All of lore.kernel.org
 help / color / mirror / Atom feed
* inherit TAINT_PROPRIETARY_MODULE v2
@ 2020-07-30  6:10 Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 1/8] modules: mark ref_module static Christoph Hellwig
                   ` (8 more replies)
  0 siblings, 9 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

Hi Jessica,

we've had a bug in our resolution of _GPL modules since day one, that
is a module can claim to be GPL licensed and use _GPL exports, while
it also depends on symbols from non-GPL modules.  This is used as a
circumvention of the _GPL exports by using a small shim module using
the _GPL exports and the other functionality.  A recent example can
be found here:

    https://lore.kernel.org/netdev/6376CA34-BC6F-45DE-9FFD-7E32664C7569@fb.com/T/#md514322fdfa212afe9f1d3eb4e5f7eaefece36eb

Changes since v1:
 - standardize on one spelling of "license"
 - fix a commit message type

Diffstat:
 include/linux/module.h |   26 +++-----------------------
 kernel/module.c        |   46 +++++++++++++++++++++++++++++-----------------
 2 files changed, 32 insertions(+), 40 deletions(-)

^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH 1/8] modules: mark ref_module static
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
@ 2020-07-30  6:10 ` Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 2/8] modules: mark find_symbol static Christoph Hellwig
                   ` (7 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

ref_module isn't used anywhere outside of module.c.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 include/linux/module.h | 1 -
 kernel/module.c        | 6 ++----
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/include/linux/module.h b/include/linux/module.h
index 2e6670860d275f..f1fdbeef2153a8 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -657,7 +657,6 @@ static inline void __module_get(struct module *module)
 #define symbol_put_addr(p) do { } while (0)
 
 #endif /* CONFIG_MODULE_UNLOAD */
-int ref_module(struct module *a, struct module *b);
 
 /* This is a #define so the string doesn't get put in every .o file */
 #define module_name(mod)			\
diff --git a/kernel/module.c b/kernel/module.c
index aa183c9ac0a256..17d64dae756c80 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -869,7 +869,7 @@ static int add_module_usage(struct module *a, struct module *b)
 }
 
 /* Module a uses b: caller needs module_mutex() */
-int ref_module(struct module *a, struct module *b)
+static int ref_module(struct module *a, struct module *b)
 {
 	int err;
 
@@ -888,7 +888,6 @@ int ref_module(struct module *a, struct module *b)
 	}
 	return 0;
 }
-EXPORT_SYMBOL_GPL(ref_module);
 
 /* Clear the unload stuff of the module. */
 static void module_unload_free(struct module *mod)
@@ -1169,11 +1168,10 @@ static inline void module_unload_free(struct module *mod)
 {
 }
 
-int ref_module(struct module *a, struct module *b)
+static int ref_module(struct module *a, struct module *b)
 {
 	return strong_try_module_get(b);
 }
-EXPORT_SYMBOL_GPL(ref_module);
 
 static inline int module_unload_init(struct module *mod)
 {
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* [PATCH 2/8] modules: mark find_symbol static
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 1/8] modules: mark ref_module static Christoph Hellwig
@ 2020-07-30  6:10 ` Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 3/8] modules: mark each_symbol_section static Christoph Hellwig
                   ` (6 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

find_symbol is only used in module.c.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 include/linux/module.h | 11 -----------
 kernel/module.c        |  3 +--
 2 files changed, 1 insertion(+), 13 deletions(-)

diff --git a/include/linux/module.h b/include/linux/module.h
index f1fdbeef2153a8..90bdc362be3681 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -590,17 +590,6 @@ struct symsearch {
 	bool unused;
 };
 
-/*
- * Search for an exported symbol by name.
- *
- * Must be called with module_mutex held or preemption disabled.
- */
-const struct kernel_symbol *find_symbol(const char *name,
-					struct module **owner,
-					const s32 **crc,
-					bool gplok,
-					bool warn);
-
 /*
  * Walk the exported symbol table
  *
diff --git a/kernel/module.c b/kernel/module.c
index 17d64dae756c80..84da96a6d8241c 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -585,7 +585,7 @@ static bool find_exported_symbol_in_section(const struct symsearch *syms,
 
