Re: [PULL] modules-next

From: Linus Torvalds
Date: Sun Jul 31 2016 - 21:45:03 EST

Next message: Rob Herring: "Re: [PATCH v7 2/2] [media] atmel-isc: DT binding for Image Sensor Controller driver"
Previous message: AndrÃ Przywara: "Re: [PATCH 00/13] arm64: Allwinner A64 support based on sunxi-ng"
In reply to: Rusty Russell: "[PULL] modules-next"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

So this feels wrong to me, can you guys please explain:

On Sun, Jul 31, 2016 at 9:02 PM, Rusty Russell <rusty@xxxxxxxxxxxxxxx> wrote:
>
> Ben Hutchings (3):
> module: Invalidate signatures on force-loaded modules
> module: Disable MODULE_FORCE_LOAD when MODULE_SIG_FORCE is enabled

forcing a load and SIG_FORCE are entirely independent issues, afaik. I
think requiring signed modules is just a good idea. But that doesn't
necessarily mean that you don't have a signed module that is signed
with a key you trust, but you still want to force-load it for the
wrong kernel version (ie maybe you have a binary-only module from your
IT department (and your IT department is evil,but at least they sign
it to show that the module is trust-worthy as coming from them, even
if they have some dubious behavior), but you did some kernel updates
that still allow the module to work but the version doesn't match any
more).

Am I missing something? What's the connection between
MODULE_FORCE_LOAD and MODULE_SIG_FORCE? Because it smells like they
are independent and that the above changes are very very dubious.

I didn't actually pull the tree, I just reacted to the pull request itself.

Linus

Next message: Rob Herring: "Re: [PATCH v7 2/2] [media] atmel-isc: DT binding for Image Sensor Controller driver"
Previous message: AndrÃ Przywara: "Re: [PATCH 00/13] arm64: Allwinner A64 support based on sunxi-ng"
In reply to: Rusty Russell: "[PULL] modules-next"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]