lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK7LNASDnB86Ds_dqBTxfHi=OfTXqu66U3v+4M_OEzKiK5Skdw@mail.gmail.com>
Date: Thu, 7 Nov 2024 17:12:57 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: Christoph Hellwig <hch@...radead.org>
Cc: Luis Chamberlain <mcgrof@...nel.org>, Peter Zijlstra <peterz@...radead.org>, x86@...nel.org, 
	hpa@...or.com, petr.pavlu@...e.com, samitolvanen@...gle.com, 
	da.gomez@...sung.com, nathan@...nel.org, nicolas@...sle.eu, 
	linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org, 
	linux-kbuild@...r.kernel.org, gregkh@...uxfoundation.org
Subject: Re: [RFC] module: Strict per-modname namespaces

On Thu, Nov 7, 2024 at 2:46 PM Christoph Hellwig <hch@...radead.org> wrote:
>
> On Wed, Nov 06, 2024 at 03:42:03PM -0800, Luis Chamberlain wrote:
> > > This allows exports targeted at specific modules and no others -- one
> > > random example included. I've hated the various kvm exports we've had
> > > for a while, and strictly limiting them to the kvm module helps
> > > alleviate some abuse potential.
> >
> > Yeah we also want:
> >
> > EXPORT_SYMBOL_NS_GPL(bdev_disk_changed, MODULE_loop);
> > EXPORT_SYMBOL_NS_GPL(bdev_disk_changed, MODULE_dasd_kmod);
> >
> > But we might as well have EXPORT_SYMBOL_GPL_FOR() with the implied
> > module list. We could then add just:
> >
> >
> > EXPORT_SYMBOL_GPL_FOR(bdev_disk_changed, loop);
> >
> > But it would be nice to just also support this as well:
> >
> > EXPORT_SYMBOL_GPL_FOR(bdev_disk_changed, loop, dasd_kmod);
>
> Parsing a variable length list in a single macro tends to be a bit
> of a pain, and I don't think there is much benefit.  Most of the cases
> should be exactly one module.  If we can cover the small uses of
> multiple uses with multiple exports I think its perfectly fine, and if
> we can't cover it at all I can probably live with that aswell.
>

Perhaps, the namespace argument can be a string.

EXPORT_SYMBOL_GPL_FOR(bdev_disk_changed, "loop,dasd_kmos");

If a symbol is intended for particular subsystem drivers,
maybe, we can support a wildcard.

/*
 * foo_register and foo_unregister can be used by
 * modules names "foo-*".
 */
EXPORT_SYMBOL_GPL_FOR(foo_register, "foo-*");
EXPORT_SYMBOL_GPL_FOR(foo_unregister, "foo-*");





Commit d143b9db8069f0e2a0fa34484e806a55a0dd4855
revealed a bare namespace string was a bad idea.

With EXPORT_SYMBOL_NS_GPL(dw_spi_resume_host, SPI_DW_CORE)
we do not know if "SPI_DW_CORE" is really a namespace string, or
replaced with another string by macro expansions.


With EXPORT_SYMBOL_NS_GPL(dw_spi_resume_host, "SPI_DW_CORE")
we clearly know  "SPI_DW_CORE" is a namespace string.


https://lore.kernel.org/lkml/Ymltn72chRkV4P83@kroah.com/T/



> > > EXPORT_SYMBOL_NS_GPL(dw_spi_resume_host, "SPI_DW_CORE")
> > >
> > >    is much much better than:
> > >
> > > EXPORT_SYMBOL_NS_GPL(dw_spi_resume_host, SPI_DW_CORE)



-- 
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