| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 May 2008 14:55:02 +1000 From: Rusty Russell <rusty@...tcorp.com.au> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: linux-kernel@...r.kernel.org, Jon Masters <jonathan@...masters.org>, Sam Ravnborg <sam@...nborg.org> Subject: Re: changeset: Make forced module loading optional Linus's recent commit said: > The kernel module loader used to be much too happy to allow loading of > modules for the wrong kernel version by default. For example, if you > had MODVERSIONS enabled, but tried to load a module with no version > info, it would happily load it and taint the kernel - whether it was > likely to actually work or not! ... > Especially as it happened to me by mistake (ie regular unversioned Fedora > modules getting loaded) causing lots of strange behavior. Hi Linus, I'm trying to figure out how you did this. So fedora builds unversioned modules, and version (and vermagic) matched your kernel? And you somehow mixed them up? I don't think relying on modversions is the complete answer here. Perhaps we should make modules_install blow away old modules? Cheers, Rusty. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists