kybaaz/linux-xiaomi-chiron
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
linux-xiaomi-chiron/drivers/base/firmware_loader
History
Sven Van Asbroeck 2472d64af2 firmware: improve LSM/IMA security behaviour 
The firmware loader queries if LSM/IMA permits it to load firmware
via the sysfs fallback. Unfortunately, the code does the opposite:
it expressly permits sysfs fw loading if security_kernel_load_data(
LOADING_FIRMWARE) returns -EACCES. This happens because a
zero-on-success return value is cast to a bool that's true on success.

Fix the return value handling so we get the correct behaviour.

Fixes: 6e852651f2 ("firmware: add call to LSM hook before firmware sysfs fallback")
Cc: Stable <stable@vger.kernel.org>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: Kees Cook <keescook@chromium.org>
To: Luis Chamberlain <mcgrof@kernel.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "Rafael J. Wysocki" <rafael@kernel.org>
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Sven Van Asbroeck <TheSven73@gmail.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-18 09:10:02 +02:00
..
builtin drivers: base: firmware_loader: add proper SPDX identifiers on files that did not have them. 2019-04-04 20:03:40 +02:00
fallback.c firmware: improve LSM/IMA security behaviour 2019-06-18 09:10:02 +02:00
fallback.h firmware: rename fw_sysfs_fallback to firmware_fallback_sysfs() 2018-05-14 16:43:09 +02:00
fallback_table.c firmware_loader: move CONFIG_FW_LOADER_USER_HELPER switch to Makefile 2019-01-22 10:23:18 +01:00
firmware.h firmware: Unify the paged buffer release helper 2019-06-10 19:20:37 +02:00
Kconfig drivers: base: firmware_loader: add proper SPDX identifiers on files that did not have them. 2019-04-04 20:03:40 +02:00
main.c firmware: Use kvmalloc for page tables 2019-06-10 19:20:37 +02:00
Makefile firmware_loader: move firmware/ to drivers/base/firmware_loader/builtin/ 2019-01-22 10:23:18 +01:00