From: sashiko-bot@kernel.org
To: "Thomas Weißschuh" <linux@weissschuh.net>
Cc: bpf@vger.kernel.org
Subject: Re: [PATCH v5 07/14] module: Make module authentication usable without MODULE_SIG
Date: Tue, 05 May 2026 09:40:08 +0000 [thread overview]
Message-ID: <20260505094008.8F0EFC2BCB4@smtp.kernel.org> (raw)
In-Reply-To: <20260505-module-hashes-v5-7-e174a5a49fce@weissschuh.net>
Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [Low] Misleading error message for generic authentication failures.
--
commit bd4ac969635e030618b66220b18c93b8a3a287e1
Author: Thomas Weißschuh <linux@weissschuh.net>
Subject: module: Make module authentication usable without MODULE_SIG
This commit splits module authentication functionality out from
CONFIG_MODULE_SIG into a more generic CONFIG_MODULE_AUTH. This change makes
the authentication functionality usable by both signature-based and the
upcoming hash-based module authentication.
> diff --git a/kernel/module/main.c b/kernel/module/main.c
> index 17a352198016a..cd8a74df117e7 100644
> --- a/kernel/module/main.c
> +++ b/kernel/module/main.c
> @@ -2601,10 +2601,10 @@ static void module_augment_kernel_taints(struct module *mod, struct load_info *i
> mod->name);
> add_taint_module(mod, TAINT_TEST, LOCKDEP_STILL_OK);
> }
> -#ifdef CONFIG_MODULE_SIG
> - mod->sig_ok = info->sig_ok;
> - if (!mod->sig_ok) {
> - pr_notice_once("%s: module verification failed: signature "
> +#ifdef CONFIG_MODULE_AUTH
> + mod->auth_ok = info->auth_ok;
> + if (!mod->auth_ok) {
> + pr_notice_once("%s: module authentication failed: signature "
> "and/or required key missing - tainting "
> "kernel\n", mod->name);
Since this infrastructure is being generalized to support hash-based
authentication, will this error message be misleading for modules that fail
hash verification where no PKCS7 signature or key is involved?
Could this be updated to reflect a more generic authentication failure?
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260505-module-hashes-v5-0-e174a5a49fce@weissschuh.net?part=7
next prev parent reply other threads:[~2026-05-05 9:40 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-05 9:05 [PATCH v5 00/14] module: Introduce hash-based integrity checking Thomas Weißschuh
2026-05-05 9:05 ` [PATCH v5 01/14] kbuild: generate module BTF based on vmlinux.unstripped Thomas Weißschuh
2026-05-05 9:05 ` [PATCH v5 02/14] lockdown: Make the relationship to MODULE_SIG a dependency Thomas Weißschuh
2026-05-05 9:32 ` sashiko-bot
2026-05-05 12:27 ` Nicolas Bouchinet
2026-05-05 9:05 ` [PATCH v5 03/14] kbuild: rename the strip_relocs command Thomas Weißschuh
2026-05-05 9:05 ` [PATCH v5 04/14] module: Drop pointless debugging message Thomas Weißschuh
2026-05-05 9:05 ` [PATCH v5 05/14] module: Make mod_verify_sig() static Thomas Weißschuh
2026-05-05 9:05 ` [PATCH v5 06/14] module: Switch load_info::len to size_t Thomas Weißschuh
2026-05-26 9:47 ` Petr Pavlu
2026-05-26 11:35 ` Thomas Weißschuh
2026-05-05 9:05 ` [PATCH v5 07/14] module: Make module authentication usable without MODULE_SIG Thomas Weißschuh
2026-05-05 9:40 ` sashiko-bot [this message]
2026-05-26 10:53 ` Petr Pavlu
2026-05-26 11:38 ` Thomas Weißschuh
2026-05-26 12:27 ` kpcyrd
2026-05-05 9:05 ` [PATCH v5 08/14] module: Move authentication logic into dedicated new file Thomas Weißschuh
2026-05-26 11:58 ` Petr Pavlu
2026-05-05 9:05 ` [PATCH v5 09/14] module: Move signature type check out of mod_check_sig() Thomas Weißschuh
2026-05-26 13:03 ` Petr Pavlu
2026-05-05 9:05 ` [PATCH v5 10/14] module: Prepare for additional module authentication mechanisms Thomas Weißschuh
2026-05-26 13:14 ` Petr Pavlu
2026-05-05 9:05 ` [PATCH v5 11/14] module: update timestamp of modules.order after modules are built Thomas Weißschuh
2026-05-05 9:41 ` sashiko-bot
2026-05-05 9:05 ` [PATCH v5 12/14] module: Introduce hash-based integrity checking Thomas Weißschuh
2026-05-05 9:49 ` sashiko-bot
2026-05-05 9:05 ` [PATCH v5 13/14] kbuild: move handling of module stripping to Makefile.lib Thomas Weißschuh
2026-05-05 9:35 ` sashiko-bot
2026-05-05 9:05 ` [PATCH v5 14/14] kbuild: make CONFIG_MODULE_HASHES compatible with module stripping Thomas Weißschuh
2026-05-05 10:04 ` sashiko-bot
2026-05-18 21:55 ` [PATCH v5 00/14] module: Introduce hash-based integrity checking Sami Tolvanen
2026-05-19 18:19 ` Thomas Weißschuh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260505094008.8F0EFC2BCB4@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=linux@weissschuh.net \
--cc=sashiko@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.