From patchwork Sat Jun 6 05:04:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11590987 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 58EAD17C9 for ; Sat, 6 Jun 2020 05:05:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 40B22207DF for ; Sat, 6 Jun 2020 05:05:58 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="d7RICQ73" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726794AbgFFFF5 (ORCPT ); Sat, 6 Jun 2020 01:05:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46206 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726272AbgFFFF5 (ORCPT ); Sat, 6 Jun 2020 01:05:57 -0400 Received: from mail-pf1-x444.google.com (mail-pf1-x444.google.com [IPv6:2607:f8b0:4864:20::444]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 02295C08C5C2 for ; Fri, 5 Jun 2020 22:05:57 -0700 (PDT) Received: by mail-pf1-x444.google.com with SMTP id z64so5943832pfb.1 for ; Fri, 05 Jun 2020 22:05:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=UFMs+pS1mNuYLg2OsoDQ/eCH5ubaRntK3nHk6nEyTVo=; b=d7RICQ73OAKQgCeXCCDVz1Wz1mMz2ptzYeUySZ9uf+jrhxr/ajT8UEX1tgj+l1ANYH YETdieM1F1XyGzdSluSK7dRy1zW/Z3q+UKlfnUhYXBBKosYL4Fo1mjv2rpa2Jdql0FUc LHuSARjO75goSjgiWkyyRIQ6+afn0OfFJfXoA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=UFMs+pS1mNuYLg2OsoDQ/eCH5ubaRntK3nHk6nEyTVo=; b=fSE6/O1FyS2uTz8CZfzCg/wucleA7eJVZBpX/yM+jXfSc1xYmnNgG5dNBaCcsd+ymD 5XT5yRTOIki/8pNEbGNNxh4m/05r7d8q/39odFbQz/LXKEKqdnnaFNvDURoZPiIICJ6M GSPbo3T4X2AOFRjGfkF2zjkjENi7Yjr22/FYKIoy06noEBCciW2SsE3adzv+uFXnAiBX Hu4YmjiEyxMg5mGTwBRLVzKi6VwqVXjpM/haHytLR2Xvv1iSuO1VcqACG2UZ5TqJjkTf NTTwjen+MfN4KlU0zsVJLGqSvf0rX6KSnKq/TnECiyGs9TpPsow/1dH62cup6DaICceI jLIg== X-Gm-Message-State: AOAM532Jb6lEwzarTfWt9lWUzrlxhG1yIXm3Euz0vaqW+LKkNYpla0Q1 K2yik5yiNnulmPkoDHufJUNxdg== X-Google-Smtp-Source: ABdhPJy7RD7bjKLK8ou1v5N5tiFd4LwUyBQZf7mn9QgjvIke6zPapaH4lssAciBNu4btJaQYH7tExw== X-Received: by 2002:a63:c44b:: with SMTP id m11mr11793538pgg.404.1591419956426; Fri, 05 Jun 2020 22:05:56 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id v8sm1057636pfn.217.2020.06.05.22.05.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 22:05:55 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v7 1/8] fs: introduce kernel_pread_file* support Date: Fri, 5 Jun 2020 22:04:51 -0700 Message-Id: <20200606050458.17281-2-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200606050458.17281-1-scott.branden@broadcom.com> References: <20200606050458.17281-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add kernel_pread_file* support to kernel to allow for partial read of files with an offset into the file. Existing kernel_read_file functions call new kernel_pread_file functions with offset=0 and opt=KERNEL_PREAD_WHOLE. Signed-off-by: Scott Branden --- fs/exec.c | 95 ++++++++++++++++++++++++++++++++++++---------- include/linux/fs.h | 29 ++++++++++++++ 2 files changed, 103 insertions(+), 21 deletions(-) diff --git a/fs/exec.c b/fs/exec.c index 306fc566171e..751f5ddc7538 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -927,10 +927,15 @@ struct file *open_exec(const char *name) } EXPORT_SYMBOL(open_exec); -int kernel_read_file(struct file *file, void **buf, loff_t *size, - loff_t max_size, enum kernel_read_file_id id) -{ - loff_t i_size, pos; +int kernel_pread_file(struct file *file, void **buf, loff_t *size, + loff_t pos, loff_t max_size, + enum kernel_pread_opt opt, + enum kernel_read_file_id id) +{ + loff_t alloc_size; + loff_t buf_pos; + loff_t read_end; + loff_t i_size; ssize_t bytes = 0; int ret; @@ -950,21 +955,31 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size, ret = -EINVAL; goto out; } - if (i_size > SIZE_MAX || (max_size > 0 && i_size > max_size)) { + + /* Default read to end of file */ + read_end = i_size; + + /* Allow reading partial portion of file */ + if ((opt == KERNEL_PREAD_PART) && + (i_size > (pos + max_size))) + read_end = pos + max_size; + + alloc_size = read_end - pos; + if (i_size > SIZE_MAX || (max_size > 0 && alloc_size > max_size)) { ret = -EFBIG; goto out; } if (id != READING_FIRMWARE_PREALLOC_BUFFER) - *buf = vmalloc(i_size); + *buf = vmalloc(alloc_size); if (!*buf) { ret = -ENOMEM; goto out; } - pos = 0; - while (pos < i_size) { - bytes = kernel_read(file, *buf + pos, i_size - pos, &pos); + buf_pos = 0; + while (pos < read_end) { + bytes = kernel_read(file, *buf + buf_pos, read_end - pos, &pos); if (bytes < 0) { ret = bytes; goto out_free; @@ -972,14 +987,16 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size, if (bytes == 0) break; + + buf_pos += bytes; } - if (pos != i_size) { + if (pos != read_end) { ret = -EIO; goto out_free; } - ret = security_kernel_post_read_file(file, *buf, i_size, id); + ret = security_kernel_post_read_file(file, *buf, alloc_size, id); if (!ret) *size = pos; @@ -995,10 +1012,20 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size, allow_write_access(file); return ret; } + +int kernel_read_file(struct file *file, void **buf, loff_t *size, + loff_t max_size, enum kernel_read_file_id id) +{ + return kernel_pread_file(file, buf, size, 0, max_size, + KERNEL_PREAD_WHOLE, id); +} EXPORT_SYMBOL_GPL(kernel_read_file); -int kernel_read_file_from_path(const char *path, void **buf, loff_t *size, - loff_t max_size, enum kernel_read_file_id id) +int kernel_pread_file_from_path(const char *path, void **buf, + loff_t *size, loff_t pos, + loff_t max_size, + enum kernel_pread_opt opt, + enum kernel_read_file_id id) { struct file *file; int ret; @@ -1010,15 +1037,24 @@ int kernel_read_file_from_path(const char *path, void **buf, loff_t *size, if (IS_ERR(file)) return PTR_ERR(file); - ret = kernel_read_file(file, buf, size, max_size, id); + ret = kernel_pread_file(file, buf, size, pos, max_size, opt, id); fput(file); return ret; } + +int kernel_read_file_from_path(const char *path, void **buf, loff_t *size, + loff_t max_size, enum kernel_read_file_id id) +{ + return kernel_pread_file_from_path(path, buf, size, 0, max_size, + KERNEL_PREAD_WHOLE, id); +} EXPORT_SYMBOL_GPL(kernel_read_file_from_path); -int kernel_read_file_from_path_initns(const char *path, void **buf, - loff_t *size, loff_t max_size, - enum kernel_read_file_id id) +int kernel_pread_file_from_path_initns(const char *path, void **buf, + loff_t *size, loff_t pos, + loff_t max_size, + enum kernel_pread_opt opt, + enum kernel_read_file_id id) { struct file *file; struct path root; @@ -1036,14 +1072,24 @@ int kernel_read_file_from_path_initns(const char *path, void **buf, if (IS_ERR(file)) return