| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 03 Feb 2010 18:14:44 -0800 (PST) From: David Miller <davem@...emloft.net> To: kaber@...sh.net Cc: adobriyan@...il.com, netdev@...r.kernel.org, kuznet@....inr.ac.ru Subject: Re: [PATCH] netlink: fix for too early rmmod From: Patrick McHardy <kaber@...sh.net> Date: Tue, 02 Feb 2010 15:55:25 +0100 > Alexey Dobriyan wrote: >> Netlink code does module autoload if protocol userspace is asking for is >> not ready. However, module can dissapear right after it was autoloaded. >> Example: modprobe/rmmod stress-testing and xfrm_user.ko providing NETLINK_XFRM. >> >> netlink_create() in such situation _will_ create userspace socket and >> _will_not_ pin module. Now if module was removed and we're going to call >> ->netlink_rcv into nothing: >> >> BUG: unable to handle kernel paging request at ffffffffa02f842a >> ^^^^^^^^^^^^^^^^ >> modules are loaded near these addresses here >> >> ... >> >> If module was quickly removed after autoloading, return -E. >> >> Return -EPROTONOSUPPORT if module was quickly removed after autoloading. >> >> Signed-off-by: Alexey Dobriyan <adobriyan@...il.com> >> --- >> >> NOTE: due to commit 513c25000005257e5474f261bf27d4a3c1dff1e3 >> "[NETLINK]: Don't prevent creating sockets when no kernel socket is registered" >> error should probably be -ENOENT, but I have no idea what this >> pam-audit thing is. > > Quoting from the thread back then (couldn't find a public reference): > >> FC4 includes a pam-0.77-audit.patch which adds a pam module that >> uses libaudit to probe for audit availability. It calls audit_open >> and ignores connection refused but returns an pam error for all >> other errors. > > The current version of libaudit properly checks for EPROTONOSUPPORT, > but I don't know when this was fixed and whether we can assume the > broken code is not used anymore. In any event, the EPROTONOSUPPORT is being returned now in a case that has been OOPS'ing. So I think it's safe to apply Alexey's fix as-is, and that is what I have just done in net-2.6 :-) Thanks! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists