+++ Miroslav Benes [12/07/16 14:06 +0200]:
On Tue, 5 Jul 2016, Jessica Yu wrote:
Hi,
A few months ago, Chris Arges reported a bug involving alternatives/paravirt
patching that was discussed here [1] and here [2]. To briefly summarize the
bug, patch modules that contained .altinstructions or
Introduce arch_klp_init_object_loaded() to complete any additional
arch-specific tasks during patching. Architecture code may override this
function.
Signed-off-by: Jessica Yu
---
include/linux/livepatch.h | 3 +++
kernel/livepatch/core.c | 12 ++--
2 files changed, 13 insertions
nd applied in
arch_klp_init_object_loaded().
Signed-off-by: Jessica Yu
---
arch/x86/kernel/Makefile| 1 +
arch/x86/kernel/livepatch.c | 65 +
2 files changed, 66 insertions(+)
create mode 100644 arch/x86/kernel/livepatch.c
diff --git a/arch/
bject_loaded (x86)
[1] http://thread.gmane.org/gmane.linux.kernel/2185604/
[2] https://github.com/dynup/kpatch/issues/580
Jessica Yu (2):
livepatch: use arch_klp_init_object_loaded() to finish arch-specific tasks
livepatch/x86: apply alternatives and paravirt patches after relocations
arch/x86/kernel/Makefil
+++ Kees Cook [21/07/16 16:03 -0700]:
On Wed, Jun 29, 2016 at 9:56 PM, Rusty Russell wrote:
Jessica Yu writes:
+++ Rusty Russell [29/06/16 10:38 +0930]:
Jessica Yu writes:
Add ro_after_init support for modules by adding a new page-aligned section
in the module layout (after rodata) for
83 ("livepatch/module:
make TAINT_LIVEPATCH module-specific").
Reviewed-by: Jessica Yu
Hm, quick question, which tree would this patch go to? Though the
cleanup is for modules, there is an indirect cross-tree dependency
(taint_flag.module needs to be true for TAINT_LIVEPATCH for J
+++ Petr Mladek [07/09/16 15:13 +0200]:
The commit 66cc69e34e86a231 ("Fix: module signature vs tracepoints:
add new TAINT_UNSIGNED_MODULE") updated module_taint_flags() to
potentially print one more character. But it did not increase the
size of the corresponding buffers in m_show() and print_mod
+++ Petr Mladek [12/09/16 16:13 +0200]:
The commit 66cc69e34e86a231 ("Fix: module signature vs tracepoints:
add new TAINT_UNSIGNED_MODULE") updated module_taint_flags() to
potentially print one more character. But it did not increase the
size of the corresponding buffers in m_show() and print_mod
Hi Masami, Petr,
I'm trying to figure out where we are exactly with fixing the problems with
livepatch + kprobes, and I was wondering if there will be any more updates to
the ipmodify patchset that was originally merged back in 2014 (See:
https://lkml.org/lkml/2014/11/20/808). It seems that patch
Reviewed-by: Chunyu Hu
Signed-off-by: Josh Poimboeuf
Acked-by: Jessica Yu
---
kernel/livepatch/core.c | 3 ---
kernel/module.c | 35 ---
2 files changed, 12 insertions(+), 26 deletions(-)
diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core
+++ Jessica Yu [06/06/17 20:41 -0700]:
+++ Wanlong Gao [06/06/17 09:07 +0800]:
On 2017/6/5 10:09, Jessica Yu wrote:
+++ Wanlong Gao [02/06/17 11:04 +0800]:
On 2017/6/2 7:23, Jessica Yu wrote:
+++ Wanlong Gao [31/05/17 11:48 +0800]:
On 2017/5/31 11:30, Jessica Yu wrote:
+++ Wanlong
built out-of-tree.
