Usually, checking kernel version will be ignore when loading modules if CONFIG_MODVERSIONS option is enable. This could potentially lead to a mismatch with the running kernel.
With this option, we prevent to load the modules which vermagic is not match exactly with the running kernel. It could be set to N by default. Signed-off-by: Xie XiuQi <[email protected]> --- init/Kconfig | 11 +++++++++++ kernel/module.c | 2 ++ 2 files changed, 13 insertions(+) diff --git a/init/Kconfig b/init/Kconfig index c24b6f7..ce9c23e 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1889,6 +1889,17 @@ config MODVERSIONS make them incompatible with the kernel you are running. If unsure, say N. +config MODULE_VERMAGIC_FORCE + bool "Require vermagic match exactly" + default n + depends on MODVERSIONS + help + Usually, checking kernel version will be ignore when loading + modules if CONFIG_MODVERSIONS option is enable. This could + potentially lead to a mismatch with the running kernel. + With this option, we prevent to load the modules which vermagic + is not match exactly with the running kernel. If unsure, say N. + config MODULE_SRCVERSION_ALL bool "Source checksum for all modules" help diff --git a/kernel/module.c b/kernel/module.c index 8f051a1..cf350d5 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -1350,10 +1350,12 @@ static inline int check_modstruct_version(Elf_Shdr *sechdrs, static inline int same_magic(const char *amagic, const char *bmagic, bool has_crcs) { +#ifndef CONFIG_MODULE_VERMAGIC_FORCE if (has_crcs) { amagic += strcspn(amagic, " "); bmagic += strcspn(bmagic, " "); } +#endif return strcmp(amagic, bmagic) == 0; } #else -- 1.8.3.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
