b6a7828502
The summary of the changes for this pull requests is: * Song Liu's new struct module_memory replacement * Nick Alcock's MODULE_LICENSE() removal for non-modules * My cleanups and enhancements to reduce the areas where we vmalloc module memory for duplicates, and the respective debug code which proves the remaining vmalloc pressure comes from userspace. Most of the changes have been in linux-next for quite some time except the minor fixes I made to check if a module was already loaded prior to allocating the final module memory with vmalloc and the respective debug code it introduces to help clarify the issue. Although the functional change is small it is rather safe as it can only *help* reduce vmalloc space for duplicates and is confirmed to fix a bootup issue with over 400 CPUs with KASAN enabled. I don't expect stable kernels to pick up that fix as the cleanups would have also had to have been picked up. Folks on larger CPU systems with modules will want to just upgrade if vmalloc space has been an issue on bootup. Given the size of this request, here's some more elaborate details on this pull request. The functional change change in this pull request is the very first patch from Song Liu which replaces the struct module_layout with a new struct module memory. The old data structure tried to put together all types of supported module memory types in one data structure, the new one abstracts the differences in memory types in a module to allow each one to provide their own set of details. This paves the way in the future so we can deal with them in a cleaner way. If you look at changes they also provide a nice cleanup of how we handle these different memory areas in a module. This change has been in linux-next since before the merge window opened for v6.3 so to provide more than a full kernel cycle of testing. It's a good thing as quite a bit of fixes have been found for it. Jason Baron then made dynamic debug a first class citizen module user by using module notifier callbacks to allocate / remove module specific dynamic debug information. Nick Alcock has done quite a bit of work cross-tree to remove module license tags from things which cannot possibly be module at my request so to: a) help him with his longer term tooling goals which require a deterministic evaluation if a piece a symbol code could ever be part of a module or not. But quite recently it is has been made clear that tooling is not the only one that would benefit. Disambiguating symbols also helps efforts such as live patching, kprobes and BPF, but for other reasons and R&D on this area is active with no clear solution in sight. b) help us inch closer to the now generally accepted long term goal of automating all the MODULE_LICENSE() tags from SPDX license tags In so far as a) is concerned, although module license tags are a no-op for non-modules, tools which would want create a mapping of possible modules can only rely on the module license tag after the commit 8b41fc4454e ("kbuild: create modules.builtin without Makefile.modbuiltin or tristate.conf"). Nick has been working on this *for years* and AFAICT I was the only one to suggest two alternatives to this approach for tooling. The complexity in one of my suggested approaches lies in that we'd need a possible-obj-m and a could-be-module which would check if the object being built is part of any kconfig build which could ever lead to it being part of a module, and if so define a new define -DPOSSIBLE_MODULE [0]. A more obvious yet theoretical approach I've suggested would be to have a tristate in kconfig imply the same new -DPOSSIBLE_MODULE as well but that means getting kconfig symbol names mapping to modules always, and I don't think that's the case today. I am not aware of Nick or anyone exploring either of these options. Quite recently Josh Poimboeuf has pointed out that live patching, kprobes and BPF would benefit from resolving some part of the disambiguation as well but for other reasons. The function granularity KASLR (fgkaslr) patches were mentioned but Joe Lawrence has clarified this effort has been dropped with no clear solution in sight [1]. In the meantime removing module license tags from code which could never be modules is welcomed for both objectives mentioned above. Some developers have also welcomed these changes as