Commit Graph

291 Commits

Author SHA1 Message Date
Masahiro Yamada
1743694eb2 modpost: stop symbol preloading for modversion CRC
It is complicated to add mocked-up symbols for pre-handling CRC.
Handle CRC after all the export symbols in the relevant module
are registered.

Call handle_modversion() after the handle_symbol() iteration.

In some cases, I see atand-alone __crc_* without __ksymtab_*.
For example, ARCH=arm allyesconfig produces __crc_ccitt_veneer and
__crc_itu_t_veneer. I guess they come from crc_ccitt, crc_itu_t,
respectively. Since __*_veneer are auto-generated symbols, just
ignore them.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-11-23 15:46:38 +09:00
Masahiro Yamada
9bd2a099d7 modpost: rename handle_modversions() to handle_symbol()
This function handles not only modversions, but also unresolved
symbols, export symbols, etc.

Rename it to a more proper function name.

While I was here, I also added the 'const' qualifier to *sym.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-11-23 12:44:24 +09:00
Masahiro Yamada
e84f9fbbec modpost: refactor namespace_from_kstrtabns() to not hard-code section name
Currently, namespace_from_kstrtabns() relies on the fact that
namespace strings are recorded in the __ksymtab_strings section.
Actually, it is coded in include/linux/export.h, but modpost does
not need to hard-code the section name.

Elf_Sym::st_shndx holds the index of the relevant section. Using it is
a more portable way to get the namespace string.

Make namespace_from_kstrtabns() simply call sym_get_data(), and delete
the info->ksymtab_strings .

While I was here, I added more 'const' qualifiers to pointers.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-11-23 12:44:24 +09:00
Masahiro Yamada
afa0459daa modpost: add a helper to get data pointed by a symbol
When CONFIG_MODULE_REL_CRCS is enabled, the value of __crc_* is not
an absolute value, but the address to the CRC data embedded in the
.rodata section.

Getting the data pointed by the symbol value is somewhat complex.
Split it out into a new helper, sym_get_data().

I will reuse it to refactor namespace_from_kstrtabns() in the next
commit.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-11-23 12:44:24 +09:00
Masahiro Yamada
76b54cf033 modpost: remove unneeded local variable in contains_namespace()
The local variable, ns_entry, is unneeded.

While I was here, I also cleaned up the comparison with NULL or 0.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Matthias Maennich <maennich@google.com>
2019-11-11 20:10:01 +09:00
Masahiro Yamada
bbc55bded4 modpost: dump missing namespaces into a single modules.nsdeps file
The modpost, with the -d option given, generates per-module .ns_deps
files.

Kbuild generates per-module .mod files to carry module information.
This is convenient because Make handles multiple jobs in parallel
when the -j option is given.

On the other hand, the modpost always runs as a single thread.
I do not see a strong reason to produce separate .ns_deps files.

This commit changes the modpost to generate just one file,
modules.nsdeps, each line of which has the following format:

  <module_name>: <list of missing namespaces>

Please note it contains *missing* namespaces instead of required ones.
So, modules.nsdeps is empty if the namespace dependency is all good.

This will work more efficiently because spatch will no longer process
already imported namespaces. I removed the '(if needed)' from the
nsdeps log since spatch is invoked only when needed.

This also solves the stale .ns_deps problem reported by Jessica Yu:

  https://lkml.org/lkml/2019/10/28/467

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Tested-by: Jessica Yu <jeyu@kernel.org>
Acked-by: Jessica Yu <jeyu@kernel.org>
Reviewed-by: Matthias Maennich <maennich@google.com>
Tested-by: Matthias Maennich <maennich@google.com>
2019-11-11 20:10:01 +09:00
Masahiro Yamada
0241ea8cae modpost: free ns_deps_buf.p after writing ns_deps files
buf_write() allocates memory. Free it.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-11-11 20:10:01 +09:00
Masahiro Yamada
bff9c62b5d modpost: do not invoke extra modpost for nsdeps
'make nsdeps' invokes the modpost three times at most; before linking
vmlinux, before building modules, and finally for generating .ns_deps
files. Running the modpost again and again is not efficient.

The last two can be unified. When the -d option is given, the modpost
still does the usual job, and in addition, generates .ns_deps files.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Tested-by: Matthias Maennich <maennich@google.com>
Reviewed-by: Matthias Maennich <maennich@google.com>
2019-11-11 20:10:01 +09:00
Masahiro Yamada
39808e451f kbuild: do not read $(KBUILD_EXTMOD)/Module.symvers
Since commit 040fcc819a ("kbuild: improved modversioning support for
external modules"), the external module build reads Module.symvers in
the directory of the module itself, then dumps symbols back into it.
It accumulates stale symbols in the file when you build an external
module incrementally.

The idea behind it was, as the commit log explained, you can copy
Modules.symvers from one module to another when you need to pass symbol
information between two modules. However, the manual copy of the file
sounds questionable to me, and containing stale symbols is a downside.

Some time later, commit 0d96fb20b7 ("kbuild: Add new Kbuild variable
KBUILD_EXTRA_SYMBOLS") introduced a saner approach.

So, this commit removes the former one. Going forward, the external
module build dumps symbols into Module.symvers to be carried via
KBUILD_EXTRA_SYMBOLS, but never reads it automatically.

With the -I option removed, there is no one to set the external_module
flag unless KBUILD_EXTRA_SYMBOLS is passed. Now the -i option does it
instead.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-11-11 20:07:03 +09:00
Matthias Maennich
6992320843 symbol namespaces: revert to previous __ksymtab name scheme
The introduction of Symbol Namespaces changed the naming schema of the
__ksymtab entries from __kysmtab__symbol to __ksymtab_NAMESPACE.symbol.