Suggested-by: Michal Marek
Signed-off-by: Miroslav Benes
Makes sense to me:
Acked-by: Jessica Yu
---
kernel/livepatch/Kconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/kernel/livepatch/Kconfig b/kernel/livepatch/Kconfig
index 045022557936..ec4565122e65 100644
--- a
+++ Masami Hiramatsu [26/05/17 09:24 +0900]:
On Thu, 25 May 2017 19:24:26 +0200
"Luis R. Rodriguez" wrote:
On Thu, May 25, 2017 at 07:38:17PM +0900, Masami Hiramatsu wrote:
> Fix kprobes to set(recover) RWX bits correctly on trampoline
> buffer before releasing it. Releasing readonly page to
>
sell
Cc: Jessica Yu
Signed-off-by: Luis R. Rodriguez
---
fs/filesystems.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/filesystems.c b/fs/filesystems.c
index cac75547d35c..0f477a5de6ea 100644
--- a/fs/filesystems.c
+++ b/fs/filesystems.c
@@ -275,8 +275,10 @
+++ Xie XiuQi [20/05/17 15:46 +0800]:
From: Wanlong Gao
Module name has a limited length, but currently the build system
allows the build finishing even if the module name is too long.
CC
/root/kprobe_example/abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz
+++ Kees Cook [30/10/17 14:20 -0700]:
On Tue, Oct 17, 2017 at 7:04 PM, Kees Cook wrote:
(re-sending to Jessica's @korg address...)
The module_param_call() macro was explicitly casting the .set and .get
function prototypes away with (void *). This can lead to hard-to-find
type mismatches. Addit
+++ Corey Minyard [02/11/17 08:31 -0500]:
On 11/01/2017 10:58 PM, Stephen Rothwell wrote:
Hi Corey,
Today's linux-next merge of the ipmi tree got a conflict in:
drivers/char/ipmi/ipmi_si_intf.c
between commit:
e4dca7b7aa08 ("treewide: Fix function prototypes for module_param_call()")
fr
- Remove kprobe from the kprobe_table and call synchronize_sched() if
arming during register_kprobe() fails.
- add Masami's ack on the 2nd patch (unchanged from v1)
---
Jessica Yu (2):
kprobes: propagate error from arm_kprobe_ftrace()
kprobes: propagate error from disarm_kprobe_ftrace()
ke
2015, which improved kprobes error handling, found here:
https://lkml.org/lkml/2015/2/26/452
However, further work on this had been paused since then and the patches
were not upstreamed.
Based-on-patches-by: Petr Mladek
Acked-by: Masami Hiramatsu
Signed-off-by: Jessica Yu
---
kernel/kprobes.c
s had been paused since then and the patches
were not upstreamed.
Based-on-patches-by: Petr Mladek
Signed-off-by: Jessica Yu
---
kernel/kprobes.c | 88
1 file changed, 63 insertions(+), 25 deletions(-)
diff --git a/kernel/kprobes.c b/k
+++ Corey Minyard [02/11/17 11:40 -0500]:
On 11/02/2017 09:27 AM, Jessica Yu wrote:
+++ Corey Minyard [02/11/17 08:31 -0500]:
On 11/01/2017 10:58 PM, Stephen Rothwell wrote:
Hi Corey,
Today's linux-next merge of the ipmi tree got a conflict in:
drivers/char/ipmi/ipmi_si_intf.c
be
+++ Josh Poimboeuf [02/11/17 21:19 -0500]:
On Thu, Nov 02, 2017 at 04:57:11PM -0500, Josh Poimboeuf wrote:
There have been some cases where external tooling (e.g., kpatch-build)
creates a corrupt relocation which targets the wrong address. This is a
silent failure which can corrupt memory in un
+++ SF Markus Elfring [06/10/17 17:12 +0200]:
From: Markus Elfring
Date: Fri, 6 Oct 2017 16:27:26 +0200
Omit an extra message for a memory allocation failure in this function.
This issue was detected by using the Coccinelle software.
Signed-off-by: Markus Elfring
---
kernel/module.c | 4 +---
+++ Dan Carpenter [19/10/17 13:30 +0300]:
On Thu, Oct 19, 2017 at 11:29:43AM +0200, Jessica Yu wrote:
+++ SF Markus Elfring [06/10/17 17:12 +0200]:
> From: Markus Elfring
> Date: Fri, 6 Oct 2017 16:27:26 +0200
>
> Omit an extra message for a memory allocation failure in this functi
+++ SF Markus Elfring [06/10/17 17:12 +0200]:
From: Markus Elfring
Date: Fri, 6 Oct 2017 16:27:26 +0200
Omit an extra message for a memory allocation failure in this function.
