Re: [PATCH net-next] modules: allow modprobe load regular elf binaries

From: Kees Cook
Date: Fri Mar 09 2018 - 13:54:27 EST


On Fri, Mar 9, 2018 at 10:50 AM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> On Fri, Mar 9, 2018 at 10:43 AM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>>
>> Module loading (via kernel_read_file()) already uses
>> deny_write_access(), and so does do_open_execat(). As long as module
>> loading doesn't call allow_write_access() before the execve() has
>> started in the new implementation, I think we'd be covered here.
>
> No. kernel_read_file() only does it *during* the read.

Ah, true. And looking at this again, shouldn't deny_write_access()
happen _before_ the LSM check in kernel_read_file()? That looks like a
problem...

-Kees

--
Kees Cook
Pixel Security