That caused some breakages in tools that depend on the name layout in
either the binaries(vmlinux,*.ko) or in System.map. E.g. kmod's depmod
would not be able to read System.map without a patch to support symbol
namespaces. A warning reported by depmod for namespaced symbols would
look like

  depmod: WARNING: [...]/uas.ko needs unknown symbol usb_stor_adjust_quirks

In order to address this issue, revert to the original naming scheme and
rather read the __kstrtabns_<symbol> entries and their corresponding
values from __ksymtab_strings to update the namespace values for
symbols. After having read all symbols and handled them in
handle_modversions(), the symbols are created. In a second pass, read
the __kstrtabns_ entries and update the namespaces accordingly.

Fixes: 8651ec01da ("module: add support for symbol namespaces.")
Reported-by: Stefan Wahren <stefan.wahren@i2se.com>
Suggested-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Will Deacon <will@kernel.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Matthias Maennich <maennich@google.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2019-10-18 15:32:52 +02:00
Matthias Maennich
9ae5bd1847 modpost: make updating the symbol namespace explicit
Setting the symbol namespace of a symbol within sym_add_exported feels
displaced and lead to issues in the current implementation of symbol
namespaces. This patch makes updating the namespace an explicit call to
decouple it from adding a symbol to the export list.

Acked-by: Will Deacon <will@kernel.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Matthias Maennich <maennich@google.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2019-10-18 15:32:47 +02:00
Matthias Maennich
a2b1118438 modpost: delegate updating namespaces to separate function
Let the function 'sym_update_namespace' take care of updating the
namespace for a symbol. While this currently only replaces one single
location where namespaces are updated, in a following patch, this
function will get more call sites.

The function signature is intentionally close to sym_update_crc and
taking the name by char* seems like unnecessary work as the symbol has
to be looked up again. In a later patch of this series, this concern
will be addressed.

This function ensures that symbol::namespace is either NULL or has a
valid non-empty value. Previously, the empty string was considered 'no
namespace' as well and this lead to confusion.

Acked-by: Will Deacon <will@kernel.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Matthias Maennich <maennich@google.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2019-10-18 15:32:42 +02:00
Linus Torvalds
c6f6ebd77c Modules fixes for v5.4-rc3
- Fix broken external module builds due to a modpost bug in read_dump(),
   where the namespace was not being strdup'd and sym->namespace would be
   set to bogus data.
 - Various namespace-related kbuild fixes and cleanups thanks to
   Masahiro Yamada.
 
 Signed-off-by: Jessica Yu <jeyu@kernel.org>
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCgAGBQJdoKV/AAoJEMBFfjjOO8FyrmEP/0jDzB0qkLF0oZe+Bc76qogY
 IK2/qF1GFrtyIBMzCNMb5ds+2K/iGTxbW1wXRWChHOr2knTyJ00R6YPahYvovOgR
 FgIYAL4q2fz9idjmZrNg5EiCrsvwBqYixQG7m0R3F5peZ6FqRipXQ61+R/jm2oq4
 eS2VrNyuvLle5Be2JZgA9/gUlQtUSLS7aqSk8MHbbCDGTHU9jMGfuOk+l2txqKQn
 ryXV9Lj7YfQpV5cr9nJkVw0MIvq7aWXPUrsXwT3mpPTV+003JCw5bpWHvlsJMCfJ
 kc17gPDz382Vqohk5iJbWULerkMlSI05UVAKhc2KkAuZn2IRz9i0VI1KCMUJdphh
 d/fhDhkpFWXyWb6A+522V+JSt+Kz2B4N3wUXug4BtWU8dP5Rpp2luCVRGWbJEPiZ
 eBOkBtp42kLoJSkRzOGIZKAVUdb0f5hWRhtBXUSY64JYLv+4WpB/xZvf3mgfBWmh
 9r0siZ9Jkd9Bfl87AymHIGzhR2jnVAyIFn+eKfS/L/hPt/8ouEhL2VsEfRAkHYtq
 wx5Bm1F6hP07YpUoAQU8t2I3vxw7p6emlW/YwsZEWfiq1RZepbO3NxT8xoxLjG8J
 GCoh2ZXKLENA5GumkA9PR6vvP3VoOS54DIukeWcCGzfUPedNI3muSvJmGbWvVcix
 1k4mI4jDYAaD9oXh8YZv
 =Ebck
 -----END PGP SIGNATURE-----

Merge tag 'modules-for-v5.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux

Pull module fixes from Jessica Yu:
 "Code cleanups and kbuild/namespace related fixups from Masahiro.

  Most importantly, it fixes a namespace-related modpost issue for
  external module builds

   - Fix broken external module builds due to a modpost bug in
     read_dump(), where the namespace was not being strdup'd and
     sym->namespace would be set to bogus data.

   - Various namespace-related kbuild fixes and cleanups thanks to
     Masahiro Yamada"

* tag 'modules-for-v5.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux:
  doc: move namespaces.rst from kbuild/ to core-api/
  nsdeps: make generated patches independent of locale
  nsdeps: fix hashbang of scripts/nsdeps
  kbuild: fix build error of 'make nsdeps' in clean tree
  module: rename __kstrtab_ns_* to __kstrtabns_* to avoid symbol conflict
  modpost: fix broken sym->namespace for external module builds
  module: swap the order of symbol.namespace
  scripts: add_namespace: Fix coccicheck failed
2019-10-11 10:19:24 -07:00
Masahiro Yamada
389eb3f5f4 modpost: fix broken sym->namespace for external module builds
Currently, external module builds produce tons of false-positives:

  WARNING: module <mod> uses symbol <sym> from namespace <ns>, but does not import it.

Here, the <ns> part shows a random string.

When you build external modules, the symbol info of vmlinux and
in-kernel modules are read from $(objtree)/Module.symvers, but
read_dump() is buggy in multiple ways:

[1] When the modpost is run for vmlinux and in-kernel modules,
sym_extract_namespace() allocates memory for the namespace. On the
other hand, read_dump() does not, then sym->namespace will point to
somewhere in the line buffer of get_next_line(). The data in the
buffer will be replaced soon, and sym->namespace will end up with
pointing to unrelated data. As a result, check_exports() will show
random strings in the warning messages.

