Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 13752fe2d7f2d41c2fd92a5d1b1c6e38c4de0c05
commit13752fe2d7f2d41c2fd92a5d1b1c6e38c4de0c05[log] [tgz]
authorKees Cook <keescook@chromium.org>Tue Feb 25 10:28:04 2014 -0800
committerKees Cook <keescook@chromium.org>Fri Jul 25 11:47:45 2014 -0700
treeee922f8fbd1dd96c0aee0fd6274d94271f55217c
parent7d8b6c63751cfbbe5eef81a48c22978b3407a3ad [diff]
security: introduce kernel_fw_from_file hook

In order to validate the contents of firmware being loaded, there must be
a hook to evaluate any loaded firmware that wasn't built into the kernel
itself. Without this, there is a risk that a root user could load malicious
firmware designed to mount an attack against kernel memory (e.g. via DMA).

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Takashi Iwai <tiwai@suse.de>
3 files changed
tree: ee922f8fbd1dd96c0aee0fd6274d94271f55217c
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS