Re: [PATCH v12 01/14] module: Move all into module/

From: Luis Chamberlain <mcgrof@kernel.org>
To: Saravana Kannan <saravanak@google.com>,
	Linus Torvalds <torvalds@linux-foundation.org>
Cc: Aaron Tomlin <atomlin@redhat.com>,
	christophe.leroy@csgroup.eu, cl@linux.com, mbenes@suse.cz,
	akpm@linux-foundation.org, jeyu@kernel.org,
	linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org,
	void@manifault.com, atomlin@atomlin.com, allen.lkml@gmail.com,
	joe@perches.com, msuchanek@suse.de, oleksandr@natalenko.name,
	jason.wessel@windriver.com, pmladek@suse.com,
	daniel.thompson@linaro.org, hch@infradead.org,
	kernel-team@android.com
Subject: Re: [PATCH v12 01/14] module: Move all into module/
Date: Thu, 2 Jun 2022 12:14:58 -0700	[thread overview]
Message-ID: <YpkMMg8rskMRXfXS@bombadil.infradead.org> (raw)
In-Reply-To: <20220602034111.4163292-1-saravanak@google.com>

On Wed, Jun 01, 2022 at 08:41:11PM -0700, Saravana Kannan wrote:
> Aaron Tomlin <atomlin@redhat.com> wrote:
> > No functional changes.
> 
> I could be mistaken, but I think this has a functional change and could
> break module signature enforcement in some cases.
> 
> > 
> > This patch moves all module related code into a separate directory,
> > modifies each file name and creates a new Makefile. Note: this effort
> > is in preparation to refactor core module code.
> > 
> > Reviewed-by: Christophe Leroy <christophe.leroy@csgroup.eu>
> > Signed-off-by: Aaron Tomlin <atomlin@redhat.com>
> > ---
> >  MAINTAINERS                                         |  2 +-
> >  kernel/Makefile                                     |  5 +----
> >  kernel/module/Makefile                              | 12 ++++++++++++
> >  kernel/{module_decompress.c => module/decompress.c} |  2 +-
> >  kernel/{module-internal.h => module/internal.h}     |  0
> >  kernel/{module.c => module/main.c}                  |  2 +-
> >  kernel/{module_signing.c => module/signing.c}       |  2 +-
> 
> I spent at least an hour trying to figure out how the code below in
> module/signing.c (was moved from module/main.c in a later patch in this
> series) managed to have a "module" prefix for "module.sig_enforce" kernel
> cmdline param and for the /sys/module/module/parameters/sig_enforce file.
> 
> static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
> module_param(sig_enforce, bool_enable_only, 0644);
> 
> I thought I was missing something until I realized this was a very recent
> change and might actually be a bug. If I'm not mistaken, the prefix will
> now become "signing". So the kernel cmdline param would get ignore and any
> userspace writes to /sys/module/module/parameters/sig_enforce will start
> failing.
> 
> I don't have a device to boot 5.19-rcX in, but I think I'm right. Can
> someone confirm?
> 
> If my code analysis is right, then the fix seems to be adding this code
> before the module_param() line.
> 
> diff --git a/kernel/module/signing.c b/kernel/module/signing.c
> index 85c8999dfecf..6b0672e4417b 100644
> --- a/kernel/module/signing.c
> +++ b/kernel/module/signing.c
> @@ -16,6 +16,11 @@
>  #include <uapi/linux/module.h>
>  #include "internal.h"
>  
> +#ifdef MODULE_PARAM_PREFIX
> +#undef MODULE_PARAM_PREFIX
> +#endif
> +#define MODULE_PARAM_PREFIX "module."
> +
>  static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
>  module_param(sig_enforce, bool_enable_only, 0644);

That fix would make sense, can you send a proper patch ?
The form:

#ifdef MODULE_PARAM_PREFIX                                                   
#undef MODULE_PARAM_PREFIX                                                   
#endif                                                                       
#define MODULE_PARAM_PREFIX "whatever."

Is surprisingly actuaclly quite common, later on we should add helper
to make these more well known. Right now this is obscure tribal
knowledge when splitting up files.

  Luis