lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Thu, 27 Jun 2013 11:48:04 -0700
From:	Doug Anderson <dianders@...omium.org>
To:	linux-kernel@...r.kernel.org
Cc:	Mike Frysinger <vapier@...too.org>,
	Olof Johansson <olof@...om.net>,
	Doug Anderson <dianders@...omium.org>,
	Michal Marek <mmarek@...e.cz>, linux-kbuild@...r.kernel.org
Subject: [PATCH] kbuild: Avoid race generating / using MODLIB

The $(MODLIB) variable is recursively expanded and is:
  $(INSTALL_MOD_PATH)/lib/modules/$(KERNELRELEASE)

The $(KERNELRELEASE) variable is also recursively expanded:
  $(shell cat include/config/kernel.release 2> /dev/null)

The file being read is a generated by the Makefile itself.  When the
file is generated it is removed and then recreated.  This leaves a
period of time when the file doesn't exist.  If we happen to use
$(MODLIB) during this time then we'll end up with a bad value.

This is fairly easy for me to reproduce by:
* Add a "sleep 2" between the 'rm -f $@' and the 'echo' in the rule
  to build 'include/config/kernel.release'
* make -j32 ARCH=arm CROSS_COMPILE=armv7a-cros-linux-gnueabi- \
  zImage dtbs modules
* make -j32 ARCH=arm CROSS_COMPILE=armv7a-cros-linux-gnueabi- \
  INSTALL_PATH=foo INSTALL_MOD_PATH=foomod \
  install firmware_install modules_install

Without trying to rethink the whole KERNELRELEASE variable, the simple
fix is to just add a dependency.

Signed-off-by: Doug Anderson <dianders@...omium.org>
---
 Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 0142c93..9cf2b24 100644
--- a/Makefile
+++ b/Makefile
@@ -964,7 +964,7 @@ PHONY += modules_install
 modules_install: _modinst_ _modinst_post
 
 PHONY += _modinst_
-_modinst_:
+_modinst_: include/config/kernel.release
 	@rm -rf $(MODLIB)/kernel
 	@rm -f $(MODLIB)/source
 	@mkdir -p $(MODLIB)/kernel
@@ -1232,7 +1232,7 @@ modules_install: _emodinst_ _emodinst_post
 
 install-dir := $(if $(INSTALL_MOD_DIR),$(INSTALL_MOD_DIR),extra)
 PHONY += _emodinst_
-_emodinst_:
+_emodinst_: include/config/kernel.release
 	$(Q)mkdir -p $(MODLIB)/$(install-dir)
 	$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modinst
 
-- 
1.8.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