[Devel] module: Do not dump stack for out of tree and unsigned modules

Submitted by Kirill Tkhai on Sept. 28, 2016, 10:37 a.m.

Details

Message ID 147505905362.22249.6492678716525186410.stgit@localhost.localdomain
State New
Series "module: Do not dump stack for out of tree and unsigned modules"
Headers show

Commit Message

Kirill Tkhai Sept. 28, 2016, 10:37 a.m.
Supress stack printing on loading vzvirtio_balloon module.
It's out of tree and unsigned:

Hardware name: Virtuozzo KVM, BIOS seabios-1.7.5-11.vz7.3 04/01/2014
 ffffc900003d4748 0000000095120796 ffff88007accfcf8 ffffffff81632398
 ffff88007accfd10 ffffffff8107b0e1 ffff88007accfef0 ffff88007accfd88
 ffffffff810fcc4e 0000000000000000 0000000000000000 0000000000000000
Call Trace:
 [<ffffffff81632398>] dump_stack+0x19/0x1b
 [<ffffffff8107b0e1>] add_taint+0x51/0x60
 [<ffffffff810fcc4e>] layout_and_allocate+0xa8e/0xcc0
 [<ffffffff810fcf52>] load_module+0xd2/0x1b60
 [<ffffffff811f9495>] ? vfs_read+0xf5/0x170
 [<ffffffff811ff720>] ? kernel_read+0x50/0x80
 [<ffffffff810fa19b>] ? copy_module_from_fd.isra.44+0x5b/0x150
 [<ffffffff810feb86>] SyS_finit_module+0xa6/0xd0
 [<ffffffff81642cc9>] system_call_fastpath+0x16/0x1b
vzvirtio_balloon: module verification failed: signature and/or required key missing - tainting kernel

https://jira.sw.ru/browse/PSBM-52719

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 kernel/panic.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/kernel/panic.c b/kernel/panic.c
index 239a05e..082a400 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -296,7 +296,8 @@  void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
 		       "Disabling lock debugging due to kernel taint\n");
 
 	/* Do not confuse people with calltraces on proprietary modules */
-	if (flag != TAINT_PROPRIETARY_MODULE) {
+	if (flag != TAINT_PROPRIETARY_MODULE && flag != TAINT_OOT_MODULE &&
+	    flag != TAINT_UNSIGNED_MODULE) {
 		printk(KERN_WARNING "Tainting kernel with flag 0x%x\n", flag);
 		dump_stack();
 	}

Comments

Andrey Ryabinin Sept. 29, 2016, 12:48 p.m.
On 09/28/2016 01:37 PM, Kirill Tkhai wrote:
> Supress stack printing on loading vzvirtio_balloon module.
> It's out of tree and unsigned:
> 
> Hardware name: Virtuozzo KVM, BIOS seabios-1.7.5-11.vz7.3 04/01/2014
>  ffffc900003d4748 0000000095120796 ffff88007accfcf8 ffffffff81632398
>  ffff88007accfd10 ffffffff8107b0e1 ffff88007accfef0 ffff88007accfd88
>  ffffffff810fcc4e 0000000000000000 0000000000000000 0000000000000000
> Call Trace:
>  [<ffffffff81632398>] dump_stack+0x19/0x1b
>  [<ffffffff8107b0e1>] add_taint+0x51/0x60
>  [<ffffffff810fcc4e>] layout_and_allocate+0xa8e/0xcc0
>  [<ffffffff810fcf52>] load_module+0xd2/0x1b60
>  [<ffffffff811f9495>] ? vfs_read+0xf5/0x170
>  [<ffffffff811ff720>] ? kernel_read+0x50/0x80
>  [<ffffffff810fa19b>] ? copy_module_from_fd.isra.44+0x5b/0x150
>  [<ffffffff810feb86>] SyS_finit_module+0xa6/0xd0
>  [<ffffffff81642cc9>] system_call_fastpath+0x16/0x1b
> vzvirtio_balloon: module verification failed: signature and/or required key missing - tainting kernel
> 
> https://jira.sw.ru/browse/PSBM-52719
> 
> Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>

Reviewed-by: Andrey Ryabinin <aryabinin@virtuozzo.com>

> ---
>  kernel/panic.c |    3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/panic.c b/kernel/panic.c
> index 239a05e..082a400 100644
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -296,7 +296,8 @@ void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
>  		       "Disabling lock debugging due to kernel taint\n");
>  
>  	/* Do not confuse people with calltraces on proprietary modules */
> -	if (flag != TAINT_PROPRIETARY_MODULE) {
> +	if (flag != TAINT_PROPRIETARY_MODULE && flag != TAINT_OOT_MODULE &&
> +	    flag != TAINT_UNSIGNED_MODULE) {
>  		printk(KERN_WARNING "Tainting kernel with flag 0x%x\n", flag);
>  		dump_stack();
>  	}
>