Re: [PATCH v3] crypto: prefix module autoloading with "crypto-"

From: Mathias Krause
Date: Fri Nov 21 2014 - 03:31:23 EST


On 21 November 2014 02:05, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> This prefixes all crypto module loading with "crypto-" so we never run
> the risk of exposing module auto-loading to userspace via a crypto API,
> as demonstrated by Mathias Krause:
>
> https://lkml.org/lkml/2013/3/4/70
>
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> ---
> [...]

Looks good so far, but unfortunately does not solve the problem
completely (af_alg_mod from the link above):

bbox:~# cat /sbin/modlog
#!/bin/sh
exec 1>/tmp/modlog.$$
echo "CMD: $0 $*"
echo "ENV: "
env
exec /sbin/modprobe "$@"
bbox:~# echo /sbin/modlog > /proc/sys/kernel/modprobe
bbox:~# lsmod | grep fat
bbox:~# af_alg_mod 'vfat(blowfish)'
bbox:~# grep CMD /tmp/modlog.*
/tmp/modlog.257:CMD: /sbin/modlog -q -- net-pf-38
/tmp/modlog.261:CMD: /sbin/modlog -q -- algif-hash
/tmp/modlog.265:CMD: /sbin/modlog -q -- crypto-vfat(blowfish)
/tmp/modlog.268:CMD: /sbin/modlog -q -- crypto-vfat(blowfish)-all
/tmp/modlog.272:CMD: /sbin/modlog -q -- vfat
bbox:~# lsmod | grep fat
vfat 17135 0
fat 61984 1 vfat
bbox:~#

The last modlog call does not contain the "crypto-" prefix, therefore
happily loads the vfat module.
I guess crypto templates are handled special?

Regards,
Mathias
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/