From: Lucas De Marchi <lucas.demarchi@profusion.mobi>
To: Rusty Russell <rusty@rustcorp.com.au>
Cc: mtk.manpages@gmail.com, "H. Peter Anvin" <hpa@zytor.com>,
Kees Cook <keescook@chromium.org>,
linux-kernel@vger.kernel.org, jonathon@jonmasters.org
Subject: Re: [PATCH 1/4] module: add syscall to load module from fd
Date: Thu, 18 Oct 2012 02:39:04 -0300 [thread overview]
Message-ID: <CAMOw1v4j5UVtneBTx1-FteEP53QqeMdH9GKnKs3OcybAceQxtg@mail.gmail.com> (raw)
In-Reply-To: <87ipa8o4mn.fsf@rustcorp.com.au>
On Thu, Oct 18, 2012 at 12:12 AM, Rusty Russell <rusty@rustcorp.com.au> wrote:
> "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com> writes:
>> Sure. But my point that started this subthread was: should we take the
>> opportunity now to add a 'flags' argument to the new finit_module()
>> system call, so as to allow flexibility in extending the behavior in
>> future? There have been so many cases of revised system calls in the
>> past few years that replaced calls without a 'flags' argument that it
>> seems worth at least some thought before the API is cast in stone.
>
> (CC's trimmed, Lucas & Jon added; please include them in module
> discussions!)
>
> So I tried to think of why we'd want flags; if I could think of a
> plausible reason, obviously we should do it now.
>
> I think it would be neat for the force flags (eg. ignoring modversions
> or ignoring kernel version). These are the only cases where libkmod
> needs to mangle the module.
Maybe we should put this back into kernel. With an fd we can't mangle
the module anymore to ignore modversions or kernel version.
So yes, I think a 'flags' param is indeed needed.
Side note: force won't work anymore by using init_module() and signed modules.
>
> So here's the patch which adds the flags field, but nothing in there
> yet. I'll add the remove flags soon, so libkmod can assume that if the
> syscall exists, those flags will work.
>
> Thoughts?
> Rusty.
>
> FIX: add flags arg to sys_finit_module()
>
> Thanks to Michael Kerrisk for keeping us honest.
>
> diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
> index 32bc035..8cf7b50 100644
> --- a/include/linux/syscalls.h
> +++ b/include/linux/syscalls.h
> @@ -868,5 +868,5 @@ asmlinkage long sys_process_vm_writev(pid_t pid,
>
> asmlinkage long sys_kcmp(pid_t pid1, pid_t pid2, int type,
> unsigned long idx1, unsigned long idx2);
> -asmlinkage long sys_finit_module(int fd, const char __user *uargs);
> +asmlinkage long sys_finit_module(int fd, const char __user *uargs, int flags);
> #endif
> diff --git a/kernel/module.c b/kernel/module.c
> index 261bf82..8b8d986 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -3260,7 +3260,7 @@ SYSCALL_DEFINE3(init_module, void __user *, umod,
> return load_module(&info, uargs);
> }
>
> -SYSCALL_DEFINE2(finit_module, int, fd, const char __user *, uargs)
> +SYSCALL_DEFINE2(finit_module, int, fd, const char __user *, uargs, int, flags)
> {
> int err;
> struct load_info info = { };
> @@ -3269,7 +3269,11 @@ SYSCALL_DEFINE2(finit_module, int, fd, const char __user *, uargs)
> if (err)
> return err;
>
> - pr_debug("finit_module: fd=%d, uargs=%p\n", fd, uargs);
> + pr_debug("finit_module: fd=%d, uargs=%p, flags=%i\n", fd, uargs, flags);
> +
> + /* Coming RSN... */
> + if (flags)
> + return -EINVAL;
>
> err = copy_module_from_fd(fd, &info);
> if (err)
Ack.
