lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160426185122.GA2979@f1.synalogic.ca>
Date:	Tue, 26 Apr 2016 11:51:22 -0700
From:	Benjamin Poirier <bpoirier@...e.com>
To:	Steven Rostedt <rostedt@...dmis.org>
Cc:	Michal Marek <mmarek@...e.cz>, joeyli <jlee@...e.com>,
	"Yann E . MORIN " <yann.morin.1998@...e.fr>,
	linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] localmodconfig: Reset certificate paths

On 2016/04/26 10:02, Steven Rostedt wrote:
> On Sat,  2 Apr 2016 10:55:22 -0700
> Benjamin Poirier <bpoirier@...e.com> wrote:
> 
> > When using `make localmodconfig` and friends, if the input config comes
> > from a kernel that was built in a different environment (for example, the
> > canonical case of using localmodconfig to trim a distribution kernel
> > config) the key files for module signature checking will not be available
> > and should be regenerated or omitted. Otherwise, the user will be faced
> > with annoying errors when trying to build with the generated .config:
> > 
> > make[1]: *** No rule to make target 'keyring.crt', needed by 'certs/x509_certificate_list'.  Stop.
> > Makefile:1576: recipe for target 'certs/' failed
> > 
> > Signed-off-by: Benjamin Poirier <bpoirier@...e.com>
> > ---
> >  scripts/kconfig/streamline_config.pl | 34 ++++++++++++++++++++++++++++++++++
> >  1 file changed, 34 insertions(+)
> > 
> > diff --git a/scripts/kconfig/streamline_config.pl b/scripts/kconfig/streamline_config.pl
> > index 7036ae3..514735d 100755
> > --- a/scripts/kconfig/streamline_config.pl
> > +++ b/scripts/kconfig/streamline_config.pl
> > @@ -610,6 +610,40 @@ foreach my $line (@config_file) {
> >  	next;
> >      }
> >  
> > +    if (/CONFIG_MODULE_SIG_KEY="(.+)"/) {
> > +        my $orig_cert = $1;
> > +        my $default_cert = "certs/signing_key.pem";
> > +
> > +        # Check that the logic in this script still matches the one in Kconfig
> > +        if (!defined($depends{"MODULE_SIG_KEY"}) ||
> > +            $depends{"MODULE_SIG_KEY"} !~ /"\Q$default_cert\E"/) {
> > +            die "Assertion failure, update needed";
> 
> Instead of dieing here, what about just going back to the current
> behavior, and ignore the sig keys?

I was concerned that the warning may go unnoticed but I think you're right. It
is the same kind of concern between a BUG() or a WARN_ON(). In this case it
certainly is possible to keep going and ignore the certificate check, as you
suggest.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