lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <YYWxSlB1CNhhjUTQ@bombadil.infradead.org>
Date:   Fri, 5 Nov 2021 15:33:46 -0700
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     Jessica Yu <jeyu@...nel.org>, mcgrof@...nel.org,
        linux-kernel@...r.kernel.org
Subject: [GIT PULL] Modules updates for v5.16-rc1

Hi Linus,

As requested by Jessica, I'm stepping in to help with modules
maintenance. This is my my first pull request, so if there are any
issues with it please let me know so I can fix things for the next
time around to make it even smoother for you.

Nothing exciting here, except a warning enhancement and a fix for
insanely large modules.

Thank you,

  Luis

The following changes since commit 7fd982f394c42f25a73fe9dfbf1e6b11fa26b40a:

  module: change to print useful messages from elf_validity_check() (2021-11-05 15:13:10 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux.git/ tags/modules-5.16-rc1

for you to fetch changes up to 7fd982f394c42f25a73fe9dfbf1e6b11fa26b40a:

  module: change to print useful messages from elf_validity_check() (2021-11-05 15:13:10 -0700)

----------------------------------------------------------------
modules patches for 5.16-rc1

As requested by Jessica I'm stepping in to help with modules
maintenance. This is my first pull request to you.

I've collected only two patches for modules for the 5.16-rc1 merge
window. These patches are from Shuah Khan as she debugged some corner
case error with modules. The error messages are improved for
elf_validity_check(). While doing this work a corner case fix was
spotted on validate_section_offset() due to a possible overflow bug
on 64-bit. The impact of this fix is low given this just limits
module section headers placed within the 32-bit boundary, and we
obviously don't have insane module sizes. Even if a specially crafted
module is constructed later checks would invalidate the module right
away.

I've let this sit through 0-day testing since October 15th with no
issues found.

Signed-off-by: Luis Chamberlain <mcgrof@...nel.org>

----------------------------------------------------------------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