Commit ce0c1c92 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'modules-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux 

Pull modules updates from Luis Chamberlain:
 "Christophe Leroy did most of the work on this release, first with a
  few cleanups on CONFIG_STRICT_KERNEL_RWX and ending with error
  handling for when set_memory_XX() can fail.

  This is part of a larger effort to clean up all these callers which
  can fail, modules is just part of it"

* tag 'modules-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux:
  module: Don't ignore errors from set_memory_XX()
  lib/test_kmod: fix kernel-doc warnings
  powerpc: Simplify strict_kernel_rwx_enabled()
  modules: Remove #ifdef CONFIG_STRICT_MODULE_RWX around rodata_enabled
  init: Declare rodata_enabled and mark_rodata_ro() at all time
  module: Change module_enable_{nx/x/ro}() to more explicit names
  module: Use set_memory_rox()
parents 70ef6544 d1909c02

arch/powerpc/include/asm/mmu.h

+1 −8
Original line number Diff line number Diff line
@@ -330,17 +330,10 @@ static __always_inline bool early_radix_enabled(void) 
	return early_mmu_has_feature(MMU_FTR_TYPE_RADIX);

}



#ifdef CONFIG_STRICT_KERNEL_RWX

static inline bool strict_kernel_rwx_enabled(void)

{

	return rodata_enabled;

	return IS_ENABLED(CONFIG_STRICT_KERNEL_RWX) && rodata_enabled;

}

#else

static inline bool strict_kernel_rwx_enabled(void)

{

	return false;

}

#endif



static inline bool strict_module_rwx_enabled(void)

{

include/linux/init.h

+0 −4
Original line number Diff line number Diff line
@@ -168,12 +168,8 @@ extern initcall_entry_t __initcall_end[]; 


extern struct file_system_type rootfs_fs_type;



#if defined(CONFIG_STRICT_KERNEL_RWX) || defined(CONFIG_STRICT_MODULE_RWX)

extern bool rodata_enabled;

#endif

#ifdef CONFIG_STRICT_KERNEL_RWX

void mark_rodata_ro(void);

#endif



extern void (*late_time_init)(void);

init/main.c

+7 −14
Original line number Diff line number Diff line
@@ -1401,10 +1401,9 @@ static int __init set_debug_rodata(char *str) 
early_param("rodata", set_debug_rodata);

#endif



#ifdef CONFIG_STRICT_KERNEL_RWX

static void mark_readonly(void)

{

	if (rodata_enabled) {

	if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX) && rodata_enabled) {

		/*

		 * load_module() results in W+X mappings, which are cleaned

		 * up with call_rcu().  Let's make sure that queued work is
@@ -1414,20 +1413,14 @@ static void mark_readonly(void) 
		rcu_barrier();

		mark_rodata_ro();

		rodata_test();

	} else

	} else if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {

		pr_info("Kernel memory protection disabled.\n");

}

#elif defined(CONFIG_ARCH_HAS_STRICT_KERNEL_RWX)

static inline void mark_readonly(void)

{

	} else if (IS_ENABLED(CONFIG_ARCH_HAS_STRICT_KERNEL_RWX)) {

		pr_warn("Kernel memory protection not selected by kernel config.\n");

}

#else

static inline void mark_readonly(void)

{

	} else {

		pr_warn("This architecture does not have kernel memory protection.\n");

	}

#endif

}



void __weak free_initmem(void)

{

kernel/module/internal.h

+3 −3
Original line number Diff line number Diff line
@@ -322,9 +322,9 @@ static inline struct module *mod_find(unsigned long addr, struct mod_tree_root * 
}

#endif /* CONFIG_MODULES_TREE_LOOKUP */



void module_enable_ro(const struct module *mod, bool after_init);

void module_enable_nx(const struct module *mod);

void module_enable_x(const struct module *mod);

int module_enable_rodata_ro(const struct module *mod, bool after_init);

int module_enable_data_nx(const struct module *mod);

int module_enable_text_rox(const struct module *mod);

int module_enforce_rwx_sections(Elf_Ehdr *hdr, Elf_Shdr *sechdrs,

				char *secstrings, struct module *mod);

kernel/module/main.c

+16 −4
Original line number Diff line number Diff line
@@ -2571,7 +2571,9 @@ static noinline int do_init_module(struct module *mod) 
	/* Switch to core kallsyms now init is done: kallsyms may be walking! */

	rcu_assign_pointer(mod->kallsyms, &mod->core_kallsyms);

#endif

	module_enable_ro(mod, true);

	ret = module_enable_rodata_ro(mod, true);

	if (ret)

		goto fail_mutex_unlock;

	mod_tree_remove_init(mod);

	module_arch_freeing_init(mod);

	for_class_mod_mem_type(type, init) {
@@ -2609,6 +2611,8 @@ static noinline int do_init_module(struct module *mod) 


	return 0;



fail_mutex_unlock:

	mutex_unlock(&module_mutex);

fail_free_freeinit:

	kfree(freeinit);

fail:
@@ -2736,9 +2740,15 @@ static int complete_formation(struct module *mod, struct load_info *info) 
	module_bug_finalize(info->hdr, info->sechdrs, mod);

	module_cfi_finalize(info->hdr, info->sechdrs, mod);



	module_enable_ro(mod, false);

	module_enable_nx(mod);

	module_enable_x(mod);

	err = module_enable_rodata_ro(mod, false);

	if (err)

		goto out_strict_rwx;

	err = module_enable_data_nx(mod);

	if (err)

		goto out_strict_rwx;

	err = module_enable_text_rox(mod);

	if (err)

		goto out_strict_rwx;



	/*

	 * Mark state as coming so strong_try_module_get() ignores us,
@@ -2749,6 +2759,8 @@ static int complete_formation(struct module *mod, struct load_info *info) 


	return 0;



out_strict_rwx:

	module_bug_cleanup(mod);

out:

	mutex_unlock(&module_mutex);

	return err;