fs/kernel_read_file: Add file_size output argument

In preparation for adding partial read support, add an optional output
argument to kernel_read_file*() that reports the file size so callers
can reason more easily about their reading progress.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Acked-by: Scott Branden <scott.branden@broadcom.com>
Link: https://lore.kernel.org/r/20201002173828.2099543-8-keescook@chromium.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Kees Cook 2020-10-02 10:38:19 -07:00 committed by Greg Kroah-Hartman
parent 113eeb5177
commit 885352881f
7 changed files with 23 additions and 11 deletions

View File

@ -500,6 +500,7 @@ fw_get_filesystem_firmware(struct device *device, struct fw_priv *fw_priv,
/* load firmware files from the mount namespace of init */ /* load firmware files from the mount namespace of init */
rc = kernel_read_file_from_path_initns(path, &buffer, msize, rc = kernel_read_file_from_path_initns(path, &buffer, msize,
NULL,
READING_FIRMWARE); READING_FIRMWARE);
if (rc < 0) { if (rc < 0) {
if (rc != -ENOENT) if (rc != -ENOENT)

View File

@ -14,6 +14,8 @@
* @buf_size will be ignored) * @buf_size will be ignored)
* @buf_size size of buf, if already allocated. If @buf not * @buf_size size of buf, if already allocated. If @buf not
* allocated, this is the largest size to allocate. * allocated, this is the largest size to allocate.
* @file_size if non-NULL, the full size of @file will be
* written here.
* @id the kernel_read_file_id identifying the type of * @id the kernel_read_file_id identifying the type of
* file contents being read (for LSMs to examine) * file contents being read (for LSMs to examine)
* *
@ -22,7 +24,8 @@
* *
*/ */
int kernel_read_file(struct file *file, void **buf, int kernel_read_file(struct file *file, void **buf,
size_t buf_size, enum kernel_read_file_id id) size_t buf_size, size_t *file_size,
enum kernel_read_file_id id)
{ {
loff_t i_size, pos; loff_t i_size, pos;
ssize_t bytes = 0; ssize_t bytes = 0;
@ -49,6 +52,8 @@ int kernel_read_file(struct file *file, void **buf,
ret = -EFBIG; ret = -EFBIG;
goto out; goto out;
} }
if (file_size)
*file_size = i_size;
if (!*buf) if (!*buf)
*buf = allocated = vmalloc(i_size); *buf = allocated = vmalloc(i_size);
@ -91,7 +96,8 @@ int kernel_read_file(struct file *file, void **buf,
EXPORT_SYMBOL_GPL(kernel_read_file); EXPORT_SYMBOL_GPL(kernel_read_file);
int kernel_read_file_from_path(const char *path, void **buf, int kernel_read_file_from_path(const char *path, void **buf,
size_t buf_size, enum kernel_read_file_id id) size_t buf_size, size_t *file_size,
enum kernel_read_file_id id)
{ {
struct file *file; struct file *file;
int ret; int ret;
@ -103,14 +109,14 @@ int kernel_read_file_from_path(const char *path, void **buf,
if (IS_ERR(file)) if (IS_ERR(file))
return PTR_ERR(file); return PTR_ERR(file);
ret = kernel_read_file(file, buf, buf_size, id); ret = kernel_read_file(file, buf, buf_size, file_size, id);
fput(file); fput(file);
return ret; return ret;
} }
EXPORT_SYMBOL_GPL(kernel_read_file_from_path); EXPORT_SYMBOL_GPL(kernel_read_file_from_path);
int kernel_read_file_from_path_initns(const char *path, void **buf, int kernel_read_file_from_path_initns(const char *path, void **buf,
size_t buf_size, size_t buf_size, size_t *file_size,
enum kernel_read_file_id id) enum kernel_read_file_id id)
{ {
struct file *file; struct file *file;
@ -129,13 +135,14 @@ int kernel_read_file_from_path_initns(const char *path, void **buf,
if (IS_ERR(file)) if (IS_ERR(file))
return PTR_ERR(file); return PTR_ERR(file);
ret = kernel_read_file(file, buf, buf_size, id); ret = kernel_read_file(file, buf, buf_size, file_size, id);
fput(file); fput(file);
return ret; return ret;
} }
EXPORT_SYMBOL_GPL(kernel_read_file_from_path_initns); EXPORT_SYMBOL_GPL(kernel_read_file_from_path_initns);
int kernel_read_file_from_fd(int fd, void **buf, size_t buf_size, int kernel_read_file_from_fd(int fd, void **buf, size_t buf_size,
size_t *file_size,
enum kernel_read_file_id id) enum kernel_read_file_id id)
{ {
struct fd f = fdget(fd); struct fd f = fdget(fd);
@ -144,7 +151,7 @@ int kernel_read_file_from_fd(int fd, void **buf, size_t buf_size,
if (!f.file) if (!f.file)
goto out; goto out;
ret = kernel_read_file(f.file, buf, buf_size, id); ret = kernel_read_file(f.file, buf, buf_size, file_size, id);
out: out:
fdput(f); fdput(f);
return ret; return ret;

