| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2023090719-virtuous-snowflake-d015@gregkh>
Date: Thu, 7 Sep 2023 10:30:50 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Stefan Lippers-Hollmann <s.l-h@....de>
Cc: stable@...r.kernel.org, patches@...ts.linux.dev,
Christoph Hellwig <hch@....de>,
Luis Chamberlain <mcgrof@...nel.org>,
Mauro Carvalho Chehab <mchehab@...nel.org>,
linux-media@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 6.5 11/34] modules: only allow symbol_get of
EXPORT_SYMBOL_GPL modules
On Thu, Sep 07, 2023 at 08:41:35AM +0200, Stefan Lippers-Hollmann wrote:
> Hi
>
> On 2023-09-04, Greg Kroah-Hartman wrote:
> > 6.5-stable review patch. If anyone has any objections, please let me know.
> >
> > ------------------
> >
> > From: Christoph Hellwig <hch@....de>
> >
> > commit 9011e49d54dcc7653ebb8a1e05b5badb5ecfa9f9 upstream.
> >
> > It has recently come to my attention that nvidia is circumventing the
> > protection added in 262e6ae7081d ("modules: inherit
> > TAINT_PROPRIETARY_MODULE") by importing exports from their proprietary
> > modules into an allegedly GPL licensed module and then rexporting them.
> >
> > Given that symbol_get was only ever intended for tightly cooperating
> > modules using very internal symbols it is logical to restrict it to
> > being used on EXPORT_SYMBOL_GPL and prevent nvidia from costly DMCA
> > Circumvention of Access Controls law suites.
> >
> > All symbols except for four used through symbol_get were already exported
> > as EXPORT_SYMBOL_GPL, and the remaining four ones were switched over in
> > the preparation patches.
>
> This patch, as part of v6.5.2, breaks the in-kernel ds3000 module
> (for a TeVii s480 v2 DVB-S2 card, which is a PCIe card attaching two
> onboard TeVii s660 cards via an onboard USB2 controller (MCS9990),
> https://www.linuxtv.org/wiki/index.php/TeVii_S480) from loading.
This is also broken in Linus's tree, right?
> [ 2.896589] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
> [ 2.901085] failing symbol_get of non-GPLONLY symbol ds3000_attach.
> [ 2.901089] DVB: Unable to find symbol ds3000_attach()
This is odd, where is that call coming from? I don't see any call to
symbol_get in the dvb code, where is this happening?
Anyway, does the patch below fix this?
thanks,
greg k-h
----------------
diff --git a/drivers/media/dvb-frontends/ds3000.c b/drivers/media/dvb-frontends/ds3000.c
index 20fcf31af165..515aa7c7baf2 100644
--- a/drivers/media/dvb-frontends/ds3000.c
+++ b/drivers/media/dvb-frontends/ds3000.c
@@ -859,7 +859,7 @@ struct dvb_frontend *ds3000_attach(const struct ds3000_config *config,
ds3000_set_voltage(&state->frontend, SEC_VOLTAGE_OFF);
return &state->frontend;
}
-EXPORT_SYMBOL(ds3000_attach);
+EXPORT_SYMBOL_GPL(ds3000_attach);
static int ds3000_set_carrier_offset(struct dvb_frontend *fe,
s32 carrier_offset_khz)
Powered by blists - more mailing lists