On Wed, Jul 29, 2020 at 12:48:06AM +0000, Luis Chamberlain wrote:
> On Wed, Jul 22, 2020 at 12:30:03PM -0700, Kees Cook wrote:
> > On non-EFI systems, it wasn't possible to test the platform firmware
> > loader because it will have never set "checked_fw" during __init.
> > Instead, allow the test code to override this check. Additionally split
> > the declarations into a private header file so it there is greater
> > enforcement of the symbol visibility.
> >
> > Fixes: 548193cba2a7 ("test_firmware: add support for firmware_request_platform")
> > Cc: stable@xxxxxxxxxxxxxxx
> > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
>
> A *clearly* private symbol namespace would seem cleaner, example the existing:
>
> EXPORT_SYMBOL_NS_GPL(fw_fallback_config, FIRMWARE_LOADER_PRIVATE);
I'm respinning this now. It doesn't solve in-kernel visibility, but it
does solve module visibility, I guess. It's a simpler patch, and I think
gets the point across. Will send after build testing...
--
Kees Cook
_______________________________________________
kexec mailing list
kexec@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/kexec
