lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20191024102424.GL11244@42.do-not-panic.com>
Date:   Thu, 24 Oct 2019 10:24:24 +0000
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     Matthias Maennich <maennich@...gle.com>
Cc:     linux-kernel@...r.kernel.org, kernel-team@...roid.com,
        Jessica Yu <jeyu@...nel.org>,
        Masahiro Yamada <yamada.masahiro@...ionext.com>,
        Martijn Coenen <maco@...roid.com>,
        Lucas De Marchi <lucas.de.marchi@...il.com>,
        Shaun Ruffell <sruffell@...ffell.net>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Will Deacon <will@...nel.org>, linux-kbuild@...r.kernel.org,
        linux-modules@...r.kernel.org
Subject: Re: [PATCH v2 0/4] export/modpost: avoid renaming __ksymtab entries
 for symbol namespaces

On Thu, Oct 24, 2019 at 10:35:46AM +0100, Matthias Maennich wrote:
> On Wed, Oct 23, 2019 at 12:22:22PM +0000, Luis Chamberlain wrote:
> > On Fri, Oct 18, 2019 at 10:31:39AM +0100, Matthias Maennich wrote:
> > > The introduction of the symbol namespace patches changed the way symbols are
> > > named in the ksymtab entries. That caused userland tools to fail (such as
> > > kmod's depmod). As depmod is used as part of the kernel build it was worth
> > > having another look whether this name change can be avoided.
> > 
> > Why have this as a default feature? What about having an option to
> > disable this feature? The benefit being that without a full swing of
> > tests to avoid regressions its not clear what other issues may creep
> > up. With this as optional, those wanting the mechanism can enable it
> > and happilly find the issues for those more conservative.
> 
> The strongest argument against that is, that the 'conservative' people
> would constantly break things for the more 'adventurous' ones. They
> would introduce namespace requirements by just using symbols without
> correctly adjusting the imports.
> 
> Second, vmlinux and modules would have to be compiled in the same
> configuration. Otherwise they are incompatible and we would likely have
> to maintain code in the module loader to catch issues caused by that.
> In general, I think for the adoption of this feature and one of its
> purposes - making unexpected use of symbols across the tree visible
> already at review time - we should not make this an optional one.
> Enforcing the imports at module load time is optional (there is an
> option).
> 
> And finally, having that code configurable for both options introduces
> quite some complexity in kernel/module.c, modpost and
> include/linux/export.h that would make the code hard to maintain and
> complex to test. Hence that would likely introduce more issues.
> 
> I know the feature came with some rough edges. Sorry about that. I
> think, we got most of them worked out pretty well (big thanks to
> Masahiro and Jessica and others helping with that). Now the actual
> change to the surface exposed to userland tools is much smaller and the
> feature itself less intrusive.

This logic makes sense, the complexity over module loading is already
high and supporting yet another division would be a burden for review
and maintenace.

However I'd feel much more inclined to support such decisions when and if
we had a series of test cases to prevent possible regressions. Since
effort with testing will move forward, I'm happy with the status quo.

  Luis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