterz@...radead.org>,
Matthew Garrett <matthewgarrett@...gle.com>,
David Howells <dhowells@...hat.com>,
Mauro Carvalho Chehab <mchehab+huawei@...nel.org>,
Randy Dunlap <rdunlap@...radead.org>,
"Joel Fernandes (Google)" <joel@...lfernandes.org>,
KP Singh <kpsingh@...gle.com>, Dave Olsthoorn <dave@...aar.me>,
Peter Jones <pjones@...hat.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Stephen Boyd <stephen.boyd@...aro.org>,
Paul Moore <paul@...l-moore.com>, linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org
Subject: Re: [PATCH 0/4] Fix misused kernel_read_file() enums
Hi,
On 7/7/20 10:19 AM, Kees Cook wrote:
> Hi,
>
> In looking for closely at the additions that got made to the
> kernel_read_file() enums, I noticed that FIRMWARE_PREALLOC_BUFFER
> and FIRMWARE_EFI_EMBEDDED were added, but they are not appropriate
> *kinds* of files for the LSM to reason about. They are a "how" and
> "where", respectively. Remove these improper aliases and refactor the
> code to adapt to the changes.
>
> Additionally adds in missing calls to security_kernel_post_read_file()
> in the platform firmware fallback path (to match the sysfs firmware
> fallback path) and in module loading. I considered entirely removing
> security_kernel_post_read_file() hook since it is technically unused,
> but IMA probably wants to be able to measure EFI-stored firmware images,
> so I wired it up and matched it for modules, in case anyone wants to
> move the module signature checks out of the module core and into an LSM
> to avoid the current layering violations.
>
> This touches several trees, and I suspect it would be best to go through
> James's LSM tree.
>
> Thanks!
I've done some quick tests on this series to make sure that
the efi embedded-firmware support did not regress.
That still works fine, so this series is;
Tested-by: Hans de Goede <hdegoede@...hat.com>
Regards,
Hans
>
> -Kees
>
> Kees Cook (4):
> firmware_loader: EFI firmware loader must handle pre-allocated buffer
> fs: Remove FIRMWARE_PREALLOC_BUFFER from kernel_read_file() enums
> fs: Remove FIRMWARE_EFI_EMBEDDED from kernel_read_file() enums
> module: Add hook for security_kernel_post_read_file()
>
> drivers/base/firmware_loader/fallback_platform.c | 12 ++++++++++--
> drivers/base/firmware_loader/main.c | 5 ++---
> fs/exec.c | 7 ++++---
> include/linux/fs.h | 3 +--
> include/linux/lsm_hooks.h | 6 +++++-
> kernel/module.c | 7 ++++++-
> security/integrity/ima/ima_main.c | 6 ++----
> 7 files changed, 30 insertions(+), 16 deletions(-)
>
Powered by blists - more mailing lists