[Devel,RHEL7,COMMIT] module: Do not dump stack for out of tree and unsigned modules

Submitted by Kirill Tkhai on Sept. 29, 2016, 1 p.m.


Message ID 201609291300.u8TD0u6G031702@pro
State New
Series "module: Do not dump stack for out of tree and unsigned modules"
Headers show

Commit Message

Kirill Tkhai Sept. 29, 2016, 1 p.m.
The commit is pushed to "branch-rh7-3.10.0-327.28.2.vz7.17.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-327.28.2.vz7.17.12
commit 9f5a980ef5c8c955e3cff9af892ff31d460d811b
Author: Kirill Tkhai <ktkhai@virtuozzo.com>
Date:   Thu Sep 29 12:59:52 2016 +0000

    module: Do not dump stack for out of tree and unsigned modules
    Supress stack printing on loading vzvirtio_balloon module.
    It's out of tree and unsigned:
    Hardware name: Virtuozzo KVM, BIOS seabios-1.7.5-11.vz7.3 04/01/2014
     ffffc900003d4748 0000000095120796 ffff88007accfcf8 ffffffff81632398
     ffff88007accfd10 ffffffff8107b0e1 ffff88007accfef0 ffff88007accfd88
     ffffffff810fcc4e 0000000000000000 0000000000000000 0000000000000000
    Call Trace:
     [<ffffffff81632398>] dump_stack+0x19/0x1b
     [<ffffffff8107b0e1>] add_taint+0x51/0x60
     [<ffffffff810fcc4e>] layout_and_allocate+0xa8e/0xcc0
     [<ffffffff810fcf52>] load_module+0xd2/0x1b60
     [<ffffffff811f9495>] ? vfs_read+0xf5/0x170
     [<ffffffff811ff720>] ? kernel_read+0x50/0x80
     [<ffffffff810fa19b>] ? copy_module_from_fd.isra.44+0x5b/0x150
     [<ffffffff810feb86>] SyS_finit_module+0xa6/0xd0
     [<ffffffff81642cc9>] system_call_fastpath+0x16/0x1b
    vzvirtio_balloon: module verification failed: signature and/or required key missing - tainting kernel
    Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
 kernel/panic.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/kernel/panic.c b/kernel/panic.c
index 239a05e..082a400 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -296,7 +296,8 @@  void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
 		       "Disabling lock debugging due to kernel taint\n");
 	/* Do not confuse people with calltraces on proprietary modules */
+	    flag != TAINT_UNSIGNED_MODULE) {
 		printk(KERN_WARNING "Tainting kernel with flag 0x%x\n", flag);