Lucas De Marchi
next prev parent reply other threads:[~2012-10-18 5:39 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-20 22:14 [PATCH 1/4] module: add syscall to load module from fd Kees Cook
2012-09-20 22:14 ` [PATCH 2/4] security: introduce kernel_module_from_file hook Kees Cook
2012-09-21 12:42 ` Mimi Zohar
2012-09-20 22:14 ` [PATCH 3/4] ARM: add finit_module syscall to ARM Kees Cook
2012-09-21 13:15 ` Arnd Bergmann
2012-09-21 14:59 ` Russell King
2012-09-21 15:43 ` Kees Cook
2012-09-20 22:15 ` [PATCH 4/4] add finit_module syscall to asm-generic Kees Cook
2012-09-21 2:22 ` [PATCH 1/4] module: add syscall to load module from fd James Morris
2012-09-21 3:07 ` Kees Cook
2012-09-21 3:09 ` Mimi Zohar
2012-09-21 17:56 ` John Johansen
2012-10-03 22:40 ` Kees Cook
2012-10-04 5:39 ` Rusty Russell
2012-10-04 12:50 ` Mimi Zohar
2012-10-05 3:50 ` Rusty Russell
2012-10-05 7:12 ` Kees Cook
2012-10-04 20:28 ` Kees Cook
2012-10-09 21:54 ` Michael Kerrisk
2012-10-09 21:58 ` H. Peter Anvin
2012-10-09 22:03 ` Michael Kerrisk (man-pages)
2012-10-09 22:09 ` H. Peter Anvin
[not found] ` <CAKgNAkjfkbYOQocuGRAKU=0P2CQCvmedhRMJZPnkUMnnxSOsqg@mail.gmail.com>
2012-10-10 5:54 ` Michael Kerrisk (man-pages)
2012-10-11 22:16 ` Rusty Russell
2012-10-12 5:16 ` Michael Kerrisk (man-pages)
2012-10-18 3:12 ` Rusty Russell
2012-10-18 5:39 ` Lucas De Marchi [this message]
2012-10-18 12:59 ` Michael Kerrisk (man-pages)
2012-10-22 7:39 ` Rusty Russell
2012-10-23 2:37 ` Lucas De Marchi
2012-10-23 3:40 ` Kees Cook
2012-10-23 4:08 ` Lucas De Marchi
2012-10-23 15:42 ` Kees Cook
2012-10-23 15:45 ` H. Peter Anvin
2012-10-23 16:25 ` Lucas De Marchi
2012-10-24 3:06 ` Rusty Russell
2012-10-23 7:38 ` Michael Kerrisk (man-pages)
2012-10-30 21:57 ` Kees Cook
2012-11-01 1:03 ` Rusty Russell
2012-12-21 0:01 ` Michael Kerrisk
2013-01-03 0:12 ` Rusty Russell
2013-01-06 18:59 ` Michael Kerrisk (man-pages)
2013-01-06 20:24 ` Kees Cook
2013-01-07 1:41 ` Michael Kerrisk (man-pages)
2013-01-09 17:29 ` Lucas De Marchi
2013-01-10 0:55 ` Michael Kerrisk (man-pages)
2012-10-18 4:24 ` H. Peter Anvin
2012-10-18 8:05 ` Michael Kerrisk (man-pages)
2012-10-18 14:26 ` H. Peter Anvin
2012-10-18 15:28 ` Kees Cook
2012-10-18 15:30 ` H. Peter Anvin
2012-10-19 2:23 ` Rusty Russell
2012-10-19 2:54 ` H. Peter Anvin
2012-10-19 10:46 ` Alon Ziv
2012-10-20 4:05 ` Rusty Russell
-- strict thread matches above, loose matches on Subject: below --
2012-10-04 20:22 [PATCH v5] " Kees Cook
2012-10-04 20:22 ` [PATCH 1/4] " Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMOw1v4j5UVtneBTx1-FteEP53QqeMdH9GKnKs3OcybAceQxtg@mail.gmail.com \
--to=lucas.demarchi@profusion.mobi \
--cc=hpa@zytor.com \
--cc=jonathon@jonmasters.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mtk.manpages@gmail.com \
--cc=rusty@rustcorp.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).