Now that modprobe.d is searched under ${prefix}/lib, allow a complete
transition to files only under ${prefix} by adding a ${module_directory}
configuration. This specifies the directory where to search for kernel
modules and should match the location where the kernel/distro installs
them.
With this distributions that do not want to ship files in /lib can also
move kernel modules to /usr while others can keep them in /lib.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Link: https://lore.kernel.org/r/a3765f4e8ae3ce29c0847a0132d4a8d51ad040a9.1699618135.git.msuchanek@suse.de
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Switch to using OBJ_obj2txt() to calculate and print the pkcs7
signature hash name. This eliminates the need to duplicate libcrypto
NID to name mapping, detect SM3 openssl compile-time support, and
enables using any hashes that openssl and kernel know about. For
example SHA3 are being added for v6.7 and with this patch are
automatically supported.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Link: https://lore.kernel.org/r/20231029010319.157390-1-dimitri.ledkov@canonical.com
GCC 14 introduces a new -Walloc-size included in -Wextra which gives:
```
tools/depmod.c:192:14: warning: allocation of insufficient size ‘1’ for type ‘struct index_node’ with size ‘1048’ [-Walloc-size]
tools/depmod.c:255:11: warning: allocation of insufficient size ‘1’ for type ‘struct index_value’ with size ‘16’ [-Walloc-size]
tools/depmod.c:286:35: warning: allocation of insufficient size ‘1’ for type ‘struct index_node’ with size ‘1048’ [-Walloc-size]
tools/depmod.c:315:44: warning: allocation of insufficient size ‘1’ for type ‘struct index_node’ with size ‘1048’ [-Walloc-size]
```
The calloc prototype is:
```
void *calloc(size_t nmemb, size_t size);
```
So, just swap the number of members and size arguments to match the prototype, as
we're initialising 1 struct of size `sizeof(struct ...)`. GCC then sees we're not
doing anything wrong.
Signed-off-by: Sam James <sam@gentoo.org>
Show distconfdir (where system configuration files are searched/to be
installed), sysconfdir (where user configuration files are searched),
module compressions, and module signatures supported.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Link: https://lore.kernel.org/r/468b3f572d3b84f25bb53ec8fcb15ed4871914d4.1689681454.git.msuchanek@suse.de
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
There is an ongoing effort to limit use of files outside of /usr (or
${prefix} on general). Currently all modprobe.d paths are hardcoded to
outside of $prefix. Teach kmod to load modprobe.d from ${prefix}/lib.
On some distributions /usr/lib and /lib are the same directory because
of a compatibility symlink, and it is possible to craft configuration
files with sideeffects that would behave differently when loaded twice.
However, the override semantic ensures that one 'overrides' the other,
and only one configuration file of the same name is loaded from any of
the search directories.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Link: https://lore.kernel.org/r/a290343ce32e2a3c25b134e4f27c13b26e06c9e0.1689681454.git.msuchanek@suse.de
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The symbol was somewhat recently introduced by the kernel and not all
distributions may be have available.
The number is part of the ABI, so we can add a local fallback define.
Closes: https://github.com/kmod-project/kmod/issues/29
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
When creating the context, read /sys/kernel/compression to check what's
the compression type supported by the kernel. This will later be used
when loading modules to check if the decompression step has to happen in
userspace or if it can be delegated to the kernel.
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Do not only set the type as direct, but also keep track of the
compression being used. This will allow using the in-kernel compression
in future.
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Extract 2 functions to handle finit_module vs init_modules differences,
with a fallback from the former to the latter.
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Add a separate function to load the file contents when it's needed.
When it's not needed on the path of loading modules via finit_module(),
there is no need to mmap the file. This will help support loading
modules with the in-kernel compression support.
This is done differently than the lazy initialization for
kmod_file_get_elf() because on the contents case there is also the
file->size to be updated. It would be a weird API to return the pointer
and have the size changed as a side-effect.
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Fix the following warning reported by UBSan (as of gcc-13.1.1):
shared/hash.c:244:35: runtime error: null pointer passed as
argument 2, which is declared to never be null
Reviewed-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
[ reshuffle the code to use return-early style ]
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
An attempt to pass too long module name to, say, rmmod, may
cause an out-of-bounds memory access (as repoted by UBSan):
$ rmmod $(for i in $(seq 0 4200); do echo -ne x; done)
libkmod/libkmod-module.c:1828:8: runtime error: index 4107 out of bounds for type 'char [4096]'
This is because 'snprintf(path, sizeof(path), ...)' may return the
value which exceeds 'sizeof(path)' (which happens when an output
gets truncated). To play it safe, such a suspicious output is
better to be rejected explicitly.
Reviewed-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
Link: https://lore.kernel.org/r/20230519074638.402045-1-dmantipov@yandex.ru
When the module is definitely present but CONFIG_MODVERSIONS is
disabled, the following error message may be somewhat confusing:
modprobe --dump-modversions /path/to/module.ko.xz
modprobe: FATAL: could not get modversions of /path/to/module.ko.xz: No such file or directory
Choosing among the convenient errno values, I would suggest to use
ENODATA when the module lacks a particular ELF section (and vermagic
as well). So now it is expected to be:
modprobe: FATAL: could not get modversions of /path/to/module.ko.xz: No data available
Reviewed-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
Link: https://lore.kernel.org/r/20230519093630.474185-1-dmantipov@yandex.ru
Add a missing kmod_module_unref_list() to fix a memory leak.
