From patchwork Mon Jun 15 19:41:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11605653 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3C76A6A2 for ; Mon, 15 Jun 2020 19:43:12 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1F6B7207D3 for ; Mon, 15 Jun 2020 19:43:12 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="GvKdKsG5" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730390AbgFOTnL (ORCPT ); Mon, 15 Jun 2020 15:43:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58164 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730054AbgFOTmG (ORCPT ); Mon, 15 Jun 2020 15:42:06 -0400 Received: from mail-pf1-x443.google.com (mail-pf1-x443.google.com [IPv6:2607:f8b0:4864:20::443]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CD1DFC08C5C5 for ; Mon, 15 Jun 2020 12:42:04 -0700 (PDT) Received: by mail-pf1-x443.google.com with SMTP id d66so8268194pfd.6 for ; Mon, 15 Jun 2020 12:42:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=X7oayQXpFfH0qIjE8VVUrPkwWu99Q4aIM1+mSE7oCdc=; b=GvKdKsG5vYoiC0bs5kCKstHpSmpj5wIhuX/OrXD0Ui/Zyge4QxOk2QGL+cy9dVZgmw 8B1dQ0YxSxCR7clLs8wRRBQWLL/FBni5rHsz7mnDa3Ev/+eszYj46f4aoPQiMUv+ztlg iybuggTVnBUQ0xbX3O3kvrRtJma9bnUvdZKqE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=X7oayQXpFfH0qIjE8VVUrPkwWu99Q4aIM1+mSE7oCdc=; b=UM3GZXqLfvT/0SMRgW1/6Q+4cnvWu+uukPwHJ4Fd6df+ieNvOUO7+FCHocPHuUHvXS Uf7uViRkXL/h8xEeSG/aWi7pfMg7pMkP9ZXoMZOx1r3KTat32pATlKx0MLH7DedSnb4V 6XgnF5S7HuSJrFmJYjgVDuKmizOkFNvpsMwA8AbyPcOgy2OCudsoSseQu9tOiDFDbAJe mf4A0oQujoI6QyS1UsYQkyyXvY79DNWV7qy9/h4rANbo3hsxLUQ7KolN49+O+B9i7JNc oGX/in5Ya6PaTJwZFDmUkgv+Jor7NPaDaG3rbK8gMjilzPYWQi3DtHL+YJ4N39TuR0ll C7jw== X-Gm-Message-State: AOAM531dy8d38g1uhdwF5z6N7d9TClcSkhVCXim5E9uwPbGEigCyRA1B ig8EwKl72Ualhx9bFX1doeF/5A== X-Google-Smtp-Source: ABdhPJyaRouhqc/ghZX+9irNnLivPsZzJLNg8UnQV3mWCvhlvAflqL4KDExRQJW17pTQhC4wP1W6Cw== X-Received: by 2002:a63:ef11:: with SMTP id u17mr21921402pgh.249.1592250124122; Mon, 15 Jun 2020 12:42:04 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id gq8sm293663pjb.14.2020.06.15.12.42.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jun 2020 12:42:03 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v9 1/8] fs: introduce kernel_pread_file* support Date: Mon, 15 Jun 2020 12:41:44 -0700 Message-Id: <20200615194151.7011-2-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200615194151.7011-1-scott.branden@broadcom.com> References: <20200615194151.7011-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add kernel_pread_file* support to kernel to allow for partial read of files with an offset into the file. Signed-off-by: Scott Branden --- fs/exec.c | 93 ++++++++++++++++++++++++++++++++++------------ include/linux/fs.h | 15 ++++++++ 2 files changed, 85 insertions(+), 23 deletions(-) diff --git a/fs/exec.c b/fs/exec.c index 7b7cbb180785..c557b4b31d0f 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -927,10 +927,14 @@ struct file *open_exec(const char *name) } EXPORT_SYMBOL(open_exec); -int kernel_read_file(struct file *file, void **buf, loff_t *size, - loff_t max_size, enum kernel_read_file_id id) -{ - loff_t i_size, pos; +int kernel_pread_file(struct file *file, void **buf, loff_t *size, + loff_t max_size, loff_t pos, + enum kernel_read_file_id id) +{ + loff_t alloc_size; + loff_t buf_pos; + loff_t read_end; + loff_t i_size; ssize_t bytes = 0; int ret; @@ -950,21 +954,32 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size, ret = -EINVAL; goto out; } - if (i_size > SIZE_MAX || (max_size > 0 && i_size > max_size)) { + + /* Default read to end of file */ + read_end = i_size; + + /* Allow reading partial portion of file */ + if ((id == READING_FIRMWARE_PARTIAL_READ) && + (i_size > (pos + max_size))) + read_end = pos + max_size; + + alloc_size = read_end - pos; + if (i_size > SIZE_MAX || (max_size > 0 && alloc_size > max_size)) { ret = -EFBIG; goto out; } - if (id != READING_FIRMWARE_PREALLOC_BUFFER) - *buf = vmalloc(i_size); + if ((id != READING_FIRMWARE_PARTIAL_READ) && + (id != READING_FIRMWARE_PREALLOC_BUFFER)) + *buf = vmalloc(alloc_size); if (!*buf) { ret = -ENOMEM; goto out; } - pos = 0; - while (pos < i_size) { - bytes = kernel_read(file, *buf + pos, i_size - pos, &pos); + buf_pos = 0; + while (pos < read_end) { + bytes = kernel_read(file, *buf + buf_pos, read_end - pos, &pos); if (bytes < 0) { ret = bytes; goto out_free; @@ -972,20 +987,23 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size, if (bytes == 0) break; + + buf_pos += bytes; } - if (pos != i_size) { + if (pos != read_end) { ret = -EIO; goto out_free; } - ret = security_kernel_post_read_file(file, *buf, i_size, id); + ret = security_kernel_post_read_file(file, *buf, alloc_size, id); if (!ret) *size = pos; out_free: if (ret < 0) { - if (id != READING_FIRMWARE_PREALLOC_BUFFER) { + if ((id != READING_FIRMWARE_PARTIAL_READ) && + (id != READING_FIRMWARE_PREALLOC_BUFFER)) { vfree(*buf); *buf = NULL; } @@ -995,10 +1013,18 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size, allow_write_access(file); return ret; } + +int kernel_read_file(struct file *file, void **buf, loff_t *size, + loff_t max_size, enum kernel_read_file_id id) +{ + return kernel_pread_file(file, buf, size, max_size, 0, id); +} EXPORT_SYMBOL_GPL(kernel_read_file); -int kernel_read_file_from_path(const char *path, void **buf, loff_t *size, - loff_t max_size, enum kernel_read_file_id id) +int kernel_pread_file_from_path(const char *path, void **buf, + loff_t *size, + loff_t max_size, loff_t pos, + enum kernel_read_file_id id) { struct file *file; int ret; @@ -1010,15 +1036,22 @@ int kernel_read_file_from_path(const char *path, void **buf, loff_t *size, if (IS_ERR(file)) return PTR_ERR(file); - ret = kernel_read_file(file, buf, size, max_size, id); + ret = kernel_pread_file(file, buf, size, max_size, pos, id); fput(file); return ret; } + +int kernel_read_file_from_path(const char *path, void **buf, loff_t *size, + loff_t max_size, enum kernel_read_file_id id) +{ + return kernel_pread_file_from_path(path, buf, size, max_size, 0, id); +} EXPORT_SYMBOL_GPL(kernel_read_file_from_path); -int kernel_read_file_from_path_initns(const char *path, void **buf, - loff_t *size, loff_t max_size, - enum kernel_read_file_id id) +int kernel_pread_file_from_path_initns(const char *path, void **buf, + loff_t *size, + loff_t max_size, loff_t pos, + enum kernel_read_file_id id) { struct file *file; struct path root; @@ -1036,14 +1069,22 @@ int kernel_read_file_from_path_initns(const char *path, void **buf, if (IS_ERR(file)) return PTR_ERR(file); - ret = kernel_read_file(file, buf, size, max_size, id); + ret = kernel_pread_file(file, buf, size, max_size, pos, id); fput(file); return ret; } + +int kernel_read_file_from_path_initns(const char *path, void **buf, + loff_t *size, loff_t max_size, + enum kernel_read_file_id id) +{ + return kernel_pread_file_from_path_initns(path, buf, size, max_size, 0, id); +} EXPORT_SYMBOL_GPL(kernel_read_file_from_path_initns); -int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, - enum kernel_read_file_id id) +int kernel_pread_file_from_fd(int fd, void **buf, loff_t *size, + loff_t max_size, loff_t pos, + enum kernel_read_file_id id) { struct fd f = fdget(fd); int ret = -EBADF; @@ -1051,11 +1092,17 @@ int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, if (!f.file) goto out; - ret = kernel_read_file(f.file, buf, size, max_size, id); + ret = kernel_pread_file(f.file, buf, size, max_size, pos, id); out: fdput(f); return ret; } + +int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, + enum kernel_read_file_id id) +{ + return kernel_pread_file_from_fd(fd, buf, size, max_size, 0, id); +} EXPORT_SYMBOL_GPL(kernel_read_file_from_fd); #if defined(CONFIG_HAVE_AOUT) || defined(CONFIG_BINFMT_FLAT) || \ diff --git a/include/linux/fs.h b/include/linux/fs.h index 6931c469040b..3ac1d213577a 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -3012,6 +3012,7 @@ extern int do_pipe_flags(int *, int); #define __kernel_read_file_id(id) \ id(UNKNOWN, unknown) \ id(FIRMWARE, firmware) \ + id(FIRMWARE_PARTIAL_READ, firmware) \ id(FIRMWARE_PREALLOC_BUFFER, firmware) \ id(FIRMWARE_EFI_EMBEDDED, firmware) \ id(MODULE, kernel-module) \ @@ -3040,12 +3041,26 @@ static inline const char *kernel_read_file_id_str(enum kernel_read_file_id id) return kernel_read_file_str[id]; } +int kernel_pread_file(struct file *file, void **buf, loff_t *size, + loff_t pos, loff_t max_size, + enum kernel_read_file_id id); extern int kernel_read_file(struct file *, void **, loff_t *, loff_t, enum kernel_read_file_id); +int kernel_pread_file_from_path(const char *path, void **buf, + loff_t *size, loff_t pos, + loff_t max_size, + enum kernel_read_file_id id); extern int kernel_read_file_from_path(const char *, void **, loff_t *, loff_t, enum kernel_read_file_id); +int kernel_pread_file_from_path_initns(const char *path, void **buf, + loff_t *size, loff_t pos, + loff_t max_size, + enum kernel_read_file_id id); extern int kernel_read_file_from_path_initns(const char *, void **, loff_t *, loff_t, enum kernel_read_file_id); +int kernel_pread_file_from_fd(int fd, void **buf, loff_t *size, + loff_t pos, loff_t max_size, + enum kernel_read_file_id id); extern int kernel_read_file_from_fd(int, void **, loff_t *, loff_t, enum kernel_read_file_id); extern ssize_t kernel_read(struct file *, void *, size_t, loff_t *); From patchwork Mon Jun 15 19:41:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11605589 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 89FE06A2 for ; Mon, 15 Jun 2020 19:42:12 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 63E97208E4 for ; Mon, 15 Jun 2020 19:42:12 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="RNQRLyc/" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730467AbgFOTmL (ORCPT ); Mon, 15 Jun 2020 15:42:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729943AbgFOTmI (ORCPT ); Mon, 15 Jun 2020 15:42:08 -0400 Received: from mail-pg1-x541.google.com (mail-pg1-x541.google.com [IPv6:2607:f8b0:4864:20::541]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08C79C061A0E for ; Mon, 15 Jun 2020 12:42:08 -0700 (PDT) Received: by mail-pg1-x541.google.com with SMTP id v11so35165pgb.6 for ; Mon, 15 Jun 2020 12:42:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=kiba82lB3ru2SpVI/QNCz94F4okDl0ljhXTafzkxNeY=; b=RNQRLyc/H2Dzgn59obIg27RIIW2hNkxkJZn7L4o260ysHWyqXDJ3zu5JT6SUifidpZ MniUM4QsmfphyFJlgJqPB0aqFDHz0kYX7IDGYOpvaq2uqo5G7M6yN/1QHAjZ7VdHeonj 55WjflrLqR+oDZHzLrwWPSo8j6QbdNDRsOAPY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=kiba82lB3ru2SpVI/QNCz94F4okDl0ljhXTafzkxNeY=; b=TgKfBmQhRNmimHpJLH996IWmz+JI26LKIX3u/DJ3WZks0IY6tdMF/oBfPcXbzckc+f is0IwDCocTPhzZvSvGtS/yJuW4QaYTHVi49Tu5GZCL0zzFP4RXHxh6gEnhWU1lAFkJjw KTxMyURr1TjH0kbwlIcJsUrpTuAl19V4xzb3uvmQTOFvlFbB4JbZzrQBjPLGFyS6y1Gk nYVvQcNleYUIAxpAWnVOuulenF3IAhvBRSonWNSToMg+a4wxXKP3IF/RRQouNrbPzliD DvdAvF7SLLOJckSv25pmFLKgTqSFxwNKxsdZx5n+qOiw+0k8Yy+hzk43z6Q7hK1Ubdou F2aw== X-Gm-Message-State: AOAM533EWDjnbMsLlOAbc4Q23ic/9/osHEeSi9epVeR6lBXWN/36ERo+ FnsVECQ1xDY9/wB5R2DAsSIf0w== X-Google-Smtp-Source: ABdhPJz9vECiG+1WwQHDTbzNlrbFeMOZJWqimOVhtEbYanx0nzS9YHLl5TKNkMtdZcsiYzDNQcZ1oQ== X-Received: by 2002:a63:f541:: with SMTP id e1mr16713327pgk.375.1592250127404; Mon, 15 Jun 2020 12:42:07 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id gq8sm293663pjb.14.2020.06.15.12.42.