| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YbOJw4B4p7V+bfPU@bombadil.infradead.org>
Date: Fri, 10 Dec 2021 09:09:23 -0800
From: Luis Chamberlain <mcgrof@...nel.org>
To: Aaron Tomlin <atomlin@...hat.com>
Cc: Petr Mladek <pmladek@...e.com>, Christoph Lameter <cl@...ux.com>,
Miroslav Benes <mbenes@...e.cz>,
Andrew Morton <akpm@...ux-foundation.org>, jeyu@...nel.org,
linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org,
atomlin@...mlin.com, ghalat@...hat.com
Subject: Re: [RFC PATCH] module: Introduce module unload taint tracking
On Fri, Dec 10, 2021 at 04:09:31PM +0000, Aaron Tomlin wrote:
> On Fri 2021-12-10 11:00 +0100, Petr Mladek wrote:
> This is an interesting suggestion. Albeit, as per the subject, I prefer to
> just keep track of any module that tainted the kernel. That being said,
> Petr, if you'd prefer to track each module unload/or deletion event, then I
> would suggest for instance to remove a module once it has been reintroduced
> or maintain an unload count as suggested by Luis.
Come to think of this again, although at first it might be enticing to
keep track of module unloads (without taint), we have to ask ourselves
who would need / enable such a feature. And I think Aaron is right that
this might be better tracked in userspace.
The taint though, that seems critical due to the potential harm.
Maybe how many unloads one has done though, that might be useful
debugging information and does not create a huge overhead like a
pontential -ENOMEM.
Luis
Powered by blists - more mailing lists