[PATCH v3 0/5] firmware_class: extensible firmware API

From: "Luis R. Rodriguez" <mcg...@suse.com> This v3 builds up on the last v2 series from October [0], I had not send out any updates after that as we had the kernel summit and figured it'd be best to hash out any kinks there. This patch set *only* provides a new set of extensible

[PATCH v3 2/5] firmware: move completing fw into a helper

From: "Luis R. Rodriguez" <mcg...@suse.com> This will be re-used later through a new extensible interface. Signed-off-by: Luis R. Rodriguez <mcg...@suse.com> --- drivers/base/firmware_class.c | 14 ++ 1 file changed, 10 insertions(+), 4 deletions(-) dif

[PATCH v3 4/5] firmware: generalize reading file contents as a helper

kexec: copy_file_fd() While at it this also cleans up the exit paths on fw_read_file(). Reviewed-by: Josh Boyer <jwbo...@fedoraproject.org> Signed-off-by: David Howells <dhowe...@redhat.com> Signed-off-by: Luis R. Rodriguez <mcg...@suse.com> --- drivers/ba

[PATCH v3 5/5] firmware: add an extensible system data helpers

From: "Luis R. Rodriguez" <mcg...@suse.com> The firmware API has evolved over the years slowly, as it grows we extend it by adding new routines or at times we extend existing routines with more or less arguments. This doesn't scale well, when new arguments are added to existing r

[PATCH v3 3/5] firmware: fold successful fw read early

From: David Howells <dhowe...@redhat.com> We'll be folding in some more checks on fw_read_file_contents(), this will make the success case easier to follow. Signed-off-by: David Howells <dhowe...@redhat.com> Signed-off-by: Luis R. Rodriguez <mcg...@suse.com> --- drivers/bas

[PATCH v3 1/5] firmware: generalize "firmware" as "system data" helpers

From: "Luis R. Rodriguez" <mcg...@suse.com> Historically firmware_class code was added to help get device driver firmware binaries but these days request_firmware*() helpers are being repurposed for general system data needed by the kernel. Annotate this before we extend fi

Re: [PATCH v1 6/7] ima: measure and appraise the IMA policy itself

On Sun, Dec 20, 2015 at 12:11:04AM -0500, Mimi Zohar wrote: > On Thu, 2015-12-17 at 23:03 +0100, Luis R. Rodriguez wrote: > > On Tue, Dec 08, 2015 at 01:01:23PM -0500, Mimi Zohar wrote: > > > diff --git a/security/integrity/iint.c b/security/integrity/iint.c > > > in

Re: [PATCH v1 3/7] ima: load policy using path

On Thu, Dec 17, 2015 at 11:33 AM, Luis R. Rodriguez <mcg...@suse.com> wrote: > Please no, instead of adding yet-another kernel file-loading facility which is > likely error prone we should consolidate *all kernel file-loading facilities* > into a *common generic shared one*. So plea

Re: [PATCH v1 5/7] ima: measure and appraise firmware (improvement)

On Sat, Dec 19, 2015 at 11:44:41PM -0500, Mimi Zohar wrote: > On Thu, 2015-12-17 at 22:06 +0100, Luis R. Rodriguez wrote: > > On Tue, Dec 08, 2015 at 01:01:22PM -0500, Mimi Zohar wrote: > > > diff --git a/drivers/base/firmware_class.c b/drivers/base/firmware_class.c > >

Re: [PATCH v1 4/7] ima: measure and appraise kexec image and initramfs

On Thu, Dec 17, 2015 at 07:32:10AM -0500, Mimi Zohar wrote: > On Thu, 2015-12-17 at 14:45 +0800, Dave Young wrote: > > On 12/08/15 at 02:15pm, Mimi Zohar wrote: > > > There's a lot of code duplication for reading a file by the kernel (eg. > > > kexec, firmware, kernel modules, ...). Each place

Re: [PATCH v1 3/7] ima: load policy using path

The subject should probably be: ima: add support to load policy from path Cc'ing Roberts who originally wanted SELinux file policy signing capabilities. Also Greg, who is reviewing the sysdata file changes I had proposed which would provide a generic file loading facility for modules, and later a

Re: [PATCH v1 5/7] ima: measure and appraise firmware (improvement)

On Tue, Dec 08, 2015 at 01:01:22PM -0500, Mimi Zohar wrote: > diff --git a/drivers/base/firmware_class.c b/drivers/base/firmware_class.c > index 8524450..dcd902f 100644 > --- a/drivers/base/firmware_class.c > +++ b/drivers/base/firmware_class.c > @@ -29,6 +29,7 @@ > #include > #include >

Re: [PATCH v1 6/7] ima: measure and appraise the IMA policy itself

On Tue, Dec 08, 2015 at 01:01:23PM -0500, Mimi Zohar wrote: > diff --git a/security/integrity/iint.c b/security/integrity/iint.c > index 8a45576..4d149c9 100644 > --- a/security/integrity/iint.c > +++ b/security/integrity/iint.c > @@ -222,6 +223,11 @@ int integrity_read_file(const char *path, char

Re: [PATCH 1/4] firmware: generalize "firmware" as "system data" helpers

On Thu, Oct 8, 2015 at 1:16 PM, Josh Boyer <jwbo...@fedoraproject.org> wrote: > On Tue, Oct 6, 2015 at 5:08 AM, Greg KH <gre...@linuxfoundation.org> wrote: >> Just responding to one thing at the moment: >> >> On Mon, Oct 05, 2015 at 11:22:22PM +0200, Luis R. R

Re: Problems loading firmware using built-in drivers with kernels that use initramfs.

