Re: [PATCH] module,bug: Add TAINT_OOT_MODULE flag for modules not built in-tree

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
To: Rusty Russell <rusty@rustcorp.com.au>
Cc: Dave Jones <davej@redhat.com>, Greg KH <greg@kroah.com>,
	Nick Bowler <nbowler@elliptictech.com>,
	Ben Hutchings <ben@decadent.org.uk>,
	Randy Dunlap <rdunlap@xenotime.net>,
	LKML <linux-kernel@vger.kernel.org>,
	Debian kernel maintainers <debian-kernel@lists.debian.org>,
	Roland Vossen <rvossen@broadcom.com>
Subject: Re: [PATCH] module,bug: Add TAINT_OOT_MODULE flag for modules not built in-tree
Date: Wed, 26 Oct 2011 02:15:21 -0400	[thread overview]
Message-ID: <20111026061521.GB16408@Krystal> (raw)
In-Reply-To: <87zkgoo09f.fsf@rustcorp.com.au>

* Rusty Russell (rusty@rustcorp.com.au) wrote:
> On Tue, 25 Oct 2011 16:17:24 -0400, Dave Jones <davej@redhat.com> wrote:
> > commit 7816c45bf13255157c00fb8aca86cb64d825e878
> > Author: Roland Vossen <rvossen@broadcom.com>
> > Date:   Thu Apr 7 11:20:58 2011 +0200
> > 
> >     modules: Enabled dynamic debugging for staging modules
> ...
> >     
> >     Signed-off-by: Roland Vossen <rvossen@broadcom.com>
> >     Acked-by: Jason Baron <jbaron@redhat.com>
> >     Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
> 
> Greg, you know better.  This is why we have maintainers: I can't track
> patches I don't see.  Grrr...
> 
> > If we want to support out of tree modules with this, should we just nuke the
> > whole check, or do we still want to prevent certain types of tainted kernels
> > from using this stuff ?
> 
> It goes back to the first implementation of kernel markers.  IIRC, it
> was to prevent dynamic debug stuff from circumventing licensing, but
> testing for *any* taint seems overbroad.  Mathieu?

This check for tainted modules was first introduced with markers, and
then used by tracepoints, and then also by dynamic debug. The rationale
for this check was mainly to ensure that the marker/tracepoint code
would not trigger a crash when loading a module with incompatible module
header, originally compiled for an older kernel, into a newer kernel.
This problem would happen even if the said module does not contain any
marker/tracepoint, because we happen to try to use fields that are
non-existent in the module header.

AFAIK, dynamic debug use a similar trick that require extra members in
the module header, so checking that the module header format is
compatible with the kernel would be enough. Is there a taint flag that
allows us to check for this more narrowly ? TAINT_FORCED_MODULE would
probably be the closest one we have now, although we might want to be
more specific than that.

Thanks,

Mathieu

> 
> Thanks,
> Rusty.
> PS.  Can't see how this related to lockdep either...

-- 
Mathieu Desnoyers
Operating System Efficiency R&D Consultant
EfficiOS Inc.
http://www.efficios.com

next prev parent reply	other threads:[~2011-10-26  6:24 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-10-24 13:12 [PATCH] module,bug: Add TAINT_OOT_MODULE flag for modules not built in-tree Ben Hutchings
2011-10-24 13:58 ` Dave Jones
2011-10-24 14:57 ` Randy Dunlap
2011-10-25  3:56   ` Rusty Russell
2011-10-25  9:52     ` Ben Hutchings
2011-10-25 15:38     ` Nick Bowler
2011-10-25 16:05       ` Ben Hutchings
2011-10-25 16:51         ` Nick Bowler
2011-10-25 20:04           ` Greg KH
2011-10-25 20:17             ` Dave Jones
2011-10-25 20:54               ` Greg KH
2011-10-26 13:08                 ` Nick Bowler
2011-10-27  1:11                   ` Rusty Russell
2011-10-27  1:55                     ` Dave Jones
2011-10-31  1:30                       ` Rusty Russell
2011-10-27  5:49                     ` Greg KH
2011-10-26  4:16               ` Rusty Russell
2011-10-26  6:15                 ` Mathieu Desnoyers [this message]
2011-10-25  1:37 ` Greg KH
2011-12-12 21:40 ` Luis R. Rodriguez
2011-12-12 21:58   ` Ben Hutchings
2011-12-12 22:47     ` Luis R. Rodriguez
2011-12-12 22:49       ` Luis R. Rodriguez
2011-12-13  5:02       ` Ben Hutchings
2011-12-14 16:20         ` [RFC] modpost: add option to allow external modules to avoid taint John W. Linville
2011-12-14 16:52           ` Ben Hutchings
2011-12-14 17:39             ` John W. Linville
     [not found]           ` <87mxatp3ty.fsf@rustcorp.com.au>
2011-12-16  4:39             ` Ben Hutchings
2011-12-19  5:45               ` Rusty Russell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20111026061521.GB16408@Krystal \
    --to=mathieu.desnoyers@polymtl.ca \
    --cc=ben@decadent.org.uk \
    --cc=davej@redhat.com \
    --cc=debian-kernel@lists.debian.org \
    --cc=greg@kroah.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=nbowler@elliptictech.com \
    --cc=rdunlap@xenotime.net \
    --cc=rusty@rustcorp.com.au \
    --cc=rvossen@broadcom.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox