[RFC PATCH v2 08/11] module: replace copy_module_from_fd with kernel version
Luis R. Rodriguez
mcgrof at suse.com
Wed Jan 20 16:03:00 PST 2016
On Mon, Jan 18, 2016 at 10:11:23AM -0500, Mimi Zohar wrote:
> This patch replaces the module copy_module_from_fd() call with the VFS
> common kernel_read_file_from_fd() function. Instead of reading the
> kernel module twice, once for measuring/appraising and then loading
> the kernel module, the file is read once.
>
> This patch defines a new security hook named security_kernel_read_file(),
> which is called before reading the file. For now, call the module
> security hook from security_kernel_read_file until the LSMs have been
> converted to use the kernel_read_file hook.
>
> This patch retains the kernel_module_from_file hook, but removes the
> security_kernel_module_from_file() function.
I think it would help if your cover letter and this patch described
a bit that some LSMs either prefer to read / check / appraise files
prior to loading and some other prefer to do that later. You could
explain the LSM hook preferences and what they do. Then here you
can explain how this one prefers a hook early, but acknowledge that
the other one still exists.
So:
kernel_read_file() {
...
security_kernel_read_file();
...
security_kernel_post_read_file();
...
}
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index 4e6e2af..9915310 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1465,6 +1471,7 @@ union security_list_options {
> int (*kernel_fw_from_file)(struct file *file, char *buf, size_t size);
> int (*kernel_module_request)(char *kmod_name);
> int (*kernel_module_from_file)(struct file *file);
> + int (*kernel_read_file)(struct file *file, int policy_id);
> int (*kernel_post_read_file)(struct file *file, char *buf, loff_t size,
> int policy_id);
> int (*task_fix_setuid)(struct cred *new, const struct cred *old,
Is the goal to eventually kill the other LSM hooks and just keep the
file one? If so where is that done in this series? It was not clear.
Luis
More information about the kexec
mailing list