From nobody Thu Jan 02 02:35:59 2025 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YNrRr4VCLz5jqmL for ; Thu, 02 Jan 2025 02:36:08 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YNrRr2nQ9z4DCX; Thu, 2 Jan 2025 02:36:08 +0000 (UTC) (envelope-from zlei@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1735785368; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kq86cfY2vUIfZbOPZiZ9CE24OX4tXe2vSm7UFMGjMpU=; b=knOK6BlOyp5d05uZqNbfvufsE3qnkHHSlAjkkpszIWTACjOQArXGKd+29nnU8Igyz4SbK8 SLENqijZCDMepUXz+dSlvc/Ua7raFKHfECFSy1r6MqRgwc8RADcEAw0+Smyu1+dcZBTI1I JEGCAtA6bk4z8S9L5MYdAaiskdLbpYovBuqaMSahw4hFrqQjM0kJzSOaVE1wXFtfBqRvnh ftY0i2YOE7gatRbdTpxpw3S0Pc7SJwHncxpTrWypjMAav7l4QOqdqxfhUVZcGpM5WZdn32 VFsKfwNK3TtFH53USCfBNYkfrmgjZTeJtmeYCvg14Ps5Ytw+T+TS2I5a41hRhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1735785368; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kq86cfY2vUIfZbOPZiZ9CE24OX4tXe2vSm7UFMGjMpU=; b=LsJIPvc09Ep2RDQuR2I79Kz9w6MNv1bWFTRfC67yGudbKscyleKao26zG4c8QonjzAdATt qeXgZhoO040fU3eymref8dmGCPMJbF9WMCQ6w4EfoMNMxulIM32AzuAACU/zR97jkVY+vx QcIMzuF0hesGpmsOzrK/ZwhC9x0+3Vpq+oAsH2PbUW5Ixc9ighqJZPqlJHNuHN4WWvIXgs dopj0745S60A3Az1q1VbYUeNC0pjEHy6/9KcsS+Fh2d+Z7hpxrRBfb8TqKQHL8IPorEu1I rbXOBKInI+rttI0Hl8Y05fhrXDKVFUt52IDW+EzLwmDVZ7ZubxJDBdOkK9DHVg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1735785368; a=rsa-sha256; cv=none; b=SMKh+a7tw9YkYWy4Lm6OVqEXfqNw03RTBqj5BIl2+lSWkolQI/oCiCMCBWX0DoS2xogw4f X+uFIKpA01QA0rcJesI1P5sBUvaUQDYqYcZBQACP+cqpDb5Ayy8Ep9b55DQLt7I9qoC7fc PDliKH8/NYqVfjLtV2QiJxsPBUJoGtvDKmsRSPo9hOaeS1cjVAcZEvzgXjlaJp9lCTkpYS wCThZz0dZdDiKZAejpDBm4GtzoLm/pJR+ZoIOt3XmglhR31BqNcdi1kGKfzXocLc0C/+PF r3Mov0GkTuXa3TTCKWGOzN3uraqFVcUWaBeCOS4QorClS9WhTGLd/Wf34uEfQw== Received: from smtpclient.apple (unknown [IPv6:2001:19f0:6001:9db:98f0:9fe0:3545:10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zlei/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4YNrRq2jMgzb8W; Thu, 2 Jan 2025 02:36:07 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Content-Type: text/plain; charset=us-ascii List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-stable@freebsd.org Sender: owner-freebsd-stable@FreeBSD.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.10\)) Subject: Re: Should kernel modules be executable? From: Zhenlei Huang In-Reply-To: <5120eb91-86c1-4c60-8d73-cbc46689669a@quip.cz> Date: Thu, 2 Jan 2025 10:35:59 +0800 Cc: FreeBSD-STABLE Mailing List Content-Transfer-Encoding: quoted-printable Message-Id: <10B8CED2-104F-4047-AED0-2B270CECB258@FreeBSD.org> References: <5120eb91-86c1-4c60-8d73-cbc46689669a@quip.cz> To: Miroslav Lachman <000.fbsd@quip.cz> X-Mailer: Apple Mail (2.3696.120.41.1.10) > On Jan 1, 2025, at 7:55 AM, Miroslav Lachman <000.fbsd@quip.cz> wrote: >=20 > I upgraded my desktop from FreeBSD 13.3 to 14.2 few days ago and = noticed there is a huge difference in the permissions on the kernel = modules in /boot/kernel. > Previously there were about 25 files with permission r-xr-xr-x and 871 = with other permissions (mainly -r--r--r--). > But on the FreeBSD 14.2 (upgraded by freebsd-update), there are 809 = files with r-xr-xr-x permission and only 66 with other permissions (63 = with r--r--r--) 13.4 has the same permissions for kernel modules. >=20 > Why it was changed? I tought modules does not need to be executable. Yes, indeed. The permission of kernel modules was changed from 555 to = KMODMODE ( NOBINMODE, 444 ). See https://reviews.freebsd.org/D42768 for = more context. >=20 > Kind regards > Miroslav Lachman >=20 >=20 Best regards, Zhenlei