lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 25 Apr 2022 16:31:49 -0700
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     Aaron Tomlin <atomlin@...hat.com>
Cc:     cl@...ux.com, pmladek@...e.com, mbenes@...e.cz,
        christophe.leroy@...roup.eu, akpm@...ux-foundation.org,
        linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org,
        atomlin@...mlin.com, ghalat@...hat.com, oleksandr@...alenko.name,
        neelx@...hat.com
Subject: Re: [PATCH v4 0/2] module: Introduce module unload taint tracking

On Mon, Apr 25, 2022 at 10:08:39AM +0100, Aaron Tomlin wrote:
> Hi Luis,
> 
> This iteration is still based on the latest mcgrof/modules-next branch.
> 
> I have decided still to use RCU even though no entry is ever removed from
> the unloaded tainted modules list. That being said, if I understand
> correctly, it is not safe in some instances to use 'module_mutex' in
> print_modules().  So instead we disable preemption to ensure list traversal
> with concurrent list manipulation e.g. list_add_rcu(), is safe too.
> 
> Changes since v3 [1]
>  - Fixed kernel build error reported by kernel test robot i.e. moved
>    '#endif' outside 'if (!list_empty(&unloaded_tainted_modules))'
>    statement in the context of print_modules()
>  - Used strncmp() instead of memcmp()
>    (Oleksandr Natalenko)
>  - Removed the additional strlen()
>    (Christoph Lameter)
> 
> Changes since v2 [2]
>  - Dropped RFC from subject
>  - Removed the newline i.e. "\n" in printk()
>  - Always include the tainted module's unload count
>  - Unconditionally display each unloaded tainted module
> 
> Please let me know your thoughts.

This all looks good except with all the work you did to remove
#ifdef hell, it gets me wondering why not just use a new file for this?

What does that look like?

  Luis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