This issue was detected by using the Coccinelle software.
Signed-off-by: Markus Elfring
Applied to modules-next, t
+++ zhong jiang [01/08/18 00:56 +0800]:
we prefer to the kmemdup rather than kmalloc+memcpy. so just
replace them.
Signed-off-by: zhong jiang
Applied, thanks.
Jessica
---
kernel/module.c | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/kernel/module.c b/kernel/modul
+++ Jessica Yu [30/05/18 11:08 +0200]:
It is useful to know which module failed signature verification, so
print the module name along with the error message.
Signed-off-by: Jessica Yu
---
kernel/module.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/module.c b
+++ Jason A. Donenfeld [22/06/18 17:38 +0200]:
Printing "err 0" to the user in the warning message is not particularly
useful, especially when this gets transformed into a -ENOENT for the
remainder of the call chain.
Signed-off-by: Jason A. Donenfeld
Applied, thanks.
Jessica
---
kernel/mod
+++ Masahiro Yamada [24/06/18 00:37 +0900]:
With the special case handling for Blackfin and Metag was removed by
commit 94e58e0ac312 ("export.h: remove code for prefixing symbols with
underscore"), VMLINUX_SYMBOL_STR() is now equivalent to __stringify().
Replace the remaining usages to prepare f
+++ Martijn Coenen [24/07/18 09:56 +0200]:
I did find an issue with my approach:
On Mon, Jul 16, 2018 at 2:21 PM, Martijn Coenen wrote:
The ELF symbols are renamed to include the namespace with an asm label;
for example, symbol 'usb_stor_suspend' in namespace USB_STORAGE becomes
'usb_stor_susp
+++ Andi Kleen [24/01/18 10:17 -0800]:
On Wed, Jan 24, 2018 at 09:00:48AM -0800, Linus Torvalds wrote:
On Wed, Jan 24, 2018 at 6:28 AM, Greg Kroah-Hartman
wrote:
>
> Linus, if there are no objections, can you apply this revert to your
> tree now so this doesn't get into 4.15?
Applied.
So can
profile-kernel'
insmod: ERROR: could not insert module autofs4-pg.ko: Invalid module format
Signed-off-by: Michael Ellerman
Looks good to me:
Acked-by: Jessica Yu
---
arch/powerpc/include/asm/module.h | 4
1 file changed, 4 insertions(+)
diff --git a/arch/powerpc/include/asm/m
+++ Namit Gupta [08/01/18 10:41 +0530]:
ftrace_module_init happen after dynamic_debug_setup, it is desired that
cleanup should be called after this label however in current implementation
it is called in free module label,ie:even though ftrace in not initialized,
from so many fail case ftrace_rel
see a stray breakpoint.
- Remove kprobe from the kprobe_table and call synchronize_sched() if
arming during register_kprobe() fails.
- add Masami's ack on the 2nd patch (unchanged from v1)
---
Jessica Yu (2):
kprobes: propagate error from arm_kprobe_ftrace()
kprobes: propagate error from disa
2015, which improved kprobes error handling, found here:
https://lkml.org/lkml/2015/2/26/452
However, further work on this had been paused since then and the patches
were not upstreamed.
Based-on-patches-by: Petr Mladek
Acked-by: Masami Hiramatsu
Signed-off-by: Jessica Yu
---
kernel/kprobes.c
s had been paused since then and the patches
were not upstreamed.
Based-on-patches-by: Petr Mladek
Signed-off-by: Jessica Yu
---
kernel/kprobes.c | 96 +---
1 file changed, 71 insertions(+), 25 deletions(-)
diff --git a/kernel/kprobes.c b/k
+++ Luis de Bethencourt [16/01/18 13:21 +]:
The trailing semicolon is an empty statement that does no operation.
