[Linux-stable-mirror] Patch "module: Issue warnings when tainting kernel" has been added to the 4.4-stable tree
This is a note to let you know that I've just added the patch titled
module: Issue warnings when tainting kernel
to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: module-issue-warnings-when-tainting-kernel.patch and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
From 3205c36cf7d96024626f92d65f560035df1abcb2 Mon Sep 17 00:00:00 2001
From: Libor Pechacek lpechacek@suse.com Date: Wed, 13 Apr 2016 11:06:12 +0930 Subject: module: Issue warnings when tainting kernel
From: Libor Pechacek lpechacek@suse.com
commit 3205c36cf7d96024626f92d65f560035df1abcb2 upstream.
While most of the locations where a kernel taint bit is set are accompanied with a warning message, there are two which set their bits silently. If the tainting module gets unloaded later on, it is almost impossible to tell what was the reason for setting the flag.
Signed-off-by: Libor Pechacek lpechacek@suse.com Signed-off-by: Rusty Russell rusty@rustcorp.com.au Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- kernel/module.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-)
--- a/kernel/module.c +++ b/kernel/module.c @@ -2888,8 +2888,12 @@ static int check_modinfo(struct module * return -ENOEXEC; }
- if (!get_modinfo(info, "intree")) + if (!get_modinfo(info, "intree")) { + if (!test_taint(TAINT_OOT_MODULE)) + pr_warn("%s: loading out-of-tree module taints kernel.\n", + mod->name); add_taint_module(mod, TAINT_OOT_MODULE, LOCKDEP_STILL_OK); + }
if (get_modinfo(info, "staging")) { add_taint_module(mod, TAINT_CRAP, LOCKDEP_STILL_OK); @@ -3054,6 +3058,8 @@ static int move_module(struct module *mo
static int check_module_license_and_versions(struct module *mod) { + int prev_taint = test_taint(TAINT_PROPRIETARY_MODULE); + /* * ndiswrapper is under GPL by itself, but loads proprietary modules. * Don't use add_taint_module(), as it would prevent ndiswrapper from @@ -3072,6 +3078,9 @@ static int check_module_license_and_vers add_taint_module(mod, TAINT_PROPRIETARY_MODULE, LOCKDEP_NOW_UNRELIABLE);
+ if (!prev_taint && test_taint(TAINT_PROPRIETARY_MODULE)) + pr_warn("%s: module license taints kernel.\n", mod->name); + #ifdef CONFIG_MODVERSIONS if ((mod->num_syms && !mod->crcs) || (mod->num_gpl_syms && !mod->gpl_crcs)
Patches currently in stable-queue which might be from lpechacek@suse.com are
queue-4.4/module-issue-warnings-when-tainting-kernel.patch
Greg,
I appreciate the notifications about patch moves. They make my life easier. However, I don't understand how this change qualified for -stable. The issue does not look serious enough to me to pass the criteria described in Documentation/process/stable-kernel-rules.rst and I don't see which other patch may require this one in v4.4.111.
What is the background for including this patch in -stable, please?
Libor
On Mon 08-01-18 13:52:57, gregkh@linuxfoundation.org wrote:
This is a note to let you know that I've just added the patch titled
module: Issue warnings when tainting kernelto the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: module-issue-warnings-when-tainting-kernel.patch and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
From 3205c36cf7d96024626f92d65f560035df1abcb2 Mon Sep 17 00:00:00 2001 From: Libor Pechacek lpechacek@suse.com Date: Wed, 13 Apr 2016 11:06:12 +0930 Subject: module: Issue warnings when tainting kernel
From: Libor Pechacek lpechacek@suse.com
commit 3205c36cf7d96024626f92d65f560035df1abcb2 upstream.
While most of the locations where a kernel taint bit is set are accompanied with a warning message, there are two which set their bits silently. If the tainting module gets unloaded later on, it is almost impossible to tell what was the reason for setting the flag.
Signed-off-by: Libor Pechacek lpechacek@suse.com Signed-off-by: Rusty Russell rusty@rustcorp.com.au Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
kernel/module.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-)
--- a/kernel/module.c +++ b/kernel/module.c @@ -2888,8 +2888,12 @@ static int check_modinfo(struct module * return -ENOEXEC; }
- if (!get_modinfo(info, "intree"))
- if (!get_modinfo(info, "intree")) {
if (!test_taint(TAINT_OOT_MODULE))pr_warn("%s: loading out-of-tree module taints kernel.\n",mod->name);- }
if (get_modinfo(info, "staging")) { add_taint_module(mod, TAINT_CRAP, LOCKDEP_STILL_OK); @@ -3054,6 +3058,8 @@ static int move_module(struct module *mo static int check_module_license_and_versions(struct module *mod) {
- int prev_taint = test_taint(TAINT_PROPRIETARY_MODULE);
- /*
- ndiswrapper is under GPL by itself, but loads proprietary modules.
- Don't use add_taint_module(), as it would prevent ndiswrapper from
@@ -3072,6 +3078,9 @@ static int check_module_license_and_vers add_taint_module(mod, TAINT_PROPRIETARY_MODULE, LOCKDEP_NOW_UNRELIABLE);
- if (!prev_taint && test_taint(TAINT_PROPRIETARY_MODULE))
pr_warn("%s: module license taints kernel.\n", mod->name);#ifdef CONFIG_MODVERSIONS if ((mod->num_syms && !mod->crcs) || (mod->num_gpl_syms && !mod->gpl_crcs)
Patches currently in stable-queue which might be from lpechacek@suse.com are
queue-4.4/module-issue-warnings-when-tainting-kernel.patch
On Wed, Jan 10, 2018 at 11:11:49AM +0100, Libor Pechacek wrote:
Greg,
I appreciate the notifications about patch moves. They make my life easier. However, I don't understand how this change qualified for -stable. The issue does not look serious enough to me to pass the criteria described in Documentation/process/stable-kernel-rules.rst and I don't see which other patch may require this one in v4.4.111.
What is the background for including this patch in -stable, please?
This patch fixes an issue, and was a "good enough" fix that at least one distro has been shipping it in their kernel for a long time. So I figured it would be good for everyone to benifit from the bugfix, not just a tiny subset of the 4.4 kernel users :)
Hope this helps,
greg k-h
On Wed 10-01-18 11:31:37, Greg KH wrote:
On Wed, Jan 10, 2018 at 11:11:49AM +0100, Libor Pechacek wrote:
Greg,
I appreciate the notifications about patch moves. They make my life easier. However, I don't understand how this change qualified for -stable. The issue does not look serious enough to me to pass the criteria described in Documentation/process/stable-kernel-rules.rst and I don't see which other patch may require this one in v4.4.111.
What is the background for including this patch in -stable, please?
This patch fixes an issue, and was a "good enough" fix that at least one distro has been shipping it in their kernel for a long time. So I figured it would be good for everyone to benifit from the bugfix, not just a tiny subset of the 4.4 kernel users :)
Oh, fairness is a strong argument. However, I'm unhappy to hear that our community is tiny part of Linux user base. ;-)
Hope this helps,
Indeed it does. Thanks!
Libor
linux-stable-mirror@lists.linaro.org
-
Greg KH -
gregkh@linuxfoundation.org
-
Libor Pechacek