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jun 2020 12:42:06 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v9 2/8] firmware: add request_partial_firmware_into_buf Date: Mon, 15 Jun 2020 12:41:45 -0700 Message-Id: <20200615194151.7011-3-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200615194151.7011-1-scott.branden@broadcom.com> References: <20200615194151.7011-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add request_partial_firmware_into_buf to allow for portions of firmware file to be read into a buffer. Necessary where firmware needs to be loaded in portions from file in memory constrained systems. Signed-off-by: Scott Branden --- drivers/base/firmware_loader/firmware.h | 5 ++ drivers/base/firmware_loader/main.c | 79 +++++++++++++++++++------ include/linux/firmware.h | 12 ++++ 3 files changed, 79 insertions(+), 17 deletions(-) diff --git a/drivers/base/firmware_loader/firmware.h b/drivers/base/firmware_loader/firmware.h index 933e2192fbe8..b5487f66dc45 100644 --- a/drivers/base/firmware_loader/firmware.h +++ b/drivers/base/firmware_loader/firmware.h @@ -32,6 +32,8 @@ * @FW_OPT_FALLBACK_PLATFORM: Enable fallback to device fw copy embedded in * the platform's main firmware. If both this fallback and the sysfs * fallback are enabled, then this fallback will be tried first. + * @FW_OPT_PARTIAL: Allow partial read of firmware instead of needing to read + * entire file. */ enum fw_opt { FW_OPT_UEVENT = BIT(0), @@ -41,6 +43,7 @@ enum fw_opt { FW_OPT_NOCACHE = BIT(4), FW_OPT_NOFALLBACK_SYSFS = BIT(5), FW_OPT_FALLBACK_PLATFORM = BIT(6), + FW_OPT_PARTIAL = BIT(7), }; enum fw_status { @@ -68,6 +71,8 @@ struct fw_priv { void *data; size_t size; size_t allocated_size; + size_t offset; + u32 opt_flags; #ifdef CONFIG_FW_LOADER_PAGED_BUF bool is_paged_buf; struct page **pages; diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c index ca871b13524e..82c29c1f85c6 100644 --- a/drivers/base/firmware_loader/main.c +++ b/drivers/base/firmware_loader/main.c @@ -167,7 +167,10 @@ static int fw_cache_piggyback_on_request(const char *name); static struct fw_priv *__allocate_fw_priv(const char *fw_name, struct firmware_cache *fwc, - void *dbuf, size_t size) + void *dbuf, + size_t size, + size_t offset, + u32 opt_flags) { struct fw_priv *fw_priv; @@ -185,6 +188,8 @@ static struct fw_priv *__allocate_fw_priv(const char *fw_name, fw_priv->fwc = fwc; fw_priv->data = dbuf; fw_priv->allocated_size = size; + fw_priv->offset = offset; + fw_priv->opt_flags = opt_flags; fw_state_init(fw_priv); #ifdef CONFIG_FW_LOADER_USER_HELPER INIT_LIST_HEAD(&fw_priv->pending_list); @@ -209,8 +214,11 @@ static struct fw_priv *__lookup_fw_priv(const char *fw_name) /* Returns 1 for batching firmware requests with the same name */ static int alloc_lookup_fw_priv(const char *fw_name, struct firmware_cache *fwc, - struct fw_priv **fw_priv, void *dbuf, - size_t size, u32 opt_flags) + struct fw_priv **fw_priv, + void *dbuf, + size_t size, + size_t offset, + u32 opt_flags) { struct fw_priv *tmp; @@ -226,7 +234,7 @@ static int alloc_lookup_fw_priv(const char *fw_name, } } - tmp = __allocate_fw_priv(fw_name, fwc, dbuf, size); + tmp = __allocate_fw_priv(fw_name, fwc, dbuf, size, offset, opt_flags); if (tmp) { INIT_LIST_HEAD(&tmp->list); if (!(opt_flags & FW_OPT_NOCACHE)) @@ -472,7 +480,11 @@ fw_get_filesystem_firmware(struct device *device, struct fw_priv *fw_priv, /* Already populated data member means we're loading into a buffer */ if (!decompress && fw_priv->data) { buffer = fw_priv->data; - id = READING_FIRMWARE_PREALLOC_BUFFER; + if (fw_priv->opt_flags & FW_OPT_PARTIAL) + id = READING_FIRMWARE_PARTIAL_READ; + else + id = READING_FIRMWARE_PREALLOC_BUFFER; + msize = fw_priv->allocated_size; } @@ -495,8 +507,10 @@ fw_get_filesystem_firmware(struct device *device, struct fw_priv *fw_priv, fw_priv->size = 0; /* load firmware files from the mount namespace of init */ - rc = kernel_read_file_from_path_initns(path, &buffer, - &size, msize, id); + rc = kernel_pread_file_from_path_initns(path, &buffer, + &size, msize, + fw_priv->offset, + id); if (rc) { if (rc != -ENOENT) dev_warn(device, "loading %s failed with error %d\n", @@ -683,7 +697,7 @@ int assign_fw(struct firmware *fw, struct device *device, u32 opt_flags) static int _request_firmware_prepare(struct firmware **firmware_p, const char *name, struct device *device, void *dbuf, size_t size, - u32 opt_flags) + size_t offset, u32 opt_flags) { struct firmware *firmware; struct fw_priv *fw_priv; @@ -702,7 +716,7 @@ _request_firmware_prepare(struct firmware **firmware_p, const char *name, } ret = alloc_lookup_fw_priv(name, &fw_cache, &fw_priv, dbuf, size, - opt_flags); + offset, opt_flags); /* * bind with 'priv' now to avoid warning in failure path @@ -749,7 +763,7 @@ static void fw_abort_batch_reqs(struct firmware *fw) static int _request_firmware(const struct firmware **firmware_p, const char *name, struct device *device, void *buf, size_t size, - u32 opt_flags) + size_t offset, u32 opt_flags) { struct firmware *fw = NULL; int ret; @@ -763,7 +777,7 @@ _request_firmware(const struct firmware **firmware_p, const char *name, } ret = _request_firmware_prepare(&fw, name, device, buf, size, - opt_flags); + offset, opt_flags); if (ret <= 0) /* error or already assigned */ goto out; @@ -825,7 +839,7 @@ request_firmware(const struct firmware **firmware_p, const char *name, /* Need to pin this module until return */ __module_get(THIS_MODULE); - ret = _request_firmware(firmware_p, name, device, NULL, 0, + ret = _request_firmware(firmware_p, name, device, NULL, 0, 0, FW_OPT_UEVENT); module_put(THIS_MODULE); return ret; @@ -852,7 +866,7 @@ int firmware_request_nowarn(const struct firmware **firmware, const char *name, /* Need to pin this module until return */ __module_get(THIS_MODULE); - ret = _request_firmware(firmware, name, device, NULL, 0, + ret = _request_firmware(firmware, name, device, NULL, 0, 0, FW_OPT_UEVENT | FW_OPT_NO_WARN); module_put(THIS_MODULE); return ret; @@ -876,7 +890,7 @@ int request_firmware_direct(const struct firmware **firmware_p, int ret; __module_get(THIS_MODULE); - ret = _request_firmware(firmware_p, name, device, NULL, 0, + ret = _request_firmware(firmware_p, name, device, NULL, 0, 0, FW_OPT_UEVENT | FW_OPT_NO_WARN | FW_OPT_NOFALLBACK_SYSFS); module_put(THIS_MODULE); @@ -901,7 +915,7 @@ int firmware_request_platform(const struct firmware **firmware, /* Need to pin this module until return */ __module_get(THIS_MODULE); - ret = _request_firmware(firmware, name, device, NULL, 0, + ret = _request_firmware(firmware, name, device, NULL, 0, 0, FW_OPT_UEVENT | FW_OPT_FALLBACK_PLATFORM); module_put(THIS_MODULE); return ret; @@ -957,13 +971,44 @@ request_firmware_into_buf(const struct firmware **firmware_p, const char *name, return -EOPNOTSUPP; __module_get(THIS_MODULE); - ret = _request_firmware(firmware_p, name, device, buf, size, + ret = _request_firmware(firmware_p, name, device, buf, size, 0, FW_OPT_UEVENT | FW_OPT_NOCACHE); module_put(THIS_MODULE); return