it has helped clarify when a module was never possible and they forgot to clean this up, and so you'll see quite a bit of Nick's patches in other pull requests for this merge window. I just picked up the stragglers after rc3. LWN has good coverage on the motivation behind this work [2] and the typical cross-tree issues he ran into along the way. The only concrete blocker issue he ran into was that we should not remove the MODULE_LICENSE() tags from files which have no SPDX tags yet, even if they can never be modules. Nick ended up giving up on his efforts due to having to do this vetting and backlash he ran into from folks who really did *not understand* the core of the issue nor were providing any alternative / guidance. I've gone through his changes and dropped the patches which dropped the module license tags where an SPDX license tag was missing, it only consisted of 11 drivers. To see if a pull request deals with a file which lacks SPDX tags you can just use: ./scripts/spdxcheck.py -f \ $(git diff --name-only commid-id | xargs echo) You'll see a core module file in this pull request for the above, but that's not related to his changes. WE just need to add the SPDX license tag for the kernel/module/kmod.c file in the future but it demonstrates the effectiveness of the script. Most of Nick's changes were spread out through different trees, and I just picked up the slack after rc3 for the last kernel was out. Those changes have been in linux-next for over two weeks. The cleanups, debug code I added and final fix I added for modules were motivated by David Hildenbrand's report of boot failing on a systems with over 400 CPUs when KASAN was enabled due to running out of virtual memory space. Although the functional change only consists of 3 lines in the patch "module: avoid allocation if module is already present and ready", proving that this was the best we can do on the modules side took quite a bit of effort and new debug code. The initial cleanups I did on the modules side of things has been in linux-next since around rc3 of the last kernel, the actual final fix for and debug code however have only been in linux-next for about a week or so but I think it is worth getting that code in for this merge window as it does help fix / prove / evaluate the issues reported with larger number of CPUs. Userspace is not yet fixed as it is taking a bit of time for folks to understand the crux of the issue and find a proper resolution. Worst come to worst, I have a kludge-of-concept [3] of how to make kernel_read*() calls for modules unique / converge them, but I'm currently inclined to just see if userspace can fix this instead. [0] https://lore.kernel.org/all/Y/kXDqW+7d71C4wz@bombadil.infradead.org/ [1] https://lkml.kernel.org/r/025f2151-ce7c-5630-9b90-98742c97ac65@redhat.com [2] https://lwn.net/Articles/927569/ [3] https://lkml.kernel.org/r/20230414052840.1994456-3-mcgrof@kernel.org -----BEGIN PGP SIGNATURE----- iQJGBAABCgAwFiEENnNq2KuOejlQLZofziMdCjCSiKcFAmRG4m0SHG1jZ3JvZkBr ZXJuZWwub3JnAAoJEM4jHQowkoinQ2oP/0xlvKwJg6Ey8fHZF0qv8VOskE80zoLF hMazU3xfqLA+1TQvouW1YBxt3jwS3t1Ehs+NrV+nY9Yzcm0MzRX/n3fASJVe7nRr oqWWQU+voYl5Pw1xsfdp6C8IXpBQorpYby3Vp0MAMoZyl2W2YrNo36NV488wM9KC jD4HF5Z6xpnPSZTRR7AgW9mo7FdAtxPeKJ76Bch7lH8U6omT7n36WqTw+5B1eAYU YTOvrjRs294oqmWE+LeebyiOOXhH/yEYx4JNQgCwPdxwnRiGJWKsk5va0hRApqF/ WW8dIqdEnjsa84lCuxnmWgbcPK8cgmlO0rT0DyneACCldNlldCW1LJ0HOwLk9pea p3JFAsBL7TKue4Tos6I7/4rx1ufyBGGIigqw9/VX5g0Iif+3BhWnqKRfz+p9wiMa Fl7cU6u7yC68CHu1HBSisK16cYMCPeOnTSd89upHj8JU/t74O6k/ARvjrQ9qmNUt c5U+OY+WpNJ1nXQydhY/yIDhFdYg8SSpNuIO90r4L8/8jRQYXNG80FDd1UtvVDuy eq0r2yZ8C0XHSlOT9QHaua/tWV/aaKtyC/c0hDRrigfUrq8UOlGujMXbUnrmrWJI tLJLAc7ePWAAoZXGSHrt0U27l029GzLwRdKqJ6kkDANVnTeOdV+mmBg9zGh3/Mp6 agiwdHUMVN7X =56WK -----END PGP SIGNATURE----- Merge tag 'modules-6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux Pull module updates from Luis Chamberlain: "The summary of the changes for this pull requests is: - Song Liu's new struct module_memory replacement - Nick Alcock's MODULE_LICENSE() removal for non-modules - My cleanups and enhancements to reduce the areas where we vmalloc module memory for duplicates, and the respective debug code which proves the remaining vmalloc pressure comes from userspace. Most of the changes have been in linux-next for quite some time except the minor fixes