Re: Should kernel modules be executable?
- In reply to: Zhenlei Huang : "Re: Should kernel modules be executable?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 03 Jan 2025 00:56:53 UTC
On 02/01/2025 11:15, Zhenlei Huang wrote: > > >> On Jan 2, 2025, at 5:05 PM, Dag-Erling Smørgrav <des@FreeBSD.org> wrote: >> >> Zhenlei Huang <zlei@FreeBSD.org> writes: >>> Miroslav Lachman <000.fbsd@quip.cz> writes: >>>> Previously there were about 25 files with permission r-xr-xr-x and >>>> 871 with other permissions (mainly -r--r--r--). >>>> But on the FreeBSD 14.2 (upgraded by freebsd-update), there are 809 >>>> files with r-xr-xr-x permission and only 66 with other permissions >>>> (63 with r--r--r--) >>> Yes, indeed. The permission of kernel modules was changed from 555 to >>> KMODMODE ( NOBINMODE, 444 ). See https://reviews.freebsd.org/D42768 >>> for more context. >> >> And yet the observed change is the opposite. >> >> Looking at a 14.2 kernel tarball, the modules are not executable, but on >> a 14.2 system updated from an earlier release using freebsd-update, they >> are. > > I also observed this. `freebsd-upgrade IDS` reported the issue and I manually fixed the *wrong* permissions. Thanks to all who replied. I upgraded another machine from 13.3 to 14.2 and checked everything before and after upgrade. If the modules were read only in 13.3, they are read only after the upgrade. So the ones that are executable were executable before the upgrade too and the upgrade did not "fix" the permissions on them. I will manually set 0444 on modules on all machines. Kind regards Miroslav Lachman