View File

@ -37,15 +37,19 @@ static inline const char *kernel_read_file_id_str(enum kernel_read_file_id id)
int kernel_read_file(struct file *file, int kernel_read_file(struct file *file,
void **buf, size_t buf_size, void **buf, size_t buf_size,
size_t *file_size,
enum kernel_read_file_id id); enum kernel_read_file_id id);
int kernel_read_file_from_path(const char *path, int kernel_read_file_from_path(const char *path,
void **buf, size_t buf_size, void **buf, size_t buf_size,
size_t *file_size,
enum kernel_read_file_id id); enum kernel_read_file_id id);
int kernel_read_file_from_path_initns(const char *path, int kernel_read_file_from_path_initns(const char *path,
void **buf, size_t buf_size, void **buf, size_t buf_size,
size_t *file_size,
enum kernel_read_file_id id); enum kernel_read_file_id id);
int kernel_read_file_from_fd(int fd, int kernel_read_file_from_fd(int fd,
void **buf, size_t buf_size, void **buf, size_t buf_size,
size_t *file_size,
enum kernel_read_file_id id); enum kernel_read_file_id id);
#endif /* _LINUX_KERNEL_READ_FILE_H */ #endif /* _LINUX_KERNEL_READ_FILE_H */

View File

@ -222,7 +222,7 @@ kimage_file_prepare_segments(struct kimage *image, int kernel_fd, int initrd_fd,
void *ldata; void *ldata;
ret = kernel_read_file_from_fd(kernel_fd, &image->kernel_buf, ret = kernel_read_file_from_fd(kernel_fd, &image->kernel_buf,
INT_MAX, READING_KEXEC_IMAGE); INT_MAX, NULL, READING_KEXEC_IMAGE);
if (ret < 0) if (ret < 0)
return ret; return ret;
image->kernel_buf_len = ret; image->kernel_buf_len = ret;
@ -242,7 +242,7 @@ kimage_file_prepare_segments(struct kimage *image, int kernel_fd, int initrd_fd,
/* It is possible that there no initramfs is being loaded */ /* It is possible that there no initramfs is being loaded */
if (!(flags & KEXEC_FILE_NO_INITRAMFS)) { if (!(flags & KEXEC_FILE_NO_INITRAMFS)) {
ret = kernel_read_file_from_fd(initrd_fd, &image->initrd_buf, ret = kernel_read_file_from_fd(initrd_fd, &image->initrd_buf,
INT_MAX, INT_MAX, NULL,
READING_KEXEC_INITRAMFS); READING_KEXEC_INITRAMFS);
if (ret < 0) if (ret < 0)
goto out; goto out;

View File

@ -4048,7 +4048,7 @@ SYSCALL_DEFINE3(finit_module, int, fd, const char __user *, uargs, int, flags)
|MODULE_INIT_IGNORE_VERMAGIC)) |MODULE_INIT_IGNORE_VERMAGIC))
return -EINVAL; return -EINVAL;
err = kernel_read_file_from_fd(fd, &hdr, INT_MAX, err = kernel_read_file_from_fd(fd, &hdr, INT_MAX, NULL,
READING_MODULE); READING_MODULE);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -175,7 +175,7 @@ int __init integrity_load_x509(const unsigned int id, const char *path)
int rc; int rc;
key_perm_t perm; key_perm_t perm;
rc = kernel_read_file_from_path(path, &data, INT_MAX, rc = kernel_read_file_from_path(path, &data, INT_MAX, NULL,
READING_X509_CERTIFICATE); READING_X509_CERTIFICATE);
if (rc < 0) { if (rc < 0) {
pr_err("Unable to open file: %s (%d)", path, rc); pr_err("Unable to open file: %s (%d)", path, rc);

View File

@ -284,7 +284,7 @@ static ssize_t ima_read_policy(char *path)
datap = path; datap = path;
strsep(&datap, "\n"); strsep(&datap, "\n");
rc = kernel_read_file_from_path(path, &data, INT_MAX, READING_POLICY); rc = kernel_read_file_from_path(path, &data, INT_MAX, NULL, READING_POLICY);
if (rc < 0) { if (rc < 0) {
pr_err("Unable to open file: %s (%d)", path, rc); pr_err("Unable to open file: %s (%d)", path, rc);
return rc; return rc;