File: module-disable-matching-missing-version-crc.patch

package info (click to toggle)
linux 5.10.13-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 1,182,916 kB
  • sloc: ansic: 19,488,074; asm: 263,676; sh: 73,873; makefile: 44,685; perl: 34,640; python: 32,386; cpp: 6,070; yacc: 4,755; lex: 2,742; awk: 1,214; ruby: 25; sed: 5
file content (23 lines) | stat: -rw-r--r-- 766 bytes parent folder | download | duplicates (7) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
From: Ben Hutchings <ben@decadent.org.uk>
Date: Fri, 02 Dec 2016 23:06:18 +0000
Subject: module: Disable matching missing version CRC
Forwarded: not-needed

This partly reverts commit cd3caefb4663e3811d37cc2afad3cce642d60061.
We want to fail closed if a symbol version CRC is missing, as the
alternative may allow subverting module signing.
---
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1313,9 +1313,8 @@ static int check_version(const struct lo
 		goto bad_version;
 	}
 
-	/* Broken toolchain. Warn once, then let it go.. */
-	pr_warn_once("%s: no symbol version for %s\n", info->name, symname);
-	return 1;
+	pr_warn("%s: no symbol version for %s\n", info->name, symname);
+	return 0;
 
 bad_version:
 	pr_warn("%s: disagrees about version of symbol %s\n",