ret; } EXPORT_SYMBOL(request_firmware_into_buf); +/** + * request_partial_firmware_into_buf() - load partial firmware into a previously allocated buffer + * @firmware_p: pointer to firmware image + * @name: name of firmware file + * @device: device for which firmware is being loaded and DMA region allocated + * @buf: address of buffer to load firmware into + * @size: size of buffer + * @offset: offset into file to read + * + * This function works pretty much like request_firmware_into_buf except + * it allows a partial read of the file. + */ +int +request_partial_firmware_into_buf(const struct firmware **firmware_p, + const char *name, struct device *device, + void *buf, size_t size, size_t offset) +{ + int ret; + + if (fw_cache_is_setup(device, name)) + return -EOPNOTSUPP; + + __module_get(THIS_MODULE); + ret = _request_firmware(firmware_p, name, device, buf, size, offset, + FW_OPT_UEVENT | FW_OPT_NOCACHE | + FW_OPT_PARTIAL); + module_put(THIS_MODULE); + return ret; +} +EXPORT_SYMBOL(request_partial_firmware_into_buf); + /** * release_firmware() - release the resource associated with a firmware image * @fw: firmware resource to release @@ -996,7 +1041,7 @@ static void request_firmware_work_func(struct work_struct *work) fw_work = container_of(work, struct firmware_work, work); - _request_firmware(&fw, fw_work->name, fw_work->device, NULL, 0, + _request_firmware(&fw, fw_work->name, fw_work->device, NULL, 0, 0, fw_work->opt_flags); fw_work->cont(fw, fw_work->context); put_device(fw_work->device); /* taken in request_firmware_nowait() */ diff --git a/include/linux/firmware.h b/include/linux/firmware.h index cb3e2c06ed8a..c15acadc6cf4 100644 --- a/include/linux/firmware.h +++ b/include/linux/firmware.h @@ -53,6 +53,9 @@ int request_firmware_direct(const struct firmware **fw, const char *name, struct device *device); int request_firmware_into_buf(const struct firmware **firmware_p, const char *name, struct device *device, void *buf, size_t size); +int request_partial_firmware_into_buf(const struct firmware **firmware_p, + const char *name, struct device *device, + void *buf, size_t size, size_t offset); void release_firmware(const struct firmware *fw); #else @@ -102,6 +105,15 @@ static inline int request_firmware_into_buf(const struct firmware **firmware_p, return -EINVAL; } +static inline int request_partial_firmware_into_buf + (const struct firmware **firmware_p, + const char *name, + struct device *device, + void *buf, size_t size, size_t offset) +{ + return -EINVAL; +} + #endif int firmware_request_cache(struct device *device, const char *name); From patchwork Mon Jun 15 19:41:46 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11605593 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EC41760D for ; Mon, 15 Jun 2020 19:42:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id CE8EC2080D for ; Mon, 15 Jun 2020 19:42:19 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="g7tETm+q" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730788AbgFOTmS (ORCPT ); Mon, 15 Jun 2020 15:42:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58218 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730318AbgFOTmM (ORCPT ); Mon, 15 Jun 2020 15:42:12 -0400 Received: from mail-pf1-x443.google.com (mail-pf1-x443.google.com [IPv6:2607:f8b0:4864:20::443]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3F2D5C08C5C3 for ; Mon, 15 Jun 2020 12:42:12 -0700 (PDT) Received: by mail-pf1-x443.google.com with SMTP id 23so8248808pfw.10 for ; Mon, 15 Jun 2020 12:42:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=oEagKHQfVZx0qdrYMa0dmoo1zYusLN9mgZl9FtDlBHc=; b=g7tETm+qJGo+ZwWBQeXvxngUlcYfTuQqrnf+nslxc4Rx5uzJFT1wRaCZSTs5jlzKZy hfHgDxdwMZQETRBMm43H5XFvhAEv85/9UsXW0PucoU7fm837phiDlHphb7lOyYEtdlsh KV971ldJn3OZIgFFTX0KJ8QjEWK+BmBrtBmG8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=oEagKHQfVZx0qdrYMa0dmoo1zYusLN9mgZl9FtDlBHc=; b=k2kt1rGXU9CUBG2nenAFOUGk0OonctBISQOmPXYLUuutDrk8qH9JBM2vFNBKqUjemt eGhpwjiwC63hwcUBcrW+x3+zNoLMrjlAfwQ+6Urwy24ww0+tPBVw5jghmr8zcLs3XPKR /MIOEBFhuS12fr+rTLZgK6sd7mQ+8IqNKE7Mi0enOiAKInnK+/XjHSXnVpAziCRoAn7i 2bYR+MwdCnCe/QAyGdDIVklfPA0OOkUjrzYps/6W50BFnY2bkrlYYodCenktQhXroxHx blU3uNM5UZ+qG5Z5uBTy/xzwWo1Q3DvDPnQOd6h/K9DI9oZmU4ZVXtiZ3gZceJ7RKYSD xQOQ== X-Gm-Message-State: AOAM5326LeZz5GAAY/gTY9br3qEWiJ7ruBDg0+c/VJPh+Jj6DI09urJa YeT5sLpA797eGKMRCgWwILmNDw== X-Google-Smtp-Source: ABdhPJwG2atx5qgglv0A8vJv3VBrU83cNFaN2rmfDlL/rUP8HusrNjIOgSGcwJRywBv7vsLLq8QoFg== X-Received: by 2002:a65:5645:: with SMTP id m5mr21780300pgs.434.1592250131637; Mon, 15 Jun 2020 12:42:11 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id gq8sm293663pjb.14.2020.06.15.12.42.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jun 2020 12:42:10 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v9 3/8] test_firmware: add partial read support for request_firmware_into_buf Date: Mon, 15 Jun 2020 12:41:46 -0700 Message-Id: <20200615194151.7011-4-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200615194151.7011-1-scott.branden@broadcom.com> References: <20200615194151.7011-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add additional hooks to test_firmware to pass in support for partial file read using request_firmware_into_buf. buf_size: size of buffer to request firmware into partial: indicates that a partial file request is being made file_offset: to indicate offset into file to request Signed-off-by: Scott Branden --- lib/test_firmware.c | 154 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 142 insertions(+), 12 deletions(-) diff --git a/lib/test_firmware.c b/lib/test_firmware.c index 9fee2b93a8d1..48d8a3d5bea9 100644 --- a/lib/test_firmware.c +++ b/lib/test_firmware.c @@ -50,6 +50,9 @@ struct test_batched_req { * @name: the name of the firmware file to look for * @into_buf: when the into_buf is used if this is true * request_firmware_into_buf() will be used instead. + * @buf_size: size of buf to allocate when into_buf is true + * @file_offset: file offset to request when calling request_firmware_into_buf + * @partial: partial read opt when calling request_firmware_into_buf * @sync_direct: when the sync trigger is used if this is true * request_firmware_direct() will be used instead. * @send_uevent: whether or not to send a uevent for async requests @@ -89,6 +92,9 @@ struct test_batched_req { struct test_config { char *name; bool into_buf; + size_t buf_size; + size_t file_offset; + bool partial; bool sync_direct; bool send_uevent; u8 num_requests; @@ -183,6 +189,9 @@ static int __test_firmware_config_init(void) test_fw_config->num_requests = TEST_FIRMWARE_NUM_REQS; test_fw_config->send_uevent = true; test_fw_config->into_buf = false; + test_fw_config->buf_size = TEST_FIRMWARE_BUF_SIZE; + test_fw_config->file_offset = 0; + test_fw_config->partial = false; test_fw_config->sync_direct = false; test_fw_config->req_firmware = request_firmware; test_fw_config->test_result = 0; @@ -236,28 +245,35 @@ static ssize_t config_show(struct device *dev, dev_name(dev)); if (test_fw_config->name) - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "name:\t%s\n", test_fw_config->name); else - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "name:\tEMTPY\n"); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "num_requests:\t%u\n", test_fw_config->num_requests); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "send_uevent:\t\t%s\n", test_fw_config->send_uevent ? "FW_ACTION_HOTPLUG" : "FW_ACTION_NOHOTPLUG"); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "into_buf:\t\t%s\n", test_fw_config->into_buf ? "true" : "false"); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, + "buf_size:\t%zu\n", test_fw_config->buf_size); + len += scnprintf(buf + len, PAGE_SIZE - len, + "file_offset:\t%zu\n", test_fw_config->file_offset); + len += scnprintf(buf + len, PAGE_SIZE - len, + "partial:\t\t%s\n", + test_fw_config->partial ? "true" : "false"); + len += scnprintf(buf + len, PAGE_SIZE - len, "sync_direct:\t\t%s\n", test_fw_config->sync_direct ? "true" : "false"); - len += scnprintf(buf+len, PAGE_SIZE - len, + len += scnprintf(buf + len, PAGE_SIZE - len, "read_fw_idx:\t%u\n", test_fw_config->read_fw_idx); mutex_unlock(&test_fw_mutex); @@ -315,6 +331,30 @@ static ssize_t test_dev_config_show_bool(char *buf, bool val) return snprintf(buf, PAGE_SIZE, "%d\n", val); } +static int test_dev_config_update_size_t(const char *buf, + size_t size, + size_t *cfg) +{ + int ret; + long new; + + ret = kstrtol(buf, 10, &new); + if (ret) + return ret; + + mutex_lock(&test_fw_mutex); + *(size_t *)cfg = new; + mutex_unlock(&test_fw_mutex); + + /* Always return full write size even if we didn't consume all */ + return size; +} + +static ssize_t test_dev_config_show_size_t(char *buf, size_t val) +{ + return snprintf(buf, PAGE_SIZE, "%zu\n", val); +} + static ssize_t test_dev_config_show_int(char *buf, int val) { return snprintf(buf, PAGE_SIZE, "%d\n", val); @@ -400,6 +440,83 @@ static ssize_t config_into_buf_show(struct device *dev, } static DEVICE_ATTR_RW(config_into_buf); +static ssize_t config_buf_size_store(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + int rc; + + mutex_lock(&test_fw_mutex); + if (test_fw_config->reqs) { + pr_err("Must call release_all_firmware prior to changing config\n"); + rc = -EINVAL; + mutex_unlock(&test_fw_mutex); + goto out; + } + mutex_unlock(&test_fw_mutex); + + rc = test_dev_config_update_size_t(buf, count, + &test_fw_config->buf_size); + +out: + return rc; +} + +static ssize_t config_buf_size_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return test_dev_config_show_size_t(buf, test_fw_config->buf_size); +} +static DEVICE_ATTR_RW(config_buf_size); + +static ssize_t config_file_offset_store(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + int rc; + + mutex_lock(&test_fw_mutex); + if (test_fw_config->reqs) { + pr_err("Must call release_all_firmware prior to changing config\n"); + rc = -EINVAL; + mutex_unlock(&test_fw_mutex); + goto out; + } + mutex_unlock(&test_fw_mutex); + + rc = test_dev_config_update_size_t(buf, count, + &test_fw_config->file_offset); + +out: + return rc; +} + +static ssize_t config_file_offset_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return test_dev_config_show_size_t(buf, test_fw_config->file_offset); +} +static DEVICE_ATTR_RW(config_file_offset); + +static ssize_t config_partial_store(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + return test_dev_config_update_bool(buf, + count, + &test_fw_config->partial); +} + +static ssize_t config_partial_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return test_dev_config_show_bool(buf, test_fw_config->partial); +} +static DEVICE_ATTR_RW(config_partial); + static ssize_t config_sync_direct_store(struct device *dev, struct device_attribute *attr, const char *buf, size_t count) @@ -650,11 +767,21 @@ static int test_fw_run_batch_request(void *data) if (!test_buf) return -ENOSPC; - req->rc = request_firmware_into_buf(&req->fw, - req->name, - req->dev, - test_buf, - TEST_FIRMWARE_BUF_SIZE); + if (test_fw_config->partial) + req->rc = request_partial_firmware_into_buf + (&req->fw, + req->name, + req->dev, + test_buf, + test_fw_config->buf_size, + test_fw_config->file_offset); + else + req->rc = request_firmware_into_buf + (&req->fw, + req->name, + req->dev, + test_buf, + test_fw_config->buf_size); if (!req->fw) kfree(test_buf); } else { @@ -927,6 +1054,9 @@ static struct attribute *test_dev_attrs[] = { TEST_FW_DEV_ATTR(config_name), TEST_FW_DEV_ATTR(config_num_requests), TEST_FW_DEV_ATTR(config_into_buf), + TEST_FW_DEV_ATTR(config_buf_size), + TEST_FW_DEV_ATTR(config_file_offset), + TEST_FW_DEV_ATTR(config_partial), TEST_FW_DEV_ATTR(config_sync_direct), TEST_FW_DEV_ATTR(config_send_uevent), TEST_FW_DEV_ATTR(config_read_fw_idx), From patchwork Mon Jun 15 19:41:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11605637 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id ED54F6A2 for ; Mon, 15 Jun 2020 19:43:03 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D10DF20714 for ; Mon, 15 Jun 2020 19:43:03 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="INkNszYZ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731436AbgFOTnD (ORCPT ); Mon, 15 Jun 2020 