On Mon, 14 Jul 2014, Kees Cook wrote:
> This attaches LSM hooks to the existing firmware loading interfaces:
> filesystem-found firmware and demand-loaded blobs.
> static int fw_get_filesystem_firmware(struct device *device,
> @@ -640,6 +646,12 @@ static ssize_t firmware_loading_store(struct device *dev,
> break;
> case 0:
> if (test_bit(FW_STATUS_LOADING, &fw_buf->status)) {
> + if (security_kernel_fw_from_file(NULL, fw_buf->data,
> + fw_buf->size)) {
> + fw_load_abort(fw_priv);
> + break;
> + }
> +
> set_bit(FW_STATUS_DONE, &fw_buf->status);
> clear_bit(FW_STATUS_LOADING, &fw_buf->status);
>
>
Can you explain the loading store, and what the semantics are for an LSM
when a NULL is passed as the file?
--
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-doc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
