tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge tag 'driver-core-5.18-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

Pull driver core fixes from Greg KH:
"Here is one fix, and three documentation updates for 5.18-rc7.

The fix is for the firmware loader which resolves a long-reported
problem where the credentials of the firmware loader could be set to a
userspace process without enough permissions to actually load the
firmware image. Many Android vendors have been reporting this for
quite some time.

The documentation updates are for the embargoed-hardware-issues.rst
file to add a new entry, change an existing one, and sort the list to
make changes easier in the future.

All of these have been in linux-next for a while with no reported
issues"

* tag 'driver-core-5.18-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
Documentation/process: Update ARM contact for embargoed hardware issues
Documentation/process: Add embargoed HW contact for Ampere Computing
Documentation/process: Make groups alphabetical and use tabs consistently
firmware_loader: use kernel credentials when reading firmware

Linus Torvalds 0cdd776e 5becde60

options
unified split
Changed files
+21 -3
Documentation
process
embargoed-hardware-issues.rst
drivers
base
firmware_loader
main.c
+4 -3
Documentation/process/embargoed-hardware-issues.rst
··· 244 244 an involved disclosed party. The current ambassadors list: 245 245 246 246 ============= ======================================================== 247 - ARM Grant Likely <grant.likely@arm.com> 248 247 AMD Tom Lendacky <tom.lendacky@amd.com> 249 - IBM Z Christian Borntraeger <borntraeger@de.ibm.com> 250 - IBM Power Anton Blanchard <anton@linux.ibm.com> 248 + Ampere Darren Hart <darren@os.amperecomputing.com> 249 + ARM Catalin Marinas <catalin.marinas@arm.com> 250 + IBM Power Anton Blanchard <anton@linux.ibm.com> 251 + IBM Z Christian Borntraeger <borntraeger@de.ibm.com> 251 252 Intel Tony Luck <tony.luck@intel.com> 252 253 Qualcomm Trilok Soni <tsoni@codeaurora.org> 253 254
+17
drivers/base/firmware_loader/main.c
··· 735 735 size_t offset, u32 opt_flags) 736 736 { 737 737 struct firmware *fw = NULL; 738 + struct cred *kern_cred = NULL; 739 + const struct cred *old_cred; 738 740 bool nondirect = false; 739 741 int ret; 740 742 ··· 752 750 offset, opt_flags); 753 751 if (ret <= 0) /* error or already assigned */ 754 752 goto out; 753 + 754 + /* 755 + * We are about to try to access the firmware file. Because we may have been 756 + * called by a driver when serving an unrelated request from userland, we use 757 + * the kernel credentials to read the file. 758 + */ 759 + kern_cred = prepare_kernel_cred(NULL); 760 + if (!kern_cred) { 761 + ret = -ENOMEM; 762 + goto out; 763 + } 764 + old_cred = override_creds(kern_cred); 755 765 756 766 ret = fw_get_filesystem_firmware(device, fw->priv, "", NULL); 757 767 ··· 789 775 opt_flags, ret); 790 776 } else 791 777 ret = assign_fw(fw, device); 778 + 779 + revert_creds(old_cred); 780 + put_cred(kern_cred); 792 781 793 782 out: 794 783 if (ret < 0) {