linux-api.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: Christoph Hellwig <hch@lst.de>
Cc: zohar@linux.ibm.com, dmitry.kasatkin@gmail.com,
	eric.snowberg@oracle.com,  corbet@lwn.net, mcgrof@kernel.org,
	petr.pavlu@suse.com, samitolvanen@google.com,
	 da.gomez@samsung.com, akpm@linux-foundation.org,
	paul@paul-moore.com,  jmorris@namei.org, serge@hallyn.com,
	shuah@kernel.org, mcoquelin.stm32@gmail.com,
	 alexandre.torgue@foss.st.com, linux-integrity@vger.kernel.org,
	 linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
	 linux-api@vger.kernel.org, linux-modules@vger.kernel.org,
	 linux-security-module@vger.kernel.org,
	linux-kselftest@vger.kernel.org,  wufan@linux.microsoft.com,
	pbrobinson@gmail.com, zbyszek@in.waw.pl,  mjg59@srcf.ucam.org,
	pmatilai@redhat.com, jannh@google.com, dhowells@redhat.com,
	 jikos@kernel.org, mkoutny@suse.com, ppavlu@suse.com,
	petr.vorel@gmail.com,  mzerqung@0pointer.de, kgold@linux.ibm.com,
	Roberto Sassu <roberto.sassu@huawei.com>
Subject: Re: [PATCH v6 02/15] module: Introduce ksys_finit_module()
Date: Tue, 19 Nov 2024 15:33:49 +0100	[thread overview]
Message-ID: <58fbc60fccf6d6c9504301adeebf33a46766d507.camel@huaweicloud.com> (raw)
In-Reply-To: <20241119121402.GA28228@lst.de>

On Tue, 2024-11-19 at 13:14 +0100, Christoph Hellwig wrote:
> On Tue, Nov 19, 2024 at 11:49:09AM +0100, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu@huawei.com>
> > 
> > Introduce ksys_finit_module() to let kernel components request a kernel
> > module without requiring running modprobe.
> 
> That does sound more than sketchy, even more so because the commit log
> completely fails to explain why you'd need to do that.

With my solution, the kernel grants access to a file in user space
depending on whether or not its calculated (or fsverity) digest is
found in an application manifest provided by the software vendor.

However, what it happens is that in the early boot phase the parser is
not loaded yet, and the kernel cannot extract the reference digests
from the application manifest.

Thus, calling request_module() and consequently executing modprobe will
fail, since the kernel does not have its reference digest yet.

Instead, loading the kernel module from the kernel itself works,
because only the kernel module needs to be verified, and that can be
done through its appended signature.

Roberto


  reply	other threads:[~2024-11-19 14:34 UTC|newest]

Thread overview: 54+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-11-19 10:49 [PATCH v6 00/15] integrity: Introduce the Integrity Digest Cache Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 01/15] lib: Add TLV parser Roberto Sassu
2024-11-19 16:51   ` Randy Dunlap
2025-01-21 13:29   ` Thomas Weißschuh
2025-01-21 13:48     ` Roberto Sassu
2025-01-21 14:21       ` Thomas Weißschuh
2025-01-21 14:29         ` Roberto Sassu
2025-01-21 14:55     ` Roberto Sassu
2025-01-21 21:42       ` Thomas Weißschuh
2024-11-19 10:49 ` [PATCH v6 02/15] module: Introduce ksys_finit_module() Roberto Sassu
2024-11-19 12:14   ` Christoph Hellwig
2024-11-19 14:33     ` Roberto Sassu [this message]
2024-11-19 20:10     ` Luis Chamberlain
2024-11-20  9:16       ` Roberto Sassu
2024-11-20  9:18         ` Roberto Sassu
2024-11-25 23:40         ` Luis Chamberlain
2024-11-26  7:56           ` Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 03/15] integrity: Introduce the Integrity Digest Cache Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 04/15] digest_cache: Initialize digest caches Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 05/15] digest_cache: Add securityfs interface Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 06/15] digest_cache: Add hash tables and operations Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 07/15] digest_cache: Allow registration of digest list parsers Roberto Sassu
2024-11-19 16:46   ` Randy Dunlap
2024-11-19 16:48     ` Roberto Sassu
2024-11-25 23:53   ` Luis Chamberlain
2024-11-26 10:25     ` Roberto Sassu
2024-11-26 19:04       ` Luis Chamberlain
2024-11-27  9:51         ` Roberto Sassu
2024-11-27 19:53           ` Luis Chamberlain
2024-11-28  8:23             ` Roberto Sassu
2024-11-28 20:40               ` Luis Chamberlain
2024-11-29  8:30                 ` Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 08/15] digest_cache: Parse tlv digest lists Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 09/15] digest_cache: Populate the digest cache from a digest list Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 10/15] digest_cache: Add management of verification data Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 11/15] digest_cache: Add support for directories Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 12/15] digest cache: Prefetch digest lists if requested Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 13/15] digest_cache: Reset digest cache on file/directory change Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 14/15] selftests/digest_cache: Add selftests for the Integrity Digest Cache Roberto Sassu
2024-11-19 10:49 ` [PATCH v6 15/15] docs: Add documentation of " Roberto Sassu
2024-11-19 20:03 ` [PATCH v6 00/15] integrity: Introduce " Luis Chamberlain
2024-11-26  0:13 ` Eric Snowberg
2024-11-26 10:41   ` Roberto Sassu
2024-12-03 20:06     ` Eric Snowberg
2024-12-04 10:44       ` Roberto Sassu
2024-12-05  0:57         ` Eric Snowberg
2024-12-05  8:53           ` Roberto Sassu
2024-12-05 16:16             ` Roberto Sassu
2024-12-05 19:41               ` Eric Snowberg
2024-12-06 10:06                 ` Roberto Sassu
2024-12-06 15:15                   ` Eric Snowberg
2024-12-06 15:26                     ` Roberto Sassu
2024-11-27 17:30 ` Dr. Greg
2024-11-27 17:56   ` Roberto Sassu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=58fbc60fccf6d6c9504301adeebf33a46766d507.camel@huaweicloud.com \
    --to=roberto.sassu@huaweicloud.com \
    --cc=akpm@linux-foundation.org \
    --cc=alexandre.torgue@foss.st.com \
    --cc=corbet@lwn.net \
    --cc=da.gomez@samsung.com \
    --cc=dhowells@redhat.com \
    --cc=dmitry.kasatkin@gmail.com \
    --cc=eric.snowberg@oracle.com \
    --cc=hch@lst.de \
    --cc=jannh@google.com \
    --cc=jikos@kernel.org \
    --cc=jmorris@namei.org \
    --cc=kgold@linux.ibm.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=linux-modules@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mcgrof@kernel.org \
    --cc=mcoquelin.stm32@gmail.com \
    --cc=mjg59@srcf.ucam.org \
    --cc=mkoutny@suse.com \
    --cc=mzerqung@0pointer.de \
    --cc=paul@paul-moore.com \
    --cc=pbrobinson@gmail.com \
    --cc=petr.pavlu@suse.com \
    --cc=petr.vorel@gmail.com \
    --cc=pmatilai@redhat.com \
    --cc=ppavlu@suse.com \
    --cc=roberto.sassu@huawei.com \
    --cc=samitolvanen@google.com \
    --cc=serge@hallyn.com \
    --cc=shuah@kernel.org \
    --cc=wufan@linux.microsoft.com \
    --cc=zbyszek@in.waw.pl \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).