 /* Find an exported symbol and return it, along with, (optional) crc and
  * (optional) module which owns it.  Needs preempt disabled or module_mutex. */
-const struct kernel_symbol *find_symbol(const char *name,
+static const struct kernel_symbol *find_symbol(const char *name,
 					struct module **owner,
 					const s32 **crc,
 					bool gplok,
@@ -608,7 +608,6 @@ const struct kernel_symbol *find_symbol(const char *name,
 	pr_debug("Failed to find symbol %s\n", name);
 	return NULL;
 }
-EXPORT_SYMBOL_GPL(find_symbol);
 
 /*
  * Search for module by name: must hold module_mutex (or preempt disabled
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* [PATCH 3/8] modules: mark each_symbol_section static
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 1/8] modules: mark ref_module static Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 2/8] modules: mark find_symbol static Christoph Hellwig
@ 2020-07-30  6:10 ` Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 4/8] modules: unexport __module_text_address Christoph Hellwig
                   ` (5 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

each_symbol_section is only used inside of module.c.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 include/linux/module.h | 9 ---------
 kernel/module.c        | 3 +--
 2 files changed, 1 insertion(+), 11 deletions(-)

diff --git a/include/linux/module.h b/include/linux/module.h
index 90bdc362be3681..b79219eed83c56 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -590,15 +590,6 @@ struct symsearch {
 	bool unused;
 };
 
-/*
- * Walk the exported symbol table
- *
- * Must be called with module_mutex held or preemption disabled.
- */
-bool each_symbol_section(bool (*fn)(const struct symsearch *arr,
-				    struct module *owner,
-				    void *data), void *data);
-
 /* Returns 0 and fills in value, defined and namebuf, or -ERANGE if
    symnum out of range. */
 int module_get_kallsym(unsigned int symnum, unsigned long *value, char *type,
diff --git a/kernel/module.c b/kernel/module.c
index 84da96a6d8241c..feeaa9629eb179 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -422,7 +422,7 @@ static bool each_symbol_in_section(const struct symsearch *arr,
 }
 
 /* Returns true as soon as fn returns true, otherwise false. */
-bool each_symbol_section(bool (*fn)(const struct symsearch *arr,
+static bool each_symbol_section(bool (*fn)(const struct symsearch *arr,
 				    struct module *owner,
 				    void *data),
 			 void *data)
@@ -484,7 +484,6 @@ bool each_symbol_section(bool (*fn)(const struct symsearch *arr,
 	}
 	return false;
 }
-EXPORT_SYMBOL_GPL(each_symbol_section);
 
 struct find_symbol_arg {
 	/* Input */
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* [PATCH 4/8] modules: unexport __module_text_address
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
                   ` (2 preceding siblings ...)
  2020-07-30  6:10 ` [PATCH 3/8] modules: mark each_symbol_section static Christoph Hellwig
@ 2020-07-30  6:10 ` Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 5/8] modules: unexport __module_address Christoph Hellwig
                   ` (4 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

__module_text_address is only used by built-in code.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 kernel/module.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/kernel/module.c b/kernel/module.c
index feeaa9629eb179..d241866f9d4a2b 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -4508,7 +4508,6 @@ struct module *__module_text_address(unsigned long addr)
 	}
 	return mod;
 }
-EXPORT_SYMBOL_GPL(__module_text_address);
 
 /* Don't grab lock, we're oopsing. */
 void print_modules(void)
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* [PATCH 5/8] modules: unexport __module_address
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
                   ` (3 preceding siblings ...)
  2020-07-30  6:10 ` [PATCH 4/8] modules: unexport __module_text_address Christoph Hellwig
@ 2020-07-30  6:10 ` Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 6/8] modules: rename the licence field in struct symsearch to license Christoph Hellwig
                   ` (3 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

__module_address is only used by built-in code.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 kernel/module.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/kernel/module.c b/kernel/module.c
index d241866f9d4a2b..54e853c7212f72 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -4469,7 +4469,6 @@ struct module *__module_address(unsigned long addr)
 	}
 	return mod;
 }
-EXPORT_SYMBOL_GPL(__module_address);
 
 /*
  * is_module_text_address - is this address inside module code?
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* [PATCH 6/8] modules: rename the licence field in struct symsearch to license
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
                   ` (4 preceding siblings ...)
  2020-07-30  6:10 ` [PATCH 5/8] modules: unexport __module_address Christoph Hellwig
@ 2020-07-30  6:10 ` Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 7/8] modules: return licensing information from find_symbol Christoph Hellwig
                   ` (2 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

