diff mbox series

module: Add log information for loading module failures

Message ID 20240614092519.1611533-1-a869920004@gmail.com (mailing list archive)
State Handled Elsewhere
Headers show
Series module: Add log information for loading module failures | expand

Commit Message

Yusong Gao June 14, 2024, 9:25 a.m. UTC
Add log information in kernel-space when loading module failures.
Try to load the unsigned module and the module with bad signature
when set 1 to /sys/module/module/parameters/sig_enforce.

Unsigned module case:
(linux) insmod unsigned.ko
[   18.714661] Loading of unsigned module is rejected
insmod: can't insert 'unsigned.ko': Key was rejected by service
(linux)

Bad signature module case:
(linux) insmod bad_signature.ko
insmod: can't insert 'bad_signature.ko': Key was rejected by service
(linux)

There have different logging behavior the bad signature case only log
in user-space, add log info for fatal errors in module_sig_check().

Signed-off-by: Yusong Gao <a869920004@gmail.com>
---
 kernel/module/signing.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Luis Chamberlain June 18, 2024, 6:54 p.m. UTC | #1
On Fri, Jun 14, 2024 at 09:25:19AM +0000, Yusong Gao wrote:
> Add log information in kernel-space when loading module failures.
> Try to load the unsigned module and the module with bad signature
> when set 1 to /sys/module/module/parameters/sig_enforce.
> 
> Unsigned module case:
> (linux) insmod unsigned.ko
> [   18.714661] Loading of unsigned module is rejected
> insmod: can't insert 'unsigned.ko': Key was rejected by service
> (linux)
> 
> Bad signature module case:
> (linux) insmod bad_signature.ko
> insmod: can't insert 'bad_signature.ko': Key was rejected by service
> (linux)
> 
> There have different logging behavior the bad signature case only log
> in user-space, add log info for fatal errors in module_sig_check().
> 
> Signed-off-by: Yusong Gao <a869920004@gmail.com>
> ---
>  kernel/module/signing.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/kernel/module/signing.c b/kernel/module/signing.c
> index a2ff4242e623..6a6493c8f7e4 100644
> --- a/kernel/module/signing.c
> +++ b/kernel/module/signing.c
> @@ -113,6 +113,7 @@ int module_sig_check(struct load_info *info, int flags)
>  		 * unparseable signatures, and signature check failures --
>  		 * even if signatures aren't required.
>  		 */
> +		pr_notice("Loading module failed (errno=%d)\n", -err);
>  		return err;

I welcome pr_debug() messages but if we were to add a regular print for every
single type of failure we'd clutter the code, we don't want that.

  Luis
Yusong Gao June 19, 2024, 7:37 a.m. UTC | #2
On 6/19/24 02:54, Luis Chamberlain wrote:
> On Fri, Jun 14, 2024 at 09:25:19AM +0000, Yusong Gao wrote:
>> Add log information in kernel-space when loading module failures.
>> Try to load the unsigned module and the module with bad signature
>> when set 1 to /sys/module/module/parameters/sig_enforce.
>>
>> Unsigned module case:
>> (linux) insmod unsigned.ko
>> [   18.714661] Loading of unsigned module is rejected
>> insmod: can't insert 'unsigned.ko': Key was rejected by service
>> (linux)
>>
>> Bad signature module case:
>> (linux) insmod bad_signature.ko
>> insmod: can't insert 'bad_signature.ko': Key was rejected by service
>> (linux)
>>
>> There have different logging behavior the bad signature case only log
>> in user-space, add log info for fatal errors in module_sig_check().
>>
>> Signed-off-by: Yusong Gao <a869920004@gmail.com>
>> ---
>>   kernel/module/signing.c | 1 +
>>   1 file changed, 1 insertion(+)
>>
>> diff --git a/kernel/module/signing.c b/kernel/module/signing.c
>> index a2ff4242e623..6a6493c8f7e4 100644
>> --- a/kernel/module/signing.c
>> +++ b/kernel/module/signing.c
>> @@ -113,6 +113,7 @@ int module_sig_check(struct load_info *info, int flags)
>>   		 * unparseable signatures, and signature check failures --
>>   		 * even if signatures aren't required.
>>   		 */
>> +		pr_notice("Loading module failed (errno=%d)\n", -err);
>>   		return err;
> 
> I welcome pr_debug() messages but if we were to add a regular print for every
> single type of failure we'd clutter the code, we don't want that.
> 
>    Luis

Thanks for your reply!
Agreed. I'll make that change. The reason I select the notice print 
level is because I found the codes in module_sig_check() use notice 
level when signature enforced. In fact the pr_debug() is more suitable 
for this scene.

BR, Yusong Gao
diff mbox series

Patch

diff --git a/kernel/module/signing.c b/kernel/module/signing.c
index a2ff4242e623..6a6493c8f7e4 100644
--- a/kernel/module/signing.c
+++ b/kernel/module/signing.c
@@ -113,6 +113,7 @@  int module_sig_check(struct load_info *info, int flags)
 		 * unparseable signatures, and signature check failures --
 		 * even if signatures aren't required.
 		 */
+		pr_notice("Loading module failed (errno=%d)\n", -err);
 		return err;
 	}