PTR_ERR(file); - ret = kernel_read_file(file, buf, size, max_size, id); + ret = kernel_pread_file(file, buf, size, pos, max_size, opt, id); fput(file); return ret; } + +int kernel_read_file_from_path_initns(const char *path, void **buf, + loff_t *size, loff_t max_size, + enum kernel_read_file_id id) +{ + return kernel_pread_file_from_path_initns(path, buf, size, 0, max_size, + KERNEL_PREAD_WHOLE, id); +} EXPORT_SYMBOL_GPL(kernel_read_file_from_path_initns); -int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, - enum kernel_read_file_id id) +int kernel_pread_file_from_fd(int fd, void **buf, loff_t *size, loff_t pos, + loff_t max_size, + enum kernel_pread_opt opt, + enum kernel_read_file_id id) { struct fd f = fdget(fd); int ret = -EBADF; @@ -1051,11 +1097,18 @@ int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, if (!f.file) goto out; - ret = kernel_read_file(f.file, buf, size, max_size, id); + ret = kernel_pread_file(f.file, buf, size, pos, max_size, opt, id); out: fdput(f); return ret; } + +int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, + enum kernel_read_file_id id) +{ + return kernel_pread_file_from_fd(fd, buf, size, 0, max_size, + KERNEL_PREAD_WHOLE, id); +} EXPORT_SYMBOL_GPL(kernel_read_file_from_fd); #if defined(CONFIG_HAVE_AOUT) || defined(CONFIG_BINFMT_FLAT) || \ diff --git a/include/linux/fs.h b/include/linux/fs.h index db604c7bd79c..aee7600958ef 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -3048,12 +3048,41 @@ static inline const char *kernel_read_file_id_str(enum kernel_read_file_id id) return kernel_read_file_str[id]; } +/** + * enum kernel_pread_opt - options to control pread file loading behaviour + * + * @KERNEL_PREAD_WHOLE: Only Allow reading of whole file. + * @KERNEL_PREAD_PART: Allow reading part of file. + */ +enum kernel_pread_opt { + KERNEL_PREAD_WHOLE = 0, + KERNEL_PREAD_PART = BIT(0), +}; + +int kernel_pread_file(struct file *file, void **buf, loff_t *size, + loff_t pos, loff_t max_size, + enum kernel_pread_opt opt, + enum kernel_read_file_id id); extern int kernel_read_file(struct file *, void **, loff_t *, loff_t, enum kernel_read_file_id); +int kernel_pread_file_from_path(const char *path, void **buf, + loff_t *size, loff_t pos, + loff_t max_size, + enum kernel_pread_opt opt, + enum kernel_read_file_id id); extern int kernel_read_file_from_path(const char *, void **, loff_t *, loff_t, enum kernel_read_file_id); +int kernel_pread_file_from_path_initns(const char *path, void **buf, + loff_t *size, loff_t pos, + loff_t max_size, + enum kernel_pread_opt opt, + enum kernel_read_file_id id); extern int kernel_read_file_from_path_initns(const char *, void **, loff_t *, loff_t, enum kernel_read_file_id); +int kernel_pread_file_from_fd(int fd, void **buf, loff_t *size, + loff_t pos, loff_t max_size, + enum kernel_pread_opt opt, + enum kernel_read_file_id id); extern int kernel_read_file_from_fd(int, void **, loff_t *, loff_t, enum kernel_read_file_id); extern ssize_t kernel_read(struct file *, void *, size_t, loff_t *); From patchwork Sat Jun 6 05:04:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11590997 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9EFCD13B1 for ; Sat, 6 Jun 2020 05:06:12 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7D28F207D5 for ; Sat, 6 Jun 2020 05:06:12 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="hRNMavVI" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728052AbgFFFGK (ORCPT ); Sat, 6 Jun 2020 01:06:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46264 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728135AbgFFFGK (ORCPT ); Sat, 6 Jun 2020 01:06:10 -0400 Received: from mail-pl1-x642.google.com (mail-pl1-x642.google.com [IPv6:2607:f8b0:4864:20::642]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 166A6C08C5C7 for ; Fri, 5 Jun 2020 22:06:10 -0700 (PDT) Received: by mail-pl1-x642.google.com with SMTP id t7so4517981plr.0 for ; Fri, 05 Jun 2020 22:06:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=bdtRQGHvrSh00xAdLmeIZIxqVgqyFJLwGvwbUofZsyI=; b=hRNMavVIIz7Nz5FCC7D0doinbL+qSuf+g8oM8AYtZuNvfzUgkbqNDu5/keAt0FJdEr E26j3S/5jw+rHGhEL/5S3kuKGg0vPWlywvUlzps52jkAvsVgqd5qeuQ6/OZsccv7RuOb ReS22+wAZrf+MIvtZyO9HzcoBO0WADDzHn2Wc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=bdtRQGHvrSh00xAdLmeIZIxqVgqyFJLwGvwbUofZsyI=; b=fKPaLl9weJNUhYWkYmcTI6hT4MPmUv16UwMBjnOiyIf9dxQDOHJ3PT8oxNwSW+NZBZ i5JRBfLckuV469ksjbXUg83fnRjWNTOkHXwKSt1xf7Hw0SRLyvpXDBAmYfYmCqUOhyHr NT9KsZ+tsySWqpCxOlEXNAaRs+9AjesSQQaQhgakfDEqR7g/ubrbqEknmISxrvipnk9W 3XBj0pLTGzBc0Ysjmrpq+drBeB8ahUrpWrtWa8hzADTMOhW01n5g/LqErf0F1Niiddeu l5U8fgv7C015QPe0SArLaERYJANc9pZSzejjltqW/7kzede62gm7jL8Qu7VueB+TZcRr Pmyg== X-Gm-Message-State: AOAM530BuQrd1Arpmky+NYOkDXZ75+/ygMUhl1835ttBK9pzzLT53tQb LO1ZuYmtentWsA5Mm0UJ4Yl8Aw== X-Google-Smtp-Source: ABdhPJyxk9KNmpg/sdIP0QiyOx+hEkhoA2gekodMaxTgGIB7TZ5cYAF8+qmm4h3i5+wdqRVLj30tsA== X-Received: by 2002:a17:902:b7c9:: with SMTP id v9mr12861061plz.34.1591419969389; Fri, 05 Jun 2020 22:06:09 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id v8sm1057636pfn.217.2020.06.05.22.05.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 22:06:08 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v7 2/8] firmware: add offset to request_firmware_into_buf Date: Fri, 5 Jun 2020 22:04:52 -0700 Message-Id: <20200606050458.17281-3-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200606050458.17281-1-scott.branden@broadcom.com> References: <20200606050458.17281-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add offset to request_firmware_into_buf to allow for portions of firmware file to be read into a buffer. Necessary where firmware needs to be loaded in portions from file in memory constrained systems. Signed-off-by: Scott Branden --- drivers/base/firmware_loader/firmware.h | 5 +++ drivers/base/firmware_loader/main.c | 53 +++++++++++++++++-------- drivers/i2c/i2c-slave-eeprom.c | 4 +- drivers/soc/qcom/mdt_loader.c | 7 +++- include/linux/firmware.h | 8 +++- lib/test_firmware.c | 4 +- 6 files changed, 59 insertions(+), 22 deletions(-) diff --git a/drivers/base/firmware_loader/firmware.h b/drivers/base/firmware_loader/firmware.h index 933e2192fbe8..c9b6ba8d29d8 100644 --- a/drivers/base/firmware_loader/firmware.h +++ b/drivers/base/firmware_loader/firmware.h @@ -32,6 +32,8 @@ * @FW_OPT_FALLBACK_PLATFORM: Enable fallback to device fw copy embedded in * the platform's main firmware. If both this fallback and the sysfs * fallback are