lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 20 Dec 2017 23:13:33 -0600
From:   Dmitry Torokhov <dmitry.torokhov@...il.com>
To:     Casey Leedom <leedom@...lsio.com>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Eric Dumazet <eric.dumazet@...il.com>,
        Eric Dumazet <edumazet@...gle.com>,
        Tariq Toukan <tariqt@...lanox.com>,
        "David S . Miller" <davem@...emloft.net>,
        Komali Katari <komali@...lsio.com>,
        "Luis R. Rodriguez" <mcgrof@...nel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] kobject: fix suppressing modalias in uevents delivered
 over netlink

On Tue, Dec 19, 2017 at 3:20 PM, Casey Leedom <leedom@...lsio.com> wrote:
>   By the way, Komali went back and tried 4.14.7 and it does exhibit the
> issue which she originally reported.  As noted before, the origin of the new
> behavior was tracked down to kernel.org:1455cf8 ...  Also as noted, Dmitry's
> patch does not solve the problem.

OK, so there is 2 separate issues. First is that the "zapping" of
modaliases was broken by Eric's changes and we do need the patch above
to fix it so we do not end up with modules being essentially
not-unloadable on systems with old udev rules, as since trying to
unload module would result in unbinding from a device, and udev would
see unbind uevent and immediately reload the module in question. Greg,
can you please schedule my patch in for 4.15?

The 2nd issue is that Casey is seeing cxgb4vf driver being loaded.
This happens because vfio-pci driver binds to the device, which causes
KOBJ_BIND to get emitted, which causes all modules that match the PCI
device ID that was bound to load [again].

While we could fix the issue by putting another bandaid and zapping
the modalias on KOBJ_BIND as well, I am not sure we need to do that,
as I do not see a harm in having cxgb4vf module loaded. Rather than
patching the kernel I'd recommend Casey simply update the udev scripts
to only load module on KOBJ_ADD event:
https://github.com/systemd/systemd/commit/9b32afa9f241fe8febc0a754850f1e7331caf6e3#diff-0e123aabb4420b8b95088699179f3416

Thanks.

-- 
Dmitry

Powered by blists - more mailing lists