lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Jun 2022 20:35:13 +0100
From:   Aaron Tomlin <atomlin@...hat.com>
To:     Saravana Kannan <saravanak@...gle.com>
Cc:     Luis Chamberlain <mcgrof@...nel.org>,
        Christophe Leroy <christophe.leroy@...roup.eu>, cl@...ux.com,
        mbenes@...e.cz, akpm@...ux-foundation.org, jeyu@...nel.org,
        linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org,
        void@...ifault.com, atomlin@...mlin.com, allen.lkml@...il.com,
        joe@...ches.com, msuchanek@...e.de, oleksandr@...alenko.name,
        jason.wessel@...driver.com, pmladek@...e.com,
        daniel.thompson@...aro.org, hch@...radead.org,
        kernel-team@...roid.com
Subject: Re: [PATCH v1] module: Fix prefix for module.sig_enforce module param

On Wed 2022-06-01 20:56 -0700, Saravana Kannan wrote:
> Commit cfc1d277891e ("module: Move all into module/") changed the prefix
> of the module param by moving/renaming files. A later commit also moves
> the module_param() into a different file, thereby changing the prefix
> yet again.
> 
> This would break kernel cmdline compatibility and also userspace
> compatibility at /sys/module/module/parameters/sig_enforce.
> 
> So, set the prefix back to "module.".
> 
> Cc: Aaron Tomlin <atomlin@...hat.com>
> Cc: mcgrof@...nel.org
> Cc: christophe.leroy@...roup.eu
> Cc: cl@...ux.com
> Cc: mbenes@...e.cz
> Cc: akpm@...ux-foundation.org
> Cc: jeyu@...nel.org
> Cc: linux-kernel@...r.kernel.org
> Cc: linux-modules@...r.kernel.org
> Cc: void@...ifault.com
> Cc: atomlin@...mlin.com
> Cc: allen.lkml@...il.com
> Cc: joe@...ches.com
> Cc: msuchanek@...e.de
> Cc: oleksandr@...alenko.name
> Cc: jason.wessel@...driver.com
> Cc: pmladek@...e.com
> Cc: daniel.thompson@...aro.org
> Cc: hch@...radead.org
> Fixes: cfc1d277891e ("module: Move all into module/")
> Signed-off-by: Saravana Kannan <saravanak@...gle.com>
> ---
> Sending this patch in case my analysis in [1] was right.
> 
> [1] - https://lore.kernel.org/lkml/20220602034111.4163292-1-saravanak@google.com/
> 
> -Saravana
> 
>  kernel/module/signing.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/kernel/module/signing.c b/kernel/module/signing.c
> index 85c8999dfecf..6b0672e4417b 100644
> --- a/kernel/module/signing.c
> +++ b/kernel/module/signing.c
> @@ -16,6 +16,11 @@
>  #include <uapi/linux/module.h>
>  #include "internal.h"
>  
> +#ifdef MODULE_PARAM_PREFIX
> +#undef MODULE_PARAM_PREFIX
> +#endif
> +#define MODULE_PARAM_PREFIX "module."
> +
>  static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
>  module_param(sig_enforce, bool_enable_only, 0644);
>  
> -- 
> 2.36.1.255.ge46751e96f-goog
> 

Oops! Thanks Saravana.

Reviewed-by: Aaron Tomlin <atomlin@...hat.com>

-- 
Aaron Tomlin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