Linux-Fsdevel Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Luis Chamberlain <mcgrof@kernel.org>
To: Mimi Zohar <zohar@kernel.org>
Cc: Scott Branden <scott.branden@broadcom.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	David Brown <david.brown@linaro.org>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Shuah Khan <shuah@kernel.org>,
	bjorn.andersson@linaro.org,
	Shuah Khan <skhan@linuxfoundation.org>,
	Arnd Bergmann <arnd@arndb.de>,
	"Rafael J . Wysocki" <rafael@kernel.org>,
	linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org,
	linux-fsdevel@vger.kernel.org,
	BCM Kernel Feedback <bcm-kernel-feedback-list@broadcom.com>,
	Olof Johansson <olof@lixom.net>,
	Andrew Morton <akpm@linux-foundation.org>,
	Dan Carpenter <dan.carpenter@oracle.com>,
	Colin Ian King <colin.king@canonical.com>,
	Kees Cook <keescook@chromium.org>, Takashi Iwai <tiwai@suse.de>,
	linux-kselftest@vger.kernel.org, Andy Gross <agross@kernel.org>
Subject: Re: [PATCH v5 0/7] firmware: add partial read support in request_firmware_into_buf
Date: Fri, 15 May 2020 20:47:00 +0000	[thread overview]
Message-ID: <20200515204700.GC11244@42.do-not-panic.com> (raw)
In-Reply-To: <1589387039.5098.147.camel@kernel.org>

On Wed, May 13, 2020 at 12:23:59PM -0400, Mimi Zohar wrote:
> Hi Scott,
> 
> On Thu, 2020-05-07 at 17:27 -0700, Scott Branden wrote:
> > Please consider this version series ready for upstream acceptance.
> > 
> > This patch series adds partial read support in request_firmware_into_buf.
> > In order to accept the enhanced API it has been requested that kernel
> > selftests and upstreamed driver utilize the API enhancement and so
> > are included in this patch series.
> > 
> > Also in this patch series is the addition of a new Broadcom VK driver
> > utilizing the new request_firmware_into_buf enhanced API.
> 
> Up to now, the firmware blob was read into memory allowing IMA to
> verify the file signature.  With this change, ima_post_read_file()
> will not be able to verify the file signature.
> 
> (I don't think any of the other LSMs are on this hook, but you might
> want to Cc the LSM or integrity mailing list.)

Scott, so it sounds we need a resolution for pread for IMA for file
signature verification. It seems that can be addressed though. Feel
free to submit the u32 flag changes which you picked up on though in
the meantime.

  Luis

  reply	other threads:[~2020-05-15 20:47 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-08  0:27 Scott Branden
2020-05-08  0:27 ` [PATCH v5 1/7] fs: introduce kernel_pread_file* support Scott Branden
2020-05-13  0:27   ` Luis Chamberlain
2020-05-13  6:23     ` Scott Branden
2020-05-13  6:51       ` Greg Kroah-Hartman
2020-05-13  8:16         ` Scott Branden
2020-05-13 18:39   ` Mimi Zohar
2020-05-13 18:53     ` Scott Branden
2020-05-13 18:57       ` Scott Branden
2020-05-13 19:03       ` Mimi Zohar
2020-05-13 19:18         ` Scott Branden
2020-05-13 19:39           ` Mimi Zohar
2020-05-13 19:41             ` Scott Branden
2020-05-13 21:20               ` Mimi Zohar
2020-05-13 21:28                 ` Luis Chamberlain
2020-05-13 22:12                   ` Mimi Zohar
2020-05-13 22:48                     ` Scott Branden
2020-05-13 23:00                       ` Mimi Zohar
2020-05-13 23:34                         ` Kees Cook
2020-05-13 23:58                           ` Mimi Zohar
2020-05-08  0:27 ` [PATCH v5 2/7] firmware: add offset to request_firmware_into_buf Scott Branden
2020-05-13  0:33   ` Luis Chamberlain
2020-05-13 18:35     ` Scott Branden
2020-05-15 20:44       ` Luis Chamberlain
2020-05-08  0:27 ` [PATCH v5 3/7] test_firmware: add partial read support for request_firmware_into_buf Scott Branden
2020-05-13  0:35   ` Luis Chamberlain
2020-05-08  0:27 ` [PATCH v5 4/7] firmware: test partial file reads of request_firmware_into_buf Scott Branden
2020-05-08  0:27 ` [PATCH v5 5/7] bcm-vk: add bcm_vk UAPI Scott Branden
2020-05-08  0:27 ` [PATCH v5 7/7] MAINTAINERS: bcm-vk: add maintainer for Broadcom VK Driver Scott Branden
     [not found] ` <20200508002739.19360-7-scott.branden@broadcom.com>
2020-05-13  0:38   ` [PATCH v5 6/7] misc: bcm-vk: add Broadcom VK driver Luis Chamberlain
2020-05-13  6:31     ` Scott Branden
2020-05-13  6:50       ` Greg Kroah-Hartman
2020-05-13 12:30         ` Luis Chamberlain
2020-05-13 18:39           ` Scott Branden
2020-05-13 16:23 ` [PATCH v5 0/7] firmware: add partial read support in request_firmware_into_buf Mimi Zohar
2020-05-15 20:47   ` Luis Chamberlain [this message]
2020-05-15 23:28     ` Scott Branden
2020-05-16  1:05       ` Luis Chamberlain

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200515204700.GC11244@42.do-not-panic.com \
    --to=mcgrof@kernel.org \
    --cc=agross@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=arnd@arndb.de \
    --cc=bcm-kernel-feedback-list@broadcom.com \
    --cc=bjorn.andersson@linaro.org \
    --cc=colin.king@canonical.com \
    --cc=dan.carpenter@oracle.com \
    --cc=david.brown@linaro.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=keescook@chromium.org \
    --cc=linux-arm-msm@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=olof@lixom.net \
    --cc=rafael@kernel.org \
    --cc=scott.branden@broadcom.com \
    --cc=shuah@kernel.org \
    --cc=skhan@linuxfoundation.org \
    --cc=tiwai@suse.de \
    --cc=viro@zeniv.linux.org.uk \
    --cc=zohar@kernel.org \
    --subject='Re: [PATCH v5 0/7] firmware: add partial read support in request_firmware_into_buf' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).