Re: x86 GENERIC kernels unlobotomized

To: Joachim König <him%online.de@localhost>
Subject: Re: x86 GENERIC kernels unlobotomized
From: Marc Balmer <mbalmer%NetBSD.org@localhost>
Date: Wed, 10 Aug 2011 11:29:49 +0200

Am 10.08.11 10:32, schrieb Joachim König:
> on 09/08/2011 19:18, Marc Balmer wrote:
>> It's a bit off-topic, but I find the current state of affairs, having
>> an open directory with the modules, the right way. So I can easily add
>> a module to the system module area, without needing to create a tgz
>> file. I think we have more prevalent problems to solve with modules
>> than where to put the modules and in which form. We need to do the
>> work and modularize what is not yet, e.g.
> 
> also a bit off-topic:
> 
> why is each kernel module in its own (otherwise empty) directory?

I can only assume it is for historic reasons, to prevent escaping from
the standard modules path:

I you gave modload as argument the (non existing) path
../../../../badmodule, it would not find that and then, in a second
step, use that name to expand it to a pathname in the module area.
Since the name is used twice, you end up with a path that is not valid,
i.e. it's hard to construct a path that can lead to loading of a
malicious module.

If that was indeed the reason, it could be changed now, since I recently
changed the module loader so that a module loaded from the system module
area *must not* contain a path separator character.

References:
- Re: x86 GENERIC kernels unlobotomized
  - From: Brian Buhrow
- Re: x86 GENERIC kernels unlobotomized
  - From: Marc Balmer
- Re: x86 GENERIC kernels unlobotomized
  - From: Joachim König

Prev by Date: Re: PXA2x0 DMAC alignment check
Next by Date: Re: x86 GENERIC kernels unlobotomized
Previous by Thread: Re: x86 GENERIC kernels unlobotomized
Next by Thread: i386 panic in nfs_vnops: assertion "dvp != *vpp" failed
Indexes:

Home | Main Index | Thread Index | Old Index