I made to check if a module was already loaded prior to allocating the final module memory with vmalloc and the respective debug code it introduces to help clarify the issue. Although the functional change is small it is rather safe as it can only *help* reduce vmalloc space for duplicates and is confirmed to fix a bootup issue with over 400 CPUs with KASAN enabled. I don't expect stable kernels to pick up that fix as the cleanups would have also had to have been picked up. Folks on larger CPU systems with modules will want to just upgrade if vmalloc space has been an issue on bootup. Given the size of this request, here's some more elaborate details: The functional change change in this pull request is the very first patch from Song Liu which replaces the 'struct module_layout' with a new 'struct module_memory'. The old data structure tried to put together all types of supported module memory types in one data structure, the new one abstracts the differences in memory types in a module to allow each one to provide their own set of details. This paves the way in the future so we can deal with them in a cleaner way. If you look at changes they also provide a nice cleanup of how we handle these different memory areas in a module. This change has been in linux-next since before the merge window opened for v6.3 so to provide more than a full kernel cycle of testing. It's a good thing as quite a bit of fixes have been found for it. Jason Baron then made dynamic debug a first class citizen module user by using module notifier callbacks to allocate / remove module specific dynamic debug information. Nick Alcock has done quite a bit of work cross-tree to remove module license tags from things which cannot possibly be module at my request so to: a) help him with his longer term tooling goals which require a deterministic evaluation if a piece a symbol code could ever be part of a module or not. But quite recently it is has been made clear that tooling is not the only one that would benefit. Disambiguating symbols also helps efforts such as live patching, kprobes and BPF, but for other reasons and R&D on this area is active with no clear solution in sight. b) help us inch closer to the now generally accepted long term goal of automating all the MODULE_LICENSE() tags from SPDX license tags In so far as a) is concerned, although module license tags are a no-op for non-modules, tools which would want create a mapping of possible modules can only rely on the module license tag after the commit 8b41fc4454e ("kbuild: create modules.builtin without Makefile.modbuiltin or tristate.conf"). Nick has been working on this *for years* and AFAICT I was the only one to suggest two alternatives to this approach for tooling. The complexity in one of my suggested approaches lies in that we'd need a possible-obj-m and a could-be-module which would check if the object being built is part of any kconfig build which could ever lead to it being part of a module, and if so define a new define -DPOSSIBLE_MODULE [0]. A more obvious yet theoretical approach I've suggested would be to have a tristate in kconfig imply the same new -DPOSSIBLE_MODULE as well but that means getting kconfig symbol names mapping to modules always, and I don't think that's the case today. I am not aware of Nick or anyone exploring either of these options. Quite recently Josh Poimboeuf has pointed out that live patching, kprobes and BPF would benefit from resolving some part of the disambiguation as well but for other reasons. The function granularity KASLR (fgkaslr) patches were mentioned but Joe Lawrence has clarified this effort has been dropped with no clear solution in sight [1]. In the meantime removing module license tags from code which could never be modules is welcomed for both objectives mentioned above. Some developers have also welcomed these changes as it has helped clarify when a module was never possible and they forgot to clean this up, and so you'll see quite a bit of Nick's patches in other pull requests for this merge window. I just picked up the stragglers after rc3. LWN has good coverage on the motivation behind this work [2] and the typical cross-tree issues he ran into along the way. The only concrete blocker issue he ran into was that we should not remove the MODULE_LICENSE() tags from files which have