Re: [RFC] modpost: add option to allow external modules to avoid taint

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Rusty Russell <rusty@rustcorp.com.au>
To: Ben Hutchings <ben@decadent.org.uk>
Cc: "John W. Linville" <linville@tuxdriver.com>,
	"Luis R. Rodriguez" <mcgrof@frijolero.org>,
	linux-kernel@vger.kernel.org, Dave Jones <davej@redhat.com>,
	Greg KH <greg@kroah.com>,
	Debian kernel maintainers <debian-kernel@lists.debian.org>,
	linux-wireless@vger.kernel.org
Subject: Re: [RFC] modpost: add option to allow external modules to avoid taint
Date: Mon, 19 Dec 2011 16:15:45 +1030	[thread overview]
Message-ID: <87k45tnmgm.fsf@rustcorp.com.au> (raw)
In-Reply-To: <1324010389.2825.265.camel@deadeye>

On Fri, 16 Dec 2011 04:39:49 +0000, Ben Hutchings <ben@decadent.org.uk> wrote:
Non-text part: multipart/signed
> On Fri, 2011-12-16 at 14:26 +1030, Rusty Russell wrote:
> > On Wed, 14 Dec 2011 11:20:03 -0500, "John W. Linville" <linville@tuxdriver.com> wrote:
> > We really want to indicate "out-of-support" which is only a 1:1
> > mapping to out-of-tree for upstream kernels.
> 
> Who are 'we' in this instance?

Whoever turns this flag on.  I was using friendly, inclusive language :)

> > How does Debian handle this?
> 
> All the modules in Debian's kernel binary packages are built in-tree.
> Backported modules are patched in as necessary.
> 
> Debian includes many packages of OOT modules, but those are supported by
> their respective maintainers and not the kernel team.  So for the kernel
> team, the 'O' flag does not mean 'unsupported' but may indicate that
> another maintainer should handle the bug (or it may also be irrelevant
> to the bug).

So, in your case, the kernel team want to know what's outside their
support, so this flag works well for you.

As John pointed out, it's a bit useless for them.  We could enable it
with a config option, or they could ignore it, since they're going to
module-signing route anyway.

> > Perhaps it makes more sense to use the proposed module signing stuff in
> > a simplified mode to mark built-with-kernel modules (eg. just put the
> > sha of known modules inside the kernel).
> 
> Unlike commercial distributions, no-one is paying Debian for support
> contracts and no-one can game the system by hiding OOT modules.  So it's
> probably not worthwhile for us to use module signing at all.
> 
> However, supposing we did go down this route, I would guess that
> checksums for ~3000 modules take up more space than the signature
> checking code.  Instead, we could perhaps generate a key pair during
> build, include the public key in the kernel and then discard the private
> key.  (But getting entropy would likely be a problem for the key
> generation.)

Agreed, 60k is a bit expensive for this minor feature.  

Thanks,
Rusty.

     prev parent reply	other threads:[~2011-12-19  6:07 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-10-24 13:12 [PATCH] module,bug: Add TAINT_OOT_MODULE flag for modules not built in-tree Ben Hutchings
2011-10-24 13:58 ` Dave Jones
2011-10-24 14:57 ` Randy Dunlap
2011-10-25  3:56   ` Rusty Russell
2011-10-25  9:52     ` Ben Hutchings
2011-10-25 15:38     ` Nick Bowler
2011-10-25 16:05       ` Ben Hutchings
2011-10-25 16:51         ` Nick Bowler
2011-10-25 20:04           ` Greg KH
2011-10-25 20:17             ` Dave Jones
2011-10-25 20:54               ` Greg KH
2011-10-26 13:08                 ` Nick Bowler
2011-10-27  1:11                   ` Rusty Russell
2011-10-27  1:55                     ` Dave Jones
2011-10-31  1:30                       ` Rusty Russell
2011-10-27  5:49                     ` Greg KH
2011-10-26  4:16               ` Rusty Russell
2011-10-26  6:15                 ` Mathieu Desnoyers
2011-10-25  1:37 ` Greg KH
2011-12-12 21:40 ` Luis R. Rodriguez
2011-12-12 21:58   ` Ben Hutchings
2011-12-12 22:47     ` Luis R. Rodriguez
2011-12-12 22:49       ` Luis R. Rodriguez
2011-12-13  5:02       ` Ben Hutchings
2011-12-14 16:20         ` [RFC] modpost: add option to allow external modules to avoid taint John W. Linville
2011-12-14 16:52           ` Ben Hutchings
2011-12-14 17:39             ` John W. Linville
     [not found]           ` <87mxatp3ty.fsf@rustcorp.com.au>
2011-12-16  4:39             ` Ben Hutchings
2011-12-19  5:45               ` Rusty Russell [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87k45tnmgm.fsf@rustcorp.com.au \
    --to=rusty@rustcorp.com.au \
    --cc=ben@decadent.org.uk \
    --cc=davej@redhat.com \
    --cc=debian-kernel@lists.debian.org \
    --cc=greg@kroah.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-wireless@vger.kernel.org \
    --cc=linville@tuxdriver.com \
    --cc=mcgrof@frijolero.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.