[2] When there is no namespace, sym_extract_namespace() returns NULL.
On the other hand, read_dump() sets namespace to an empty string "".
(but, it will be later replaced with unrelated data due to bug [1].)
The check_exports() shows a warning unless exp->namespace is NULL,
so every symbol read from read_dump() emits the warning, which is
mostly false positive.

To address [1], sym_add_exported() calls strdup() for s->namespace.
The namespace from sym_extract_namespace() must be freed to avoid
memory leak.

For [2], I changed the if-conditional in check_exports().

This commit also fixes sym_add_exported() to set s->namespace correctly
when the symbol is preloaded.

Reviewed-by: Matthias Maennich <maennich@google.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2019-10-07 18:24:58 +02:00
Masahiro Yamada
bf70b0503a module: swap the order of symbol.namespace
Currently, EXPORT_SYMBOL_NS(_GPL) constructs the kernel symbol as
follows:

  __ksymtab_SYMBOL.NAMESPACE

The sym_extract_namespace() in modpost allocates memory for the part
SYMBOL.NAMESPACE when '.' is contained. One problem is that the pointer
returned by strdup() is lost because the symbol name will be copied to
malloc'ed memory by alloc_symbol(). No one will keep track of the
pointer of strdup'ed memory.

sym->namespace still points to the NAMESPACE part. So, you can free it
with complicated code like this:

   free(sym->namespace - strlen(sym->name) - 1);

It complicates memory free.

To fix it elegantly, I swapped the order of the symbol and the
namespace as follows:

  __ksymtab_NAMESPACE.SYMBOL

then, simplified sym_extract_namespace() so that it allocates memory
only for the NAMESPACE part.

I prefer this order because it is intuitive and also matches to major
languages. For example, NAMESPACE::NAME in C++, MODULE.NAME in Python.

Reviewed-by: Matthias Maennich <maennich@google.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2019-10-07 18:24:48 +02:00
Masahiro Yamada
47346e96f0 modpost: fix static EXPORT_SYMBOL warnings for UML build
Johannes Berg reports lots of modpost warnings on ARCH=um builds:

WARNING: "rename" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "lseek" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "ftruncate64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "getuid" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "lseek64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "unlink" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "pwrite64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "close" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "opendir" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "pread64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "syscall" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "readdir" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "readdir64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "futimes" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__lxstat" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "write" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "closedir" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__xstat" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "fsync" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__lxstat64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__fxstat64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "telldir" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "printf" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "readlink" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__sprintf_chk" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "link" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "rmdir" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "fdatasync" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "truncate" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "statfs" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__errno_location" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__xmknod" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "open64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "truncate64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "open" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "read" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "chown" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "chmod" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "utime" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "fchmod" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "seekdir" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "ioctl" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "dup2" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "statfs64" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "utimes" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "mkdir" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "fchown" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__guard" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "symlink" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "access" [vmlinux] is a static EXPORT_SYMBOL
WARNING: "__stack_smash_handler" [vmlinux] is a static EXPORT_SYMBOL

When you run "make", the modpost is run twice; before linking vmlinux,
and before building modules. All the warnings above are from the second
modpost.

The offending symbols are defined not in vmlinux, but in the C library.
The first modpost is run against the relocatable vmlinux.o, and those
warnings are nicely suppressed because the SH_UNDEF entries from the
symbol table clear the ->is_static flag.

The second modpost is run against the executable vmlinux (+ modules),
where those symbols have been resolved, but the definitions do not
exist.

This commit fixes it in a straightforward way; suppress the static
EXPORT_SYMBOL warnings from "vmlinux".

Without this commit, we see valid warnings twice anyway. For example,
ARCH=arm64 defconfig shows the following warning twice:

WARNING: "HYPERVISOR_platform_op" [vmlinux] is a static EXPORT_SYMBOL_GPL

So, it is reasonable to suppress the second one.

Fixes: 15bfc2348d ("modpost: check for static EXPORT_SYMBOL* functions")
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Tested-by: Johannes Berg <johannes@sipsolutions.net>
Tested-by: Denis Efremov <efremov@linux.com>
2019-10-01 09:21:21 +09:00
Linus Torvalds
e070355664 Modules updates for v5.4
Summary of modules changes for the 5.4 merge window:
 
 - Introduce exported symbol namespaces.
 
   This new feature allows subsystem maintainers to partition and
   categorize their exported symbols into explicit namespaces. Module
   authors are now required to import the namespaces they need.
 
   Some of the main motivations of this feature include: allowing kernel
   developers to better manage the export surface, allow subsystem
   maintainers to explicitly state that usage of some exported symbols
   should only be limited to certain users (think: inter-module or
   inter-driver symbols, debugging symbols, etc), as well as more easily
   limiting the availability of namespaced symbols to other parts of the
   kernel. With the module import requirement, it is also easier to spot
   the misuse of exported symbols during patch review. Two new macros are
   introduced: EXPORT_SYMBOL_NS() and EXPORT_SYMBOL_NS_GPL(). The API is
   thoroughly documented in Documentation/kbuild/namespaces.rst.
 