no SPDX tags yet, even if they can never be modules. Nick ended up giving up on his efforts due to having to do this vetting and backlash he ran into from folks who really did *not understand* the core of the issue nor were providing any alternative / guidance. I've gone through his changes and dropped the patches which dropped the module license tags where an SPDX license tag was missing, it only consisted of 11 drivers. To see if a pull request deals with a file which lacks SPDX tags you can just use: ./scripts/spdxcheck.py -f \ $(git diff --name-only commid-id | xargs echo) You'll see a core module file in this pull request for the above, but that's not related to his changes. WE just need to add the SPDX license tag for the kernel/module/kmod.c file in the future but it demonstrates the effectiveness of the script. Most of Nick's changes were spread out through different trees, and I just picked up the slack after rc3 for the last kernel was out. Those changes have been in linux-next for over two weeks. The cleanups, debug code I added and final fix I added for modules were motivated by David Hildenbrand's report of boot failing on a systems with over 400 CPUs when KASAN was enabled due to running out of virtual memory space. Although the functional change only consists of 3 lines in the patch "module: avoid allocation if module is already present and ready", proving that this was the best we can do on the modules side took quite a bit of effort and new debug code. The initial cleanups I did on the modules side of things has been in linux-next since around rc3 of the last kernel, the actual final fix for and debug code however have only been in linux-next for about a week or so but I think it is worth getting that code in for this merge window as it does help fix / prove / evaluate the issues reported with larger number of CPUs. Userspace is not yet fixed as it is taking a bit of time for folks to understand the crux of the issue and find a proper resolution. Worst come to worst, I have a kludge-of-concept [3] of how to make kernel_read*() calls for modules unique / converge them, but I'm currently inclined to just see if userspace can fix this instead" Link: https://lore.kernel.org/all/Y/kXDqW+7d71C4wz@bombadil.infradead.org/ [0] Link: https://lkml.kernel.org/r/025f2151-ce7c-5630-9b90-98742c97ac65@redhat.com [1] Link: https://lwn.net/Articles/927569/ [2] Link: https://lkml.kernel.org/r/20230414052840.1994456-3-mcgrof@kernel.org [3] * tag 'modules-6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux: (121 commits) module: add debugging auto-load duplicate module support module: stats: fix invalid_mod_bytes typo module: remove use of uninitialized variable len module: fix building stats for 32-bit targets module: stats: include uapi/linux/module.h module: avoid allocation if module is already present and ready module: add debug stats to help identify memory pressure module: extract patient module check into helper modules/kmod: replace implementation with a semaphore Change DEFINE_SEMAPHORE() to take a number argument module: fix kmemleak annotations for non init ELF sections module: Ignore L0 and rename is_arm_mapping_symbol() module: Move is_arm_mapping_symbol() to module_symbol.h module: Sync code of is_arm_mapping_symbol() scripts/gdb: use mem instead of core_layout to get the module address interconnect: remove module-related code interconnect: remove MODULE_LICENSE in non-modules zswap: remove MODULE_LICENSE in non-modules zpool: remove MODULE_LICENSE in non-modules x86/mm/dump_pagetables: remove MODULE_LICENSE in non-modules ...
395 lines
12 KiB
C
395 lines
12 KiB
C
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
|
/* Module internals
|
|
*
|
|
* Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
* Copyright (C) 2023 Luis Chamberlain <mcgrof@kernel.org>
|
|
*/
|
|
|
|
#include <linux/elf.h>
|
|
#include <linux/compiler.h>
|
|
#include <linux/module.h>
|
|
#include <linux/mutex.h>
|
|
#include <linux/rculist.h>
|
|
#include <linux/rcupdate.h>
|
|
#include <linux/mm.h>
|
|
|
|
#ifndef ARCH_SHF_SMALL
|
|
#define ARCH_SHF_SMALL 0
|
|
#endif
|
|
|
|
/*
|
|
* Use highest 4 bits of sh_entsize to store the mod_mem_type of this
|
|
* section. This leaves 28 bits for offset on 32-bit systems, which is
|
|
* about 256 MiB (WARN_ON_ONCE if we exceed that).