enabled, then this fallback will be tried first. + * @FW_OPT_PARTIAL: Allow partial read of firmware instead of needing to read + * entire file. */ enum fw_opt { FW_OPT_UEVENT = BIT(0), @@ -41,6 +43,7 @@ enum fw_opt { FW_OPT_NOCACHE = BIT(4), FW_OPT_NOFALLBACK_SYSFS = BIT(5), FW_OPT_FALLBACK_PLATFORM = BIT(6), + FW_OPT_PARTIAL = BIT(7), }; enum fw_status { @@ -68,6 +71,8 @@ struct fw_priv { void *data; size_t size; size_t allocated_size; + size_t offset; + enum kernel_pread_opt opt; #ifdef CONFIG_FW_LOADER_PAGED_BUF bool is_paged_buf; struct page **pages; diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c index ca871b13524e..93e7fee42cd4 100644 --- a/drivers/base/firmware_loader/main.c +++ b/drivers/base/firmware_loader/main.c @@ -167,7 +167,9 @@ static int fw_cache_piggyback_on_request(const char *name); static struct fw_priv *__allocate_fw_priv(const char *fw_name, struct firmware_cache *fwc, - void *dbuf, size_t size) + void *dbuf, size_t size, + size_t offset, + enum kernel_pread_opt opt) { struct fw_priv *fw_priv; @@ -185,6 +187,8 @@ static struct fw_priv *__allocate_fw_priv(const char *fw_name, fw_priv->fwc = fwc; fw_priv->data = dbuf; fw_priv->allocated_size = size; + fw_priv->offset = offset; + fw_priv->opt = opt; fw_state_init(fw_priv); #ifdef CONFIG_FW_LOADER_USER_HELPER INIT_LIST_HEAD(&fw_priv->pending_list); @@ -210,9 +214,11 @@ static struct fw_priv *__lookup_fw_priv(const char *fw_name) static int alloc_lookup_fw_priv(const char *fw_name, struct firmware_cache *fwc, struct fw_priv **fw_priv, void *dbuf, - size_t size, u32 opt_flags) + size_t size, u32 opt_flags, + size_t offset) { struct fw_priv *tmp; + enum kernel_pread_opt pread_opt; spin_lock(&fwc->lock); if (!(opt_flags & FW_OPT_NOCACHE)) { @@ -226,7 +232,12 @@ static int alloc_lookup_fw_priv(const char *fw_name, } } - tmp = __allocate_fw_priv(fw_name, fwc, dbuf, size); + if (opt_flags & FW_OPT_PARTIAL) + pread_opt = KERNEL_PREAD_PART; + else + pread_opt = KERNEL_PREAD_WHOLE; + + tmp = __allocate_fw_priv(fw_name, fwc, dbuf, size, offset, pread_opt); if (tmp) { INIT_LIST_HEAD(&tmp->list); if (!(opt_flags & FW_OPT_NOCACHE)) @@ -495,8 +506,10 @@ fw_get_filesystem_firmware(struct device *device, struct fw_priv *fw_priv, fw_priv->size = 0; /* load firmware files from the mount namespace of init */ - rc = kernel_read_file_from_path_initns(path, &buffer, - &size, msize, id); + rc = kernel_pread_file_from_path_initns(path, &buffer, + &size, fw_priv->offset, + msize, + fw_priv->opt, id); if (rc) { if (rc != -ENOENT) dev_warn(device, "loading %s failed with error %d\n", @@ -683,7 +696,7 @@ int assign_fw(struct firmware *fw, struct device *device, u32 opt_flags) static int _request_firmware_prepare(struct firmware **firmware_p, const char *name, struct device *device, void *dbuf, size_t size, - u32 opt_flags) + u32 opt_flags, size_t offset) { struct firmware *firmware; struct fw_priv *fw_priv; @@ -702,7 +715,7 @@ _request_firmware_prepare(struct firmware **firmware_p, const char *name, } ret = alloc_lookup_fw_priv(name, &fw_cache, &fw_priv, dbuf, size, - opt_flags); + opt_flags, offset); /* * bind with 'priv' now to avoid warning in failure path @@ -749,7 +762,7 @@ static void fw_abort_batch_reqs(struct firmware *fw) static int _request_firmware(const struct firmware **firmware_p, const char *name, struct device *device, void *buf, size_t size, - u32 opt_flags) + u32 opt_flags, size_t offset) { struct firmware *fw = NULL; int ret; @@ -763,7 +776,7 @@ _request_firmware(const struct firmware **firmware_p, const char *name, } ret = _request_firmware_prepare(&fw, name, device, buf, size, - opt_flags); + opt_flags, offset); if (ret <= 0) /* error or already assigned */ goto out; @@ -826,7 +839,7 @@ request_firmware(const struct firmware **firmware_p, const char *name, /* Need to pin this module until return */ __module_get(THIS_MODULE); ret = _request_firmware(firmware_p, name, device, NULL, 0, - FW_OPT_UEVENT); + FW_OPT_UEVENT, 0); module_put(THIS_MODULE); return ret; } @@ -853,7 +866,7 @@ int firmware_request_nowarn(const struct firmware **firmware, const char *name, /* Need to pin this module until return */ __module_get(THIS_MODULE); ret = _request_firmware(firmware, name, device, NULL, 0, - FW_OPT_UEVENT | FW_OPT_NO_WARN); + FW_OPT_UEVENT | FW_OPT_NO_WARN, 0); module_put(THIS_MODULE); return ret; } @@ -878,7 +891,7 @@ int request_firmware_direct(const struct firmware **firmware_p, __module_get(THIS_MODULE); ret = _request_firmware(firmware_p, name, device, NULL, 0, FW_OPT_UEVENT | FW_OPT_NO_WARN | - FW_OPT_NOFALLBACK_SYSFS); + FW_OPT_NOFALLBACK_SYSFS, 0); module_put(THIS_MODULE); return ret; } @@ -902,7 +915,7 @@ int firmware_request_platform(const struct firmware **firmware, /* Need to pin this module until return */ __module_get(THIS_MODULE); ret = _request_firmware(firmware, name, device, NULL, 0, - FW_OPT_UEVENT | FW_OPT_FALLBACK_PLATFORM); + FW_OPT_UEVENT | FW_OPT_FALLBACK_PLATFORM, 0); module_put(THIS_MODULE); return ret; } @@ -939,6 +952,8 @@ EXPORT_SYMBOL_GPL(firmware_request_cache); * @device: device for which firmware is being loaded and DMA region allocated * @buf: address of buffer to load firmware into * @size: size of buffer + * @offset: offset into file to read + * @pread_opt: KERNEL_PREAD_PART to allow partial file read * * This function works pretty much like request_firmware(), but it doesn't * allocate a buffer to hold the firmware data. Instead, the firmware @@ -949,16 +964,22 @@ EXPORT_SYMBOL_GPL(firmware_request_cache); */ int request_firmware_into_buf(const struct firmware **firmware_p, const char *name, - struct device *device, void *buf, size_t size) + struct device *device, void *buf, size_t size, + size_t offset, enum kernel_pread_opt pread_opt) { int ret; + u32 opt_flags; if (fw_cache_is_setup(device, name)) return -EOPNOTSUPP; __module_get(THIS_MODULE); + opt_flags = FW_OPT_UEVENT | FW_OPT_NOCACHE; + if (pread_opt == KERNEL_PREAD_PART) + opt_flags |= FW_OPT_PARTIAL; + ret = _request_firmware(firmware_p, name, device, buf, size, - FW_OPT_UEVENT | FW_OPT_NOCACHE); + opt_flags, offset); module_put(THIS_MODULE); return ret; } @@ -997,7 +1018,7 @@ static void request_firmware_work_func(struct work_struct *work) fw_work = container_of(work, struct firmware_work, work); _request_firmware(&fw, fw_work->name, fw_work->device, NULL, 0, - fw_work->opt_flags); + fw_work->opt_flags, 0); fw_work->cont(fw, fw_work->context); put_device(fw_work->device); /* taken