Removing it since it doesn't do anything.
Signed-off-by: Luis de Bethencourt
Applied. Thanks,
Jessica
rcu in register_aggr_kprobe()
- s/kprobes/probes/ on error message in (dis)arm_all_kprobes()
Changes from v1:
- Don't arm the kprobe before adding it to the kprobe table, otherwise
we'll temporarily see a stray breakpoint.
- Remove kprobe from the kprobe_table and call synchronize_sch
s had been paused since then and the patches
were not upstreamed.
Based-on-patches-by: Petr Mladek
Acked-by: Masami Hiramatsu
Signed-off-by: Jessica Yu
---
kernel/kprobes.c | 100 +--
1 file changed, 75 insertions(+), 25 deletions(-)
diff --
2015, which improved kprobes error handling, found here:
https://lkml.org/lkml/2015/2/26/452
However, further work on this had been paused since then and the patches
were not upstreamed.
Based-on-patches-by: Petr Mladek
Acked-by: Masami Hiramatsu
Signed-off-by: Jessica Yu
---
kernel/kprobes.c
+++ Jia Zhang [08/03/18 12:26 +0800]:
This patch series allows to disable module validity enforcement
in runtime through /sys/kernel/security/modsign/enforce interface.
Assuming CONFIG_MODULE_SIG_FORCE=y, here are the instructions to
disable the validity enforcement.
# cat /sys/kernel/security/
+++ Jia Zhang [01/03/18 17:09 +0800]:
/sys/kernel/security/modsign/enforce gives the result of current
enforcement policy of loading module.
Signed-off-by: Jia Zhang
Why is this being added as part of securityfs? AFAIK that's primarily used by
LSMs.
And we already export sig_enforce to sysf
() had failed.
Signed-off-by: Jessica Yu
Leon Yu (1):
module: propagate error in modules_open()
kernel/module.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
deo+0x37/0xd0
proc_reg_release+0x5d/0x60
__fput+0x9d/0x1d0
fput+0x9/0x10
task_work_run+0x75/0x90
do_exit+0x252/0xa00
do_group_exit+0x36/0xb0
SyS_exit_group+0xf/0x10
Fixes: 516fb7f2e73d ("/proc/module: use the same logic as /proc/kallsyms for address
exposure")
Cc: Jessica Yu
Cc: Linus
+++ Stephen Rothwell [09/03/18 07:54 +1100]:
Hi Jessica,
Commit
934ccf7248dd ("module: propagate error in modules_open()")
is missing a Signed-off-by from its committer.
Whoops, thanks for catching that. Should be fixed now.
Jessica
of symbol we're handling. This change only affects static
functions internal to the module loader.
Signed-off-by: Jessica Yu
---
v2: renamed kallsyms_find_* funcs to find_kallsyms_* to follow the
already existing _ naming convention in module.c
+++ Rick Edgecombe [20/11/18 15:23 -0800]:
Resending this because I missed Jessica in the "to" list. Also removing the part
of this coverletter that talked about KPTI helping with some local kernel text
de-randomizing methods, because I'm not sure I fully understand this.
---
+++ Yangtao Li [26/11/18 09:21 -0500]:
We include elf.h twice in module.c. It's unnecessary.
hence just remove them.
Signed-off-by: Yangtao Li
---
kernel/module.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/kernel/module.c b/kernel/module.c
index 49a405891587..438641fc4096 100644
--- a/ke
of symbol we're handling. This change only affects static
functions internal to the module loader.
Signed-off-by: Jessica Yu
---
kernel/module.c | 78 -
1 file changed, 44 insertions(+), 34 deletions(-)
diff --git a/kernel/module.c b/k
+++ Miroslav Benes [22/11/18 11:19 +0100]:
On Wed, 21 Nov 2018, Jessica Yu wrote:
The module loader internally works with both exported symbols
represented as struct kernel_symbol, as well as Elf symbols from a
module's symbol table. It's hard to distinguish sometimes which type
+++ Vincent Whitchurch [22/11/18 13:24 +0100]:
On Thu, Nov 22, 2018 at 12:01:54PM +, Dave Martin wrote:
On Mon, Nov 19, 2018 at 05:25:12PM +0100, Vincent Whitchurch wrote:
> st_info is currently overwritten after relocation and used to store the
> elf_type(). However, we're going to need it
+++ Miroslav Benes [29/11/18 09:18 +0100]:
On Fri, 23 Nov 2018, Jessica Yu wrote:
The module loader internally works with both exported symbols
represented as struct kernel_symbol, as well as Elf symbols from a
module's symbol table. It's hard to distinguish sometimes which type
therefore makes these changes.