|
|
*/
|
|
|
|
#define SH_ENTSIZE_TYPE_BITS 4
|
|
#define SH_ENTSIZE_TYPE_SHIFT (BITS_PER_LONG - SH_ENTSIZE_TYPE_BITS)
|
|
#define SH_ENTSIZE_TYPE_MASK ((1UL << SH_ENTSIZE_TYPE_BITS) - 1)
|
|
#define SH_ENTSIZE_OFFSET_MASK ((1UL << (BITS_PER_LONG - SH_ENTSIZE_TYPE_BITS)) - 1)
|
|
|
|
/* Maximum number of characters written by module_flags() */
|
|
#define MODULE_FLAGS_BUF_SIZE (TAINT_FLAGS_COUNT + 4)
|
|
|
|
extern struct mutex module_mutex;
|
|
extern struct list_head modules;
|
|
|
|
extern struct module_attribute *modinfo_attrs[];
|
|
extern size_t modinfo_attrs_count;
|
|
|
|
/* Provided by the linker */
|
|
extern const struct kernel_symbol __start___ksymtab[];
|
|
extern const struct kernel_symbol __stop___ksymtab[];
|
|
extern const struct kernel_symbol __start___ksymtab_gpl[];
|
|
extern const struct kernel_symbol __stop___ksymtab_gpl[];
|
|
extern const s32 __start___kcrctab[];
|
|
extern const s32 __start___kcrctab_gpl[];
|
|
|
|
struct load_info {
|
|
const char *name;
|
|
/* pointer to module in temporary copy, freed at end of load_module() */
|
|
struct module *mod;
|
|
Elf_Ehdr *hdr;
|
|
unsigned long len;
|
|
Elf_Shdr *sechdrs;
|
|
char *secstrings, *strtab;
|
|
unsigned long symoffs, stroffs, init_typeoffs, core_typeoffs;
|
|
bool sig_ok;
|
|
#ifdef CONFIG_KALLSYMS
|
|
unsigned long mod_kallsyms_init_off;
|
|
#endif
|
|
#ifdef CONFIG_MODULE_DECOMPRESS
|
|
#ifdef CONFIG_MODULE_STATS
|
|
unsigned long compressed_len;
|
|
#endif
|
|
struct page **pages;
|
|
unsigned int max_pages;
|
|
unsigned int used_pages;
|
|
#endif
|
|
struct {
|
|
unsigned int sym, str, mod, vers, info, pcpu;
|
|
} index;
|
|
};
|
|
|
|
enum mod_license {
|
|
NOT_GPL_ONLY,
|
|
GPL_ONLY,
|
|
};
|
|
|
|
struct find_symbol_arg {
|
|
/* Input */
|
|
const char *name;
|
|
bool gplok;
|
|
bool warn;
|
|
|
|
/* Output */
|
|
struct module *owner;
|
|
const s32 *crc;
|
|
const struct kernel_symbol *sym;
|
|
enum mod_license license;
|
|
};
|
|
|
|
int mod_verify_sig(const void *mod, struct load_info *info);
|
|
int try_to_force_load(struct module *mod, const char *reason);
|
|
bool find_symbol(struct find_symbol_arg *fsa);
|
|
struct module *find_module_all(const char *name, size_t len, bool even_unformed);
|
|
int cmp_name(const void *name, const void *sym);
|
|
long module_get_offset_and_type(struct module *mod, enum mod_mem_type type,
|
|
Elf_Shdr *sechdr, unsigned int section);
|
|
char *module_flags(struct module *mod, char *buf, bool show_state);
|
|
size_t module_flags_taint(unsigned long taints, char *buf);
|
|
|
|
char *module_next_tag_pair(char *string, unsigned long *secsize);
|
|
|
|
#define for_each_modinfo_entry(entry, info, name) \
|
|
for (entry = get_modinfo(info, name); entry; entry = get_next_modinfo(info, name, entry))
|
|
|
|
static inline void module_assert_mutex_or_preempt(void)
|
|
{
|
|
#ifdef CONFIG_LOCKDEP
|
|
if (unlikely(!debug_locks))
|
|
return;
|
|
|
|
WARN_ON_ONCE(!rcu_read_lock_sched_held() &&
|
|
!lockdep_is_held(&module_mutex));
|
|
#endif
|
|
}
|
|
|
|
static inline unsigned long kernel_symbol_value(const struct kernel_symbol *sym)
|
|
{
|
|
#ifdef CONFIG_HAVE_ARCH_PREL32_RELOCATIONS