On Sun, Aug 30, 2015 at 11:11 AM, Linus Torvalds wrote: > On Sun, Aug 30, 2015 at 1:25 AM, Arend van Spriel wrote: >> On 08/29/2015 12:38 PM, Ming Lei wrote: >> >> Does this mean a built-in driver can not get firmware from initramfs or >> built

Re: [PATCH v2 4/5] firmware: generalize reading file contents as a helper

On Fri, Oct 09, 2015 at 08:46:42AM -0400, Josh Boyer wrote: > On Thu, Oct 8, 2015 at 6:54 PM, Luis R. Rodriguez <mcg...@suse.com> wrote: > > On Thu, Oct 08, 2015 at 01:36:53PM -0400, Josh Boyer wrote: > >> On Thu, Oct 1, 2015 at 1:44 PM, Luis R. Rodriguez > >>

Re: [PATCH v2 5/5] firmware: add an extensible system data helpers

On Thu, Oct 08, 2015 at 01:59:11PM -0400, Josh Boyer wrote: > On Thu, Oct 1, 2015 at 1:44 PM, Luis R. Rodriguez > > +static inline int desc_sync_found_call_cb(const struct sysdata_file_desc > > *desc, > > + const struct sysda

Re: [PATCH v2 4/5] firmware: generalize reading file contents as a helper

On Thu, Oct 08, 2015 at 01:36:53PM -0400, Josh Boyer wrote: > On Thu, Oct 1, 2015 at 1:44 PM, Luis R. Rodriguez > <mcg...@do-not-panic.com> wrote: > > From: David Howells <dhowe...@redhat.com> > > > > We'll want to reuse this same code later in order to > >

Re: [PATCH 1/4] firmware: generalize "firmware" as "system data" helpers]

On Tue, Oct 06, 2015 at 10:08:21AM +0100, Greg KH wrote: > Just responding to one thing at the moment: > > On Mon, Oct 05, 2015 at 11:22:22PM +0200, Luis R. Rodriguez wrote: > > * we should phase out the usermode helper from firmware_class long term > > You can &qu

[PATCH v2 2/5] firmware: move completing fw into a helper

From: "Luis R. Rodriguez" <mcg...@suse.com> This will be re-used later through a new extensible interface. Signed-off-by: Luis R. Rodriguez <mcg...@suse.com> --- drivers/base/firmware_class.c | 14 ++ 1 file changed, 10 insertions(+), 4 deletions(-) dif

[PATCH v2 0/5] firmware_class: extensible firmware API

From: "Luis R. Rodriguez" <mcg...@suse.com> This v2 series pushes together a few simple code shifts me and David worked on with a new extensible firmware API. I have bundled these changes together as in my last v1 series [0] it was not clear why the first simple set of changes

[PATCH v2 1/5] firmware: generalize "firmware" as "system data" helpers

From: "Luis R. Rodriguez" <mcg...@suse.com> Historically firmware_class code was added to help get device driver firmware binaries but these days request_firmware*() helpers are being repurposed for general system data needed by the kernel. Annotate this before we extend fi

[PATCH v2 5/5] firmware: add an extensible system data helpers

From: "Luis R. Rodriguez" <mcg...@suse.com> The firmware API has evolved over the years slowly, as it grows we extend it by adding new routines or at times we extend existing routines with more or less arguments. This doesn't scale well, when new arguments are added to existing r

[PATCH v2 4/5] firmware: generalize reading file contents as a helper

d size if the file is found. While at it this cleans up the exit paths on fw_read_file(). Signed-off-by: David Howells <dhowe...@redhat.com> Signed-off-by: Luis R. Rodriguez <mcg...@suse.com> --- drivers/base/firmware_class.c | 62 +++ 1 file chan

Re: Linux Firmware Signing

On Thu, Sep 03, 2015 at 02:14:18PM -0700, Kees Cook wrote: > [removed bounced email addresses] > > On Wed, Sep 2, 2015 at 2:37 PM, Luis R. Rodriguez <mcg...@suse.com> wrote: > > On Wed, Sep 02, 2015 at 01:54:43PM -0700, Kees Cook wrote: > >> On Wed, Sep 2, 2015 at 11