Received: by 2002:a05:6602:2086:0:0:0:0 with SMTP id a6csp4323432ioa; Wed, 27 Apr 2022 00:44:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxzDDj7qD6qahIq+WUEy7aVqFFfBvv/LU6VU8gYh+TD9yf1s60F4+FzFSR44CkHvE1CbAe8 X-Received: by 2002:a17:90b:4d82:b0:1d9:5c18:b749 with SMTP id oj2-20020a17090b4d8200b001d95c18b749mr18946644pjb.27.1651045495374; Wed, 27 Apr 2022 00:44:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651045495; cv=none; d=google.com; s=arc-20160816; b=EcYR0jqnTuob4+Cp6VmhIuZD/bsKZwfsUR776rMgkFWZlYhEm34rv3tDLLvlpDc2t8 7ogMAnPLKM4epp+X5ysghXYzVfVyyxoKPKvPx1RUtfw2hcgJUqMxVl9sM53W95pJZ8++ I9ubpkwRR7eaxdFDCVArDrd/cuN254ThnkDchbgAZJmuy4RcJ4Fg9aHLuiBeDVzJ7/aN q2NOT6CNQya0vNMUHVyKpcsBYosm5L3gwUhoOcI9z4Z+Why/PgAOVYgcOnMeYN0icJp2 pkbqaCFI23mJ88n/IYI315IDxhFT7dbO240IcuyC+URwu43AhNX1IGSxF7DW8Idq8mGq 5e+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=puEHxiHmekhBokZkfX+PosZYQtXEk03Xp8eQva9Bj+8=; b=Lp3gydGjG6OnrQGiVYgPuRjMjdLhLsHReRbc61okrPVONT4nsz9QQZ7JcELU0IYkIl gPTod2nz607543MBZw8Ljjha78G8IRVEcecLvB+49tysEF57S0VtzjNX5Cjbao8Dcrou se6MVq21LJR4YAk/KDyuSJdELre2AUn9EWSRByKUP9dZc4x5HE0KuHXv4TtuSR0RDEbL gcmewGbBlZmhsoiYzv44ASzIwPP3GkVKMCMEZLhx3aDoozhK71dhNnWXYn9ZqfVTAF+6 q3Og+COEysv9TY02DofcMGk5jDgwXLKki27MHBHVn/9XCrKK+3zbalpHeMBYozH0PsUr wsrw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=bombadil.20210309 header.b=rpiKOOQC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j191-20020a6380c8000000b003ab1cab0745si818882pgd.0.2022.04.27.00.44.40; Wed, 27 Apr 2022 00:44:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=bombadil.20210309 header.b=rpiKOOQC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1353007AbiDZQeP (ORCPT + 99 others); Tue, 26 Apr 2022 12:34:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44230 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235283AbiDZQeO (ORCPT ); Tue, 26 Apr 2022 12:34:14 -0400 Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CA3A3157DCE; Tue, 26 Apr 2022 09:31:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Sender:In-Reply-To: Content-Transfer-Encoding:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description; bh=puEHxiHmekhBokZkfX+PosZYQtXEk03Xp8eQva9Bj+8=; b=rpiKOOQCl+wMo2ZBJybeim/aQ8 G1VVuExU8TbuASs4MvNBUwmEdSLk7CyKeYXO87gI/dpVXnNlnd7Y1cbBvBncRr1Y5cx4MLs6xyozY LZMaSZrC0Nv2UOoGmtyOjkSpqHQm8sZm8dPr3re9/byEZCQ8EjNc7KB+RlTSPlLn2qv2hAr8fwyV1 OG5rj4Kfo8vNDq8+Id4xcXeR8/ZMbUA2RAh5oWnSUiq9kbtMCMSedGJm37lfjpozOBe+QAacSL4+8 xH3bwTp6k+KFgbZZz/OkWRRo3cmV/I6CklqAQrNSUeT8++K+/eCrcuTWoByq+5ImtCef28FjkDHRz xZljr48g==; Received: from mcgrof by bombadil.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1njO5h-00FLzL-IP; Tue, 26 Apr 2022 16:31:05 +0000 Date: Tue, 26 Apr 2022 09:31:05 -0700 From: Luis Chamberlain To: =?iso-8859-1?Q?Thi=E9baud?= Weksteen Cc: Greg Kroah-Hartman , Jeffrey Vander Stoep , Saravana Kannan , Alistair Delva , Adam Shih , SElinux list , linux-kernel Subject: Re: [PATCH v2] firmware_loader: use kernel credentials when reading firmware Message-ID: References: <20220422013215.2301793-1-tweek@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Sender: Luis Chamberlain X-Spam-Status: No, score=-4.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 26, 2022 at 02:18:59PM +1000, Thi?baud Weksteen wrote: > > Can you elaborate on the last sentence? It's unclear how what you > > describe is used exactly to allow driver to use direct filesystem > > firmware loading. > > I realize my use of the word "device" here was unfortunate. I meant devices as > Android devices/systems. This may have contributed to the confusion. > > Previously, Android systems were not setting up the firmware_class.path > command line argument. It means that the userspace fallback was always > kicking-in when a driver called request_firmware. This was handled by the > ueventd process on Android, which is generally given access to all firmware > files. > > Now that more devices are setting up firmware_class.path, the call to > request_firmware will end up using kernel_read_file_from_path_initns, which > would have used the current process credentials. That makes it crystal clear. This would be useful in the commit log. > > And, given the feedback from Android it would seem this is a fix > > which likely may be desirable to backport to some stable kernels? > > Yes, that's right. Especially in light of this. Luis