Use the same spelling variant as the rest of the file.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 include/linux/module.h | 2 +-
 kernel/module.c        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/linux/module.h b/include/linux/module.h
index b79219eed83c56..be04ba2f881daa 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -586,7 +586,7 @@ struct symsearch {
 		NOT_GPL_ONLY,
 		GPL_ONLY,
 		WILL_BE_GPL_ONLY,
-	} licence;
+	} license;
 	bool unused;
 };
 
diff --git a/kernel/module.c b/kernel/module.c
index 54e853c7212f72..a0df783a8a6e5b 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -504,9 +504,9 @@ static bool check_exported_symbol(const struct symsearch *syms,
 	struct find_symbol_arg *fsa = data;
 
 	if (!fsa->gplok) {
-		if (syms->licence == GPL_ONLY)
+		if (syms->license == GPL_ONLY)
 			return false;
-		if (syms->licence == WILL_BE_GPL_ONLY && fsa->warn) {
+		if (syms->license == WILL_BE_GPL_ONLY && fsa->warn) {
 			pr_warn("Symbol %s is being used by a non-GPL module, "
 				"which will not be allowed in the future\n",
 				fsa->name);
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* [PATCH 7/8] modules: return licensing information from find_symbol
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
                   ` (5 preceding siblings ...)
  2020-07-30  6:10 ` [PATCH 6/8] modules: rename the licence field in struct symsearch to license Christoph Hellwig
@ 2020-07-30  6:10 ` Christoph Hellwig
  2020-07-30  6:10 ` [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE Christoph Hellwig
  2020-07-31 20:11 ` inherit TAINT_PROPRIETARY_MODULE v2 josh
  8 siblings, 0 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

Report the GPLONLY status through a new argument.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 include/linux/module.h |  2 +-
 kernel/module.c        | 16 +++++++++++-----
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/include/linux/module.h b/include/linux/module.h
index be04ba2f881daa..30b0f5fcdb3c37 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -582,7 +582,7 @@ struct module *find_module(const char *name);
 struct symsearch {
 	const struct kernel_symbol *start, *stop;
 	const s32 *crcs;
-	enum {
+	enum mod_license {
 		NOT_GPL_ONLY,
 		GPL_ONLY,
 		WILL_BE_GPL_ONLY,
diff --git a/kernel/module.c b/kernel/module.c
index a0df783a8a6e5b..afb2bfdd5134b3 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -495,6 +495,7 @@ struct find_symbol_arg {
 	struct module *owner;
 	const s32 *crc;
 	const struct kernel_symbol *sym;
+	enum mod_license license;
 };
 
 static bool check_exported_symbol(const struct symsearch *syms,
@@ -528,6 +529,7 @@ static bool check_exported_symbol(const struct symsearch *syms,
 	fsa->owner = owner;
 	fsa->crc = symversion(syms->crcs, symnum);
 	fsa->sym = &syms->start[symnum];
+	fsa->license = syms->license;
 	return true;
 }
 
@@ -587,6 +589,7 @@ static bool find_exported_symbol_in_section(const struct symsearch *syms,
 static const struct kernel_symbol *find_symbol(const char *name,
 					struct module **owner,
 					const s32 **crc,
+					enum mod_license *license,
 					bool gplok,
 					bool warn)
 {
@@ -601,6 +604,8 @@ static const struct kernel_symbol *find_symbol(const char *name,
 			*owner = fsa.owner;
 		if (crc)
 			*crc = fsa.crc;
+		if (license)
+			*license = fsa.license;
 		return fsa.sym;
 	}
 
@@ -1074,7 +1079,7 @@ void __symbol_put(const char *symbol)
 	struct module *owner;
 
 	preempt_disable();
-	if (!find_symbol(symbol, &owner, NULL, true, false))
+	if (!find_symbol(symbol, &owner, NULL, NULL, true, false))
 		BUG();
 	module_put(owner);
 	preempt_enable();
@@ -1352,7 +1357,7 @@ static inline int check_modstruct_version(const struct load_info *info,
 	 * locking is necessary -- use preempt_disable() to placate lockdep.
 	 */
 	preempt_disable();
-	if (!find_symbol("module_layout", NULL, &crc, true, false)) {
+	if (!find_symbol("module_layout", NULL, &crc, NULL, true, false)) {
 		preempt_enable();
 		BUG();
 	}
@@ -1436,6 +1441,7 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
 	struct module *owner;
 	const struct kernel_symbol *sym;
 	const s32 *crc;
+	enum mod_license license;
 	int err;
 