|
|
return (unsigned long)offset_to_ptr(&sym->value_offset);
|
|
#else
|
|
return sym->value;
|
|
#endif
|
|
}
|
|
|
|
#ifdef CONFIG_LIVEPATCH
|
|
int copy_module_elf(struct module *mod, struct load_info *info);
|
|
void free_module_elf(struct module *mod);
|
|
#else /* !CONFIG_LIVEPATCH */
|
|
static inline int copy_module_elf(struct module *mod, struct load_info *info)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline void free_module_elf(struct module *mod) { }
|
|
#endif /* CONFIG_LIVEPATCH */
|
|
|
|
static inline bool set_livepatch_module(struct module *mod)
|
|
{
|
|
#ifdef CONFIG_LIVEPATCH
|
|
mod->klp = true;
|
|
return true;
|
|
#else
|
|
return false;
|
|
#endif
|
|
}
|
|
|
|
/**
|
|
* enum fail_dup_mod_reason - state at which a duplicate module was detected
|
|
*
|
|
* @FAIL_DUP_MOD_BECOMING: the module is read properly, passes all checks but
|
|
* we've determined that another module with the same name is already loaded
|
|
* or being processed on our &modules list. This happens on early_mod_check()
|
|
* right before layout_and_allocate(). The kernel would have already
|
|
* vmalloc()'d space for the entire module through finit_module(). If
|
|
* decompression was used two vmap() spaces were used. These failures can
|
|
* happen when userspace has not seen the module present on the kernel and
|
|
* tries to load the module multiple times at same time.
|
|
* @FAIL_DUP_MOD_LOAD: the module has been read properly, passes all validation
|
|
* checks and the kernel determines that the module was unique and because
|
|
* of this allocated yet another private kernel copy of the module space in
|
|
* layout_and_allocate() but after this determined in add_unformed_module()
|
|
* that another module with the same name is already loaded or being processed.
|
|
* These failures should be mitigated as much as possible and are indicative
|
|
* of really fast races in loading modules. Without module decompression
|
|
* they waste twice as much vmap space. With module decompression three
|
|
* times the module's size vmap space is wasted.
|
|
*/
|
|
enum fail_dup_mod_reason {
|
|
FAIL_DUP_MOD_BECOMING = 0,
|
|
FAIL_DUP_MOD_LOAD,
|
|
};
|
|
|
|
#ifdef CONFIG_MODULE_DEBUGFS
|
|
extern struct dentry *mod_debugfs_root;
|
|
#endif
|
|
|
|
#ifdef CONFIG_MODULE_STATS
|
|
|
|
#define mod_stat_add_long(count, var) atomic_long_add(count, var)
|
|
#define mod_stat_inc(name) atomic_inc(name)
|
|
|
|
extern atomic_long_t total_mod_size;
|
|
extern atomic_long_t total_text_size;
|
|
extern atomic_long_t invalid_kread_bytes;
|
|
extern atomic_long_t invalid_decompress_bytes;
|
|
|
|
extern atomic_t modcount;
|
|
extern atomic_t failed_kreads;
|
|
extern atomic_t failed_decompress;
|
|
struct mod_fail_load {
|
|
struct list_head list;
|
|
char name[MODULE_NAME_LEN];
|
|
atomic_long_t count;
|
|
unsigned long dup_fail_mask;
|
|
};
|
|
|
|
int try_add_failed_module(const char *name, enum fail_dup_mod_reason reason);
|
|
void mod_stat_bump_invalid(struct load_info *info, int flags);
|
|
void mod_stat_bump_becoming(struct load_info *info, int flags);
|
|
|
|
#else
|
|
|
|