in request_firmware_nowait() */ diff --git a/drivers/i2c/i2c-slave-eeprom.c b/drivers/i2c/i2c-slave-eeprom.c index 593f2fd39d17..facc5dff218f 100644 --- a/drivers/i2c/i2c-slave-eeprom.c +++ b/drivers/i2c/i2c-slave-eeprom.c @@ -129,7 +129,9 @@ static int i2c_slave_init_eeprom_data(struct eeprom_data *eeprom, struct i2c_cli if (!ret) { ret = request_firmware_into_buf(&fw, eeprom_data, &client->dev, - eeprom->buffer, size); + eeprom->buffer, size, + 0, + KERNEL_PREAD_WHOLE); if (ret) return ret; release_firmware(fw); diff --git a/drivers/soc/qcom/mdt_loader.c b/drivers/soc/qcom/mdt_loader.c index 24cd193dec55..c9490c15da68 100644 --- a/drivers/soc/qcom/mdt_loader.c +++ b/drivers/soc/qcom/mdt_loader.c @@ -246,8 +246,11 @@ static int __qcom_mdt_load(struct device *dev, const struct firmware *fw, } else if (phdr->p_filesz) { /* Firmware not large enough, load split-out segments */ sprintf(fw_name + fw_name_len - 3, "b%02d", i); - ret = request_firmware_into_buf(&seg_fw, fw_name, dev, - ptr, phdr->p_filesz); + ret = request_firmware_into_buf + (&seg_fw, fw_name, dev, + ptr, phdr->p_filesz, + 0, + KERNEL_PREAD_WHOLE); if (ret) { dev_err(dev, "failed to load %s\n", fw_name); break; diff --git a/include/linux/firmware.h b/include/linux/firmware.h index cb3e2c06ed8a..a53a854294e2 100644 --- a/include/linux/firmware.h +++ b/include/linux/firmware.h @@ -4,6 +4,7 @@ #include #include +#include #include #define FW_ACTION_NOHOTPLUG 0 @@ -52,7 +53,9 @@ int request_firmware_nowait( int request_firmware_direct(const struct firmware **fw, const char *name, struct device *device); int request_firmware_into_buf(const struct firmware **firmware_p, - const char *name, struct device *device, void *buf, size_t size); + const char *name, struct device *device, + void *buf, size_t size, + size_t offset, enum kernel_pread_opt opt); void release_firmware(const struct firmware *fw); #else @@ -97,7 +100,8 @@ static inline int request_firmware_direct(const struct firmware **fw, } static inline int request_firmware_into_buf(const struct firmware **firmware_p, - const char *name, struct device *device, void *buf, size_t size) + const char *name, struct device *device, void *buf, size_t size, + size_t offset, enum kernel_pread_opt opt) { return -EINVAL; } diff --git a/lib/test_firmware.c b/lib/test_firmware.c index 9fee2b93a8d1..af747660fe29 100644 --- a/lib/test_firmware.c +++ b/lib/test_firmware.c @@ -654,7 +654,9 @@ static int test_fw_run_batch_request(void *data) req->name, req->dev, test_buf, - TEST_FIRMWARE_BUF_SIZE); + TEST_FIRMWARE_BUF_SIZE, + 0, + KERNEL_PREAD_WHOLE); if (!req->fw) kfree(test_buf); } else { From patchwork Sat Jun 6 05:04:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11591011 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9EC2613B1 for ; Sat, 6 Jun 2020 05:06:28 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 82EC5207F9 for ; Sat, 6 Jun 2020 05:06:28 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="NqhsiYCB" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728573AbgFFFGX (ORCPT ); Sat, 6 Jun 2020 01:06:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46310 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728555AbgFFFGX (ORCPT ); Sat, 6 Jun 2020 01:06:23 -0400 Received: from mail-pg1-x541.google.com (mail-pg1-x541.google.com [IPv6:2607:f8b0:4864:20::541]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1FD69C08C5C5 for ; Fri, 5 Jun 2020 22:06:23 -0700 (PDT) Received: by mail-pg1-x541.google.com with SMTP id m1so6179047pgk.1 for ; Fri, 05 Jun 2020 22:06:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Gg1sREv3Ue3EZE+6zkyi5qJPu78iqur1/sq1nVKs7fQ=; b=NqhsiYCBsApk8OQ4euwL1rW2HjfJPC1Sy1xR+9ldSuzjoKc6Nu2ddFNV21WKA7/5mH C02pc5FP67c7R5zzbVozj76JVELrzZnvpZtLQjouyW87qQrkjB7xHbEsS6EKNbjOBa3/ ECBqPJtfEyIP9XlGdoVbV1EWjogPxcvxLga48= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Gg1sREv3Ue3EZE+6zkyi5qJPu78iqur1/sq1nVKs7fQ=; b=FK4kVQO97ToVnEk52iR8vUSEncR3y9VqBSw3Nmooc57dPoVL90kan2uXtWS57A6rr0 UA3z/GXg9gjMUl3Wiwg3UUFjfi8ROnhxpHAXjOCzBoGimHLfSmSIiB9mygcSIr3Yy+a2 vr5me8IEMRN6Dh2H4FtAnUbvMpRl9EsN4b9fUTkzrR8MHgJDjCq8eVTqqG104qmrol+O 9txadh28pA6eoSX9OsqtVME1E10Kq26E+XDwqnlUADvzaBXi3ROM7SI5ioCjWNZtCBYC gksyMcqhbUCpMkJOGLfIoPSjin7s9SzdOf7560dGQk68ALzXlRU4C+BtTgShCfJ1rBve UV5g== X-Gm-Message-State: AOAM532BqdO3uQu3usnpKhbU46VCDI/lcr2y8/Gr+KuBipaChBC0+SED AWc9Pt+ymZ5ucPdJrM97PzD4wQ== X-Google-Smtp-Source: ABdhPJy/TtikU056t8ThlFAFRmngK1twf8Q1YhN6UjEALP4EUWcFONXjw+kyA6y6IlHWOfQCQSk0HA== X-Received: by 2002:a63:e74b:: with SMTP id j11mr10164853pgk.237.1591419982381; Fri, 05 Jun 2020 22:06:22 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id v8sm1057636pfn.217.2020.06.05.22.06.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 22:06:21 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v7 3/8] test_firmware: add partial read support for request_firmware_into_buf Date: Fri, 5 Jun 2020 22:04:53 -0700 Message-Id: <20200606050458.17281-4-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200606050458.17281-1-scott.branden@broadcom.com> References: <20200606050458.17281-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add additional hooks to test_firmware to pass in support for partial file read using request_firmware_into_buf. buf_size: size of buffer to request firmware into partial: indicates that a partial file request is being made file_offset: to indicate offset into file to request Signed-off-by: Scott Branden --- lib/test_firmware.c | 146 +++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 136 insertions(+), 10 deletions(-) diff --git a/lib/test_firmware.c b/lib/test_firmware.c index af747660fe29..1a79611cae78 100644 --- a/lib/test_firmware.c +++ b/lib/test_firmware.c @@ -50,6 +50,9 @@ struct test_batched_req { * @name: the name of the firmware file to look for * @into_buf: when the into_buf is used if this is true * request_firmware_into_buf() will be used instead. + * @buf_size: size of buf to allocate when into_buf is true + * @file_offset: file offset to request when calling request_firmware_into_buf + * @partial: partial read opt when calling request_firmware_into_buf * @sync_direct: when the sync trigger is used if this is true * request_firmware_direct() will be used instead. * @send_uevent: whether or not to send a uevent for async requests @@ -89,6 +92,9 @@ struct test_batched_req { struct test_config { char *name; bool into_buf; + size_t buf_size; + size_t file_offset; + bool partial; bool