lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Jul 2019 12:54:27 +0200 From: Philipp Rudo <prudo@...ux.ibm.com> To: Thiago Jung Bauermann <bauerman@...ux.ibm.com> Cc: Jessica Yu <jeyu@...nel.org>, linux-integrity@...r.kernel.org, linux-security-module@...r.kernel.org, keyrings@...r.kernel.org, linux-crypto@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org, Mimi Zohar <zohar@...ux.ibm.com>, Dmitry Kasatkin <dmitry.kasatkin@...il.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, David Howells <dhowells@...hat.com>, David Woodhouse <dwmw2@...radead.org>, Herbert Xu <herbert@...dor.apana.org.au>, "David S. Miller" <davem@...emloft.net>, Jonathan Corbet <corbet@....net>, "AKASHI\, Takahiro" <takahiro.akashi@...aro.org>, Heiko Carstens <heiko.carstens@...ibm.com>, linux-s390@...r.kernel.org Subject: Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions Hi Thiago, On Thu, 04 Jul 2019 03:42:57 -0300 Thiago Jung Bauermann <bauerman@...ux.ibm.com> wrote: > Jessica Yu <jeyu@...nel.org> writes: > > > +++ Thiago Jung Bauermann [27/06/19 23:19 -0300]: > >>IMA will use the module_signature format for append signatures, so export > >>the relevant definitions and factor out the code which verifies that the > >>appended signature trailer is valid. > >> > >>Also, create a CONFIG_MODULE_SIG_FORMAT option so that IMA can select it > >>and be able to use mod_check_sig() without having to depend on either > >>CONFIG_MODULE_SIG or CONFIG_MODULES. > >> > >>Signed-off-by: Thiago Jung Bauermann <bauerman@...ux.ibm.com> > >>Reviewed-by: Mimi Zohar <zohar@...ux.ibm.com> > >>Cc: Jessica Yu <jeyu@...nel.org> > >>--- > >> include/linux/module.h | 3 -- > >> include/linux/module_signature.h | 44 +++++++++++++++++++++++++ > >> init/Kconfig | 6 +++- > >> kernel/Makefile | 1 + > >> kernel/module.c | 1 + > >> kernel/module_signature.c | 46 ++++++++++++++++++++++++++ > >> kernel/module_signing.c | 56 +++++--------------------------- > >> scripts/Makefile | 2 +- > >> 8 files changed, 106 insertions(+), 53 deletions(-) > >> > >>diff --git a/include/linux/module.h b/include/linux/module.h > >>index 188998d3dca9..aa56f531cf1e 100644 > >>--- a/include/linux/module.h > >>+++ b/include/linux/module.h > >>@@ -25,9 +25,6 @@ > >> #include <linux/percpu.h> > >> #include <asm/module.h> > >> > >>-/* In stripped ARM and x86-64 modules, ~ is surprisingly rare. */ > >>-#define MODULE_SIG_STRING "~Module signature appended~\n" > >>- > > > > Hi Thiago, apologies for the delay. > > Hello Jessica, thanks for reviewing the patch! > > > It looks like arch/s390/kernel/machine_kexec_file.c also relies on > > MODULE_SIG_STRING being defined, so module_signature.h will need to be > > included there too, otherwise we'll run into a compilation error. > > Indeed. Thanks for spotting that. The patch below fixes it. It's > identical to the previous version except for the changes in > arch/s390/kernel/machine_kexec_file.c and their description in the > commit message. I'm also copying some s390 people in this email. to me the s390 part looks good but for one minor nit. In arch/s390/Kconfig KEXEC_VERIFY_SIG currently depends on SYSTEM_DATA_VERIFICATION. I'd prefer when you update this to the new MODULE_SIG_FORMAT. It shouldn't make any difference right now, as we don't use mod_check_sig in our code path. But it could cause problems in the future, when more code might be shared. Thanks Philipp > > Other than that, the module-related changes look good to me: > > > > Acked-by: Jessica Yu <jeyu@...nel.org> > > Thank you very much! >
Powered by blists - more mailing lists