#define mod_stat_add_long(name, var)
|
|
#define mod_stat_inc(name)
|
|
|
|
static inline int try_add_failed_module(const char *name,
|
|
enum fail_dup_mod_reason reason)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline void mod_stat_bump_invalid(struct load_info *info, int flags)
|
|
{
|
|
}
|
|
|
|
static inline void mod_stat_bump_becoming(struct load_info *info, int flags)
|
|
{
|
|
}
|
|
|
|
#endif /* CONFIG_MODULE_STATS */
|
|
|
|
#ifdef CONFIG_MODULE_DEBUG_AUTOLOAD_DUPS
|
|
bool kmod_dup_request_exists_wait(char *module_name, bool wait, int *dup_ret);
|
|
void kmod_dup_request_announce(char *module_name, int ret);
|
|
#else
|
|
static inline bool kmod_dup_request_exists_wait(char *module_name, bool wait, int *dup_ret)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
static inline void kmod_dup_request_announce(char *module_name, int ret)
|
|
{
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_MODULE_UNLOAD_TAINT_TRACKING
|
|
struct mod_unload_taint {
|
|
struct list_head list;
|
|
char name[MODULE_NAME_LEN];
|
|
unsigned long taints;
|
|
u64 count;
|
|
};
|
|
|
|
int try_add_tainted_module(struct module *mod);
|
|
void print_unloaded_tainted_modules(void);
|
|
#else /* !CONFIG_MODULE_UNLOAD_TAINT_TRACKING */
|
|
static inline int try_add_tainted_module(struct module *mod)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline void print_unloaded_tainted_modules(void)
|
|
{
|
|
}
|
|
#endif /* CONFIG_MODULE_UNLOAD_TAINT_TRACKING */
|
|
|
|
#ifdef CONFIG_MODULE_DECOMPRESS
|
|
int module_decompress(struct load_info *info, const void *buf, size_t size);
|
|
void module_decompress_cleanup(struct load_info *info);
|
|
#else
|
|
static inline int module_decompress(struct load_info *info,
|
|
const void *buf, size_t size)
|
|
{
|
|
return -EOPNOTSUPP;
|
|
}
|
|
|
|
static inline void module_decompress_cleanup(struct load_info *info)
|
|
{
|
|
}
|
|
#endif
|
|
|
|
struct mod_tree_root {
|
|
#ifdef CONFIG_MODULES_TREE_LOOKUP
|
|
struct latch_tree_root root;
|
|
#endif
|
|
unsigned long addr_min;
|
|
unsigned long addr_max;
|
|
#ifdef CONFIG_ARCH_WANTS_MODULES_DATA_IN_VMALLOC
|
|
unsigned long data_addr_min;
|
|
unsigned long data_addr_max;
|
|
#endif
|
|
};
|
|
|
|
extern struct mod_tree_root mod_tree;
|
|
|
|
#ifdef CONFIG_MODULES_TREE_LOOKUP
|
|
void mod_tree_insert(struct module *mod);
|
|
void mod_tree_remove_init(struct module *mod);
|
|
void mod_tree_remove(struct module *mod);
|
|
struct module *mod_find(unsigned long addr, struct mod_tree_root *tree);
|
|
#else /* !CONFIG_MODULES_TREE_LOOKUP */
|
|
|
|
static inline void mod_tree_insert(struct module *mod) { }
|
|
static inline void mod_tree_remove_init(struct module *mod) { }
|
|
static inline void mod_tree_remove(struct module *mod) { }
|
|
static inline struct module *mod_find(unsigned long addr, struct mod_tree_root *tree)
|
|
{
|
|
struct module *mod;
|
|
|
|
list_for_each_entry_rcu(mod, &modules, list,
|
|
lockdep_is_held(&module_mutex)) {
|
|
if (within_module(addr, mod))
|
|
return mod;
|
|
}
|
|
|
|
return NULL;
|
|
}
|
|
#endif /* CONFIG_MODULES_TREE_LOOKUP */
|
|
|
|
void module_enable_ro(const struct module *mod, bool after_init);