sync_direct; bool send_uevent; u8 num_requests; @@ -183,6 +189,9 @@ static int __test_firmware_config_init(void) test_fw_config->num_requests = TEST_FIRMWARE_NUM_REQS; test_fw_config->send_uevent = true; test_fw_config->into_buf = false; + test_fw_config->buf_size = TEST_FIRMWARE_BUF_SIZE; + test_fw_config->file_offset = 0; + test_fw_config->partial = false; test_fw_config->sync_direct = false; test_fw_config->req_firmware = request_firmware; test_fw_config->test_result = 0; @@ -236,28 +245,35 @@ static ssize_t config_show(struct device *dev, dev_name(dev)); if (test_fw_config->name) - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "name:\t%s\n", test_fw_config->name); else - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "name:\tEMTPY\n"); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "num_requests:\t%u\n", test_fw_config->num_requests); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "send_uevent:\t\t%s\n", test_fw_config->send_uevent ? "FW_ACTION_HOTPLUG" : "FW_ACTION_NOHOTPLUG"); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "into_buf:\t\t%s\n", test_fw_config->into_buf ? "true" : "false"); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, + "buf_size:\t%zu\n", test_fw_config->buf_size); + len += scnprintf(buf + len, PAGE_SIZE - len, + "file_offset:\t%zu\n", test_fw_config->file_offset); + len += scnprintf(buf + len, PAGE_SIZE - len, + "partial:\t\t%s\n", + test_fw_config->partial ? "true" : "false"); + len += scnprintf(buf + len, PAGE_SIZE - len, "sync_direct:\t\t%s\n", test_fw_config->sync_direct ? "true" : "false"); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "read_fw_idx:\t%u\n", test_fw_config->read_fw_idx); mutex_unlock(&test_fw_mutex); @@ -315,6 +331,30 @@ static ssize_t test_dev_config_show_bool(char *buf, bool val) return snprintf(buf, PAGE_SIZE, "%d\n", val); } +static int test_dev_config_update_size_t(const char *buf, + size_t size, + size_t *cfg) +{ + int ret; + long new; + + ret = kstrtol(buf, 10, &new); + if (ret) + return ret; + + mutex_lock(&test_fw_mutex); + *(size_t *)cfg = new; + mutex_unlock(&test_fw_mutex); + + /* Always return full write size even if we didn't consume all */ + return size; +} + +static ssize_t test_dev_config_show_size_t(char *buf, size_t val) +{ + return snprintf(buf, PAGE_SIZE, "%zu\n", val); +} + static ssize_t test_dev_config_show_int(char *buf, int val) { return snprintf(buf, PAGE_SIZE, "%d\n", val); @@ -400,6 +440,83 @@ static ssize_t config_into_buf_show(struct device *dev, } static DEVICE_ATTR_RW(config_into_buf); +static ssize_t config_buf_size_store(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + int rc; + + mutex_lock(&test_fw_mutex); + if (test_fw_config->reqs) { + pr_err("Must call release_all_firmware prior to changing config\n"); + rc = -EINVAL; + mutex_unlock(&test_fw_mutex); + goto out; + } + mutex_unlock(&test_fw_mutex); + + rc = test_dev_config_update_size_t(buf, count, + &test_fw_config->buf_size); + +out: + return rc; +} + +static ssize_t config_buf_size_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return test_dev_config_show_size_t(buf, test_fw_config->buf_size); +} +static DEVICE_ATTR_RW(config_buf_size); + +static ssize_t config_file_offset_store(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + int rc; + + mutex_lock(&test_fw_mutex); + if (test_fw_config->reqs) { + pr_err("Must call release_all_firmware prior to changing config\n"); + rc = -EINVAL; + mutex_unlock(&test_fw_mutex); + goto out; + } + mutex_unlock(&test_fw_mutex); + + rc = test_dev_config_update_size_t(buf, count, + &test_fw_config->file_offset); + +out: + return rc; +} + +static ssize_t config_file_offset_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return test_dev_config_show_size_t(buf, test_fw_config->file_offset); +} +static DEVICE_ATTR_RW(config_file_offset); + +static ssize_t config_partial_store(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + return test_dev_config_update_bool(buf, + count, + &test_fw_config->partial); +} + +static ssize_t config_partial_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return test_dev_config_show_bool(buf, test_fw_config->partial); +} +static DEVICE_ATTR_RW(config_partial); + static ssize_t config_sync_direct_store(struct device *dev, struct device_attribute *attr, const char *buf, size_t count) @@ -645,18 +762,24 @@ static int test_fw_run_batch_request(void *data) if (test_fw_config->into_buf) { void *test_buf; + enum kernel_pread_opt pread_opt; test_buf = kzalloc(TEST_FIRMWARE_BUF_SIZE, GFP_KERNEL); if (!test_buf) return -ENOSPC; + if (test_fw_config->partial) + pread_opt = KERNEL_PREAD_PART; + else + pread_opt = KERNEL_PREAD_WHOLE; + req->rc = request_firmware_into_buf(&req->fw, req->name, req->dev, test_buf, - TEST_FIRMWARE_BUF_SIZE, - 0, - KERNEL_PREAD_WHOLE); + test_fw_config->buf_size, + test_fw_config->file_offset, + pread_opt); if (!req->fw) kfree(test_buf); } else { @@ -929,6 +1052,9 @@ static struct attribute *test_dev_attrs[] = { TEST_FW_DEV_ATTR(config_name), TEST_FW_DEV_ATTR(config_num_requests), TEST_FW_DEV_ATTR(config_into_buf), + TEST_FW_DEV_ATTR(config_buf_size), + TEST_FW_DEV_ATTR(config_file_offset), + TEST_FW_DEV_ATTR(config_partial), TEST_FW_DEV_ATTR(config_sync_direct), TEST_FW_DEV_ATTR(config_send_uevent), TEST_FW_DEV_ATTR(config_read_fw_idx), From patchwork Sat Jun 6 05:04:54 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11591021 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BA63017C9 for ; Sat, 6 Jun 2020 05:06:40 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A031F20810 for ; Sat, 6 Jun 2020 05:06:40 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="heXQVB0H" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728598AbgFFFGg (ORCPT ); Sat, 6 Jun 2020 01:06:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46350 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726358AbgFFFGf (ORCPT ); Sat, 6 Jun 2020 01:06:35 -0400 Received: from mail-pl1-x631.google.com (mail-pl1-x631.google.com [IPv6:2607:f8b0:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DE11FC08C5C3 for ; Fri, 5 Jun 2020 22:06:35 -0700 (PDT) Received: by mail-pl1-x631.google.com with SMTP id m7so4517042plt.5 for ; Fri, 05 Jun 2020 22:06:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=JPCDjhWyTHrRtN+IrpzH/X2NJ9wHqJH6zPza8eFFddg=; b=heXQVB0HRERw2lJEL+FZJs1VzyxsTGKyD/fjzLM4tVfeuhc+gjg++Vbom2rznRFIEf RGHx8n6QG/xgYzUxyCfOD9Qqz/Xl9wEtWlK87xzVEF4U+gSfCOP0ggUqc+YP+EDNo4Z0 TrliCjivq9VA2aY/OVMQBYAkdtEoPAqcTCHj4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=JPCDjhWyTHrRtN+IrpzH/X2NJ9wHqJH6zPza8eFFddg=; b=Z+b+V+kQV17CiWj1AlNEsQS5Rt+ObdPsMa9YnPZgOjZjJvfkmaCGbKl82jEXz9FLU1 7wvMrHqtTcmrpom9R114e06yQNa5kFjhWVhMqlxYGGf4LbJSnNMJMWUkONodzzf9Qvnm pFKH2pMpoQVIwxJBLhPvtZ9IbfA+t09lSDTn8YK9yStKTg/81ySikrXmWgi4cM2I7vdX iKUg1beE/U0SlAzQrUWlfDsbzxRITR7z0TMSJwTOFjZBTWcrNFTg1ij7dMgzHTQfj7vv h9e7tIu56oO/PQPRxPG91spznObGXr3HSUSYF/JOOyAu6O48J79nDlnzsVvm4fJxODbn UZ9w== X-Gm-Message-State: AOAM5331pe2Owd3SvI5CxtikQ37Oqc94q695tT63OYqOUaXmFKGolohR 04sN8drk2hKcT+9mhQkUWPI5kw== X-Google-Smtp-Source: ABdhPJxX0lUVBuUQ81qQLrLdqv4A+Nuz+MIpvkkUzEqF8iGq3ymkJfn/xGbYUSpTauzVBtGZ1nINrA== X-Received: by 2002:a17:902:47:: with SMTP id 65mr11879121pla.54.1591419995340; Fri, 05 Jun 2020 22:06:35 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id v8sm1057636pfn.217.2020.06.05.22.06.