Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752626AbcD1A1S (ORCPT ); Wed, 27 Apr 2016 20:27:18 -0400 Received: from ozlabs.org ([103.22.144.67]:59083 "EHLO ozlabs.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752161AbcD1A1R convert rfc822-to-8bit (ORCPT ); Wed, 27 Apr 2016 20:27:17 -0400 From: Rusty Russell To: Ben Hutchings Cc: David Howells , David Woodhouse , keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 1/3] module: Invalidate signatures on force-loaded modules In-Reply-To: <1461704447.5852.17.camel@decadent.org.uk> References: <20160423184421.GL3348@decadent.org.uk> <20160423184501.GM3348@decadent.org.uk> <8760v464gr.fsf@rustcorp.com.au> <1461704447.5852.17.camel@decadent.org.uk> User-Agent: Notmuch/0.21 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu) Date: Thu, 28 Apr 2016 09:24:40 +0930 Message-ID: <87pota4ngf.fsf@rustcorp.com.au> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 837 Lines: 22 Ben Hutchings writes: > On Tue, 2016-04-26 at 20:07 +0930, Rusty Russell wrote: >> Ben Hutchings writes: >> > - if (info->len > markerlen && >> > + /* >> > +  * Require flags == 0, as a module with version information >> > +  * removed is no longer the module that was signed >> > +  */ >> > + if (flags == 0 && >> This check is a bit lazy.  We could have other flags in future, >> so this should really be !(flags & >> (MODULE_INIT_IGNORE_MODVERSIONS|MODULE_INIT_IGNORE_VERMAGIC) right? > > Yes we could, but I'd prefer this to fail-safe in case no-one thinks > about whether it should be updated then. Yeah, line ball. We could screw up either way, and I can't think of an reasonable new flag off the top of my head to give a concrete example. I've applied all three, thanks! Rusty.