On Fri, 2016-01-08 at 12:26 -0800, Kees Cook wrote:
> On Fri, Jan 8, 2016 at 11:22 AM, Mimi Zohar <zohar at linux.vnet.ibm.com> wrote:
> > Replace fw_read_file_contents() for reading a file with the common VFS
> > kernel_read_file() function. Call the existing firmware security hook
> > from security_kernel_post_read_file() until the LSMs have been converted.
> >
> > This patch retains the kernel_fw_from_file() hook, but removes the
> > security_kernel_fw_from_file() function.
> >
> > Signed-off-by: Mimi Zohar <zohar at linux.vnet.ibm.com>
> > ---
> > drivers/base/firmware_class.c | 51 +++++++++------------------------------
> > include/linux/ima.h | 6 -----
> > include/linux/security.h | 8 +-----
> > security/integrity/ima/ima_main.c | 18 ++++++--------
> > security/security.c | 24 ++++++++----------
> > 5 files changed, 30 insertions(+), 77 deletions(-)
> >
> > diff --git a/drivers/base/firmware_class.c b/drivers/base/firmware_class.c
> > index 3ca96a6..4e4e860 100644
> > --- a/drivers/base/firmware_class.c
> > +++ b/drivers/base/firmware_class.c
> > @@ -292,44 +292,10 @@ static const char * const fw_path[] = {
> > module_param_string(path, fw_path_para, sizeof(fw_path_para), 0644);
> > MODULE_PARM_DESC(path, "customized firmware image search path with a higher priority than default path");
> >
> > -static int fw_read_file_contents(struct file *file, struct firmware_buf *fw_buf)
> > -{
> > - int size;
> > - char *buf;
> > - int rc;
> > -
> > - if (!S_ISREG(file_inode(file)->i_mode))
> > - return -EINVAL;
> > - size = i_size_read(file_inode(file));
> > - if (size <= 0)
> > - return -EINVAL;
> > - buf = vmalloc(size);
> > - if (!buf)
> > - return -ENOMEM;
> > - rc = kernel_read(file, 0, buf, size);
> > - if (rc != size) {
> > - if (rc > 0)
> > - rc = -EIO;
> > - goto fail;
> > - }
> > - rc = ima_hash_and_process_file(file, buf, size, FIRMWARE_CHECK);
> > - if (rc)
> > - goto fail;
> > -
> > - rc = security_kernel_fw_from_file(file, buf, size);
> > - if (rc)
> > - goto fail;
> > - fw_buf->data = buf;
> > - fw_buf->size = size;
> > - return 0;
> > -fail:
> > - vfree(buf);
> > - return rc;
> > -}
> > -
> > static int fw_get_filesystem_firmware(struct device *device,
> > struct firmware_buf *buf)
> > {
> > + loff_t size;
> > int i, len;
> > int rc = -ENOENT;
> > char *path;
> > @@ -355,13 +321,18 @@ static int fw_get_filesystem_firmware(struct device *device,
> > file = filp_open(path, O_RDONLY, 0);
> > if (IS_ERR(file))
> > continue;
> > - rc = fw_read_file_contents(file, buf);
> > +
> > + buf->size = 0;
> > + rc = kernel_read_file(file, &buf->data, &size, UINT_MAX,
>
> Strictly speaking, the originally code would max at INT_MAX, no UINT_MAX.
hm, I must have taken it from firmware_buf->size, which is defined as
size_t (unsigned). Thanks for the correction.
Mimi
