| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aM1frYteFpv1zVr7@google.com> Date: Fri, 19 Sep 2025 13:50:37 +0000 From: Adrian Barnaś <abarnas@...gle.com> To: Ard Biesheuvel <ardb@...nel.org> Cc: linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, Catalin Marinas <catalin.marinas@....com>, Will Deacon <will@...nel.org>, Dylan Hatch <dylanbhatch@...gle.com>, Mark Rutland <mark.rutland@....com> Subject: Re: [PATCH 0/2] arm64: modules: Reject loading of malformed modules On Fri, Sep 19, 2025 at 03:17:29PM +0200, Ard Biesheuvel wrote: >Hello Adrian, > >On Fri, 19 Sept 2025 at 14:23, Adrian Barnaś <abarnas@...gle.com> wrote: >> >> Hi, >> >> Here are a couple of patches to reject the loading of malformed modules >> on arm64 when the SCS patching is only partially applied or we detect >> an alternative callback function used in the module text. >> >> The SCS issue is largely theoretical. The code currently performs >> a "dry-run" (which we remove), and leave module code as-is if failed. >> However the latter issue was reported to crash the kernel at [1]. >> > >Why are you fixing this largely theoretical issue along with the >callback alternatives patching? The referenced thread only talks about >the latter, right? Hello Ard, You are right that the reference thread is only about the alternative callback issue in modules. We found the potential SCS issue while fixing this. Proposed resolutions are symmetrical. That's why it is in a single patch set. If you find it incorrect I can split it into two separate patches. Thanks, Adrian
Powered by blists - more mailing lists