lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <13201196.eooFfVZZkZ@vostro.rjw.lan>
Date:	Mon, 21 Jan 2013 01:46:31 +0100
From:	"Rafael J. Wysocki" <rjw@...k.pl>
To:	Rusty Russell <rusty@...tcorp.com.au>
Cc:	Dave Jones <davej@...hat.com>, Josh Boyer <jwboyer@...hat.com>,
	"Frank Ch. Eigler" <fche@...hat.com>, dhowells@...hat.com,
	linux-kernel@...r.kernel.org, peterz@...radead.org,
	mingo@...hat.com, Len Brown <lenb@...nel.org>,
	linux-acpi@...r.kernel.org
Subject: Re: [PATCH] MODSIGN: Add TAINT_NOKEY_MODULE

On Monday, January 21, 2013 10:30:22 AM Rusty Russell wrote:
> Dave Jones <davej@...hat.com> writes:
> > On Thu, Jan 17, 2013 at 11:27:27AM +1030, Rusty Russell wrote:
> >  
> >  > taint: add explicit flag to show whether lock dep is still OK.
> >  > 
> >  > Fix up all callers as they were before, with make one change: an
> >  > unsigned module taints the kernel, but doesn't turn off lockdep.
> >  > 
> >  > Signed-off-by: Rusty Russell <rusty@...tcorp.com.au>
> >  
> > This made my brain itch a little until I got to the bottom of the
> > patch and saw the new definition of add_taint.  Perhaps instead of
> > false/true, we have LOCKDEP_LIVES/LOCKDEP_DIES or similar defines
> > to make it clearer what's actually happening without having to
> > go read the function ?
> 
> The reason I didn't do that is because it's theoretically more than
> lockdep: it's anything which relies on kernel integrity.
> 
> Then I got the true/false thing mixed up myself, so I think you're right
> :)
> 
> BTW, ACPI people: those TAINT_OVERRIDDEN_ACPI_TABLE taints were
> disabling lockdep: is that overzealous?

I think so, although it's quite difficult to say what the intention was at
this point.

Thanks,
Rafael


-- 
I speak only for myself.
Rafael J. Wysocki, Intel Open Source Technology Center.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