Re: [PATCH v12 01/14] module: Move all into module/

[PATCH v12 00/14] module: core code clean up · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 01/14] module: Move all into module/ · Aaron Tomlin <hidden> · 2022-03-22
Re: [PATCH v12 01/14] module: Move all into module/ · Saravana Kannan <hidden> · 2022-06-02
Re: [PATCH v12 01/14] module: Move all into module/ · Luis Chamberlain <mcgrof@kernel.org> · 2022-06-02
[PATCH v1] module: Fix prefix for module.sig_enforce module param · Saravana Kannan <hidden> · 2022-06-02
Re: [PATCH v1] module: Fix prefix for module.sig_enforce module param · Luis Chamberlain <mcgrof@kernel.org> · 2022-06-02
Re: [PATCH v1] module: Fix prefix for module.sig_enforce module param · Linus Torvalds <torvalds@linux-foundation.org> · 2022-06-02
Re: [PATCH v1] module: Fix prefix for module.sig_enforce module param · Saravana Kannan <hidden> · 2022-06-02
Re: [PATCH v1] module: Fix prefix for module.sig_enforce module param · Luis Chamberlain <mcgrof@kernel.org> · 2022-06-02
Re: [PATCH v1] module: Fix prefix for module.sig_enforce module param · Saravana Kannan <hidden> · 2022-06-03
Re: [PATCH v1] module: Fix prefix for module.sig_enforce module param · Randy Dunlap <hidden> · 2022-06-03
Re: [PATCH v1] module: Fix prefix for module.sig_enforce module param · Aaron Tomlin <hidden> · 2022-06-02
[PATCH v12 02/14] module: Simple refactor in preparation for split · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 03/14] module: Make internal.h and decompress.c more compliant · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 05/14] module: Move latched RB-tree support to a separate file · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 04/14] module: Move livepatch support to a separate file · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 06/14] module: Move strict rwx support to a separate file · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 07/14] module: Move extra signature support out of core code · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 08/14] module: Move kmemleak support to a separate file · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 09/14] module: Move kallsyms support into a separate file · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 10/14] module: kallsyms: Fix suspicious rcu usage · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 11/14] module: Move procfs support into a separate file · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 12/14] module: Move sysfs support into a separate file · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 13/14] module: Move kdb module related code out of main kdb code · Aaron Tomlin <hidden> · 2022-03-22
[PATCH v12 14/14] module: Move version support into a separate file · Aaron Tomlin <hidden> · 2022-03-22
Re: [PATCH v12 00/14] module: core code clean up · Michal Suchánek <hidden> · 2022-03-22
Re: [PATCH v12 00/14] module: core code clean up · Luis Chamberlain <mcgrof@kernel.org> · 2022-03-22

From: Saravana Kannan <hidden>
Date: 2022-06-02 03:41:25
Also in: lkml
Subsystem: module support, the rest · Maintainers: Luis Chamberlain, Petr Pavlu, Daniel Gomez, Sami Tolvanen, Linus Torvalds

Aaron Tomlin [off-list ref] wrote:

No functional changes.

I could be mistaken, but I think this has a functional change and could
break module signature enforcement in some cases.

This patch moves all module related code into a separate directory,
modifies each file name and creates a new Makefile. Note: this effort
is in preparation to refactor core module code.

Reviewed-by: Christophe Leroy <redacted>
Signed-off-by: Aaron Tomlin <redacted>
---
 MAINTAINERS                                         |  2 +-
 kernel/Makefile                                     |  5 +----
 kernel/module/Makefile                              | 12 ++++++++++++
 kernel/{module_decompress.c => module/decompress.c} |  2 +-
 kernel/{module-internal.h => module/internal.h}     |  0
 kernel/{module.c => module/main.c}                  |  2 +-
 kernel/{module_signing.c => module/signing.c}       |  2 +-

I spent at least an hour trying to figure out how the code below in
module/signing.c (was moved from module/main.c in a later patch in this
series) managed to have a "module" prefix for "module.sig_enforce" kernel
cmdline param and for the /sys/module/module/parameters/sig_enforce file.

static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
module_param(sig_enforce, bool_enable_only, 0644);

I thought I was missing something until I realized this was a very recent
change and might actually be a bug. If I'm not mistaken, the prefix will
now become "signing". So the kernel cmdline param would get ignore and any
userspace writes to /sys/module/module/parameters/sig_enforce will start
failing.

I don't have a device to boot 5.19-rcX in, but I think I'm right. Can
someone confirm?

If my code analysis is right, then the fix seems to be adding this code
before the module_param() line.

diff --git a/kernel/module/signing.c b/kernel/module/signing.c
index 85c8999dfecf..6b0672e4417b 100644
--- a/kernel/module/signing.c
+++ b/kernel/module/signing.c

@@ -16,6 +16,11 @@
 #include <uapi/linux/module.h>
 #include "internal.h"
 
+#ifdef MODULE_PARAM_PREFIX
+#undef MODULE_PARAM_PREFIX
+#endif
+#define MODULE_PARAM_PREFIX "module."
+
 static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
 module_param(sig_enforce, bool_enable_only, 0644);

-Saravana

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help