lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200513152108.25669-1-mcgrof@kernel.org>
Date:   Wed, 13 May 2020 15:21:05 +0000
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     viro@...iv.linux.org.uk, gregkh@...uxfoundation.org,
        rafael@...nel.org, ebiederm@...ssion.com, jeyu@...nel.org,
        jmorris@...ei.org, keescook@...omium.org, paul@...l-moore.com,
        stephen.smalley.work@...il.com, eparis@...isplace.org,
        nayna@...ux.ibm.com, zohar@...ux.ibm.com
Cc:     scott.branden@...adcom.com, dan.carpenter@...cle.com,
        skhan@...uxfoundation.org, geert@...ux-m68k.org,
        tglx@...utronix.de, bauerman@...ux.ibm.com, dhowells@...hat.com,
        linux-integrity@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        kexec@...ts.infradead.org, linux-security-module@...r.kernel.org,
        selinux@...r.kernel.org, linux-kernel@...r.kernel.org,
        Luis Chamberlain <mcgrof@...nel.org>
Subject: [PATCH 0/3] fs: reduce export usage of kerne_read*() calls

While reviewing Scott Branden's submission of the new Broadcom VK driver
driver upstream [0], part of which included 4 new pread varaints of the
existing kernel_read*(), calls I grew shivers of the possibility of drivers
using these exported symbols loosely. If we're going to grow these, it
seems best to restrict the symbols to a namespace so drivers and
subsystem maintainers don't use these carelessly.

This should also help with making it easier to audit future locations in
the kernel such read calls happen by just looking at the imports of the
namespace.

This goes compile tested with allyesconfig and allmodconfig on x86_64.
0-day should have a report on build status with other configs later of
my branch [1].

[0] https://lkml.kernel.org/r/20200508002739.19360-1-scott.branden@broadcom.com
[1] https://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux-next.git/log/?h=20200513-kernel-read-sym

Luis Chamberlain (3):
  fs: unexport kernel_read_file()
  security: add symbol namespace for reading file data
  fs: move kernel_read*() calls to its own symbol namespace

 drivers/base/firmware_loader/fallback.c | 1 +
 drivers/base/firmware_loader/main.c     | 1 +
 fs/exec.c                               | 9 +++++----
 kernel/kexec.c                          | 2 ++
 kernel/kexec_file.c                     | 2 ++
 kernel/module.c                         | 3 +++
 security/integrity/digsig.c             | 3 +++
 security/integrity/ima/ima_fs.c         | 3 +++
 security/integrity/ima/ima_main.c       | 2 ++
 security/loadpin/loadpin.c              | 2 ++
 security/security.c                     | 8 +++++---
 security/selinux/hooks.c                | 2 ++
 12 files changed, 31 insertions(+), 7 deletions(-)

-- 
2.26.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