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 22:06:34 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v7 4/8] firmware: test partial file reads of request_firmware_into_buf Date: Fri, 5 Jun 2020 22:04:54 -0700 Message-Id: <20200606050458.17281-5-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200606050458.17281-1-scott.branden@broadcom.com> References: <20200606050458.17281-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add firmware tests for partial file reads of request_firmware_into_buf. Signed-off-by: Scott Branden --- .../selftests/firmware/fw_filesystem.sh | 80 +++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/tools/testing/selftests/firmware/fw_filesystem.sh b/tools/testing/selftests/firmware/fw_filesystem.sh index fcc281373b4d..38e89ba1b4d3 100755 --- a/tools/testing/selftests/firmware/fw_filesystem.sh +++ b/tools/testing/selftests/firmware/fw_filesystem.sh @@ -149,6 +149,26 @@ config_unset_into_buf() echo 0 > $DIR/config_into_buf } +config_set_buf_size() +{ + echo $1 > $DIR/config_buf_size +} + +config_set_file_offset() +{ + echo $1 > $DIR/config_file_offset +} + +config_set_partial() +{ + echo 1 > $DIR/config_partial +} + +config_unset_partial() +{ + echo 0 > $DIR/config_partial +} + config_set_sync_direct() { echo 1 > $DIR/config_sync_direct @@ -207,6 +227,35 @@ read_firmwares() done } +read_firmwares_partial() +{ + if [ "$(cat $DIR/config_into_buf)" == "1" ]; then + fwfile="${FW_INTO_BUF}" + else + fwfile="${FW}" + fi + + if [ "$1" = "xzonly" ]; then + fwfile="${fwfile}-orig" + fi + + # Strip fwfile down to match partial offset and length + partial_data="$(cat $fwfile)" + partial_data="${partial_data:$2:$3}" + + for i in $(seq 0 3); do + config_set_read_fw_idx $i + + read_firmware="$(cat $DIR/read_firmware)" + + # Verify the contents are what we expect. + if [ $read_firmware != $partial_data ]; then + echo "request #$i: partial firmware was not loaded" >&2 + exit 1 + fi + done +} + read_firmwares_expect_nofile() { for i in $(seq 0 3); do @@ -319,6 +368,21 @@ test_batched_request_firmware_into_buf() echo "OK" } +test_batched_request_firmware_into_buf_partial() +{ + echo -n "Batched request_firmware_into_buf_partial() $2 off=$3 size=$4 try #$1: " + config_reset + config_set_name $TEST_FIRMWARE_INTO_BUF_FILENAME + config_set_into_buf + config_set_partial + config_set_buf_size $4 + config_set_file_offset $3 + config_trigger_sync + read_firmwares_partial $2 $3 $4 + release_all_firmware + echo "OK" +} + test_batched_request_firmware_direct() { echo -n "Batched request_firmware_direct() $2 try #$1: " @@ -371,6 +435,22 @@ for i in $(seq 1 5); do test_batched_request_firmware_into_buf $i normal done +for i in $(seq 1 5); do + test_batched_request_firmware_into_buf_partial $i normal 0 10 +done + +for i in $(seq 1 5); do + test_batched_request_firmware_into_buf_partial $i normal 0 5 +done + +for i in $(seq 1 5); do + test_batched_request_firmware_into_buf_partial $i normal 1 6 +done + +for i in $(seq 1 5); do + test_batched_request_firmware_into_buf_partial $i normal 2 10 +done + for i in $(seq 1 5); do test_batched_request_firmware_direct $i normal done From patchwork Sat Jun 6 05:04:55 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11591033 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 14F0490 for ; Sat, 6 Jun 2020 05:06:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F1E7C207F9 for ; Sat, 6 Jun 2020 05:06:55 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="I18+U1Kk" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728605AbgFFFGv (ORCPT ); Sat, 6 Jun 2020 01:06:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46392 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726272AbgFFFGs (ORCPT ); Sat, 6 Jun 2020 01:06:48 -0400 Received: from mail-pj1-x1043.google.com (mail-pj1-x1043.google.com [IPv6:2607:f8b0:4864:20::1043]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CA48EC08C5C2 for ; Fri, 5 Jun 2020 22:06:48 -0700 (PDT) Received: by mail-pj1-x1043.google.com with SMTP id nm22so3486780pjb.4 for ; Fri, 05 Jun 2020 22:06:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=qz7MuNPVCvdbh+ZgEThp7mjF9Pplt5mjBACsV2Ifvtc=; b=I18+U1KkTy6/drBV2w6flXeyqCl4GeTbJpyb8bmGgaxJrnrMzl78DPxVeRc8k/Q8TT jmodKkchDKKlWfuCjZIVLl2HrD0VR7wGYMMP9KNdeXCqgTcH4pqBFv8btu7p/QT+3o9M 9AmcZYqr2v9sJSuWBaXtNR6aEphvOn8CNXHYY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=qz7MuNPVCvdbh+ZgEThp7mjF9Pplt5mjBACsV2Ifvtc=; b=WYgh+sfa/ZueU0NodPLgUkimvQWc6Thp5/2aPmYEBIgXmGOfJvQ8ADoSYJy5ZblpZf WZP9vDcJAUKMRNfAW2OXAScEr+VJi/sqXl6lykpUw+ar1CN0EBk7X+os7/FVDk416Cd5 O1Aswc7DRWfy7wrXWCyS7W1B7dsT53KHtQHGYIb/i1uULgbzg0ZQGxekeD7wtYhF7Tkv cSq0w+Fg8YVjustudWnG8OCItzleSG4Vm3Voy+LHXzMJ2FdyeUtKxB8P35plDCw9RnAL NAgC7D7F0zSJq29juQGgxSPJkiAy15D2kSYvv5h2csICESO67eF4xDJx1UlWygjTb1y0 lPIg== X-Gm-Message-State: AOAM530dnDWyGSKTd+Ceepzn4sevLikqHoDJGm4fKlsCGxrRKdECVcyf oL/9kQwrD0dP42f84pZ1laNyjw== X-Google-Smtp-Source: ABdhPJzZU+Vc6lHl27V9wel/XVCUlU18EHF04CgT/GxdrbD934UWyOk2zp8xL0zlYiHxKj57vhyLag== X-Received: by 2002:a17:90a:fa04:: with SMTP id cm4mr6435909pjb.218.1591420008265; Fri, 05 Jun 2020 22:06:48 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id v8sm1057636pfn.217.2020.06.05.22.06.