lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Thu, 9 Nov 2017 11:10:43 -0800
From:   Randy Dunlap <>
To:     LKML <>,
        Linus Torvalds <>
Cc:     Andrew Morton <>,
        Sam Ravnborg <>,
        Mark Brown <>,
        Paul Burton <>,
        Greg Kroah-Hartman <>
Subject: modules with no license taint kernel, but build does not catch them


We have a few modules in the kernel which do not have a MODULE_LICENSE() tag,
so that when they are loaded they taint the kernel.  I reported one yesterday:

snd_soc_pcm512x_spi: module license 'unspecified' taints kernel.

and now I see that drivers/auxdisplay/img-ascii-lcd.c is the same way.

I have a patch to add MODULE_LICENSE() to img-ascii-lcd.c, but is that all
that we want to do?

The build system once detected these missing licenses, but in 2008, Sam made
a patch:

commit 2fa365682943866baf85305ef701741fe41b27e0
Author: Sam Ravnborg <>
Date:   Sat Apr 26 21:07:26 2008 +0200

    kbuild: soften MODULE_LICENSE check

    Only modules that has other MODULE_* content
    shall have the MODULE_LICENSE() tag.

    This fixes allmodconfig build on my box.

so that these modules pass an allmodconfig build. I don't think that this is
the right thing to do [just to pass allmodconfig, then taint the kernel when the
module load is attempted], so I would revert that patch.

Loading img_ascii_lcd.ko gives these errors:

[ 4776.990790] img_ascii_lcd: Unknown symbol regmap_write (err 0)
[ 4776.990808] img_ascii_lcd: Unknown symbol devm_kmalloc (err 0)
[ 4776.990823] img_ascii_lcd: Unknown symbol of_property_read_variable_u32_array (err 0)
[ 4776.990836] img_ascii_lcd: Unknown symbol platform_driver_unregister (err 0)
[ 4776.990852] img_ascii_lcd: Unknown symbol device_create_file (err 0)
[ 4776.990865] img_ascii_lcd: Unknown symbol devm_kfree (err 0)
[ 4776.990879] img_ascii_lcd: Unknown symbol platform_get_resource (err 0)
[ 4776.990893] img_ascii_lcd: Unknown symbol syscon_node_to_regmap (err 0)
[ 4776.990911] img_ascii_lcd: Unknown symbol __platform_driver_register (err 0)
[ 4776.990925] img_ascii_lcd: Unknown symbol regmap_read (err 0)
[ 4776.990940] img_ascii_lcd: Unknown symbol device_remove_file (err 0)

"err 0" isn't very meaningful unless you realize that these are all EXPORT_SYMBOL_GPL()
symbols, so kernel/module.c is preventing this module (and snd_soc_pcm512x_spi)
from using GPL symbols since they do not have a GPL-compatible license (which is good,
just easily confusing).


Powered by blists - more mailing lists