Topi Miettinen 901cff7cb9 firmware_loader: load files from the mount namespace of init
I have an experimental setup where almost every possible system
service (even early startup ones) runs in separate namespace, using a
dedicated, minimal file system. In process of minimizing the contents
of the file systems with regards to modules and firmware files, I
noticed that in my system, the firmware files are loaded from three
different mount namespaces, those of systemd-udevd, init and
systemd-networkd. The logic of the source namespace is not very clear,
it seems to depend on the driver, but the namespace of the current
process is used.

So, this patch tries to make things a bit clearer and changes the
loading of firmware files only from the mount namespace of init. This
may also improve security, though I think that using firmware files as
attack vector could be too impractical anyway.

Later, it might make sense to make the mount namespace configurable,
for example with a new file in /proc/sys/kernel/firmware_config/. That
would allow a dedicated file system only for firmware files and those
need not be present anywhere else. This configurability would make
more sense if made also for kernel modules and /sbin/modprobe. Modules
are already loaded from init namespace (usermodehelper uses kthreadd
namespace) except when directly loaded by systemd-udevd.

Instead of using the mount namespace of the current process to load
firmware files, use the mount namespace of init process.

Link: https://lore.kernel.org/lkml/bb46ebae-4746-90d9-ec5b-fce4c9328c86@gmail.com/
Link: https://lore.kernel.org/lkml/0e3f7653-c59d-9341-9db2-c88f5b988c68@gmail.com/
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Link: https://lore.kernel.org/r/20200123125839.37168-1-toiwoton@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-02-10 15:39:28 -08:00

76 lines
1.7 KiB
Bash
Executable File

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
# This runs all known tests across all known possible configurations we could
# emulate in one run.
set -e
TEST_DIR=$(dirname $0)
source $TEST_DIR/fw_lib.sh
export HAS_FW_LOADER_USER_HELPER=""
export HAS_FW_LOADER_USER_HELPER_FALLBACK=""
export HAS_FW_LOADER_COMPRESS=""
run_tests()
{
proc_set_force_sysfs_fallback $1
proc_set_ignore_sysfs_fallback $2
$TEST_DIR/fw_filesystem.sh
proc_set_force_sysfs_fallback $1
proc_set_ignore_sysfs_fallback $2
$TEST_DIR/fw_fallback.sh
}
run_test_config_0001()
{
echo "-----------------------------------------------------"
echo "Running kernel configuration test 1 -- rare"
echo "Emulates:"
echo "CONFIG_FW_LOADER=y"
echo "CONFIG_FW_LOADER_USER_HELPER=n"
echo "CONFIG_FW_LOADER_USER_HELPER_FALLBACK=n"
run_tests 0 1
}
run_test_config_0002()
{
echo "-----------------------------------------------------"
echo "Running kernel configuration test 2 -- distro"
echo "Emulates:"
echo "CONFIG_FW_LOADER=y"
echo "CONFIG_FW_LOADER_USER_HELPER=y"
echo "CONFIG_FW_LOADER_USER_HELPER_FALLBACK=n"
proc_set_ignore_sysfs_fallback 0
run_tests 0 0
}
run_test_config_0003()
{
echo "-----------------------------------------------------"
echo "Running kernel configuration test 3 -- android"
echo "Emulates:"
echo "CONFIG_FW_LOADER=y"
echo "CONFIG_FW_LOADER_USER_HELPER=y"
echo "CONFIG_FW_LOADER_USER_HELPER_FALLBACK=y"
run_tests 1 0
}
check_mods
check_setup
echo "Running namespace test: "
$TEST_DIR/fw_namespace $DIR/trigger_request
echo "OK"
if [ -f $FW_FORCE_SYSFS_FALLBACK ]; then
run_test_config_0001
run_test_config_0002
run_test_config_0003
else
echo "Running basic kernel configuration, working with your config"
run_tests
fi