* Patch "module: Issue warnings when tainting kernel" has been added to the 4.4-stable tree
@ 2018-01-08 12:52 gregkh
2018-01-10 10:11 ` Libor Pechacek
0 siblings, 1 reply; 4+ messages in thread
From: gregkh @ 2018-01-08 12:52 UTC (permalink / raw)
To: lpechacek, gregkh, rusty; +Cc: stable, stable-commits
This is a note to let you know that I've just added the patch titled
module: Issue warnings when tainting kernel
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
module-issue-warnings-when-tainting-kernel.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
>From 3205c36cf7d96024626f92d65f560035df1abcb2 Mon Sep 17 00:00:00 2001
From: Libor Pechacek <lpechacek@suse.com>
Date: Wed, 13 Apr 2016 11:06:12 +0930
Subject: module: Issue warnings when tainting kernel
From: Libor Pechacek <lpechacek@suse.com>
commit 3205c36cf7d96024626f92d65f560035df1abcb2 upstream.
While most of the locations where a kernel taint bit is set are accompanied
with a warning message, there are two which set their bits silently. If
the tainting module gets unloaded later on, it is almost impossible to tell
what was the reason for setting the flag.
Signed-off-by: Libor Pechacek <lpechacek@suse.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
kernel/module.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2888,8 +2888,12 @@ static int check_modinfo(struct module *
return -ENOEXEC;
}
- if (!get_modinfo(info, "intree"))
+ if (!get_modinfo(info, "intree")) {
+ if (!test_taint(TAINT_OOT_MODULE))
+ pr_warn("%s: loading out-of-tree module taints kernel.\n",
+ mod->name);
add_taint_module(mod, TAINT_OOT_MODULE, LOCKDEP_STILL_OK);
+ }
if (get_modinfo(info, "staging")) {
add_taint_module(mod, TAINT_CRAP, LOCKDEP_STILL_OK);
@@ -3054,6 +3058,8 @@ static int move_module(struct module *mo
static int check_module_license_and_versions(struct module *mod)
{
+ int prev_taint = test_taint(TAINT_PROPRIETARY_MODULE);
+
/*
* ndiswrapper is under GPL by itself, but loads proprietary modules.
* Don't use add_taint_module(), as it would prevent ndiswrapper from
@@ -3072,6 +3078,9 @@ static int check_module_license_and_vers
add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
LOCKDEP_NOW_UNRELIABLE);
+ if (!prev_taint && test_taint(TAINT_PROPRIETARY_MODULE))
+ pr_warn("%s: module license taints kernel.\n", mod->name);
+
#ifdef CONFIG_MODVERSIONS
if ((mod->num_syms && !mod->crcs)
|| (mod->num_gpl_syms && !mod->gpl_crcs)
Patches currently in stable-queue which might be from lpechacek@suse.com are
queue-4.4/module-issue-warnings-when-tainting-kernel.patch
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Patch "module: Issue warnings when tainting kernel" has been added to the 4.4-stable tree
2018-01-08 12:52 Patch "module: Issue warnings when tainting kernel" has been added to the 4.4-stable tree gregkh
@ 2018-01-10 10:11 ` Libor Pechacek
2018-01-10 10:31 ` Greg KH
0 siblings, 1 reply; 4+ messages in thread
From: Libor Pechacek @ 2018-01-10 10:11 UTC (permalink / raw)
To: gregkh; +Cc: rusty, stable, stable-commits
Greg,
I appreciate the notifications about patch moves. They make my life easier.
However, I don't understand how this change qualified for -stable. The issue
does not look serious enough to me to pass the criteria described in
Documentation/process/stable-kernel-rules.rst and I don't see which other patch
may require this one in v4.4.111.
What is the background for including this patch in -stable, please?
Libor
On Mon 08-01-18 13:52:57, gregkh@linuxfoundation.org wrote:
>
> This is a note to let you know that I've just added the patch titled
>
> module: Issue warnings when tainting kernel
>
> to the 4.4-stable tree which can be found at:
> http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
>
> The filename of the patch is:
> module-issue-warnings-when-tainting-kernel.patch
> and it can be found in the queue-4.4 subdirectory.
>
> If you, or anyone else, feels it should not be added to the stable tree,
> please let <stable@vger.kernel.org> know about it.
>
>
> From 3205c36cf7d96024626f92d65f560035df1abcb2 Mon Sep 17 00:00:00 2001
> From: Libor Pechacek <lpechacek@suse.com>
> Date: Wed, 13 Apr 2016 11:06:12 +0930
> Subject: module: Issue warnings when tainting kernel
>
> From: Libor Pechacek <lpechacek@suse.com>
>
> commit 3205c36cf7d96024626f92d65f560035df1abcb2 upstream.
>
> While most of the locations where a kernel taint bit is set are accompanied
> with a warning message, there are two which set their bits silently. If
> the tainting module gets unloaded later on, it is almost impossible to tell
> what was the reason for setting the flag.