|
|
void module_enable_nx(const struct module *mod);
|
|
void module_enable_x(const struct module *mod);
|
|
int module_enforce_rwx_sections(Elf_Ehdr *hdr, Elf_Shdr *sechdrs,
|
|
char *secstrings, struct module *mod);
|
|
|
|
#ifdef CONFIG_MODULE_SIG
|
|
int module_sig_check(struct load_info *info, int flags);
|
|
#else /* !CONFIG_MODULE_SIG */
|
|
static inline int module_sig_check(struct load_info *info, int flags)
|
|
{
|
|
return 0;
|
|
}
|
|
#endif /* !CONFIG_MODULE_SIG */
|
|
|
|
#ifdef CONFIG_DEBUG_KMEMLEAK
|
|
void kmemleak_load_module(const struct module *mod, const struct load_info *info);
|
|
#else /* !CONFIG_DEBUG_KMEMLEAK */
|
|
static inline void kmemleak_load_module(const struct module *mod,
|
|
const struct load_info *info) { }
|
|
#endif /* CONFIG_DEBUG_KMEMLEAK */
|
|
|
|
#ifdef CONFIG_KALLSYMS
|
|
void init_build_id(struct module *mod, const struct load_info *info);
|
|
void layout_symtab(struct module *mod, struct load_info *info);
|
|
void add_kallsyms(struct module *mod, const struct load_info *info);
|
|
|
|
static inline bool sect_empty(const Elf_Shdr *sect)
|
|
{
|
|
return !(sect->sh_flags & SHF_ALLOC) || sect->sh_size == 0;
|
|
}
|
|
#else /* !CONFIG_KALLSYMS */
|
|
static inline void init_build_id(struct module *mod, const struct load_info *info) { }
|
|
static inline void layout_symtab(struct module *mod, struct load_info *info) { }
|
|
static inline void add_kallsyms(struct module *mod, const struct load_info *info) { }
|
|
#endif /* CONFIG_KALLSYMS */
|
|
|
|
#ifdef CONFIG_SYSFS
|
|
int mod_sysfs_setup(struct module *mod, const struct load_info *info,
|
|
struct kernel_param *kparam, unsigned int num_params);
|
|
void mod_sysfs_teardown(struct module *mod);
|
|
void init_param_lock(struct module *mod);
|
|
#else /* !CONFIG_SYSFS */
|
|
static inline int mod_sysfs_setup(struct module *mod,
|
|
const struct load_info *info,
|
|
struct kernel_param *kparam,
|
|
unsigned int num_params)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline void mod_sysfs_teardown(struct module *mod) { }
|
|
static inline void init_param_lock(struct module *mod) { }
|
|
#endif /* CONFIG_SYSFS */
|
|
|
|
#ifdef CONFIG_MODVERSIONS
|
|
int check_version(const struct load_info *info,
|
|
const char *symname, struct module *mod, const s32 *crc);
|
|
void module_layout(struct module *mod, struct modversion_info *ver, struct kernel_param *kp,
|
|
struct kernel_symbol *ks, struct tracepoint * const *tp);
|
|
int check_modstruct_version(const struct load_info *info, struct module *mod);
|
|
int same_magic(const char *amagic, const char *bmagic, bool has_crcs);
|
|
#else /* !CONFIG_MODVERSIONS */
|
|
static inline int check_version(const struct load_info *info,
|
|
const char *symname,
|
|
struct module *mod,
|
|
const s32 *crc)
|
|
{
|
|
return 1;
|
|
}
|
|
|
|
static inline int check_modstruct_version(const struct load_info *info,
|
|
struct module *mod)
|
|
{
|
|
return 1;
|
|
}
|
|
|
|
static inline int same_magic(const char *amagic, const char *bmagic, bool has_crcs)
|
|
{
|
|
return strcmp(amagic, bmagic) == 0;
|
|
}
|
|
#endif /* CONFIG_MODVERSIONS */
|