Re: Patch "module: avoid *goto*s in module_sig_check()" has been added to the 5.10-stable tree
On 22.03.2021 6:05, Sasha Levin wrote:
This is a note to let you know that I've just added the patch titled
module: avoid *goto*s in module_sig_check()to the 5.10-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: module-avoid-goto-s-in-module_sig_check.patch and it can be found in the queue-5.10 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
Again, it's just a cleanup...
commit c5d4af31cebd2d83fdb7bb7b7d11cbc086c18a4a Author: Sergey Shtylyov s.shtylyov@omprussia.ru Date: Sat Oct 31 23:09:31 2020 +0300
module: avoid *goto*s in module_sig_check() [ Upstream commit 10ccd1abb808599a6dc7c9389560016ea3568085 ] Let's move the common handling of the non-fatal errors after the *switch* statement -- this avoids *goto*s inside that *switch*... Suggested-by: Joe Perches <joe@perches.com> Reviewed-by: Miroslav Benes <mbenes@suse.cz> Signed-off-by: Sergey Shtylyov <s.shtylyov@omprussia.ru> Signed-off-by: Jessica Yu <jeyu@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org>diff --git a/kernel/module.c b/kernel/module.c index 3b6dd8200d3d..f1be6b6a3a3d 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -2923,20 +2923,13 @@ static int module_sig_check(struct load_info *info, int flags) */ case -ENODATA: reason = "unsigned module";
goto decide;
break;
goto decide;
break;
- decide:
if (is_module_sig_enforced()) {pr_notice("%s: loading of %s is rejected\n",info->name, reason);return -EKEYREJECTED;}return security_locked_down(LOCKDOWN_MODULE_SIGNATURE);
break;/* All other errors are fatal, including nomem, unparseable * signatures and signature check failures - even if signatures @@ -2945,6 +2938,13 @@ static int module_sig_check(struct load_info *info, int flags) default: return err; }
- if (is_module_sig_enforced()) {
pr_notice("%s: loading of %s is rejected\n", info->name, reason);return -EKEYREJECTED;- }
- return security_locked_down(LOCKDOWN_MODULE_SIGNATURE); } #else /* !CONFIG_MODULE_SIG */ static int module_sig_check(struct load_info *info, int flags)
On Mon, Mar 22, 2021 at 11:35:01AM +0300, Sergey Shtylyov wrote:
On 22.03.2021 6:05, Sasha Levin wrote:
This is a note to let you know that I've just added the patch titled
module: avoid *goto*s in module_sig_check()to the 5.10-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: module-avoid-goto-s-in-module_sig_check.patch and it can be found in the queue-5.10 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
Again, it's just a cleanup...
It is needed for ec2a29593c83 ("module: harden ELF info handling").
linux-stable-mirror@lists.linaro.org
-
Greg KH -
Sergey Shtylyov