lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <eaaac6df-6deb-46e7-3020-83a97221d1f8@fb.com>
Date:   Mon, 5 Mar 2018 19:02:12 -0800
From:   Alexei Starovoitov <ast@...com>
To:     Randy Dunlap <rdunlap@...radead.org>,
        Alexei Starovoitov <ast@...nel.org>, <davem@...emloft.net>
CC:     <daniel@...earbox.net>, <torvalds@...ux-foundation.org>,
        <gregkh@...uxfoundation.org>, <mcgrof@...nel.org>,
        <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <kernel-team@...com>, <linux-api@...r.kernel.org>
Subject: Re: [PATCH net-next] modules: allow modprobe load regular elf
 binaries

On 3/5/18 6:13 PM, Randy Dunlap wrote:
> Hi,
>
> On 03/05/2018 05:34 PM, Alexei Starovoitov wrote:
>
>> diff --git a/kernel/module.c b/kernel/module.c
>> index ad2d420024f6..6cfa35795741 100644
>> --- a/kernel/module.c
>> +++ b/kernel/module.c
>
>> @@ -3669,6 +3683,17 @@ static int load_module(struct load_info *info, const char __user *uargs,
>>  	if (err)
>>  		goto free_copy;
>>
>> +	if (info->hdr->e_type == ET_EXEC) {
>> +#ifdef CONFIG_MODULE_SIG
>> +		if (!info->sig_ok) {
>> +			pr_notice_once("umh %s verification failed: signature and/or required key missing - tainting kernel\n",
>
> That's not a very friendly message to tell a user.  "umh" eh?

umh is an abbreviation known to kernel newbies:
https://kernelnewbies.org/KernelProjects/usermode-helper-enhancements

The rest of the message is copy paste of existing one.

>> +				       info->file->f_path.dentry->d_name.name);
>> +			add_taint(TAINT_UNSIGNED_MODULE, LOCKDEP_STILL_OK);
>> +		}
>
> And since the signature failed, why is it being loaded at all?

because this is how regular kernel modules deal with it.
sig_enforce is handled earlier.

> Is this in the "--force" load path?

--force forces modver and modmagic. These things don't apply here.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