 - Some small code and kbuild cleanups here and there.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCgAGBQJdh3n8AAoJEMBFfjjOO8Fy94kP+QHZF39QDvLbxAzEYAETAS+o
 CFu6wix/DrAwFkTU/kX1eAsAwDBEz0xkMciR4BsLX3sIafUVERxtDXVAui/dA1+6
 zfw2c3ObyVwPEk6aUPFprgkj+08gxujsJFlYTsQQUhtRbmxg6R7hD6t6ANxiHaY2
 AQe5TzOWXoIa2hHO+7rPMqf8l6qiFCaL0s3v5jrmBXa5mHmc4PVy95h1J6xQVw2u
 b+SlvKeylHv+OtCtvthkAJS3hfS35J/1TNb/RNYIvh60IfEguEuFsGuQ9JiSSAZS
 pv1cJ+I5d4v8Y/md1rZpdjTJL9gCrq/UUC67+UkejCOn0C+7XM2eR4Bu/jWvdMSn
 ZQDHcPhFSIfmP7FaKomPogaBbw1sI1FvM5930pPJzHnyO9+cefBXe7rWaaB+y0At
 GAxOtmk1dKh01BT7YO/C0oVuX87csWd74NHypVsbs0TgQo5jBFdZRheyDrq5YB+s
 tVK+5H0nqQrCcfo/TvhcsZlgITTGtgTPenaW99/i7qNa9mRUtxC/VkE+aob6HNRF
 1iBxxopOTxGN8akyKOVumtkuTQH3EJfouZee//pWbXLzyDmScg/k67vuao8kxbyq
 NA1piFAGJAHFsHATxrbvNOq6jZ5bfUT8pwSTs83JppuR++8Hxk7zaShS3/LvsvHt
 6ist/epOwTZ7oiNQ04nj
 =72Uy
 -----END PGP SIGNATURE-----

Merge tag 'modules-for-v5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux

Pull modules updates from Jessica Yu:
 "The main bulk of this pull request introduces a new exported symbol
  namespaces feature. The number of exported symbols is increasingly
  growing with each release (we're at about 31k exports as of 5.3-rc7)
  and we currently have no way of visualizing how these symbols are
  "clustered" or making sense of this huge export surface.

  Namespacing exported symbols allows kernel developers to more
  explicitly partition and categorize exported symbols, as well as more
  easily limiting the availability of namespaced symbols to other parts
  of the kernel. For starters, we have introduced the USB_STORAGE
  namespace to demonstrate the API's usage. I have briefly summarized
  the feature and its main motivations in the tag below.

  Summary:

   - Introduce exported symbol namespaces.

     This new feature allows subsystem maintainers to partition and
     categorize their exported symbols into explicit namespaces. Module
     authors are now required to import the namespaces they need.

     Some of the main motivations of this feature include: allowing
     kernel developers to better manage the export surface, allow
     subsystem maintainers to explicitly state that usage of some
     exported symbols should only be limited to certain users (think:
     inter-module or inter-driver symbols, debugging symbols, etc), as
     well as more easily limiting the availability of namespaced symbols
     to other parts of the kernel.

     With the module import requirement, it is also easier to spot the
     misuse of exported symbols during patch review.

     Two new macros are introduced: EXPORT_SYMBOL_NS() and
     EXPORT_SYMBOL_NS_GPL(). The API is thoroughly documented in
     Documentation/kbuild/namespaces.rst.

   - Some small code and kbuild cleanups here and there"

* tag 'modules-for-v5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux:
  module: Remove leftover '#undef' from export header
  module: remove unneeded casts in cmp_name()
  module: move CONFIG_UNUSED_SYMBOLS to the sub-menu of MODULES
  module: remove redundant 'depends on MODULES'
  module: Fix link failure due to invalid relocation on namespace offset
  usb-storage: export symbols in USB_STORAGE namespace
  usb-storage: remove single-use define for debugging
  docs: Add documentation for Symbol Namespaces
  scripts: Coccinelle script for namespace dependencies.
  modpost: add support for generating namespace dependencies
  export: allow definition default namespaces in Makefiles or sources
  module: add config option MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS
  modpost: add support for symbol namespaces
  module: add support for symbol namespaces.
  export: explicitly align struct kernel_symbol
  module: support reading multiple values per modinfo tag
2019-09-22 10:34:46 -07:00
Masahiro Yamada
a3d0cb04f7 modpost: use __section in the output to *.mod.c
Use the __section() shorthand. This avoids escaping double-quotes,
and improves the readability.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-09-14 11:40:13 +09:00
Masahiro Yamada
6df7e1ec93 modpost: use MODULE_INFO() for __module_depends
This makes *.mod.c much more readable. I confirmed depmod still
produced the same modules.dep file.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-09-14 11:40:13 +09:00
Matthias Maennich
1d082773ff modpost: add support for generating namespace dependencies
This patch adds an option to modpost to generate a <module>.ns_deps file
per module, containing the namespace dependencies for that module.

E.g. if the linked module my-module.ko would depend on the symbol
myfunc.MY_NS in the namespace MY_NS, the my-module.ns_deps file created
by modpost would contain the entry MY_NS to express the namespace
dependency of my-module imposed by using the symbol myfunc.

These files can subsequently be used by static analysis tools (like
coccinelle scripts) to address issues with missing namespace imports. A
later patch of this series will introduce such a script 'nsdeps' and a
corresponding make target to automatically add missing
MODULE_IMPORT_NS() definitions to the module's sources. For that it uses
the information provided in the generated .ns_deps files.

Co-developed-by: Martijn Coenen <maco@android.com>
Signed-off-by: Martijn Coenen <maco@android.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Matthias Maennich <maennich@google.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2019-09-10 10:30:38 +02:00
Matthias Maennich
cb9b55d21f modpost: add support for symbol namespaces
Add support for symbols that are exported into namespaces. For that,
extract any namespace suffix from the symbol name. In addition, emit a
warning whenever a module refers to an exported symbol without
explicitly importing the namespace that it is defined in. This patch
consistently adds the namespace suffix to symbol names exported into
Module.symvers.

Example warning emitted by modpost in case of the above violation:

 WARNING: module ums-usbat uses symbol usb_stor_resume from namespace
 USB_STORAGE, but does not import it.

Co-developed-by: Martijn Coenen <maco@android.com>
Signed-off-by: Martijn Coenen <maco@android.com>
Reviewed-by: Joel Fernandes (Google) <joel@joelfernandes.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Matthias Maennich <maennich@google.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2019-09-10 10:30:21 +02:00
Denis Efremov
6f02bdfc99 modpost: add NOFAIL to strndup
Add NOFAIL check for the strndup call, because the function
allocates memory and can return NULL. All calls to strdup in
modpost are checked with NOFAIL.

Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-09-04 22:55:42 +09:00
Denis Efremov
15bfc2348d modpost: check for static EXPORT_SYMBOL* functions
This patch adds a check to warn about static EXPORT_SYMBOL* functions
during the modpost. In most of the cases, a static symbol marked for
exporting is an odd combination that should be fixed either by deleting
the exporting mark or by removing the static attribute and adding the
appropriate declaration to headers.

This check could help to detect the following problems:
1. 550113d4e9 ("i2c: add newly exported functions to the header, too")
2. 54638c6eaf ("net: phy: make exported variables non-static")
3. 98ef2046f2 ("mm: remove the exporting of totalram_pages")
4. 73df167c81 ("s390/zcrypt: remove the exporting of ap_query_configuration")
5. a57caf8c52 ("sunrpc/cache: remove the exporting of cache_seq_next")
6. e4e4730698 ("crypto: skcipher - remove the exporting of skcipher_walk_next")
7. 14b4c48bb1 ("gve: Remove the exporting of gve_probe")
8. 9b79ee9773 ("scsi: libsas: remove the exporting of sas_wait_eh")
9. ...

The build time impact is very limited and is almost at the unnoticeable
level (< 1 sec).

Acked-by: Emil Velikov <emil.l.velikov@gmail.com>
Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-08-14 01:10:18 +09:00
Fredrik Noring
54a7151b14 kbuild: modversions: Fix relative CRC byte order interpretation
Fix commit 56067812d5 ("kbuild: modversions: add infrastructure for
emitting relative CRCs") where CRCs are interpreted in host byte order
rather than proper kernel byte order. The bug is conditional on
CONFIG_MODULE_REL_CRCS.

For example, when loading a BE module into a BE kernel compiled with a LE
system, the error "disagrees about version of symbol module_layout" is
produced. A message such as "Found checksum D7FA6856 vs module 5668FAD7"
will be given with debug enabled, which indicates an obvious endian
problem within __kcrctab within the kernel image.

The general solution is to use the macro TO_NATIVE, as is done in
similar cases throughout modpost.c. With this correction it has been
verified that a BE kernel compiled with a LE system accepts BE modules.

This change has also been verified with a LE kernel compiled with a LE
system, in which case TO_NATIVE returns its value unmodified since the
byte orders match. This is by far the common case.

Fixes: 56067812d5 ("kbuild: modversions: add infrastructure for emitting relative CRCs")
Signed-off-by: Fredrik Noring <noring@nocrew.org>
Cc: stable@vger.kernel.org
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-03-28 23:46:56 +09:00
Masahiro Yamada
46c7dd56d5 modpost: always show verbose warning for section mismatch
Unless CONFIG_DEBUG_SECTION_MISMATCH is enabled, modpost only shows
the number of section mismatches.

If you want to know the symbols causing the issue, you need to rebuild
with CONFIG_DEBUG_SECTION_MISMATCH. It is tedious.

I think it is fine to show annoying warning when a new section mismatch
comes in.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2019-03-14 02:39:09 +09:00
WANG Chao
e4f358916d x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE
Commit

  4cd24de3a0 ("x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support")

replaced the RETPOLINE define with CONFIG_RETPOLINE checks. Remove the
remaining pieces.

 [ bp: Massage commit message. ]

Fixes: 4cd24de3a0 ("x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support")
Signed-off-by: WANG Chao <chao.wang@ucloud.cn>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@oracle.com>
Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Jessica Yu <jeyu@kernel.org>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: Kees Cook <keescook@chromium.org>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Cc: Michal Marek <michal.lkml@markovi.net>
Cc: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Vasily Gorbik <gor@linux.ibm.com>
Cc: linux-kbuild@vger.kernel.org
Cc: srinivas.eeda@oracle.com
Cc: stable <stable@vger.kernel.org>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/20181210163725.95977-1-chao.wang@ucloud.cn
2019-01-09 10:35:56 +01:00
Masahiro Yamada
3b41528803 modpost: move unresolved symbol checks to check_exports()
This will fit better in check_exports() than add_versions().

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-12-01 22:21:59 +09:00
Masahiro Yamada
c6826ad8a4 modpost: merge module iterations
Probably, this is just a matter of the order of error/warning
messages. Merge the two for-loops.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-12-01 22:21:58 +09:00
Masahiro Yamada
d2665ca8e3 modpost: refactor seen flag clearing in add_depends()
You do not need to iterate over all modules for resetting ->seen flag
because add_depends() is only interested in modules that export symbols
referenced from the given 'mod'.

This also avoids shadowing the 'modules' parameter of add_depends().

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-12-01 22:21:58 +09:00
Paul Walmsley
a4d26f1a09 modpost: skip ELF local symbols during section mismatch check
During development of a serial console driver with a gcc 8.2.0
toolchain for RISC-V, the following modpost warning appeared:

----
WARNING: vmlinux.o(.data+0x19b10): Section mismatch in reference from the variable .LANCHOR1 to the function .init.text:sifive_serial_console_setup()
The variable .LANCHOR1 references
the function __init sifive_serial_console_setup()
If the reference is valid then annotate the
variable with __init* or __refdata (see linux/init.h) or name the variable:
*_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console
----

".LANCHOR1" is an ELF local symbol, automatically created by gcc's section
anchor generation code:

https://gcc.gnu.org/onlinedocs/gccint/Anchored-Addresses.html

https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=gcc/varasm.c;h=cd9591a45617464946dcf9a126dde277d9de9804;hb=9fb89fa845c1b2e0a18d85ada0b077c84508ab78#l7473

This was verified by compiling the kernel with -fno-section-anchors
and observing that the ".LANCHOR1" ELF local symbol disappeared, and
modpost no longer warned about the section mismatch.  The serial
driver code idiom triggering the warning is standard Linux serial
driver practice that has a specific whitelist inclusion in modpost.c.