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 22:06:47 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v7 5/8] bcm-vk: add bcm_vk UAPI Date: Fri, 5 Jun 2020 22:04:55 -0700 Message-Id: <20200606050458.17281-6-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200606050458.17281-1-scott.branden@broadcom.com> References: <20200606050458.17281-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add user space api for bcm-vk driver. Signed-off-by: Scott Branden --- include/uapi/linux/misc/bcm_vk.h | 99 ++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 include/uapi/linux/misc/bcm_vk.h diff --git a/include/uapi/linux/misc/bcm_vk.h b/include/uapi/linux/misc/bcm_vk.h new file mode 100644 index 000000000000..783087b7c31f --- /dev/null +++ b/include/uapi/linux/misc/bcm_vk.h @@ -0,0 +1,99 @@ +/* SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) */ +/* + * Copyright 2018-2020 Broadcom. + */ + +#ifndef __UAPI_LINUX_MISC_BCM_VK_H +#define __UAPI_LINUX_MISC_BCM_VK_H + +#include +#include + +#define BCM_VK_MAX_FILENAME 64 + +struct vk_image { + __u32 type; /* Type of image */ +#define VK_IMAGE_TYPE_BOOT1 1 /* 1st stage (load to SRAM) */ +#define VK_IMAGE_TYPE_BOOT2 2 /* 2nd stage (load to DDR) */ + char filename[BCM_VK_MAX_FILENAME]; /* Filename of image */ +}; + +struct vk_reset { + __u32 arg1; + __u32 arg2; +}; + +#define VK_MAGIC 0x5e + +/* Load image to Valkyrie */ +#define VK_IOCTL_LOAD_IMAGE _IOW(VK_MAGIC, 0x2, struct vk_image) + +/* Send Reset to Valkyrie */ +#define VK_IOCTL_RESET _IOW(VK_MAGIC, 0x4, struct vk_reset) + +/* + * message block - basic unit in the message where a message's size is always + * N x sizeof(basic_block) + */ +struct vk_msg_blk { + __u8 function_id; +#define VK_FID_TRANS_BUF 5 +#define VK_FID_SHUTDOWN 8 + __u8 size; + __u16 trans_id; /* transport id, queue & msg_id */ + __u32 context_id; + __u32 args[2]; +#define VK_CMD_PLANES_MASK 0x000f /* number of planes to up/download */ +#define VK_CMD_UPLOAD 0x0400 /* memory transfer to vk */ +#define VK_CMD_DOWNLOAD 0x0500 /* memory transfer from vk */ +#define VK_CMD_MASK 0x0f00 /* command mask */ +}; + +#define VK_BAR_FWSTS 0x41c +#define VK_BAR_COP_FWSTS 0x428 +/* VK_FWSTS definitions */ +#define VK_FWSTS_RELOCATION_ENTRY BIT(0) +#define VK_FWSTS_RELOCATION_EXIT BIT(1) +#define VK_FWSTS_INIT_START BIT(2) +#define VK_FWSTS_ARCH_INIT_DONE BIT(3) +#define VK_FWSTS_PRE_KNL1_INIT_DONE BIT(4) +#define VK_FWSTS_PRE_KNL2_INIT_DONE BIT(5) +#define VK_FWSTS_POST_KNL_INIT_DONE BIT(6) +#define VK_FWSTS_INIT_DONE BIT(7) +#define VK_FWSTS_APP_INIT_START BIT(8) +#define VK_FWSTS_APP_INIT_DONE BIT(9) +#define VK_FWSTS_MASK 0xffffffff +#define VK_FWSTS_READY (VK_FWSTS_INIT_START | \ + VK_FWSTS_ARCH_INIT_DONE | \ + VK_FWSTS_PRE_KNL1_INIT_DONE | \ + VK_FWSTS_PRE_KNL2_INIT_DONE | \ + VK_FWSTS_POST_KNL_INIT_DONE | \ + VK_FWSTS_INIT_DONE | \ + VK_FWSTS_APP_INIT_START | \ + VK_FWSTS_APP_INIT_DONE) +/* Deinit */ +#define VK_FWSTS_APP_DEINIT_START BIT(23) +#define VK_FWSTS_APP_DEINIT_DONE BIT(24) +#define VK_FWSTS_DRV_DEINIT_START BIT(25) +#define VK_FWSTS_DRV_DEINIT_DONE BIT(26) +#define VK_FWSTS_RESET_DONE BIT(27) +#define VK_FWSTS_DEINIT_TRIGGERED (VK_FWSTS_APP_DEINIT_START | \ + VK_FWSTS_APP_DEINIT_DONE | \ + VK_FWSTS_DRV_DEINIT_START | \ + VK_FWSTS_DRV_DEINIT_DONE) +/* Last nibble for reboot reason */ +#define VK_FWSTS_RESET_REASON_SHIFT 28 +#define VK_FWSTS_RESET_REASON_MASK (0xf << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_SYS_PWRUP (0x0 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_MBOX_DB (0x1 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_M7_WDOG (0x2 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_TEMP (0x3 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_PCI_FLR (0x4 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_PCI_HOT (0x5 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_PCI_WARM (0x6 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_PCI_COLD (0x7 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_L1 (0x8 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_L0 (0x9 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_UNKNOWN (0xf << VK_FWSTS_RESET_REASON_SHIFT) + +#endif /* __UAPI_LINUX_MISC_BCM_VK_H */ From patchwork Sat Jun 6 05:04:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11591035 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7F6FD913 for ; Sat, 6 Jun 2020 05:07:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 671DB207D5 for ; Sat, 6 Jun 2020 05:07:19 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="LKRXcXAx" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728648AbgFFFHS (ORCPT ); Sat, 6 Jun 2020 01:07:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728643AbgFFFHR (ORCPT ); Sat, 6 Jun 2020 01:07:17 -0400 Received: from mail-pf1-x444.google.com (mail-pf1-x444.google.com [IPv6:2607:f8b0:4864:20::444]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08EE2C08C5C3 for ; Fri, 5 Jun 2020 22:07:17 -0700 (PDT) Received: by mail-pf1-x444.google.com with SMTP id a127so5911929pfa.12 for ; Fri, 05 Jun 2020 22:07:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=nPZxvHwBEufxYBdudZlyF4qOYy0qjWWsAs0E7hFIitY=; b=LKRXcXAxk/S4d1ojJso185sZY4EDd7oB/TMjk4qHxfa7tmHK7uGzpexJtAQ0bVeTe4 gxBGgLgZRHQuGtimtkN1dVO21gb6VLxc7FipvFzOng1pcG9UzU9p6XcUDSBuN+VOdGTa UMazTNd+n15aosaq7Nu8SUmiRSlNUnFAGE6lU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=nPZxvHwBEufxYBdudZlyF4qOYy0qjWWsAs0E7hFIitY=; b=iO3tXTKJxs/jFLlHoYYOeHpjR5E6UjzeUhAgYJjDUWVBNH4oizJ4+o6ilRQ+HV4HIg fErO0bNpT+fzavGelmgiDRjrSSLYOpdVN4U2evDAjukhPZzqbvOtnB1EiPdt+sCWUeod Er/m07FcGZ4BV0Y7bdf06rPA8Szwjz07AJ23FTnDUtZ6Hmp13aS2PDR/o/pM2rCNep3G WQ5y+fj93067GbJQp/jgDvhPNSvLaC742kZah7/MwIvH02xqeK2qTOAB7I6ee1KjvYAO 2ooqUKhJdJGd7J+D/gjJoTB8r4SX6OkL0k6e531JxX66EUBaQhoyj/H4bxh5udLCoNzw RDIA== X-Gm-Message-State: AOAM532dfNaXK63XzTHX7idCCHMMs53c5o9b/GfIkKn0jocTRDRWUUU2 LhMhtkk4tVNOT1ZsZ3HXjBh5eA== X-Google-Smtp-Source: ABdhPJxeVT9a/KR76jybKQryE79B0JYUNZw1/TXZXF/G9QFvxCuTwEjn/4pcIn1mqf1SwS4HR8Nf4g== X-Received: by 2002:a63:c44b:: with SMTP id m11mr11796192pgg.404.1591420036309; Fri, 05 Jun 2020 22:07:16 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id v8sm1057636pfn.217.2020.06.05.22.07.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 22:07:15 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v7 7/8] MAINTAINERS: bcm-vk: add maintainer for Broadcom VK Driver Date: Fri, 5 Jun 2020 22:04:57 -0700 Message-Id: <20200606050458.17281-8-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200606050458.17281-1-scott.branden@broadcom.com> References: <20200606050458.17281-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add maintainer entry for new Broadcom VK Driver Signed-off-by: Scott Branden --- MAINTAINERS | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index 411cd97bb485..ced084c526df 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -3656,6 +3656,13 @@ L: netdev@vger.kernel.org S: Supported F: drivers/net/ethernet/broadcom/tg3.