| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Apr 2022 15:57:57 +0100
From: Aaron Tomlin <atomlin@...hat.com>
To: Oleksandr Natalenko <oleksandr@...alenko.name>
Cc: mcgrof@...nel.org, cl@...ux.com, pmladek@...e.com, mbenes@...e.cz,
christophe.leroy@...roup.eu, akpm@...ux-foundation.org,
linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org,
atomlin@...mlin.com, ghalat@...hat.com, neelx@...hat.com
Subject: Re: [PATCH v3 2/2] module: Introduce module unload taint tracking
On Thu 2022-04-21 16:28 +0200, Oleksandr Natalenko wrote:
> Hello.
Hi Oleksandr,
> Thanks for this submission. Please see one comment inline.
Thanks for your feedback!
> > @@ -150,6 +160,41 @@ int unregister_module_notifier(struct notifier_block *nb)
> > }
> > EXPORT_SYMBOL(unregister_module_notifier);
> >
> > +#ifdef CONFIG_MODULE_UNLOAD_TAINT_TRACKING
> > +static int try_add_tainted_module(struct module *mod)
> > +{
> > + struct mod_unload_taint *mod_taint;
> > +
> > + module_assert_mutex_or_preempt();
> > +
> > + list_for_each_entry_rcu(mod_taint, &unloaded_tainted_modules, list,
> > + lockdep_is_held(&module_mutex)) {
> > + size_t len = strlen(mod_taint->name);
> > +
> > + if (len == strlen(mod->name) && !memcmp(mod_taint->name, mod->name, len) &&
>
> Here, two strings are compared, so I'd expect to see `strncmp()` instead of `memcmp()`.
Good point. There are other examples of this throughout
kernel/module/main.c; albeit, I will use strncmp() here.
Kind regards,
--
Aaron Tomlin
Powered by blists - more mailing lists