>
> Signed-off-by: Libor Pechacek <lpechacek@suse.com>
> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>
> ---
> kernel/module.c | 11 ++++++++++-
> 1 file changed, 10 insertions(+), 1 deletion(-)
>
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -2888,8 +2888,12 @@ static int check_modinfo(struct module *
> return -ENOEXEC;
> }
>
> - if (!get_modinfo(info, "intree"))
> + if (!get_modinfo(info, "intree")) {
> + if (!test_taint(TAINT_OOT_MODULE))
> + pr_warn("%s: loading out-of-tree module taints kernel.\n",
> + mod->name);
> add_taint_module(mod, TAINT_OOT_MODULE, LOCKDEP_STILL_OK);
> + }
>
> if (get_modinfo(info, "staging")) {
> add_taint_module(mod, TAINT_CRAP, LOCKDEP_STILL_OK);
> @@ -3054,6 +3058,8 @@ static int move_module(struct module *mo
>
> static int check_module_license_and_versions(struct module *mod)
> {
> + int prev_taint = test_taint(TAINT_PROPRIETARY_MODULE);
> +
> /*
> * ndiswrapper is under GPL by itself, but loads proprietary modules.
> * Don't use add_taint_module(), as it would prevent ndiswrapper from
> @@ -3072,6 +3078,9 @@ static int check_module_license_and_vers
> add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
> LOCKDEP_NOW_UNRELIABLE);
>
> + if (!prev_taint && test_taint(TAINT_PROPRIETARY_MODULE))
> + pr_warn("%s: module license taints kernel.\n", mod->name);
> +
> #ifdef CONFIG_MODVERSIONS
> if ((mod->num_syms && !mod->crcs)
> || (mod->num_gpl_syms && !mod->gpl_crcs)
>
>
> Patches currently in stable-queue which might be from lpechacek@suse.com are
>
> queue-4.4/module-issue-warnings-when-tainting-kernel.patch
>
--
Libor Pechacek
SUSE Labs
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Patch "module: Issue warnings when tainting kernel" has been added to the 4.4-stable tree
2018-01-10 10:11 ` Libor Pechacek
@ 2018-01-10 10:31 ` Greg KH
2018-01-10 12:33 ` Libor Pechacek
0 siblings, 1 reply; 4+ messages in thread
From: Greg KH @ 2018-01-10 10:31 UTC (permalink / raw)
To: Libor Pechacek; +Cc: rusty, stable, stable-commits
On Wed, Jan 10, 2018 at 11:11:49AM +0100, Libor Pechacek wrote:
> Greg,
>
> I appreciate the notifications about patch moves. They make my life easier.
> However, I don't understand how this change qualified for -stable. The issue
> does not look serious enough to me to pass the criteria described in
> Documentation/process/stable-kernel-rules.rst and I don't see which other patch
> may require this one in v4.4.111.
>
> What is the background for including this patch in -stable, please?
This patch fixes an issue, and was a "good enough" fix that at least one
distro has been shipping it in their kernel for a long time. So I
figured it would be good for everyone to benifit from the bugfix, not
just a tiny subset of the 4.4 kernel users :)
Hope this helps,
greg k-h
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Patch "module: Issue warnings when tainting kernel" has been added to the 4.4-stable tree
2018-01-10 10:31 ` Greg KH
@ 2018-01-10 12:33 ` Libor Pechacek
0 siblings, 0 replies; 4+ messages in thread
From: Libor Pechacek @ 2018-01-10 12:33 UTC (permalink / raw)
To: Greg KH; +Cc: rusty, stable, stable-commits
On Wed 10-01-18 11:31:37, Greg KH wrote:
> On Wed, Jan 10, 2018 at 11:11:49AM +0100, Libor Pechacek wrote:
> > Greg,
> >
> > I appreciate the notifications about patch moves. They make my life easier.
> > However, I don't understand how this change qualified for -stable. The issue
> > does not look serious enough to me to pass the criteria described in
> > Documentation/process/stable-kernel-rules.rst and I don't see which other patch
> > may require this one in v4.4.111.
> >
> > What is the background for including this patch in -stable, please?
>
> This patch fixes an issue, and was a "good enough" fix that at least one
> distro has been shipping it in their kernel for a long time. So I
> figured it would be good for everyone to benifit from the bugfix, not
> just a tiny subset of the 4.4 kernel users :)
Oh, fairness is a strong argument. However, I'm unhappy to hear that our
community is tiny part of Linux user base. ;-)
> Hope this helps,
Indeed it does. Thanks!
Libor
--
Libor Pechacek
SUSE Labs
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-01-10 12:33 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-01-08 12:52 Patch "module: Issue warnings when tainting kernel" has been added to the 4.4-stable tree gregkh
2018-01-10 10:11 ` Libor Pechacek
2018-01-10 10:31 ` Greg KH
2018-01-10 12:33 ` Libor Pechacek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).