lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZZxyrFkTmrGneP0H@shell.armlinux.org.uk>
Date: Mon, 8 Jan 2024 22:09:48 +0000
From: "Russell King (Oracle)" <linux@...linux.org.uk>
To: Dimitri John Ledkov <dimitri.ledkov@...onical.com>
Cc: linux-kernel@...r.kernel.org
Subject: Re: [BUG] SHA-3 causes kmod 28 to segfault

On Mon, Jan 08, 2024 at 06:46:10PM +0000, Dimitri John Ledkov wrote:
> On Mon, 8 Jan 2024 at 18:30, Russell King (Oracle)
> <linux@...linux.org.uk> wrote:
> >
> > On Mon, Jan 08, 2024 at 06:14:17PM +0000, Dimitri John Ledkov wrote:
> > > Hi,
> > >
> > > On Mon, 8 Jan 2024 at 16:38, Russell King (Oracle)
> > > <linux@...linux.org.uk> wrote:
> > > >
> > > > Hi,
> > > >
> > > > When building 6.7 under Debian Oldstable with kmod 28, the installation
> > > > of modules fails during depmod with a SEGV.
> > > >
> > >
> > > What is your kernel configuration, and I hope you make config choices
> > > compatible with your target host OS.
> >
> > "target host OS" - that's a total misnomer. "host" is generally what
> > you're building under. "target" is generally what you're building _for_.
> > So I don't fully understand your comment. Maybe you meant "target _and_
> > host" ?
> 
> the kernel configuration you use, should target the operating system
> you are planning to use the given kernel on.

Thank you for stating the damn obvious. I've been developing Linux
kernels for 30 years, I think I know this.

> using bleeding edge kernel features, with an obsolete userspace often
> can have compatibility issues.

You're still not being clear. I wonder whether you understand the
terms "target" and "host".

> > > > Running under gdb:
> > > >
> > > > Program received signal SIGSEGV, Segmentation fault.
> > > > __strlen_sse2 () at ../sysdeps/x86_64/multiarch/strlen-vec.S:133
> > > >
> > > > I have no further information as I can't remember how to get the debug
> > > > info for packages under Debian - and even if I could, it's probably a
> > > > bug in the kmod package that Debian will have absolutely no interest in
> > > > fixing (based on previous experience reporting bugs to Debian.)
> > >
> > > For latest kernel and latest kernel features support in kmod, latest
> > > kmod is required. I.e. patched with
> > > https://github.com/kmod-project/kmod/commit/510c8b7f7455c6613dd1706e5e41ec7b09cf6703
> >
> > Would be nice if there was some documentation. Also, as kconfig provides
> > a mechanism to detect e.g. the version of tooling used to build the
> > kernel, it would've been nice to detect whether depmod was sufficiently
> > recent to support SHA3 and make the module signing SHA3 options depend
> > on that.
> >
> > Leaving this to a SEGV to indicate that something is wrong isn't user
> > friendly.
> >
> 
> There is no ability to detect runtime kmod at build time, given the
> two are usually often not the same.

Again, you CLEARLY don't understand the problem. I am *NOT* reporting
a problem on the target. I am reporting a problem on the *build*
*host*.

> Can you please provide your config?
> Can you please explain how you chose it?

No, because it's totally irrelevant to the problem I'm reporting.

What I'm reporting to you is that _IF_ you build a kernel with the
SHA3 modsigning options on a HOST that has kmod 28, then depmod
SEGVs when _INSTALLING_ the modules to a directory on the _HOST_.

This has *nothing* to do with the capabilities of the _TARGET_.
Whether the configuration matches the capabilities of the _TARGET_
is *totally* irrelevant at _this_ stage. In fact, with the _HOST_
depmod segfaulting, one can't complete the installation process
to even _think_ about transferring it to the _TARGET_.

So please, I'm not stupid - but right now I think you are, because
you clearly don't understand the difference between TARGET and HOST.

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 80Mbps down 10Mbps up. Decent connectivity at last!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