lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1686ea9d-ad36-4a2d-9427-70cd74e64300@t-8ch.de>
Date: Tue, 4 Feb 2025 22:08:23 +0100
From: Thomas Weißschuh <linux@...ssschuh.net>
To: Christian Heusel <christian@...sel.eu>
Cc: Masahiro Yamada <masahiroy@...nel.org>, 
	Nathan Chancellor <nathan@...nel.org>, Nicolas Schier <nicolas@...sle.eu>, 
	Arnd Bergmann <arnd@...db.de>, Luis Chamberlain <mcgrof@...nel.org>, 
	Petr Pavlu <petr.pavlu@...e.com>, Sami Tolvanen <samitolvanen@...gle.com>, 
	Daniel Gomez <da.gomez@...sung.com>, Paul Moore <paul@...l-moore.com>, 
	James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, 
	Jonathan Corbet <corbet@....net>, Fabian Grünbichler <f.gruenbichler@...xmox.com>, 
	Arnout Engelen <arnout@...t.net>, Mattia Rizzolo <mattia@...reri.org>, 
	kpcyrd <kpcyrd@...hlinux.org>, linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org, 
	linux-arch@...r.kernel.org, linux-modules@...r.kernel.org, 
	linux-security-module@...r.kernel.org, linux-doc@...r.kernel.org, linux-integrity@...r.kernel.org
Subject: Re: [PATCH v2 0/6] module: Introduce hash-based integrity checking

On 2025-02-03 14:14:41+0100, Christian Heusel wrote:
> Hey Thomas,
> 
> On 25/01/20 06:44PM, Thomas Weißschuh wrote:
> > Thomas Weißschuh (6):
> >       kbuild: add stamp file for vmlinux BTF data
> >       module: Make module loading policy usable without MODULE_SIG
> >       module: Move integrity checks into dedicated function
> >       module: Move lockdown check into generic module loader
> >       lockdown: Make the relationship to MODULE_SIG a dependency
> >       module: Introduce hash-based integrity checking
> 
> thanks for working on this!
> 
> I had a look at this patch series together with kpcyrd over the weekend
> and we were able to verify that this indeed allows one to get a
> reproducible kernel image with the toolchain on Arch Linux (if the patch
> you mentioned in your cover letter is also applied), which is of course
> great news! :)

Great!
FYI the BTF patch shouldn't be necessary anymore with pahole 1.29.

> We also found a major issues with it, as adding it on top of the v6.13
> kernel and setting the needed config options while removing modules
> signatures made the kernel unable to load any module while also not
> printing any error for the failure, therefore resulting in an early boot
> failure on my machine.
> 
> Do you have any clue what could be going wrong here or what we could
> investigate? I have pushed my build config into [this repository][0] and
> also uploaded a prebuilt version (signed with my packager key)
> [here][1] (you can therefore just install it via "sudo pacman -U
> <link>").

I would guess the issue is the usage of INSTALL_MOD_STRIP.

What are the contents of .tmp_module_hashes.c ?
Do they match the hashes from the build directory and package?
You can also enable CONFIG_MODULE_DEBUG and '#define DEBUG' in
kernel/module/hashes.c

> Happy to test more stuff, feel free to CC me on any further revision /
> thread on this!

Will do!

> Cheers,
> Christian
> 
> [0]: https://gitlab.archlinux.org/gromit/linux-mainline-repro-test
> [1]: https://pkgbuild.com/~gromit/linux-bisection-kernels/linux-mainline-6.13-1.2-x86_64.pkg.tar.zst

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