15:43:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730722AbgFOTmS (ORCPT ); Mon, 15 Jun 2020 15:42:18 -0400 Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D2DCFC08C5CA for ; Mon, 15 Jun 2020 12:42:15 -0700 (PDT) Received: by mail-pl1-x62f.google.com with SMTP id m7so7220088plt.5 for ; Mon, 15 Jun 2020 12:42:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=sCHL24pJFJSFoASanMhktjUvoQlUfrXyegYhzckyoiE=; b=INkNszYZmY2wifOY2yJAIkXAChxTSePBWyOoj3tvJYRWfzjz0IgEM3o3cn8P1ksFmx kb6GtYmizImAg60vsTx3PS8iS2T6XGxfB0EbenzJoUUHJutkblYTO2bxLU5FnMDwZNJo JCmcIxNy4/LBVcnMwL5CsOSeX2VcquT7Y6Emw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=sCHL24pJFJSFoASanMhktjUvoQlUfrXyegYhzckyoiE=; b=YwqlXTPuAd7ICSNZwypveiaUqLZYoQvcFcDCXIbFig6SnE12JEOo0d53oKkutuvN8R Y96gOcscJzYOrAVFi/3+ShDI3R6J/JdkPD47FqmV/tnwduvHBbhtoFPhIzRYBfimuqyW 9FugBmuPvjPHh5LaQe+cuY9A204UOvGtQvuILIPZ33n9d8uY2ZIriVnOdX3aj7zaczxw 0k9Q2Fdm9jvbcKTfoU7iOb435Rey9ZUekpT3mbThfT9MF3l7AGqYBO4UEPjWzQ2IPxpz 8Lf+QI5OXWJfLF3/EqEpW3U0C4d/qrBqyDVdpSH1vmB6M6zYEqyW+Dq+5fklLWZDddMP EFVQ== X-Gm-Message-State: AOAM531IAmaldmhFevYc/li7u/JM60CX7rF0tjeogewJvp5FEJ4bRVVY SM6wuv0yVzbsTJt16VsuqAfhUQ== X-Google-Smtp-Source: ABdhPJyETP8Ql6VRKP/AE8oPj2cFuyHxiNTpgJzwUePlExmYGh8vR9y/8m3suyFQihVgaBg1YKVx5g== X-Received: by 2002:a17:90a:db91:: with SMTP id h17mr857845pjv.6.1592250135228; Mon, 15 Jun 2020 12:42:15 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id gq8sm293663pjb.14.2020.06.15.12.42.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jun 2020 12:42:14 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v9 4/8] firmware: test partial file reads of request_partial_firmware_into_buf Date: Mon, 15 Jun 2020 12:41:47 -0700 Message-Id: <20200615194151.7011-5-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200615194151.7011-1-scott.branden@broadcom.com> References: <20200615194151.7011-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add firmware tests for partial file reads of request_partial_firmware_into_buf. Signed-off-by: Scott Branden --- .../selftests/firmware/fw_filesystem.sh | 80 +++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/tools/testing/selftests/firmware/fw_filesystem.sh b/tools/testing/selftests/firmware/fw_filesystem.sh index fcc281373b4d..afc2e469ac06 100755 --- a/tools/testing/selftests/firmware/fw_filesystem.sh +++ b/tools/testing/selftests/firmware/fw_filesystem.sh @@ -149,6 +149,26 @@ config_unset_into_buf() echo 0 > $DIR/config_into_buf } +config_set_buf_size() +{ + echo $1 > $DIR/config_buf_size +} + +config_set_file_offset() +{ + echo $1 > $DIR/config_file_offset +} + +config_set_partial() +{ + echo 1 > $DIR/config_partial +} + +config_unset_partial() +{ + echo 0 > $DIR/config_partial +} + config_set_sync_direct() { echo 1 > $DIR/config_sync_direct @@ -207,6 +227,35 @@ read_firmwares() done } +read_partial_firmwares() +{ + if [ "$(cat $DIR/config_into_buf)" == "1" ]; then + fwfile="${FW_INTO_BUF}" + else + fwfile="${FW}" + fi + + if [ "$1" = "xzonly" ]; then + fwfile="${fwfile}-orig" + fi + + # Strip fwfile down to match partial offset and length + partial_data="$(cat $fwfile)" + partial_data="${partial_data:$2:$3}" + + for i in $(seq 0 3); do + config_set_read_fw_idx $i + + read_firmware="$(cat $DIR/read_firmware)" + + # Verify the contents are what we expect. + if [ $read_firmware != $partial_data ]; then + echo "request #$i: partial firmware was not loaded" >&2 + exit 1 + fi + done +} + read_firmwares_expect_nofile() { for i in $(seq 0 3); do @@ -319,6 +368,21 @@ test_batched_request_firmware_into_buf() echo "OK" } +test_batched_request_partial_firmware_into_buf() +{ + echo -n "Batched request_partial_firmware_into_buf() $2 off=$3 size=$4 try #$1: " + config_reset + config_set_name $TEST_FIRMWARE_INTO_BUF_FILENAME + config_set_into_buf + config_set_partial + config_set_buf_size $4 + config_set_file_offset $3 + config_trigger_sync + read_partial_firmwares $2 $3 $4 + release_all_firmware + echo "OK" +} + test_batched_request_firmware_direct() { echo -n "Batched request_firmware_direct() $2 try #$1: " @@ -371,6 +435,22 @@ for i in $(seq 1 5); do test_batched_request_firmware_into_buf $i normal done +for i in $(seq 1 5); do + test_batched_request_partial_firmware_into_buf $i normal 0 10 +done + +for i in $(seq 1 5); do + test_batched_request_partial_firmware_into_buf $i normal 0 5 +done + +for i in $(seq 1 5); do + test_batched_request_partial_firmware_into_buf $i normal 1 6 +done + +for i in $(seq 1 5); do + test_batched_request_partial_firmware_into_buf $i normal 2 10 +done + for i in $(seq 1 5); do test_batched_request_firmware_direct $i normal done From patchwork Mon Jun 15 19:41:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11605613 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B4FDA159A for ; Mon, 15 Jun 2020 19:42:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9DC82207D4 for ; Mon, 15 Jun 2020 19:42:33 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="A74fSeao" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730845AbgFOTmc (ORCPT ); Mon, 15 Jun 2020 15:42:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58238 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730898AbgFOTmT (ORCPT ); Mon, 15 Jun 2020 15:42:19 -0400 Received: from mail-pl1-x644.google.com (mail-pl1-x644.google.com [IPv6:2607:f8b0:4864:20::644]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2A6CFC05BD43 for ; Mon, 15 Jun 2020 12:42:19 -0700 (PDT) Received: by mail-pl1-x644.google.com with SMTP id bh7so7214509plb.11 for ; Mon, 15 Jun 2020 12:42:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=qz7MuNPVCvdbh+ZgEThp7mjF9Pplt5mjBACsV2Ifvtc=; b=A74fSeaoQzlMuw++8zjy8k1zKrLLoBUDXvwTseFLsX/ds5s1WwCBf9I1lZCQx9CffM o3bYB3ZXe3gEWxwnPWTG5cuuyXt8lAwfzt5BwvFPpc1ZqhKfuCgV1fgwRl35zZVTc9wz XleXlPJvtNBK9NuTqy6THEfz5Bn/cok4rwelY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=qz7MuNPVCvdbh+ZgEThp7mjF9Pplt5mjBACsV2Ifvtc=; b=QjDiaZdi15aGnYeLbSJVwcpbFUn96n62vutzCqgL1GwSt5JNDtupjSmOIStIVbzzxD /mZ49yS8NZ7v/Bk6+g2zCQVcBHb9mt2YQ3j3gBahWvqSEJU/o2GXLctXy4ShbvGAUV/u qSCzUMCvG2nE0BGboQZ2e0xX5NjMKu2/1r+m4m0vWs34iVWy/HkczxKFA+CuksQj9Ful c5pcpfFjMoe4gIJ6kWSWPcozCPjbZXjbi934lYcMDBb3KAWhprgmPuMCClDsOby0ok1C /r87hi19CwZvv4WpNlbfICbMG8u9NhYmLBAYn0rtNAnenpTgWrOt+DoKqXnAAwQHmsX/ 22UQ== X-Gm-Message-State: AOAM533kwx1kIMZe61n1yh2PRq+kDsMDHj/n6IHRinD4Rqv84mljc6bT mzXj2/8AuGWwsVoKfpT8a9971A== X-Google-Smtp-Source: ABdhPJxy7Rv3OiK694cZXNqbbicwndK11oR84CXYWdLGuIf2jvcD5x9s+YlkdK9YJwcqf3O+Cpe5fg== X-Received: by 2002:a17:90a:58f:: with SMTP id i15mr817627pji.78.1592250138555; Mon, 15 Jun 2020 12:42:18 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id gq8sm293663pjb.14.2020.06.15.12.42.