Re: [PATCH 0/4] Fix misused kernel_read_file() enums

From: Greg Kroah-Hartman
Date: Tue Jul 07 2020 - 05:31:36 EST


On Tue, Jul 07, 2020 at 01:19:22AM -0700, Kees Cook wrote:
> Hi,
>
> In looking for closely at the additions that got made to the
> kernel_read_file() enums, I noticed that FIRMWARE_PREALLOC_BUFFER
> and FIRMWARE_EFI_EMBEDDED were added, but they are not appropriate
> *kinds* of files for the LSM to reason about. They are a "how" and
> "where", respectively. Remove these improper aliases and refactor the
> code to adapt to the changes.
>
> Additionally adds in missing calls to security_kernel_post_read_file()
> in the platform firmware fallback path (to match the sysfs firmware
> fallback path) and in module loading. I considered entirely removing
> security_kernel_post_read_file() hook since it is technically unused,
> but IMA probably wants to be able to measure EFI-stored firmware images,
> so I wired it up and matched it for modules, in case anyone wants to
> move the module signature checks out of the module core and into an LSM
> to avoid the current layering violations.
>
> This touches several trees, and I suspect it would be best to go through
> James's LSM tree.
>
> Thanks!
>
> -Kees
>
> Kees Cook (4):
> firmware_loader: EFI firmware loader must handle pre-allocated buffer
> fs: Remove FIRMWARE_PREALLOC_BUFFER from kernel_read_file() enums
> fs: Remove FIRMWARE_EFI_EMBEDDED from kernel_read_file() enums
> module: Add hook for security_kernel_post_read_file()

Looks good to me, thanks for fixing this up:

Reviewed-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>