lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YmgdUKmfym1/XnhP@bombadil.infradead.org>
Date:   Tue, 26 Apr 2022 09:26:56 -0700
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     Lecopzer Chen <lecopzer.chen@...iatek.com>, atomlin@...hat.com
Cc:     linux-kernel@...r.kernel.org,
        Matthias Brugger <matthias.bgg@...il.com>,
        linux-modules@...r.kernel.org, linux-mediatek@...ts.infradead.org,
        yj.chiang@...iatek.com
Subject: Re: [PATCH] module: show disallowed symbol name for inherit_taint()

Can you base your changes on modules-next [0] and resend and Cc
atomlin@...hat.com?

[0] https://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux.git/log/?h=modules-next

  Luis

On Tue, Apr 26, 2022 at 12:21:20PM +0800, Lecopzer Chen wrote:
> The error log for inherit_taint() doesn't really help to find the symbols
> which violate GPL rules.
> 
> For example,
> if a module has 50 disallowed symbols, the log only shows the content below
> and is duplicated with 50 lines.
>     AAA: module using GPL-only symbols uses symbols from proprietary module BBB.
>     AAA: module using GPL-only symbols uses symbols from proprietary module BBB.
>     ...
> 
> This patch add symbol name to tell the offending symbols explicitly.
> 
> To-be:
>     AAA: module using GPL-only symbols uses symbols SS1 from proprietary module BBB.
>     AAA: module using GPL-only symbols uses symbols SS2 from proprietary module BBB.
>     ...
> 
> Signed-off-by: Lecopzer Chen <lecopzer.chen@...iatek.com>
> ---
>  kernel/module.c | 12 ++++++------
>  1 file changed, 6 insertions(+), 6 deletions(-)
> 
> diff --git a/kernel/module.c b/kernel/module.c
> index 6cea788fd965..30973f0d2b7c 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -1372,20 +1372,20 @@ static int verify_namespace_is_imported(const struct load_info *info,
>  	return 0;
>  }
>  
> -static bool inherit_taint(struct module *mod, struct module *owner)
> +static bool inherit_taint(struct module *mod, struct module *owner, const char *name)
>  {
>  	if (!owner || !test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints))
>  		return true;
>  
>  	if (mod->using_gplonly_symbols) {
> -		pr_err("%s: module using GPL-only symbols uses symbols from proprietary module %s.\n",
> -			mod->name, owner->name);
> +		pr_err("%s: module using GPL-only symbols uses symbols %s from proprietary module %s.\n",
> +			mod->name, name, owner->name);
>  		return false;
>  	}
>  
>  	if (!test_bit(TAINT_PROPRIETARY_MODULE, &mod->taints)) {
> -		pr_warn("%s: module uses symbols from proprietary module %s, inheriting taint.\n",
> -			mod->name, owner->name);
> +		pr_warn("%s: module uses symbols %s from proprietary module %s, inheriting taint.\n",
> +			mod->name, name, owner->name);
>  		set_bit(TAINT_PROPRIETARY_MODULE, &mod->taints);
>  	}
>  	return true;
> @@ -1417,7 +1417,7 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
>  	if (fsa.license == GPL_ONLY)
>  		mod->using_gplonly_symbols = true;
>  
> -	if (!inherit_taint(mod, fsa.owner)) {
> +	if (!inherit_taint(mod, fsa.owner, name)) {
>  		fsa.sym = NULL;
>  		goto getname;
>  	}
> -- 
> 2.18.0
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