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jun 2020 12:42:17 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v9 5/8] bcm-vk: add bcm_vk UAPI Date: Mon, 15 Jun 2020 12:41:48 -0700 Message-Id: <20200615194151.7011-6-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200615194151.7011-1-scott.branden@broadcom.com> References: <20200615194151.7011-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add user space api for bcm-vk driver. Signed-off-by: Scott Branden --- include/uapi/linux/misc/bcm_vk.h | 99 ++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 include/uapi/linux/misc/bcm_vk.h diff --git a/include/uapi/linux/misc/bcm_vk.h b/include/uapi/linux/misc/bcm_vk.h new file mode 100644 index 000000000000..783087b7c31f --- /dev/null +++ b/include/uapi/linux/misc/bcm_vk.h @@ -0,0 +1,99 @@ +/* SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) */ +/* + * Copyright 2018-2020 Broadcom. + */ + +#ifndef __UAPI_LINUX_MISC_BCM_VK_H +#define __UAPI_LINUX_MISC_BCM_VK_H + +#include +#include + +#define BCM_VK_MAX_FILENAME 64 + +struct vk_image { + __u32 type; /* Type of image */ +#define VK_IMAGE_TYPE_BOOT1 1 /* 1st stage (load to SRAM) */ +#define VK_IMAGE_TYPE_BOOT2 2 /* 2nd stage (load to DDR) */ + char filename[BCM_VK_MAX_FILENAME]; /* Filename of image */ +}; + +struct vk_reset { + __u32 arg1; + __u32 arg2; +}; + +#define VK_MAGIC 0x5e + +/* Load image to Valkyrie */ +#define VK_IOCTL_LOAD_IMAGE _IOW(VK_MAGIC, 0x2, struct vk_image) + +/* Send Reset to Valkyrie */ +#define VK_IOCTL_RESET _IOW(VK_MAGIC, 0x4, struct vk_reset) + +/* + * message block - basic unit in the message where a message's size is always + * N x sizeof(basic_block) + */ +struct vk_msg_blk { + __u8 function_id; +#define VK_FID_TRANS_BUF 5 +#define VK_FID_SHUTDOWN 8 + __u8 size; + __u16 trans_id; /* transport id, queue & msg_id */ + __u32 context_id; + __u32 args[2]; +#define VK_CMD_PLANES_MASK 0x000f /* number of planes to up/download */ +#define VK_CMD_UPLOAD 0x0400 /* memory transfer to vk */ +#define VK_CMD_DOWNLOAD 0x0500 /* memory transfer from vk */ +#define VK_CMD_MASK 0x0f00 /* command mask */ +}; + +#define VK_BAR_FWSTS 0x41c +#define VK_BAR_COP_FWSTS 0x428 +/* VK_FWSTS definitions */ +#define VK_FWSTS_RELOCATION_ENTRY BIT(0) +#define VK_FWSTS_RELOCATION_EXIT BIT(1) +#define VK_FWSTS_INIT_START BIT(2) +#define VK_FWSTS_ARCH_INIT_DONE BIT(3) +#define VK_FWSTS_PRE_KNL1_INIT_DONE BIT(4) +#define VK_FWSTS_PRE_KNL2_INIT_DONE BIT(5) +#define VK_FWSTS_POST_KNL_INIT_DONE BIT(6) +#define VK_FWSTS_INIT_DONE BIT(7) +#define VK_FWSTS_APP_INIT_START BIT(8) +#define VK_FWSTS_APP_INIT_DONE BIT(9) +#define VK_FWSTS_MASK 0xffffffff +#define VK_FWSTS_READY (VK_FWSTS_INIT_START | \ + VK_FWSTS_ARCH_INIT_DONE | \ + VK_FWSTS_PRE_KNL1_INIT_DONE | \ + VK_FWSTS_PRE_KNL2_INIT_DONE | \ + VK_FWSTS_POST_KNL_INIT_DONE | \ + VK_FWSTS_INIT_DONE | \ + VK_FWSTS_APP_INIT_START | \ + VK_FWSTS_APP_INIT_DONE) +/* Deinit */ +#define VK_FWSTS_APP_DEINIT_START BIT(23) +#define VK_FWSTS_APP_DEINIT_DONE BIT(24) +#define VK_FWSTS_DRV_DEINIT_START BIT(25) +#define VK_FWSTS_DRV_DEINIT_DONE BIT(26) +#define VK_FWSTS_RESET_DONE BIT(27) +#define VK_FWSTS_DEINIT_TRIGGERED (VK_FWSTS_APP_DEINIT_START | \ + VK_FWSTS_APP_DEINIT_DONE | \ + VK_FWSTS_DRV_DEINIT_START | \ + VK_FWSTS_DRV_DEINIT_DONE) +/* Last nibble for reboot reason */ +#define VK_FWSTS_RESET_REASON_SHIFT 28 +#define VK_FWSTS_RESET_REASON_MASK (0xf << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_SYS_PWRUP (0x0 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_MBOX_DB (0x1 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_M7_WDOG (0x2 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_TEMP (0x3 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_PCI_FLR (0x4 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_PCI_HOT (0x5 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_PCI_WARM (0x6 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_PCI_COLD (0x7 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_L1 (0x8 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_L0 (0x9 << VK_FWSTS_RESET_REASON_SHIFT) +#define VK_FWSTS_RESET_UNKNOWN (0xf << VK_FWSTS_RESET_REASON_SHIFT) + +#endif /* __UAPI_LINUX_MISC_BCM_VK_H */ From patchwork Mon Jun 15 19:41:50 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11605623 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DBF6760D for ; Mon, 15 Jun 2020 19:42:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C41DD207D3 for ; Mon, 15 Jun 2020 19:42:39 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="U9lxy3jE" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731169AbgFOTmf (ORCPT ); Mon, 15 Jun 2020 15:42:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58322 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731141AbgFOTmd (ORCPT ); Mon, 15 Jun 2020 15:42:33 -0400 Received: from mail-pf1-x442.google.com (mail-pf1-x442.google.com [IPv6:2607:f8b0:4864:20::442]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B5815C08C5CB for ; Mon, 15 Jun 2020 12:42:26 -0700 (PDT) Received: by mail-pf1-x442.google.com with SMTP id x22so8268912pfn.3 for ; Mon, 15 Jun 2020 12:42:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=EN1IhuHOwzgoOcWyZIy9cQLF20jppiOEN2CrFnDInH8=; b=U9lxy3jE22JUx9l9TV8z9qLuPgIwP3ylxQU8Oumrvr9oyBQsLce9TnB7+K5bfye5Rt uSfK6xnQ0iLu3hF2G/vBHdDn/bbuiTEXKjRZhRPX4Oe5f9f7l4y/eKqXwqR0BaJFJ6Kg yVYKCNCf6yBQoC4Q5z7/kPeFqVPc4lPPSW40Y= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=EN1IhuHOwzgoOcWyZIy9cQLF20jppiOEN2CrFnDInH8=; b=Zsocxzw3iAaNlNSJmcXDCFdcwVES2k3zlZ78neXUwQHjTORJyQcZsZ8IaBaq4O1lmn 93WIZJLn3mhSJvFQXL1YrcT7uOGH5AFdawOx26TSJarIDOaXJpP2D6z5l8rNP2oTAqQ1 AMBf8Pon38HKT85hC0q+yiAnlleNAK679XVv+GXb7eurTT96c93RplR5utDKfxUFoB9H YwHgnPw6WVmQE2ThiSuRQIFlP/FL/cJGuyX5jAL5b6F907JVtLr3zQPw8x6PPMoGopxr CDarxX3BYwZ668Yw34HO8EWu+izJFB1Y76KgUsqBm7tmTmuJxjF9Z83PFkp8jgEvJw3r facA== X-Gm-Message-State: AOAM531P0RGVbXMmjlNLATpndFeioppJD3Sud1RsM/PATy4p848PUewh Tp/Cdr60AnEHZSHY/9bbwByHVQ== X-Google-Smtp-Source: ABdhPJyBz/jS9zEuqkK2ql9UA5VzjypmIVHnFoC/77SXnpjE2nUSYBpVs6rkRwL2bVBYYLvYR9xePA== X-Received: by 2002:a63:214d:: with SMTP id s13mr21585779pgm.277.1592250145955; Mon, 15 Jun 2020 12:42:25 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id gq8sm293663pjb.14.2020.06.15.12.42.