| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 May 2018 11:08:27 +0200
From: Jessica Yu <jeyu@...nel.org>
To: David Howells <dhowells@...hat.com>
Cc: linux-kernel@...r.kernel.org, Jessica Yu <jeyu@...nel.org>
Subject: [PATCH 0/3] lockdown/module: make module name available for module_sig_check()
Hi David,
The changes here involve cleaning up load_module() (patches 1 and 2) in
preparation for patch 3. The general idea is to do some preliminary module
section parsing and set up load info convenience variables earlier so that
we could log the module name during the module signature verification check
if it fails. Right now the module name is not logged if signature
verification fails, and it would be helpful to know which module failed
loading.
Currently, all patches are based on the lockdown tree:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=lockdown
But my plan is probably to take patches 1 and 2 through the modules-next
tree as they are generic cleanups, but I wanted to give you a heads up for
patch 3, which should probably be taken through the lockdown tree.
Thanks!
Jessica
---
Jessica Yu (3):
module: make it clear when we're handling the module copy in info->hdr
module: setup load info before module_sig_check()
modsign: print module name along with error message
kernel/module.c | 105 ++++++++++++++++++++++++++++++--------------------------
1 file changed, 57 insertions(+), 48 deletions(-)
--
2.16.3
Powered by blists - more mailing lists