I'm neither a modpost nor an ELF expert, but naively, it doesn't seem
useful for modpost to report section mismatch warnings caused by ELF
local symbols by default.  Local symbols have compiler-generated
names, and thus bypass modpost's whitelisting algorithm, which relies
on the presence of a non-autogenerated symbol name.  This increases
the likelihood that false positive warnings will be generated (as in
the above case).

Thus, disable section mismatch reporting on ELF local symbols.  The
rationale here is similar to that of commit 2e3a10a155 ("ARM: avoid
ARM binutils leaking ELF local symbols") and of similar code already
present in modpost.c:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/scripts/mod/modpost.c?h=v4.19-rc4&id=7876320f88802b22d4e2daf7eb027dd14175a0f8#n1256

This third version of the patch implements a suggestion from Masahiro
Yamada <yamada.masahiro@socionext.com> to restructure the code as an
additional pattern matching step inside secref_whitelist(), and
further improves the patch description.

Signed-off-by: Paul Walmsley <paul.walmsley@sifive.com>
Signed-off-by: Paul Walmsley <paul@pwsan.com>
Acked-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-12-01 22:21:56 +09:00
Paul Walmsley
0987abcbee modpost: drop unused command line switches
Drop modpost command line switches that are no longer used by
makefile.modpost, upon request from Sam Ravnborg <sam@ravnborg.org>,
who wrote:

    modpost is not supposed to be used outside the kernel build. [...]
    I checked if there were any options supported by modpost that
    was not configurable in Makefile.modpost.
    And I could see that the -M and -K options in getopt() were leftovers.
    The code that used these option was dropped in:
    commit a8773769d1 ("Kbuild: clear marker out of modpost")

    Could you add a patch that delete these on top of what you already have.

https://lore.kernel.org/lkml/20181020140835.GA3351@ravnborg.org/

Suggested-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Paul Walmsley <paul.walmsley@sifive.com>
Signed-off-by: Paul Walmsley <paul@pwsan.com>
Acked-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-11-21 23:57:33 +09:00
Sami Tolvanen
5818c683a6 modpost: validate symbol names also in find_elf_symbol
If an ARM mapping symbol shares an address with a valid symbol,
find_elf_symbol can currently return the mapping symbol instead, as the
symbol is not validated. This can result in confusing warnings:

  WARNING: vmlinux.o(.text+0x18f4028): Section mismatch in reference
  from the function set_reset_devices() to the variable .init.text:$x.0

This change adds a call to is_valid_name to find_elf_symbol, similarly
to how it's already used in find_elf_symbol2.

Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-11-21 23:57:32 +09:00
Randy Dunlap
1f3aa9002d scripts: modpost: check memory allocation results
Fix missing error check for memory allocation functions in
scripts/mod/modpost.c.

Fixes kernel bugzilla #200319:
https://bugzilla.kernel.org/show_bug.cgi?id=200319

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Yuexing Wang <wangyxlandq@gmail.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-08-22 23:21:40 +09:00
Laura Abbott
9afb719e70 kbuild: Add build salt to the kernel and modules
In Fedora, the debug information is packaged separately (foo-debuginfo) and
can be installed separately. There's been a long standing issue where only
one version of a debuginfo info package can be installed at a time. There's
been an effort for Fedora for parallel debuginfo to rectify this problem.

Part of the requirement to allow parallel debuginfo to work is that build ids
are unique between builds. The existing upstream rpm implementation ensures
this by re-calculating the build-id using the version and release as a
seed. This doesn't work 100% for the kernel because of the vDSO which is
its own binary and doesn't get updated when embedded.

Fix this by adding some data in an ELF note for both the kernel and modules.
The data is controlled via a Kconfig option so distributions can set it
to an appropriate value to ensure uniqueness between builds.

Suggested-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Laura Abbott <labbott@redhat.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-07-18 01:18:05 +09:00
Masahiro Yamada
8b1857436b modpost: constify *modname function argument where possible
Neither find_module() nor read_symbols() does change *modname.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-05-17 22:45:00 +09:00
Masahiro Yamada
074a04f572 modpost: remove redundant is_vmlinux() test
The second test of is_vmlinux() is redundant.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-05-17 22:44:59 +09:00
Masahiro Yamada
d62c476521 modpost: use strstarts() helper more widely
Currently, strstarts() is only used in export_from_secname().
Use it more widely to improve the code readability.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-05-17 22:44:59 +09:00
Masahiro Yamada
bca2ccee4c modpost: pass struct elf_info pointer to get_modinfo()
get_(next_)modinfo takes a pointer and length pair of the .modinfo
section.  Instead, pass struct elf_info pointer to reduce the number
of function arguments.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-05-17 22:44:58 +09:00
Masahiro Yamada
b2c5cdcfd4 modpost: remove symbol prefix support
CONFIG_HAVE_UNDERSCORE_SYMBOL_PREFIX was selected by BLACKFIN, METAG.
They were removed by commit 4ba66a9760 ("arch: remove blackfin port"),
commit bb6fb6dfcc ("metag: Remove arch/metag/"), respectively.

No more architecture enables CONFIG_HAVE_UNDERSCORE_SYMBOL_PREFIX,
hence VMLINUX_SYMBOL_STR(foo) can be simplify replaced with "foo".

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Sam Ravnborg <sam@ravnborg.org>
2018-05-17 22:43:33 +09:00
David Howells
739d875dd6 mn10300: Remove the architecture
Remove the MN10300 arch as the hardware is defunct.

