lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87eh1jovj2.fsf@rustcorp.com.au>
Date:	Mon, 31 Mar 2014 14:43:21 +1030
From:	Rusty Russell <rusty@...tcorp.com.au>
To:	Takashi Iwai <tiwai@...e.de>
Cc:	Steven Rostedt <rostedt@...dmis.org>,
	Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
	linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	David Howells <dhowells@...hat.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Kay Sievers <kay.sievers@...y.org>
Subject: Re: [PATCH] Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE

Takashi Iwai <tiwai@...e.de> writes:
> At Thu, 13 Mar 2014 11:30:47 +1030,
> Rusty Russell wrote:
>> 
>> Steven Rostedt <rostedt@...dmis.org> writes:
>> > Mathieu, you should have added a v2 to the subject ie: [PATCH V2]
>> >
>> > Rusty,
>> >
>> > If you want to take this, please add my
>> > Acked-by: Steven Rostedt <rostedt@...dmis.org>
>> 
>> Thanks, I updated my copy and have pushed this into modules-next.
>
> The letter 'X' has been already used for SUSE kernels for very long
> time, to indicate the external supported modules.  Can the new flag be
> changed to another letter for avoiding conflict...?
> (BTW, we also use 'N' for "no support", too.)

Sure...  As I've already applied it, I've had to add this new patch:

Subject: Use 'E' instead of 'X' for unsigned module taint flag.

66cc69e34e86a231fbe68d8918c6119e3b7549a3 added 'X' for unsigned module
taints, but Takashi Iwai <tiwai@...e.de> says:

   The letter 'X' has been already used for SUSE kernels for very long
   time, to indicate the external supported modules.  Can the new flag be
   changed to another letter for avoiding conflict...?
   (BTW, we also use 'N' for "no support", too.)

Note: this code should be cleaned up, so we don't have such maps in
three places!

Signed-off-by: Rusty Russell <rusty@...tcorp.com.au>

diff --git a/Documentation/ABI/testing/sysfs-module b/Documentation/ABI/testing/sysfs-module
index b9a29cdbaccb..66a110b4c48a 100644
--- a/Documentation/ABI/testing/sysfs-module
+++ b/Documentation/ABI/testing/sysfs-module
@@ -49,4 +49,4 @@ Description:	Module taint flags:
 			O - out-of-tree module
 			F - force-loaded module
 			C - staging driver module
-			X - unsigned module
+			E - unsigned module
diff --git a/Documentation/module-signing.txt b/Documentation/module-signing.txt
index b6af42e4d790..db1c49e17aa2 100644
--- a/Documentation/module-signing.txt
+++ b/Documentation/module-signing.txt
@@ -54,7 +54,7 @@ This has a number of options available:
      If this is off (ie. "permissive"), then modules for which the key is not
      available and modules that are unsigned are permitted, but the kernel will
      be marked as being tainted, and the concerned modules will be marked as
-     tainted, shown with the character 'X'.
+     tainted, shown with the character 'E'.
 
      If this is on (ie. "restrictive"), only modules that have a valid
      signature that can be verified by a public key in the kernel's possession
diff --git a/Documentation/oops-tracing.txt b/Documentation/oops-tracing.txt
index 879abe289523..fa86b85d2821 100644
--- a/Documentation/oops-tracing.txt
+++ b/Documentation/oops-tracing.txt
@@ -265,7 +265,7 @@ characters, each representing a particular tainted value.
 
  13: 'O' if an externally-built ("out-of-tree") module has been loaded.
 
- 14: 'X' if an unsigned module has been loaded in a kernel supporting
+ 14: 'E' if an unsigned module has been loaded in a kernel supporting
      module signature.
 
 The primary reason for the 'Tainted: ' string is to tell kernel
diff --git a/kernel/module.c b/kernel/module.c
index c1acb0c5b637..6d620199b892 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1014,7 +1014,7 @@ static size_t module_flags_taint(struct module *mod, char *buf)
 	if (mod->taints & (1 << TAINT_CRAP))
 		buf[l++] = 'C';
 	if (mod->taints & (1 << TAINT_UNSIGNED_MODULE))
-		buf[l++] = 'X';
+		buf[l++] = 'E';
 	/*
 	 * TAINT_FORCED_RMMOD: could be added.
 	 * TAINT_UNSAFE_SMP, TAINT_MACHINE_CHECK, TAINT_BAD_PAGE don't
diff --git a/kernel/panic.c b/kernel/panic.c
index 0e25fe10871e..dbee7fe2a0c0 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -210,7 +210,7 @@ static const struct tnt tnts[] = {
 	{ TAINT_CRAP,			'C', ' ' },
 	{ TAINT_FIRMWARE_WORKAROUND,	'I', ' ' },
 	{ TAINT_OOT_MODULE,		'O', ' ' },
-	{ TAINT_UNSIGNED_MODULE,	'X', ' ' },
+	{ TAINT_UNSIGNED_MODULE,	'E', ' ' },
 };
 
 /**
@@ -229,7 +229,7 @@ static const struct tnt tnts[] = {
  *  'C' - modules from drivers/staging are loaded.
  *  'I' - Working around severe firmware bug.
  *  'O' - Out-of-tree module has been loaded.
- *  'X' - Unsigned module has been loaded.
+ *  'E' - Unsigned module has been loaded.
  *
  *	The string is overwritten by the next call to print_tainted().
  */
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