Signed-off-by: Paul E. McKenney
Cc: Jessica Yu
Acked-by: Jessica Yu
Thanks!
---
kernel/module.c | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/kernel/module.c b/kernel/module.c
index 49a405891587..99b46c32d579 100644
--- a/kernel
+++ Dave Martin [13/11/18 13:57 +]:
On Tue, Nov 13, 2018 at 12:27:45PM +0100, Vincent Whitchurch wrote:
Thumb-2 functions have the lowest bit set in the symbol value in the
symtab. When kallsyms are generated for the vmlinux, the kallsyms are
generated from the output of nm, and nm clears t
+++ Vincent Whitchurch [09/11/18 14:53 +0100]:
On Fri, Nov 02, 2018 at 02:53:22PM +0100, Jessica Yu wrote:
+++ Vincent Whitchurch [01/11/18 16:29 +0100]:
> On Wed, Oct 31, 2018 at 04:53:41PM +0100, Jessica Yu wrote:
> > Could this be done in modpost? I'm guessing the answer
+++ Vincent Whitchurch [04/12/18 15:14 +0100]:
Thumb-2 functions have the lowest bit set in the symbol value in the
symtab. When kallsyms are generated for the vmlinux, the kallsyms are
generated from the output of nm, and nm clears the lowest bit.
$ arm-linux-gnueabihf-readelf -a vmlinux | gre
-by: Jessica Yu
---
kernel/module-internal.h | 26 +-
kernel/module.c | 22 +-
kernel/module_signing.c | 9 ++---
3 files changed, 32 insertions(+), 25 deletions(-)
diff --git a/kernel/module-internal.h b/kernel/module-internal.h
in
+++ Joe Perches [29/06/18 21:04 -0700]:
On Fri, 2018-06-29 at 17:53 +0200, Jessica Yu wrote:
Now that we have the load_info struct all initialized (including
info->name, which contains the name of the module) before
module_sig_check(), make the load_info struct and hence module name
availa
-by: Jessica Yu
---
v2:
- remove _modlen argument and just use the passed info struct
kernel/module-internal.h | 25 -
kernel/module.c | 22 +-
kernel/module_signing.c | 12 +++-
3 files changed, 32 insertions(+), 27 deletions(-)
d
, these
data structures are never modified.
So let's move them into the ro_after_init section, to prevent them
from being corrupted inadvertently by buggy code, or deliberately
by an attacker.
Signed-off-by: Ard Biesheuvel
For module parts:
Acked-by: Jessica Yu
---
arch/arm/kernel/vm
+++ Russell King - ARM Linux [06/07/18 14:00 +0100]:
On Fri, Jul 06, 2018 at 02:48:47PM +0200, Arnd Bergmann wrote:
The asm/module.h header file can not be included standalone, which
breaks the module signing code after a recent change:
In file included from kernel/module-internal.h:13,
Acked-by: Jessica Yu (for module.c)
---
kernel/acct.c | 2 ++
kernel/async.c | 14 ++--
kernel/audit_tree.c| 2 +-
kernel/backtracetest.c | 8 +++
kernel/crash_core.c| 29 ++---
kernel/exit.c | 2 ++
kernel/hung_task.c | 13
=lockdown
But my plan is probably to take patches 1 and 2 through the modules-next
tree as they are generic cleanups, but I wanted to give you a heads up for
patch 3, which should probably be taken through the lockdown tree.
Thanks!
Jessica
---
Jessica Yu (3):
module: make it clear when we're han
t, clean up and split up the operations done in
layout_and_allocate(), setup_load_info(), and rewrite_section_headers()
more cleanly so these functions only perform what their names suggest.
Signed-off-by: Jessica Yu
---
kernel/module.c | 77 --
henever we're handling the temporary copy makes that explicitly clear.
Signed-off-by: Jessica Yu
---
kernel/module.c | 42 +-
1 file changed, 21 insertions(+), 21 deletions(-)
diff --git a/kernel/module.c b/kernel/module.c
index 9c1709a05037..e8eba00bfe
It is useful to know which module failed signature verification, so
print the module name along with the error message.
Signed-off-by: Jessica Yu
---
kernel/module.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/module.c b/kernel/module.c
index ae824a6f1a03
+++ Brett T. Warden [06/06/18 12:44 -0700]:
When CONFIG_MODULE_SIG_FORCE is enabled, also provide a boot-time-only
parameter, module.sig_unenforce, to disable signature enforcement. This
allows distributions to ship with signature verification enforcement
enabled by default, but for users to elec
and also allow sig_enforce param to be shown in
sysfs with CONFIG_MODULE_SIG_FORCE
Signed-off-by: Jessica Yu
Jia Zhang (2):
module: Do not access sig_enforce directly
module: Allow to always show the status of modsign
these symbols
- Some code cleanups and minor reshuffling in load_module() were done to
log the module name when module signature verification fails
Signed-off-by: Jessica Yu
Arnd Bergmann (1):
ARM: module: fix modsign build
+++ Nadav Amit [04/12/18 17:34 -0800]:
When module memory is about to be freed, there is no apparent reason to
make it (and its data) executable, but that's exactly what is done
today. This is not efficient and not secure.
There are various theories why it was done, but none of them seem as
some
+++ Vincent Whitchurch [14/12/18 17:05 +0100]:
st_info is currently overwritten after relocation and used to store the
elf_type(). However, we're going to need it fix kallsyms on ARM's
Thumb-2 kernels, so preserve st_info and overwrite the st_size field
instead. st_size is neither used by the m
+++ Edgecombe, Rick P [12/12/18 23:05 +]:
On Wed, 2018-11-28 at 01:40 +, Edgecombe, Rick P wrote:
On Tue, 2018-11-27 at 11:21 +0100, Daniel Borkmann wrote:
> On 11/27/2018 01:19 AM, Edgecombe, Rick P wrote:
> > On Mon, 2018-11-26 at 16:36 +0100, Jessica Yu wrote:
>
complete modinfo section")).
Neither current kernels nor modules contain a '__vermagic' section any
more, so get rid of it.
Signed-off-by: Mathias Krause
Cc: Rusty Russell
Cc: Jessica Yu
Thanks for the cleanup.
Reviewed-by: Jessica Yu
---
include/asm-generic/vmlinux.lds.h |
)
Modules updates for v4.21
Summary of modules changes for the 4.21 merge window:
- Some modules-related kallsyms cleanups and a kallsyms fix for ARM.
- Include keys from the secondary keyring in module signature
verification.
Signed-off-by: Jessica Yu
+++ Miroslav Benes [29/10/18 14:24 +0100]:
diff --git a/arch/arm64/kernel/module.c b/arch/arm64/kernel/module.c
index dd23655fda3a..490e56070a7e 100644
--- a/arch/arm64/kernel/module.c
+++ b/arch/arm64/kernel/module.c
@@ -461,5 +461,15 @@ int module_finalize(const Elf_Ehdr *hdr,
#endif
+++ Will Deacon [29/10/18 15:28 +]:
Hi Jessica,
On Fri, Oct 26, 2018 at 07:25:01PM +0200, Jessica Yu wrote:
The arm64 module loader keeps a pointer into info->sechdrs to keep track
of section header information for .plt section(s). A pointer to the
relevent section header (str
+++ Ke Wu [22/10/18 15:26 -0700]:
Make mod_verify_sig to use all trusted keys. This allows keys in
secondary_trusted_keys to be used to verify PKCS#7 signature on a
kernel module.
Signed-off-by: Ke Wu
Thanks for the ping, I had missed this patch.
David, could I get an ACK please?
Thanks!
J
+++ Vincent Whitchurch [31/10/18 09:42 +0100]:
Thumb-2 functions have the lowest bit set in the symbol value in the
symtab. When kallsyms are generated for the vmlinux, the kallsyms are
generated from the output of nm, and nm clears the lowest bit.
$ arm-linux-gnueabihf-readelf -a vmlinux | gre
+++ Ke Wu [22/10/18 15:26 -0700]:
Make mod_verify_sig to use all trusted keys. This allows keys in
secondary_trusted_keys to be used to verify PKCS#7 signature on a
kernel module.
Signed-off-by: Ke Wu
---
kernel/module_signing.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a
+++ Ke Wu [06/11/18 15:23 -0800]:
Thanks for the comment! I switched to use
VERIFY_USE_SECONDARY_KEYRING, please take a look.
Patch has been queued on modules-next. Thanks!
Jessica
On Tue, Nov 6, 2018 at 3:21 PM Ke Wu wrote:
Make mod_verify_sig to use all trusted keys. This allows keys in
+++ Dave Hansen [11/10/18 16:47 -0700]:
On 10/11/2018 04:31 PM, Rick Edgecombe wrote:
+ if (check_inc_mod_rlimit(size))
+ return NULL;
+
p = __vmalloc_node_range(size, MODULE_ALIGN, module_alloc_base,
module_alloc_base + MODULES_VSIZE,
hael Ellerman
Cc: Ingo Molnar
Cc: Steven Rostedt (VMware)
Cc: Ard Biesheuvel
Cc: Arnd Bergmann
Cc: Benjamin Herrenschmidt
Cc: Bjorn Helgaas
Cc: Catalin Marinas
Cc: James Morris
Cc: James Morris
Cc: Jessica Yu
Cc: Josh Poimboeuf
Cc: Kees Cook
Cc: Nicolas Pitre
Cc: Paul Mackerras
Cc: P
ar
Cc: Steven Rostedt (VMware)
Cc: Ard Biesheuvel
Cc: Arnd Bergmann
Cc: Benjamin Herrenschmidt
Cc: Bjorn Helgaas
Cc: Catalin Marinas
Cc: James Morris
Cc: James Morris
Cc: Jessica Yu
Cc: Josh Poimboeuf
Cc: Kees Cook
Cc: Nicolas Pitre
Cc: Paul Mackerras
Cc: Petr Mladek
Cc: Russell King
Cc:
+++ Vincent Whitchurch [01/11/18 16:29 +0100]:
On Wed, Oct 31, 2018 at 04:53:41PM +0100, Jessica Yu wrote:
Could this be done in modpost? I'm guessing the answer is no as some
relocations may rely on that bit being set in st_value, right?
Therefore we can only clear the bit _after_ reloca
allows livepatch modules on arm64 to pass in
their own copy of the section headers to apply_relocate_add() to apply
delayed relocations.
Signed-off-by: Jessica Yu
---
Note: Addressed Will's comment about the pltsec -> plt_info rename and
removed that change to reduce unnecessary code chur
allows livepatch modules on arm64 to pass in
their own copy of the section headers to apply_relocate_add() to apply
delayed relocations.
Signed-off-by: Jessica Yu
---
v2:
- Do sechdrs[pltsec->plt_shndx].sh_addr instead of pointer math
Note: Addressed Will's comment about the pltsec ->
+++ Will Deacon [05/11/18 19:26 +]:
On Mon, Nov 05, 2018 at 07:53:23PM +0100, Jessica Yu wrote:
Instead of saving a pointer to the .plt and .init.plt sections to apply
plt-based relocations, save and use their section indices instead.
The mod->arch.{core,init}.plt pointers were problema
gt;klp_info so that they can call apply_relocate_add() even after
module load.
Signed-off-by: Jessica Yu
---
Hi!
