git.cascardo.eti.br Git - cascardo/linux.git/commit

author	Kees Cook <keescook@chromium.org>
	Wed, 29 Aug 2012 18:32:09 +0000 (11:32 -0700)
committer	Gerrit <chrome-bot@google.com>
	Wed, 10 Oct 2012 18:08:49 +0000 (11:08 -0700)
commit	e02c42d4649b1bcbf3470da8e53bb92878ab3181
tree	ac5d714b3e550c8b1dc58aacd8245915dbece3ba	tree \| snapshot
parent	10eecb8c304133439e96bd9f3ba09d64c4e952b2	commit \| diff

CHROMIUM: module: add syscall to load module from fd

Instead of (or in addition to) kernel module signing, being able to reason
about the origin of a kernel module would be valuable in situations
where an OS already trusts a specific file system, file, etc, due to
things like security labels or an existing root of trust to a partition
through things like dm-verity.

This introduces a new syscall (currently only on x86), similar to
init_module, that has only two arguments. The first argument is used as
a file descriptor to the module and the second argument is a pointer to
the NULL terminated string of module arguments.

Signed-off-by: Kees Cook <keescook@chromium.org>
[accepted into Rusty's modules-wip tree for linux-next:
http://git.kernel.org/?p=linux/kernel/git/rusty/linux.git;a=shortlog;h=refs/heads/modules-wip]
BUG=chromium-os:34134
TEST=parrot build, manual testing

Change-Id: I51122d61d0085ed40d2ac9b542646b28d066d5e3
Reviewed-on: https://gerrit.chromium.org/gerrit/34302
Tested-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Olof Johansson <olofj@chromium.org>
Commit-Ready: Kees Cook <keescook@chromium.org>

arch/x86/syscalls/syscall_32.tbl		diff \| blob \| history
arch/x86/syscalls/syscall_64.tbl		diff \| blob \| history
include/linux/syscalls.h		diff \| blob \| history
kernel/module.c		diff \| blob \| history
kernel/sys_ni.c		diff \| blob \| history