[RFC] efivarfs: define integrity_read method

Message ID	1499343241.5500.15.camel@linux.vnet.ibm.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-security-module-owner@kernel.org> Gateway: Authorized Use Only! Violators will be prosecuted for <linux-security-module@vger.kernel.org> from <zohar@linux.vnet.ibm.com>; Thu, 6 Jul 2017 22:15:23 +1000 Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 6 Jul 2017 22:15:21 +1000 Subject: [RFC PATCH] efivarfs: define integrity_read method From: Mimi Zohar <zohar@linux.vnet.ibm.com> To: Matthew Garrett <mjg59@srcf.ucam.org>, Christoph Hellwig <hch@lst.de> Cc: linux-fsdevel@vger.kernel.org, linux-ima-devel@lists.sourceforge.net, linux-security-module <linux-security-module@vger.kernel.org>, linux-ima-user <linux-ima-user@lists.sourceforge.net>, linux-efi <linux-efi@vger.kernel.org> Date: Thu, 06 Jul 2017 08:14:01 -0400 Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Message-Id: <1499343241.5500.15.camel@linux.vnet.ibm.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk

Message ID

1499343241.5500.15.camel@linux.vnet.ibm.com (mailing list archive)

State

New, archived

Headers

Subject: [RFC PATCH] efivarfs: define integrity_read method
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Matthew Garrett <mjg59@srcf.ucam.org>, Christoph Hellwig <hch@lst.de>
Cc: linux-fsdevel@vger.kernel.org, linux-ima-devel@lists.sourceforge.net,
	linux-security-module <linux-security-module@vger.kernel.org>,
	linux-ima-user <linux-ima-user@lists.sourceforge.net>,
	linux-efi <linux-efi@vger.kernel.org>
Date: Thu, 06 Jul 2017 08:14:01 -0400
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Message-Id: <1499343241.5500.15.camel@linux.vnet.ibm.com>
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk

Commit Message

Mimi Zohar July 6, 2017, 12:14 p.m. UTC

This patch defines an ->integrity_read file operation method to read data for
integrity hash collection.

(Posting separately for review, before being squashed with the others.) 

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
---
 fs/efivarfs/file.c | 29 +++++++++++++++++++++++++----
 1 file changed, 25 insertions(+), 4 deletions(-)

Comments

Al Viro July 6, 2017, 12:45 p.m. UTC | #1

On Thu, Jul 06, 2017 at 08:14:01AM -0400, Mimi Zohar wrote:
> This patch defines an ->integrity_read file operation method to read data for
> integrity hash collection.

> -static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
> -		size_t count, loff_t *ppos)
> +static ssize_t __efivarfs_file_read(struct file *file, char __user *userbuf,
> +				    size_t count, loff_t *ppos,
> +				    struct iov_iter *iter)
>  {
>  	struct efivar_entry *var = file->private_data;
>  	unsigned long datasize = 0;
> @@ -96,14 +98,32 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
>  		goto out_free;
>  
>  	memcpy(data, &attributes, sizeof(attributes));
> -	size = simple_read_from_buffer(userbuf, count, ppos,
> -				       data, datasize + sizeof(attributes));
> +
> +	if (!iter)
> +		size = simple_read_from_buffer(userbuf, count, ppos, data,
> +					       datasize + sizeof(attributes));
> +	else
> +		size = copy_to_iter(data, datasize + sizeof(attributes), iter);

Egads...  This kind of kludges is too ugly to exist.  What the hell for?  If you
want to define something that looks like ->read_iter(), bloody make it proper
read_iter.  Really working one, that is - without this "our oh-so-special needs
do not include file position" crap.

Seriously, this kind of calling conventions alone is enough for a NAK with
extreme prejudice.  Something like
ssize_t simple_read_iter_from_buffer(struct kiocb *iocb, struct iov_iter *to,
                                const void *from, size_t available)
{
        loff_t pos = iocb->ki_pos;
        size_t ret;

        if (pos < 0)
                return -EINVAL;
        if (pos >= available)
                return 0;
        ret = copy_to_iter(to, from + pos, available - pos);
        if (!ret && iov_iter_count(to))
                return -EFAULT;
        iocb->ki_pos = pos + ret;
        return ret;
}
EXPORT_SYMBOL(simple_read_iter_from_buffer);

in fs/libfs.c and turn the efivarfs_file_read() into a real ->read_iter() by
replacing simple_read_from_buffer to simple_read_iter_from_buffer (and adjusting
the arguments, of course).  All there is to it.  Sheesh...
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/fs/efivarfs/file.c b/fs/efivarfs/file.c
index 5f22e74bbade..b687c982e0a1 100644
--- a/fs/efivarfs/file.c
+++ b/fs/efivarfs/file.c
@@ -10,6 +10,7 @@ 
 #include <linux/efi.h>
 #include <linux/fs.h>
 #include <linux/slab.h>
+#include <linux/uio.h>
 #include <linux/mount.h>
 
 #include "internal.h"
@@ -64,8 +65,9 @@  static ssize_t efivarfs_file_write(struct file *file,
 	return bytes;
 }
 
-static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
-		size_t count, loff_t *ppos)
+static ssize_t __efivarfs_file_read(struct file *file, char __user *userbuf,
+				    size_t count, loff_t *ppos,
+				    struct iov_iter *iter)
 {
 	struct efivar_entry *var = file->private_data;
 	unsigned long datasize = 0;
@@ -96,14 +98,32 @@  static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
 		goto out_free;
 
 	memcpy(data, &attributes, sizeof(attributes));
-	size = simple_read_from_buffer(userbuf, count, ppos,
-				       data, datasize + sizeof(attributes));
+
+	if (!iter)
+		size = simple_read_from_buffer(userbuf, count, ppos, data,
+					       datasize + sizeof(attributes));
+	else
+		size = copy_to_iter(data, datasize + sizeof(attributes), iter);
 out_free:
 	kfree(data);
 
 	return size;
 }
 
+static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
+				  size_t count, loff_t *ppos)
+{
+	return __efivarfs_file_read(file, userbuf, count, ppos, NULL);
+}
+
+static ssize_t efivarfs_file_read_iter(struct kiocb *iocb,
+				       struct iov_iter *iter)
+{
+	struct file *file = iocb->ki_filp;
+
+	return __efivarfs_file_read(file, NULL, 0, NULL, iter);
+}
+
 static int
 efivarfs_ioc_getxflags(struct file *file, void __user *arg)
 {
@@ -178,4 +198,5 @@  const struct file_operations efivarfs_file_operations = {
 	.write	= efivarfs_file_write,
 	.llseek	= no_llseek,
 	.unlocked_ioctl = efivarfs_file_ioctl,
+	.integrity_read	= efivarfs_file_read_iter,
 };

[RFC] efivarfs: define integrity_read method

Commit Message

Comments

Patch