Fixes: 42b32d30c3 ("modprobe: Fix holders removal")
Signed-off-by: Nicolas Schier <n.schier@avm.de>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Add liblzma_LIBS to LIBS to avoid the following build failure when
building with a static-only liblzma.a:
/home/autobuild/autobuild/instance-5/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/11.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: libkmod/.libs/libkmod-internal.a(libkmod-file.o):(.text.xz_uncompress+0x10): undefined reference to `lzma_code'
For consistency, also update libzstd, zlib and libcrypto
Fixes:
- http://autobuild.buildroot.org/results/83a4a7ecc77f39639d3e5bc8554bd01a62a3ede0
References: https://github.com/kmod-project/kmod/pull/25
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Replace the manual sed command, build rules and dist/clean for using
AC_CONFIG_FILES. It does the exact same thing, with an added bonus...
Currently we're missing version.py.in in the EXTRA_DIST. Thus a simple
"touch Makefile" should retrigger the regeneration of version.py. Which
would presumably fail, since the input file isn't in the distribution
tarball.
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
None of the API is used outside of the compilation unit.
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
It's no longer used outside the compilation unit, as of last commit.
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The last and only user was removed with commit 0246e06 ("depmod: Stop
opening modules.modinfo once per module")
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Instead of skipping tests if sysconfdir isn't /etc, just handle it
during the rootfs setup logic.
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com>
It's easier to implement the logic outside of the Makefile, so rename
the populate-modules.sh script to setup-rootfs.sh and move the
additional logic from the makefile to the script.
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com>
Currently if we see unknown algorithm, we'll do an OOB read in
pkey_hash_algo. This can happen for example if OPENSSL_NO_SM3 is set and
the kernel module uses a SM3 hash.
Cc: Mikhail Novosyolov <m.novosyolov@rosalinux.ru>
Cc: Lucas De Marchi <lucas.demarchi@intel.com>
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The uname used across the tests is same, so drop "_ORDER" from the macro
name and use it throughout. Similarly - add respective LIB_MODULES
defines and use them in the tests.
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
As the inline comment says - the declarations have been dropped with
glibc 2.32.9000, as a result the build throws a set of lovely warnings.
Inspired by umockdev, which bears the same license as this project.
f1b4164004
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
This option is equivalent to basedir, with the small difference being
that's where the meta-data files are generated. In other words, this
allows us to have read-only input modules and modules.dep, while still
being able to generate the meta-data files.
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
[ Move files to a different dir so input files (produced by kernel build
system is separate from the files generated by depmod (output) ]
Signed-off-by: Lucas De Marchi <lucas.demarchi@gmail.com>
Improve user experience by explaining the option so the user may
not search explanations in other manpages (modprobe).
Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
This is useful to kernel module developers for testing a just compiled
module: instead of using insmod, they can load the module from the path
while getting all the benefits of modprobe (e.g. module dependency
resolution).
v2:
- Add test for relative path as well. (Lucas)
- Add note warning about modules with dependencies not matching the
installed depmod database. (Lucas)
Signed-off-by: Gustavo Sousa <gustavo.sousa@intel.com>
Cc: Lucas De Marchi <lucas.demarchi@intel.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
That same logic will be used for enabling modprobe for paths in the next
patch. As such, prepare for that by extracting that block into its own
function.
Signed-off-by: Gustavo Sousa <gustavo.sousa@intel.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
One of the tests in an upcoming patch will need to change into a
specific directory to test loading a module from a relative path.
Signed-off-by: Gustavo Sousa <gustavo.sousa@intel.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Otherwise, an implicit functiona declaration is used, causing
a C99 compatibility issue.
Signed-off-by: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Example kernel module:
https://file-store.rosalinux.ru/download/7281f97e0c04c0f818ad3f936706f4a407e8dc7e
(/lib/modules/5.15.67-generic-1rosa2021.1-x86_64/kernel/drivers/usb/host/xhci-pci.ko.zst)
It is signed with Streebog 512.
libkmod v30 crashed in libkmod-module.c:2413 in this code:
n = kmod_module_info_append(list,
"sig_hashalgo", strlen("sig_hashalgo"),
sig_info.hash_algo, strlen(sig_info.hash_algo));
because strlen() got null.
When _FILE_OFFSET_BITS is 64, glibc headers turn `stat` calls into
`stat64`, and our `stat` override into a `stat64` function. However,
because we use dlsym to get the address of libc's `stat`, we end up
calling into the "real" `stat` function, which deals with 32-bit off_t,
and we treat its result as if it were returned from stat64. On most
architectures this seems to have been harmless, but on 32-bit mips,
st_mode's offset in struct stat and struct stat64 are different, so we
read garbage.
To fix this, explicitly unset _FILE_OFFSET_BITS in path.c, to turn off
the redirect magic in glibc headers, and override both the 32-bit and
64-bit functions so each call ends up wrapping the right libc function.
Fixes#16 (https://github.com/kmod-project/kmod/issues/16)
The man page modprobe(8) states for the --syslog option:
"This is also automatically enabled when stderr is unavailable."
but it wasn't happening.
This commit now makes modprobe write to syslog if stderr is closed.
During dpkg build, in a subdir, it is currently not possible to run
tests. Building testsuite/modules due to non-existance of the
testsuite directory under the build dir. Thus create it, when it is
not there.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Function ``test_backoff_time`` does not initialize ``delta``, and
``get_backoff_delta_msec`` then performs a read from uninitialized
memory with the ``!*delta`` expression.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
SM3 has been supported in kernel and cryptographic libraries like openssl.
This patch adds support for the SM3 algorithm of kmod.
Signed-off-by: HuaxinLu <luhuaxin1@huawei.com>
Retry module removal if it fails due to EAGAIN. This allows user to pass
--wait <timeout>, during which `modprobe -r` will keep trying to remove
the module.
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Add simple functions to put the current thread to sleep using
exponential backoff to split the interval in smaller pieces.
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>