Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp891236imm; Fri, 1 Jun 2018 11:19:58 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJTbrIEP+DxOc9UujWRL4QZgD5ge7M9/y3Rc2gQNCPMFSWiwD3GcNCcX+Ic822m+dxkckvT X-Received: by 2002:a17:902:2924:: with SMTP id g33-v6mr12304300plb.26.1527877198495; Fri, 01 Jun 2018 11:19:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527877198; cv=none; d=google.com; s=arc-20160816; b=SrS/AxFh3GRQaC3SJcT2np1bPSvrQj+l259/GHznIaXxgyrt1CRBfpqPGQ7x9DWCEY BfYA6ypzEnDuKCZAuEIs2d6xGI8kVYU1F/qCjhNGKU/6b1D7PUp/UyN+adYghRQsyCer M1vLCaDZ561QA2WhYFHrlWKP01doxOO9tcJhfgZuWzmwRsbjnWAwdvtdqbmGKLQuORuO e4Hm2oBMNMOPwwMy7rIYDLGlrfa8Dhsjkj4JYrCBrzIsBo5abeESGTwu06w1aZwNp0/i LWepOvxCEf8+QoVEE40U6Z7WgJjb3KZf9PVZojqVkBycpe1+lHensz1P3EG1l/Me47zt yN6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=Et/XGoxVDYn8AX3dsRVEzalF0carWeF5zx7ZnecgSPo=; b=m3+J2Q72xMPRqZKbe0UwcExuY88nYUme5Yq3eaY5xvsrnRax+s5fINzZZvo8a36nGa VxK1/DiN3134oLSrGnS0TOK4NhAy10E+oqdmrQinVfpifRivfnknBR3+xXde1oCIX1+/ 61PUfrpy5FbMEt2zhh5UD9oTWeW6kv0dRDz9HQtfvyu7OtIJnM/+E7S7KVw3rBFyj1LR An9wWhM5TGf85IowoZA1qZ62QVGKbUJB64N++DqwExLOLeaHu1CkUpSU8g+RBENjUg6v bYZ6ebgi2p6rOJHg0jac8LcAdSRdatdjSZgWsfLrAacciWNEAYDKTTe+7e0MT0h2xEJF VHRQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m28-v6si5490123pgn.197.2018.06.01.11.19.42; Fri, 01 Jun 2018 11:19:58 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753063AbeFASTQ (ORCPT + 99 others); Fri, 1 Jun 2018 14:19:16 -0400 Received: from mx2.suse.de ([195.135.220.15]:35335 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751584AbeFASTP (ORCPT ); Fri, 1 Jun 2018 14:19:15 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay1.suse.de (charybdis-ext-too.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 7A91EACA8; Fri, 1 Jun 2018 18:19:13 +0000 (UTC) Date: Fri, 1 Jun 2018 20:19:13 +0200 From: "Luis R. Rodriguez" To: Mimi Zohar Cc: linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, David Howells , "Luis R . Rodriguez" , Eric Biederman , kexec@lists.infradead.org, Andres Rodriguez , Greg Kroah-Hartman , Ard Biesheuvel , Kees Cook Subject: Re: [PATCH v4 4/8] firmware: add call to LSM hook before firmware sysfs fallback Message-ID: <20180601181913.GN4511@wotan.suse.de> References: <1527616920-5415-1-git-send-email-zohar@linux.vnet.ibm.com> <1527616920-5415-5-git-send-email-zohar@linux.vnet.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1527616920-5415-5-git-send-email-zohar@linux.vnet.ibm.com> User-Agent: Mutt/1.6.0 (2016-04-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 29, 2018 at 02:01:56PM -0400, Mimi Zohar wrote: > Add an LSM hook prior to allowing firmware sysfs fallback loading. Acked-by: Luis R. Rodriguez > Signed-off-by: Mimi Zohar > Cc: Luis R. Rodriguez > Cc: David Howells > Cc: Kees Cook > > Changelog v4: > - call new LSM security_kernel_arg hook > > Changelog v2: > - call security_kernel_read_blob() > - rename the READING_FIRMWARE_FALLBACK kernel_read_file_id enumeration to > READING_FIRMWARE_FALLBACK_SYSFS. > --- > drivers/base/firmware_loader/fallback.c | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/drivers/base/firmware_loader/fallback.c b/drivers/base/firmware_loader/fallback.c > index 358354148dec..2443bda81631 100644 > --- a/drivers/base/firmware_loader/fallback.c > +++ b/drivers/base/firmware_loader/fallback.c > @@ -651,6 +651,8 @@ static bool fw_force_sysfs_fallback(unsigned int opt_flags) > > static bool fw_run_sysfs_fallback(unsigned int opt_flags) > { > + int ret; > + > if (fw_fallback_config.ignore_sysfs_fallback) { > pr_info_once("Ignoring firmware sysfs fallback due to sysctl knob\n"); > return false; > @@ -659,6 +661,11 @@ static bool fw_run_sysfs_fallback(unsigned int opt_flags) > if ((opt_flags & FW_OPT_NOFALLBACK)) > return false; > > + /* Also permit LSMs and IMA to fail firmware sysfs fallback */ > + ret = security_kernel_load_data(LOADING_FIRMWARE); > + if (ret < 0) > + return ret; > + > return fw_force_sysfs_fallback(opt_flags); > } > > -- > 2.7.5 > > -- Do not panic