* +BROADCOM VK DRIVER +M: Scott Branden +L: bcm-kernel-feedback-list@broadcom.com +S: Supported +F: drivers/misc/bcm-vk/ +F: include/uapi/linux/misc/bcm_vk.h + BROCADE BFA FC SCSI DRIVER M: Anil Gurumurthy M: Sudarsana Kalluru From patchwork Sat Jun 6 05:04:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11591053 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BB82790 for ; Sat, 6 Jun 2020 05:07:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A29BB207DF for ; Sat, 6 Jun 2020 05:07:35 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="NGT8PX7I" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728666AbgFFFHa (ORCPT ); Sat, 6 Jun 2020 01:07:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46536 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728657AbgFFFHa (ORCPT ); Sat, 6 Jun 2020 01:07:30 -0400 Received: from mail-pg1-x52a.google.com (mail-pg1-x52a.google.com [IPv6:2607:f8b0:4864:20::52a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5296EC08C5C2 for ; Fri, 5 Jun 2020 22:07:30 -0700 (PDT) Received: by mail-pg1-x52a.google.com with SMTP id m1so6179977pgk.1 for ; Fri, 05 Jun 2020 22:07:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=7w1pN6TotzpiP8sLo1RA7p/wzGRtcCXptjHTFNygcBg=; b=NGT8PX7IuxdZvUvnE+9nljMW33phBXq08GFl7NiLdp4D93EXGgpos4K81h9NlWK1hG 5PutkZ1ZGL8Z2Xu66AFY4+EPs9Lbba6aYdHNZaivUor0C1sSPBh88zP98A52Et54gs9S is1pzLGrQffKx6ad6j5zvcZtMjhFcK+uh0CdE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=7w1pN6TotzpiP8sLo1RA7p/wzGRtcCXptjHTFNygcBg=; b=fbMVmDIdwWWKnTcoVCcggrGTpZxa+jPlTHo/KOPBs50MfUszBnke5E5JzqygZNspYW zXN9tQPHkxic4CJAROaMHP8oNaWcs//2PmfJenbrhi4T2MfSj1LgYyiSigtM+5fr7Hcj /xj6cyHZqNg0B3gNvQXrmn34IeFwt0DLxJoOH7px0UTRP8NdAU/atBQeufPpYfzwuxTY 7wE6+gsNiPLcduZM8gkFUuyQEIcHga6Eu+MZEZjBgM7kqF65yyjBFVkgMTPZ+rjn/vTG 393CU+VKggXuTYjNPGnMiokcIWHAlQUZfwNNAOg3px17aAYxCNpf/a8CJc7E4ToWOavX dbFA== X-Gm-Message-State: AOAM531eYoMzXGKlq1i81dZzsGBxMb39Wf8YoH9UfyE7vpqxIvAlHIQZ IfSILSQw6xO1xkgIGMNceb7Wxg== X-Google-Smtp-Source: ABdhPJzkBAIGqCS+lOJr2U5KizL/ys0e8zYXSUIMTRAJ2mZmzJHn6qNrXl0+JbIGw2l5Kkz3LAyhDg== X-Received: by 2002:a62:8454:: with SMTP id k81mr12522487pfd.140.1591420049341; Fri, 05 Jun 2020 22:07:29 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id v8sm1057636pfn.217.2020.06.05.22.07.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 22:07:28 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v7 8/8] ima: add FIRMWARE_PARTIAL_READ support Date: Fri, 5 Jun 2020 22:04:58 -0700 Message-Id: <20200606050458.17281-9-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200606050458.17281-1-scott.branden@broadcom.com> References: <20200606050458.17281-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add FIRMWARE_PARTIAL_READ support for integrity measurement on partial reads of firmware files. Signed-off-by: Scott Branden --- drivers/base/firmware_loader/main.c | 6 +++++- fs/exec.c | 6 ++++-- include/linux/fs.h | 1 + security/integrity/ima/ima_main.c | 24 +++++++++++++++++++++++- 4 files changed, 33 insertions(+), 4 deletions(-) diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c index 93e7fee42cd4..d0c42194af17 100644 --- a/drivers/base/firmware_loader/main.c +++ b/drivers/base/firmware_loader/main.c @@ -483,7 +483,11 @@ fw_get_filesystem_firmware(struct device *device, struct fw_priv *fw_priv, /* Already populated data member means we're loading into a buffer */ if (!decompress && fw_priv->data) { buffer = fw_priv->data; - id = READING_FIRMWARE_PREALLOC_BUFFER; + if (fw_priv->opt == KERNEL_PREAD_PART) + id = READING_FIRMWARE_PARTIAL_READ; + else + id = READING_FIRMWARE_PREALLOC_BUFFER; + msize = fw_priv->allocated_size; } diff --git a/fs/exec.c b/fs/exec.c index 751f5ddc7538..06e2465d8d40 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -970,7 +970,8 @@ int kernel_pread_file(struct file *file, void **buf, loff_t *size, goto out; } - if (id != READING_FIRMWARE_PREALLOC_BUFFER) + if ((id != READING_FIRMWARE_PARTIAL_READ) && + (id != READING_FIRMWARE_PREALLOC_BUFFER)) *buf = vmalloc(alloc_size); if (!*buf) { ret = -ENOMEM; @@ -1002,7 +1003,8 @@ int kernel_pread_file(struct file *file, void **buf, loff_t *size, out_free: if (ret < 0) { - if (id != READING_FIRMWARE_PREALLOC_BUFFER) { + if ((id != READING_FIRMWARE_PARTIAL_READ) && + (id != READING_FIRMWARE_PREALLOC_BUFFER)) { vfree(*buf); *buf = NULL; } diff --git a/include/linux/fs.h b/include/linux/fs.h index aee7600958ef..1180091d704d 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -3020,6 +3020,7 @@ extern int do_pipe_flags(int *, int); #define __kernel_read_file_id(id) \ id(UNKNOWN, unknown) \ id(FIRMWARE, firmware) \ + id(FIRMWARE_PARTIAL_READ, firmware) \ id(FIRMWARE_PREALLOC_BUFFER, firmware) \ id(FIRMWARE_EFI_EMBEDDED, firmware) \ id(MODULE, kernel-module) \ diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 800fb3bba418..fc5134807acf 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -609,6 +609,9 @@ void ima_post_path_mknod(struct dentry *dentry) */ int ima_read_file(struct file *file, enum kernel_read_file_id read_id) { + enum ima_hooks func; + u32 secid; + /* * READING_FIRMWARE_PREALLOC_BUFFER * @@ -617,11 +620,27 @@ int ima_read_file(struct file *file, enum kernel_read_file_id read_id) * of IMA's signature verification any more than when using two * buffers? */ - return 0; + if (read_id != READING_FIRMWARE_PARTIAL_READ) + return 0; + + if (!file) { + if ((ima_appraise & IMA_APPRAISE_FIRMWARE) && + (ima_appraise & IMA_APPRAISE_ENFORCE)) { + pr_err("Prevent firmware loading_store.\n"); + return -EACCES; /* INTEGRITY_UNKNOWN */ + } + return 0; + } + + func = read_idmap[read_id] ?: FILE_CHECK; + security_task_getsecid(current, &secid); + return process_measurement(file, current_cred(), secid, NULL, + 0, MAY_READ, func); } const int read_idmap[READING_MAX_ID] = { [READING_FIRMWARE] = FIRMWARE_CHECK, + [READING_FIRMWARE_PARTIAL_READ] = FIRMWARE_CHECK, [READING_FIRMWARE_PREALLOC_BUFFER] = FIRMWARE_CHECK, [READING_MODULE] = MODULE_CHECK, [READING_KEXEC_IMAGE] = KEXEC_KERNEL_CHECK, @@ -648,6 +667,9 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, enum ima_hooks func; u32 secid; + if (read_id == READING_FIRMWARE_PARTIAL_READ) + return 0; + if (!file && read_id == READING_FIRMWARE) { if ((ima_appraise & IMA_APPRAISE_FIRMWARE) && (ima_appraise & IMA_APPRAISE_ENFORCE)) {