lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <s5hfvly3gdc.wl%tiwai@suse.de>
Date:	Mon, 31 Mar 2014 10:46:23 +0200
From:	Takashi Iwai <tiwai@...e.de>
To:	Rusty Russell <rusty@...tcorp.com.au>
Cc:	Steven Rostedt <rostedt@...dmis.org>,
	Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
	linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	David Howells <dhowells@...hat.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Kay Sievers <kay.sievers@...y.org>
Subject: Re: [PATCH] Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE

At Mon, 31 Mar 2014 14:43:21 +1030,
Rusty Russell wrote:
> 
> Takashi Iwai <tiwai@...e.de> writes:
> > At Thu, 13 Mar 2014 11:30:47 +1030,
> > Rusty Russell wrote:
> >> 
> >> Steven Rostedt <rostedt@...dmis.org> writes:
> >> > Mathieu, you should have added a v2 to the subject ie: [PATCH V2]
> >> >
> >> > Rusty,
> >> >
> >> > If you want to take this, please add my
> >> > Acked-by: Steven Rostedt <rostedt@...dmis.org>
> >> 
> >> Thanks, I updated my copy and have pushed this into modules-next.
> >
> > The letter 'X' has been already used for SUSE kernels for very long
> > time, to indicate the external supported modules.  Can the new flag be
> > changed to another letter for avoiding conflict...?
> > (BTW, we also use 'N' for "no support", too.)
> 
> Sure...  As I've already applied it, I've had to add this new patch:
> 
> Subject: Use 'E' instead of 'X' for unsigned module taint flag.
> 
> 66cc69e34e86a231fbe68d8918c6119e3b7549a3 added 'X' for unsigned module
> taints, but Takashi Iwai <tiwai@...e.de> says:
> 
>    The letter 'X' has been already used for SUSE kernels for very long
>    time, to indicate the external supported modules.  Can the new flag be
>    changed to another letter for avoiding conflict...?
>    (BTW, we also use 'N' for "no support", too.)
> 
> Note: this code should be cleaned up, so we don't have such maps in
> three places!
> 
> Signed-off-by: Rusty Russell <rusty@...tcorp.com.au>

Thanks Rusty, much appreciated!

In case it's worthy:
	Reviewed-by: Takashi Iwai <tiwai@...e.de>


Takashi

> 
> diff --git a/Documentation/ABI/testing/sysfs-module b/Documentation/ABI/testing/sysfs-module
> index b9a29cdbaccb..66a110b4c48a 100644
> --- a/Documentation/ABI/testing/sysfs-module
> +++ b/Documentation/ABI/testing/sysfs-module
> @@ -49,4 +49,4 @@ Description:	Module taint flags:
>  			O - out-of-tree module
>  			F - force-loaded module
>  			C - staging driver module
> -			X - unsigned module
> +			E - unsigned module
> diff --git a/Documentation/module-signing.txt b/Documentation/module-signing.txt
> index b6af42e4d790..db1c49e17aa2 100644
> --- a/Documentation/module-signing.txt
> +++ b/Documentation/module-signing.txt
> @@ -54,7 +54,7 @@ This has a number of options available:
>       If this is off (ie. "permissive"), then modules for which the key is not
>       available and modules that are unsigned are permitted, but the kernel will
>       be marked as being tainted, and the concerned modules will be marked as
> -     tainted, shown with the character 'X'.
> +     tainted, shown with the character 'E'.
>  
>       If this is on (ie. "restrictive"), only modules that have a valid
>       signature that can be verified by a public key in the kernel's possession
> diff --git a/Documentation/oops-tracing.txt b/Documentation/oops-tracing.txt
> index 879abe289523..fa86b85d2821 100644
> --- a/Documentation/oops-tracing.txt
> +++ b/Documentation/oops-tracing.txt
> @@ -265,7 +265,7 @@ characters, each representing a particular tainted value.
>  
>   13: 'O' if an externally-built ("out-of-tree") module has been loaded.
>  
> - 14: 'X' if an unsigned module has been loaded in a kernel supporting
> + 14: 'E' if an unsigned module has been loaded in a kernel supporting
>       module signature.
>  
>  The primary reason for the 'Tainted: ' string is to tell kernel
> diff --git a/kernel/module.c b/kernel/module.c
> index c1acb0c5b637..6d620199b892 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -1014,7 +1014,7 @@ static size_t module_flags_taint(struct module *mod, char *buf)
>  	if (mod->taints & (1 << TAINT_CRAP))
>  		buf[l++] = 'C';
>  	if (mod->taints & (1 << TAINT_UNSIGNED_MODULE))
> -		buf[l++] = 'X';
> +		buf[l++] = 'E';
>  	/*
>  	 * TAINT_FORCED_RMMOD: could be added.
>  	 * TAINT_UNSAFE_SMP, TAINT_MACHINE_CHECK, TAINT_BAD_PAGE don't
> diff --git a/kernel/panic.c b/kernel/panic.c
> index 0e25fe10871e..dbee7fe2a0c0 100644
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -210,7 +210,7 @@ static const struct tnt tnts[] = {
>  	{ TAINT_CRAP,			'C', ' ' },
>  	{ TAINT_FIRMWARE_WORKAROUND,	'I', ' ' },
>  	{ TAINT_OOT_MODULE,		'O', ' ' },
> -	{ TAINT_UNSIGNED_MODULE,	'X', ' ' },
> +	{ TAINT_UNSIGNED_MODULE,	'E', ' ' },
>  };
>  
>  /**
> @@ -229,7 +229,7 @@ static const struct tnt tnts[] = {
>   *  'C' - modules from drivers/staging are loaded.
>   *  'I' - Working around severe firmware bug.
>   *  'O' - Out-of-tree module has been loaded.
> - *  'X' - Unsigned module has been loaded.
> + *  'E' - Unsigned module has been loaded.
>   *
>   *	The string is overwritten by the next call to print_tainted().
>   */
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