This patch may be applied on top or merged with the 3rd patch. I
incoporated Miroslav's suggestions from the discussion. It's needed in
order for livepatch m
+++ Ard Biesheuvel [23/10/18 08:54 -0300]:
On 22 October 2018 at 20:06, Edgecombe, Rick P
wrote:
On Sat, 2018-10-20 at 19:20 +0200, Ard Biesheuvel wrote:
Hi Rick,
On 19 October 2018 at 22:47, Rick Edgecombe
wrote:
> If BPF JIT is on, there is no effective limit to prevent filling the entire
+++ Miroslav Benes [25/10/18 11:00 +0200]:
On Thu, 25 Oct 2018, Petr Mladek wrote:
On Tue 2018-10-23 19:55:54, Jessica Yu wrote:
> The arm64 module loader keeps a pointer into info->sechdrs to keep track
> of section header information for .plt section(s). A pointer to the
> rele
gt;klp_info so that they can call apply_relocate_add() even after
module load.
Signed-off-by: Jessica Yu
---
v2:
- fix missing free_module_elf() in error path
- move copy_module_elf() and module_finalize() out of post_relocation()
to make error handling more clear
- add braces t
+++ Miroslav Benes [17/10/18 15:39 +0200]:
On Mon, 1 Oct 2018, Torsten Duwe wrote:
Based on ftrace with regs, do the usual thing. Also allocate a
task flag for whatever consistency handling will be used.
Watch out for interactions with the graph tracer.
Similar to what Mark wrote about 2/4, I
+++ Miroslav Benes [19/10/18 13:59 +0200]:
On Thu, 18 Oct 2018, Jessica Yu wrote:
+++ Miroslav Benes [17/10/18 15:39 +0200]:
>On Mon, 1 Oct 2018, Torsten Duwe wrote:
>
>Ad relocations. I checked that everything in struct mod_arch_specific
>stays after the module is load. Both core
+++ Stefan Berger [08/04/21 11:24 -0400]:
Add support for using elliptic curve keys for signing modules. It uses
a NIST P384 (secp384r1) key if the user chooses an elliptic curve key
and will have ECDSA support built into the kernel.
Note: A developer choosing an ECDSA key for signing modules sh
+++ Stephen Boyd [30/03/21 20:05 -0700]:
[snipped]
diff --git a/lib/buildid.c b/lib/buildid.c
index 010ab0674cb9..b939bbc59233 100644
--- a/lib/buildid.c
+++ b/lib/buildid.c
@@ -1,6 +1,7 @@
// SPDX-License-Identifier: GPL-2.0
#include
+#include
#include
#include
#include
@@ -171,3 +172,19 @
+++ Stephen Boyd [30/03/21 20:05 -0700]:
[snipped]
diff --git a/kernel/module.c b/kernel/module.c
index 30479355ab85..6f5bc1b046a5 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -13,6 +13,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -2770,6 +2771,20 @@ sta
+++ Jia Zhang [24/03/18 10:59 +0800]:
This patch series allows to disable module validity enforcement
in runtime through the control switch located in securityfs.
In order to keep /sys/module/module/parameters/sig_enforce simple,
the disablement switch is located at
/sys/kernel/security/modsign/
- Fix display of module section addresses in sysfs, which were getting
hashed with %pK and breaking tools like perf.
Signed-off-by: Jessica Yu
Thomas Richter (1):
module: Fix display of wrong module .text address
kernel/module.c
+++ Josh Poimboeuf [02/06/18 12:32 -0500]:
Hi Jessica,
I found a bug:
[root@f25 ~]# modprobe livepatch-sample
[root@f25 ~]# grep ' u ' /proc/kallsyms
81161080 u klp_enable_patch[livepatch_sample]
81a01800 u __fentry__ [livepatch_sample]
81161250 u klp_unregiste
+++ Jessica Yu [04/06/18 10:05 +0200]:
+++ Josh Poimboeuf [02/06/18 12:32 -0500]:
Hi Jessica,
I found a bug:
[root@f25 ~]# modprobe livepatch-sample
[root@f25 ~]# grep ' u ' /proc/kallsyms
81161080 u klp_enable_patch [livepatch_sample]
81a01800 u
1 - 100 of 642 matches
Mail list logo
