Re: [PATCH v5 next 2/5] modules:capabilities: add cap_kernel_module_request() permission check

From: Luis R. Rodriguez
Date: Wed Nov 29 2017 - 21:06:07 EST

Next message: Al Viro: "Re: KASAN: use-after-free Read in sock_release"
Previous message: Baolin Wang: "Re: [PATCH v3] mfd: syscon: Add hardware spinlock support"
In reply to: Djalal Harouni: "[PATCH v5 next 2/5] modules:capabilities: add cap_kernel_module_request() permission check"
Next in thread: Djalal Harouni: "[PATCH v5 next 5/5] net: modules: use request_module_cap() to load 'netdev-%s' modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 27, 2017 at 06:18:35PM +0100, Djalal Harouni wrote:
> +/* Determine whether a module auto-load operation is permitted. */
> +int may_autoload_module(char *kmod_name, int required_cap,
> + const char *kmod_prefix);
> +

While we are reviewing a general LSM for this, it has me wondering if an LSM or
userspace feed info may every want to use other possible context we could add for
free to make a determination.

For instance since all request_module() calls are in header files, we could
for add for free THIS_MODULE as context to may_autoload_module() as well, so
struct module. The LSM could in theory then also help ensure only specific
modules are allowed to request a module load. Perhaps userspace could say
only built-in code could request certain modules.

Just a thought.

Luis

Next message: Al Viro: "Re: KASAN: use-after-free Read in sock_release"
Previous message: Baolin Wang: "Re: [PATCH v3] mfd: syscon: Add hardware spinlock support"
In reply to: Djalal Harouni: "[PATCH v5 next 2/5] modules:capabilities: add cap_kernel_module_request() permission check"
Next in thread: Djalal Harouni: "[PATCH v5 next 5/5] net: modules: use request_module_cap() to load 'netdev-%s' modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]