lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <b35737df-01ed-46a2-ae67-e56547d6c824@suse.com>
Date: Wed, 5 Feb 2025 11:14:33 +0100
From: Petr Pavlu <petr.pavlu@...e.com>
To: masahiroy@...nel.org
Cc: Peter Zijlstra <peterz@...radead.org>, mcgrof@...nel.org, x86@...nel.org,
 hpa@...or.com, samitolvanen@...gle.com, da.gomez@...sung.com,
 nathan@...nel.org, nicolas@...sle.eu, linux-kernel@...r.kernel.org,
 linux-modules@...r.kernel.org, linux-kbuild@...r.kernel.org,
 hch@...radead.org, gregkh@...uxfoundation.org
Subject: Re: [PATCH -v2 0/7] module: Strict per-modname namespaces

On 12/16/24 17:43, Petr Pavlu wrote:
> On 12/2/24 15:59, Peter Zijlstra wrote:
>> Hi!
>>
>> Implement a means for exports to be available only to an explicit list of named
>> modules. By explicitly limiting the usage of certain exports, the abuse
>> potential/risk is greatly reduced.
>>
>> The first 'patch' is an awk scripts that cleans up the existing module
>> namespace code along the same lines of commit 33def8498fdd ("treewide: Convert
>> macro and uses of __section(foo) to __section("foo")") and for the same reason,
>> it is not desired for the namespace argument to be a macro expansion itself.
>>
>> The remainder of the patches introduce the special "MODULE_<modname-list>"
>> namespace, which shall be forbidden from being explicitly imported. A module
>> that matches the simple modname-list will get an implicit import.
> 
> @Masahiro, I'd like to take this on the modules tree for 6.14. Can I get
> an Acked-by you for the changes?

Ping, this still applies mostly cleanly. I plan to take the series on
modules-next, or let me know if you prefer for this to go through the
kbuild tree.

-- 
Thanks,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