Suggested-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Masahiro Yamada <yamada.masahiro@socionext.com>
cc: linux-am33-list@redhat.com
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2018-03-09 23:19:56 +01:00
Linus Torvalds
581e400ff9 Modules updates for v4.16
Summary of modules changes for the 4.16 merge window:
 
 - Minor code cleanups and MAINTAINERS update
 
 Signed-off-by: Jessica Yu <jeyu@kernel.org>
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCgAGBQJaeyhuAAoJEMBFfjjOO8FyAEQP/RaFlbZWa7/wzOQ5uczUPJGQ
 bk+V3qdJ1m0ayI+hEPhxLeyIDeYcuWVM789FKJSfvl131gJ+8XTvzF9tgvbITiMh
 /LfYz1Qwgjb6gy/5x2z72irxTCL0leGZSkBeiUuQylIM0Pk9gYn/hh675jTsfPih
 fHTr5m5/1gokbmjqAIY8mPXilXJk2Df//BzLRnlUtXY7kLzkP41Cu3A9VKvaPzbj
 D/WqS+R7t/o11aTd3kwRYWQ73F4kcbdTEKmAQucDVOvtFrDZn5PxPzKRGhXB91yp
 Oa+sB4qQoG029/cQRF7X4PZAHP2wth5JxDavAjOKqNpGdYmniL+ihvldtabox0Nq
 ZWl9oKWs52Ga1xzhix0kSxiXkxwJk4x7oBTDxsud1w1MJJZzuHizGABJrKmvuEz7
 cVWFB7ZtLyG49vJmsJlZ7Zg5QfWeqJehf/2lSG6USwQDSukX8BvVqZQgYs2HGLxy
 lBgOI2y1V2LY8+w9d52nxyn8EIMWlnFK4KdUrtM5C2cIOLdeyvLcFas0M1VN1p3B
 TUCu+WeTbUzAAAeYDlKHoRObQAhSx/sx8B1oyAS4uubfvFVYWzTDPSStnevUFgmh
 Lo8Br64bEXF9RFQlanAPlfB+7OjANOmdQ/Hm6p63DchN6M2Q53v+bO8sGwUJfJCH
 RRaekrfJ2WT9T+kVh3+2
 =Qhww
 -----END PGP SIGNATURE-----

Merge tag 'modules-for-v4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux

Pull modules updates from Jessica Yu:
 "Minor code cleanups and MAINTAINERS update"

* tag 'modules-for-v4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux:
  modpost: Remove trailing semicolon
  ftrace/module: Move ftrace_release_mod() to ddebug_cleanup label
  MAINTAINERS: Remove from module & paravirt maintenance
2018-02-07 14:29:34 -08:00
Linus Torvalds
6304672b7f Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86/pti updates from Thomas Gleixner:
 "Another set of melted spectrum related changes:

   - Code simplifications and cleanups for RSB and retpolines.

   - Make the indirect calls in KVM speculation safe.

   - Whitelist CPUs which are known not to speculate from Meltdown and
     prepare for the new CPUID flag which tells the kernel that a CPU is
     not affected.

   - A less rigorous variant of the module retpoline check which merily
     warns when a non-retpoline protected module is loaded and reflects
     that fact in the sysfs file.

   - Prepare for Indirect Branch Prediction Barrier support.

   - Prepare for exposure of the Speculation Control MSRs to guests, so
     guest OSes which depend on those "features" can use them. Includes
     a blacklist of the broken microcodes. The actual exposure of the
     MSRs through KVM is still being worked on"

* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/speculation: Simplify indirect_branch_prediction_barrier()
  x86/retpoline: Simplify vmexit_fill_RSB()
  x86/cpufeatures: Clean up Spectre v2 related CPUID flags
  x86/cpu/bugs: Make retpoline module warning conditional
  x86/bugs: Drop one "mitigation" from dmesg
  x86/nospec: Fix header guards names
  x86/alternative: Print unadorned pointers
  x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
  x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
  x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
  x86/msr: Add definitions for new speculation control MSRs
  x86/cpufeatures: Add AMD feature bits for Speculation Control
  x86/cpufeatures: Add Intel feature bits for Speculation Control
  x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
  module/retpoline: Warn about missing retpoline in module
  KVM: VMX: Make indirect call speculation safe
  KVM: x86: Make indirect calls in emulator speculation safe
2018-01-29 19:08:02 -08:00
Andi Kleen
caf7501a1b module/retpoline: Warn about missing retpoline in module
There's a risk that a kernel which has full retpoline mitigations becomes
vulnerable when a module gets loaded that hasn't been compiled with the
right compiler or the right option.

To enable detection of that mismatch at module load time, add a module info
string "retpoline" at build time when the module was compiled with
retpoline support. This only covers compiled C source, but assembler source
or prebuilt object files are not checked.

If a retpoline enabled kernel detects a non retpoline protected module at
load time, print a warning and report it in the sysfs vulnerability file.

[ tglx: Massaged changelog ]

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: gregkh@linuxfoundation.org
Cc: torvalds@linux-foundation.org
Cc: jeyu@kernel.org
Cc: arjan@linux.intel.com
Link: https://lkml.kernel.org/r/20180125235028.31211-1-andi@firstfloor.org
2018-01-26 15:03:56 +01:00
Luis de Bethencourt
0cad61d7a3 modpost: Remove trailing semicolon
The trailing semicolon is an empty statement that does no operation.
Removing it since it doesn't do anything.

Signed-off-by: Luis de Bethencourt <luisbg@kernel.org>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2018-01-16 18:34:04 +01:00
Randy Dunlap
ba1029c9cb modpost: detect modules without a MODULE_LICENSE
Partially revert commit 2fa3656829 ("kbuild: soften MODULE_LICENSE
check") so that modpost detects modules that do not have a
MODULE_LICENSE.

Sam's commit also changed the fatal error to a warning, which I am
leaving as is.

This gives advance notice of when a module has no license and will taint
the kernel if the module is loaded.