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jun 2020 12:42:25 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v9 7/8] MAINTAINERS: bcm-vk: add maintainer for Broadcom VK Driver Date: Mon, 15 Jun 2020 12:41:50 -0700 Message-Id: <20200615194151.7011-8-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200615194151.7011-1-scott.branden@broadcom.com> References: <20200615194151.7011-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add maintainer entry for new Broadcom VK Driver Signed-off-by: Scott Branden --- MAINTAINERS | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index 83078661cd2b..ce29c7d0b228 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -3657,6 +3657,13 @@ L: netdev@vger.kernel.org S: Supported F: drivers/net/ethernet/broadcom/tg3.* +BROADCOM VK DRIVER +M: Scott Branden +L: bcm-kernel-feedback-list@broadcom.com +S: Supported +F: drivers/misc/bcm-vk/ +F: include/uapi/linux/misc/bcm_vk.h + BROCADE BFA FC SCSI DRIVER M: Anil Gurumurthy M: Sudarsana Kalluru From patchwork Mon Jun 15 19:41:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Branden X-Patchwork-Id: 11605635 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C348860D for ; Mon, 15 Jun 2020 19:43:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AA4D220714 for ; Mon, 15 Jun 2020 19:43:02 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="fZanf+Q+" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731179AbgFOTmu (ORCPT ); Mon, 15 Jun 2020 15:42:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58328 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731124AbgFOTmd (ORCPT ); Mon, 15 Jun 2020 15:42:33 -0400 Received: from mail-pj1-x1043.google.com (mail-pj1-x1043.google.com [IPv6:2607:f8b0:4864:20::1043]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D52DAC00862F for ; Mon, 15 Jun 2020 12:42:29 -0700 (PDT) Received: by mail-pj1-x1043.google.com with SMTP id h22so308642pjf.1 for ; Mon, 15 Jun 2020 12:42:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3JfL5rZ2jBHVHruE8gOvtqg9JyZgUNdlEVNmiNcV2KM=; b=fZanf+Q+DkHfo4aMqHOFUedXmvMVZgrQLA/WZwrpg3u80ggEz5uw8dl6q1DJv6I69K eYo3FCvwRfsraJfmLiMYBs2O/FSWtFfrZQSFOcptNWbiVrSU5HTXZzTDtSQsIil04nL+ zttQYNpicIkl/Y5bhmPKZWvnMFmApQ6ukgXro= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3JfL5rZ2jBHVHruE8gOvtqg9JyZgUNdlEVNmiNcV2KM=; b=ewCcXBZ4ZLTHsrof0lvDLeV0n+g6pZbdM76SFdiE47jPksIE3bfjqASGsrIgEQZahw LGe0HNBQKbe8k4u2zCL6dq1zKJzl78+Uzs0q4BZszXNdE06gRdeMBoFL4bg5fZVdBR3s SxiN/PDg93lErpZtzJoB00LL2XHl0wP+M3ygAt1bZoQukfyJVgH6wHxM9UCuhw0eUYrv H++aozwLCSq5/DkjUIc235Xg+8BgH2SKDdIZJZ6+j2aG2OyzgO7GQCg3qH1KvxS++t7u zSCGskZeRHpE+eU6HNhSQgrundTVF1BqIUCDvuKvCdnweOHN9Xtr6rc+4rJ3YIMNvPWI gh5A== X-Gm-Message-State: AOAM5322yi+hM4eG2rxSlnXkmRbIZz91h4Bmmd4HNV9tPEkwcGmuNtnn 6Dbc+/QM8YbSCzyg40I9RhRXJg== X-Google-Smtp-Source: ABdhPJx3kMXK9CvuRG607l8hAulj7XpeylNQZX9QIPNmIiTc3+hVVDCGFUV4snMFUNJ8QV1CHz5ttA== X-Received: by 2002:a17:902:8208:: with SMTP id x8mr13325262pln.114.1592250149282; Mon, 15 Jun 2020 12:42:29 -0700 (PDT) Received: from lbrmn-lnxub113.broadcom.net ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id gq8sm293663pjb.14.2020.06.15.12.42.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jun 2020 12:42:28 -0700 (PDT) From: Scott Branden To: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Scott Branden Subject: [PATCH v9 8/8] ima: add FIRMWARE_PARTIAL_READ support Date: Mon, 15 Jun 2020 12:41:51 -0700 Message-Id: <20200615194151.7011-9-scott.branden@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200615194151.7011-1-scott.branden@broadcom.com> References: <20200615194151.7011-1-scott.branden@broadcom.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Add FIRMWARE_PARTIAL_READ support for integrity measurement on partial reads of firmware files. Signed-off-by: Scott Branden --- security/integrity/ima/ima_main.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index c1583d98c5e5..5602bc858369 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -610,6 +610,9 @@ void ima_post_path_mknod(struct dentry *dentry) */ int ima_read_file(struct file *file, enum kernel_read_file_id read_id) { + enum ima_hooks func; + u32 secid; + /* * READING_FIRMWARE_PREALLOC_BUFFER * @@ -618,11 +621,27 @@ int ima_read_file(struct file *file, enum kernel_read_file_id read_id) * of IMA's signature verification any more than when using two * buffers? */ - return 0; + if (read_id != READING_FIRMWARE_PARTIAL_READ) + return 0; + + if (!file) { + if ((ima_appraise & IMA_APPRAISE_FIRMWARE) && + (ima_appraise & IMA_APPRAISE_ENFORCE)) { + pr_err("Prevent firmware loading_store.\n"); + return -EACCES; /* INTEGRITY_UNKNOWN */ + } + return 0; + } + + func = read_idmap[read_id] ?: FILE_CHECK; + security_task_getsecid(current, &secid); + return process_measurement(file, current_cred(), secid, NULL, + 0, MAY_READ, func); } const int read_idmap[READING_MAX_ID] = { [READING_FIRMWARE] = FIRMWARE_CHECK, + [READING_FIRMWARE_PARTIAL_READ] = FIRMWARE_CHECK, [READING_FIRMWARE_PREALLOC_BUFFER] = FIRMWARE_CHECK, [READING_MODULE] = MODULE_CHECK, [READING_KEXEC_IMAGE] = KEXEC_KERNEL_CHECK, @@ -649,6 +668,9 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, enum ima_hooks func; u32 secid; + if (read_id == READING_FIRMWARE_PARTIAL_READ) + return 0; + if (!file && read_id == READING_FIRMWARE) { if ((ima_appraise & IMA_APPRAISE_FIRMWARE) && (ima_appraise & IMA_APPRAISE_ENFORCE)) {