| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140226151322.5632c6d3@gandalf.local.home> Date: Wed, 26 Feb 2014 15:13:22 -0500 From: Steven Rostedt <rostedt@...dmis.org> To: Rusty Russell <rusty@...tcorp.com.au> Cc: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Ingo Molnar <mingo@...nel.org>, linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, David Howells <dhowells@...hat.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: Re: [RFC PATCH] Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE On Wed, 26 Feb 2014 13:23:56 +1030 Rusty Russell <rusty@...tcorp.com.au> wrote: > > The one that I replied to. I can't pull the module patch unless I get > > an ack from Rusty. > > Ah, I applied it in my tree. Happy for you to take it though; here's > the variant with an Acked-by from me instead of Signed-off-by if you > want it: > > === > From: Mathieu Desnoyers <mathieu.desnoyers@...icios.com> > Subject: Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE > > Users have reported being unable to trace non-signed modules loaded > within a kernel supporting module signature. > > This is caused by tracepoint.c:tracepoint_module_coming() refusing to > take into account tracepoints sitting within force-loaded modules > (TAINT_FORCED_MODULE). The reason for this check, in the first place, is > that a force-loaded module may have a struct module incompatible with > the layout expected by the kernel, and can thus cause a kernel crash > upon forced load of that module on a kernel with CONFIG_TRACEPOINTS=y. > > Tracepoints, however, specifically accept TAINT_OOT_MODULE and > TAINT_CRAP, since those modules do not lead to the "very likely system > crash" issue cited above for force-loaded modules. > > With kernels having CONFIG_MODULE_SIG=y (signed modules), a non-signed > module is tainted re-using the TAINT_FORCED_MODULE taint flag. > Unfortunately, this means that Tracepoints treat that module as a > force-loaded module, and thus silently refuse to consider any tracepoint > within this module. > > Since an unsigned module does not fit within the "very likely system > crash" category of tainting, add a new TAINT_UNSIGNED_MODULE taint flag > to specifically address this taint behavior, and accept those modules > within Tracepoints. This flag is assigned to the letter 'N', since all > the more obvious ones (e.g. 'S') were already taken. > > Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@...icios.com> > Nacked-by: Ingo Molnar <mingo@...nel.org> > CC: Steven Rostedt <rostedt@...dmis.org> > CC: Thomas Gleixner <tglx@...utronix.de> > CC: David Howells <dhowells@...hat.com> > CC: Greg Kroah-Hartman <gregkh@...uxfoundation.org> > Acked-by: Rusty Russell <rusty@...tcorp.com.au> There's another version of this as Mathieu pointed out. You can take it. I hate to be the committer of a patch with Ingo's Nack ;-) -- Steve -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists