| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241115172843.jqdhggfgotl2vtuz@4VRSMR2-DT.corp.robot.car> Date: Fri, 15 Nov 2024 09:28:43 -0800 From: Russ Weight <russ.weight@...ux.dev> To: Tom Lendacky <thomas.lendacky@....com> Cc: Dan Williams <dan.j.williams@...el.com>, Dionna Glaze <dionnaglaze@...gle.com>, linux-kernel@...r.kernel.org, x86@...nel.org, Luis Chamberlain <mcgrof@...nel.org>, Danilo Krummrich <dakr@...hat.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, "Rafael J. Wysocki" <rafael@...nel.org>, Tianfei zhang <tianfei.zhang@...el.com>, linux-coco@...ts.linux.dev, Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, Ashish Kalra <ashish.kalra@....com>, John Allen <john.allen@....com>, Herbert Xu <herbert@...dor.apana.org.au>, "David S. Miller" <davem@...emloft.net>, Michael Roth <michael.roth@....com>, Alexey Kardashevskiy <aik@....com>, Russ Weight <russell.h.weight@...el.com> Subject: Re: [PATCH v6 3/8] firmware_loader: Move module refcounts to allow unloading On Thu, Nov 14, 2024 at 01:30:16PM -0600, Tom Lendacky wrote: > On 11/14/24 12:17, Dan Williams wrote: > > Russ Weight wrote: > > [..] > >> Clearly this would be an unexpected/unusual case. Someone with root > >> access would have to remove the device driver. I'm not sure how much > >> effort should be expended in preventing it - but this is the reasoning > >> behind the incrementing/decrementing of the module reference counts. > > > > The module reference needs to be held only if the producer of those > > symbols can be removed without triggering some coordinated removal with > > action consumer. A driver that fails to call > > firmware_upload_unregister() in its module removal path is simply a driver > > with a memory-leak and use-after-free bug, not something the firmware > > upload core needs to worry about. > > > > So, the prevention mechanism is "thou shalt use > > firmware_upload_unregister() correctly", and when that is in place > > explicit module references are not only redundant, but trying to > > implement them causes circular dependency loops. Thanks for the explanation. Makes total sense to me. I agree that the module reference counts can/should be removed. - Russ > > I believe that is how other similar services, like debugfs, work, the > module is responsible for cleaning up. > > Thanks, > Tom
Powered by blists - more mailing lists