lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <94bf84a7-13a3-4701-807e-fc0f10d4dc88@suse.com>
Date: Mon, 16 Dec 2024 17:43:38 +0100
From: Petr Pavlu <petr.pavlu@...e.com>
To: masahiroy@...nel.org
Cc: Peter Zijlstra <peterz@...radead.org>, mcgrof@...nel.org, x86@...nel.org,
 hpa@...or.com, petr.pavlu@...e.com, samitolvanen@...gle.com,
 da.gomez@...sung.com, nathan@...nel.org, nicolas@...sle.eu,
 linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org,
 linux-kbuild@...r.kernel.org, hch@...radead.org, gregkh@...uxfoundation.org
Subject: Re: [PATCH -v2 0/7] module: Strict per-modname namespaces

On 12/2/24 15:59, Peter Zijlstra wrote:
> Hi!
> 
> Implement a means for exports to be available only to an explicit list of named
> modules. By explicitly limiting the usage of certain exports, the abuse
> potential/risk is greatly reduced.
> 
> The first 'patch' is an awk scripts that cleans up the existing module
> namespace code along the same lines of commit 33def8498fdd ("treewide: Convert
> macro and uses of __section(foo) to __section("foo")") and for the same reason,
> it is not desired for the namespace argument to be a macro expansion itself.
> 
> The remainder of the patches introduce the special "MODULE_<modname-list>"
> namespace, which shall be forbidden from being explicitly imported. A module
> that matches the simple modname-list will get an implicit import.

@Masahiro, I'd like to take this on the modules tree for 6.14. Can I get
an Acked-by you for the changes?

-- 
Thanks,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