| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Dec 2016 08:55:51 +0100
From: Stanislav Kozina <skozina@...hat.com>
To: Nicholas Piggin <npiggin@...il.com>,
Don Zickus <dzickus@...hat.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Ben Hutchings <ben@...adent.org.uk>,
Michal Marek <mmarek@...e.com>,
Adam Borowski <kilobyte@...band.pl>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
Debian kernel maintainers <debian-kernel@...ts.debian.org>,
"linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
Arnd Bergmann <arnd@...db.de>, Ingo Molnar <mingo@...nel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] x86/kbuild: enable modversions for symbols exported from
asm
>> The question is how to provide a similar guarantee if a different way?
> As a tool to aid distro reviewers, modversions has some value, but the
> debug info parsing tools that have been mentioned in this thread seem
> superior (not that I've tested them).
On the other hand the big advantage of modversions is that it also
verifies the checksum during runtime (module loading). In other words, I
believe that any other solution should still generate some form of
checksum/watermark which can be easily checked for compatibility on
module load.
It should not be hard to add to the DWARF based tools though. We'd just
parse DWARF data instead of the C code.
Regards,
-Stanislav
Powered by blists - more mailing lists