This produces the following warnings on x86_64 allmodconfig:

    MODPOST 6520 modules
  WARNING: modpost: missing MODULE_LICENSE() in drivers/auxdisplay/img-ascii-lcd.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/gpio/gpio-ath79.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/gpio/gpio-iop.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/iio/accel/kxsd9-i2c.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/iio/adc/qcom-vadc-common.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/media/platform/mtk-vcodec/mtk-vcodec-common.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/media/platform/soc_camera/soc_scale_crop.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/mtd/nand/denali_pci.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/net/phy/cortina.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/pinctrl/pxa/pinctrl-pxa2xx.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/power/reset/zx-reboot.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/rpmsg/qcom_glink_native.o
  WARNING: modpost: missing MODULE_LICENSE() in drivers/staging/comedi/drivers/ni_atmio.o
  WARNING: modpost: missing MODULE_LICENSE() in net/9p/9pnet_xen.o
  WARNING: modpost: missing MODULE_LICENSE() in sound/soc/codecs/snd-soc-pcm512x-spi.o

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-12 13:47:40 -08:00
Linus Torvalds
4791bcccf8 Modules updates for v4.14
Summary of modules changes for the 4.14 merge window:
 
 - Minor code cleanups and fixes
 
 - modpost: avoid building modules that have names that exceed the size
   of the name field in struct module
 
 Signed-off-by: Jessica Yu <jeyu@kernel.org>
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCgAGBQJZuOmrAAoJEMBFfjjOO8FySvAP/2SLHR+HLU53jbUdQTZF4cYp
 2PitELmICHSOmBC2frBsZiy1Dnzh2LDHM4gEenWYkk2nUfpPbURYi+43xbUKugmR
 I1pwr5aanibogCfu2C/xi57RonxkS0l/BsFOorFPNNqH8H24rsZaUfNMUtuOsh3D
 K1KjM/N5BTncVF2wdXogPl1mlngtzM1Nvu02EbmltJYlTmwv+BlHc6xu4677sW6u
 zeZ1gBt/oeKIgenYphL/NmbdI6veV8LVUd5EzcK7QQCbp2Pf/gAKQakQauDHNmRp
 WQtNhTksvbKS1qmTX8Qf4UE1i9Sfzg1kokg3AMIsIFJMFCN+WkGz38yTzoNDRUgi
 afv9Z0XPgBfoGvwZ2RCPtZqZXC/OHEUbhfnXTFPnjIQAHTrNWNGzwj89RXKTCTLz
 dCgA4zUZ9DgGyve2iqDvgWSn+Tb2RevPhajzepEcpz+UNUdXQRJHdcVEfLXWN/1u
 dqYXiLWSIcCfqIRl4RDwYeTSbeY9GrLkLzHsL7YSGVL//jubEoKjsSEr2cLsngtr
 953jbA+El2DwnPJDoeEAOIN0XBg4arA9Roj4eIBeqG7y/BGpIn0HI+fZui5zxAoR
 1fWhmqG5Uvoz/hzWwWOQTu3cQP2fgyJ5Jzg784oLjF8LwCrZYWc+yDdO+J5WywFJ
 iA7DBkZoajKFQjf9SZkU
 =oTCM
 -----END PGP SIGNATURE-----

Merge tag 'modules-for-v4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux

Pull modules updates from Jessica Yu:
 "Summary of modules changes for the 4.14 merge window:

   - minor code cleanups and fixes

   - modpost: avoid building modules that have names that exceed the
     size of the name field in struct module"

* tag 'modules-for-v4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux:
  module: Remove const attribute from alias for MODULE_DEVICE_TABLE
  module: fix ddebug_remove_module()
  modpost: abort if module name is too long
2017-09-13 11:28:19 -07:00
Masahiro Yamada
6124c04c13 modpost: simplify sec_name()
There is code duplication between sec_name() and sech_name().  Simplify
sec_name() by re-using sech_name().  Also, move them up to remove the
forward declaration of sec_name().

Link: http://lkml.kernel.org/r/1502248721-22009-1-git-send-email-yamada.masahiro@socionext.com
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Nicholas Piggin <npiggin@gmail.com>
Cc: Jessica Yu <jeyu@redhat.com>
Cc: Chris Metcalf <cmetcalf@mellanox.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-06 17:27:24 -07:00
Wanlong Gao
4fd3e4ef1f modpost: abort if module name is too long
Module name has a limited length, but currently the build system
allows the build finishing even if the module name is too long.

  CC      /root/kprobe_example/abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz.mod.o
 /root/kprobe_example/abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz.mod.c:9:2:
 warning: initializer-string for array of chars is too long [enabled by default]
  .name = KBUILD_MODNAME,
  ^

but it's merely a warning.

This patch adds the check of the module name length in modpost and stops
the build properly.

Signed-off-by: Wanlong Gao <wanlong.gao@gmail.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
2017-07-25 15:08:19 +02:00
Kees Cook
3e2e857f9c module: Add module name to modinfo
Accessing the mod structure (e.g. for mod->name) prior to having completed
check_modstruct_version() can result in writing garbage to the error logs
if the layout of the mod structure loaded from disk doesn't match the
running kernel's mod structure layout. This kind of mismatch will become
much more likely if a kernel is built with different randomization seed
for the struct layout randomization plugin.

Instead, add and use a new modinfo string for logging the module name.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jessica Yu <jeyu@redhat.com>
2017-05-23 14:08:31 -07:00
Josh Poimboeuf
e390f9a968 objtool, modules: Discard objtool annotation sections for modules
The '__unreachable' and '__func_stack_frame_non_standard' sections are
only used at compile time.  They're discarded for vmlinux but they
should also be discarded for modules.

Since this is a recurring pattern, prefix the section names with
".discard.".  It's a nice convention and vmlinux.lds.h already discards
such sections.

Also remove the 'a' (allocatable) flag from the __unreachable section
since it doesn't make sense for a discarded section.

Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Jessica Yu <jeyu@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Fixes: d1091c7fa3 ("objtool: Improve detection of BUG() and other dead ends")
Link: http://lkml.kernel.org/r/20170301180444.lhd53c5tibc4ns77@treble
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-03-01 20:32:25 +01:00