 	/*
@@ -1445,7 +1451,7 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
 	 */
 	sched_annotate_sleep();
 	mutex_lock(&module_mutex);
-	sym = find_symbol(name, &owner, &crc,
+	sym = find_symbol(name, &owner, &crc, &license,
 			  !(mod->taints & (1 << TAINT_PROPRIETARY_MODULE)), true);
 	if (!sym)
 		goto unlock;
@@ -2216,7 +2222,7 @@ void *__symbol_get(const char *symbol)
 	const struct kernel_symbol *sym;
 
 	preempt_disable();
-	sym = find_symbol(symbol, &owner, NULL, true, true);
+	sym = find_symbol(symbol, &owner, NULL, NULL, true, true);
 	if (sym && strong_try_module_get(owner))
 		sym = NULL;
 	preempt_enable();
@@ -2252,7 +2258,7 @@ static int verify_exported_symbols(struct module *mod)
 	for (i = 0; i < ARRAY_SIZE(arr); i++) {
 		for (s = arr[i].sym; s < arr[i].sym + arr[i].num; s++) {
 			if (find_symbol(kernel_symbol_name(s), &owner, NULL,
-					true, false)) {
+					NULL, true, false)) {
 				pr_err("%s: exports duplicate symbol %s"
 				       " (owned by %s)\n",
 				       mod->name, kernel_symbol_name(s),
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
                   ` (6 preceding siblings ...)
  2020-07-30  6:10 ` [PATCH 7/8] modules: return licensing information from find_symbol Christoph Hellwig
@ 2020-07-30  6:10 ` Christoph Hellwig
  2020-07-30 14:12   ` Jessica Yu
  2020-08-04 18:52     ` daniel
  2020-07-31 20:11 ` inherit TAINT_PROPRIETARY_MODULE v2 josh
  8 siblings, 2 replies; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30  6:10 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Greg Kroah-Hartman, open list

If a TAINT_PROPRIETARY_MODULE exports symbol, inherit the taint flag
for all modules importing these symbols, and don't allow loading
symbols from TAINT_PROPRIETARY_MODULE modules if the module previously
imported gplonly symbols.  Add a anti-circumvention devices so people
don't accidentally get themselves into trouble this way.

Comment from Greg:
 Ah, the proven-to-be-illegal "GPL Condom" defense :)

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 include/linux/module.h |  1 +
 kernel/module.c        | 12 ++++++++++++
 2 files changed, 13 insertions(+)

diff --git a/include/linux/module.h b/include/linux/module.h
index 30b0f5fcdb3c37..e30ed5fa33a738 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -389,6 +389,7 @@ struct module {
 	unsigned int num_gpl_syms;
 	const struct kernel_symbol *gpl_syms;
 	const s32 *gpl_crcs;
+	bool using_gplonly_symbols;
 
 #ifdef CONFIG_UNUSED_SYMBOLS
 	/* unused exported symbols. */
diff --git a/kernel/module.c b/kernel/module.c
index afb2bfdd5134b3..04f993863ae417 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1456,6 +1456,18 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
 	if (!sym)
 		goto unlock;
 
+	if (license == GPL_ONLY)
+		mod->using_gplonly_symbols = true;
+
+	if (owner && test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints)) {
+		if (mod->using_gplonly_symbols) {
+			sym = NULL;
+			goto getname;
+		}
+		add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
+				 LOCKDEP_NOW_UNRELIABLE);
+	}
+
 	if (!check_version(info, name, mod, crc)) {
 		sym = ERR_PTR(-EINVAL);
 		goto getname;
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* Re: [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE
  2020-07-30  6:10 ` [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE Christoph Hellwig
@ 2020-07-30 14:12   ` Jessica Yu
  2020-07-30 16:29     ` Christoph Hellwig
  2020-08-04 18:52     ` daniel
  1 sibling, 1 reply; 19+ messages in thread
From: Jessica Yu @ 2020-07-30 14:12 UTC (permalink / raw)
  To: Christoph Hellwig; +Cc: Greg Kroah-Hartman, open list

+++ Christoph Hellwig [30/07/20 08:10 +0200]:
>If a TAINT_PROPRIETARY_MODULE exports symbol, inherit the taint flag
>for all modules importing these symbols, and don't allow loading
>symbols from TAINT_PROPRIETARY_MODULE modules if the module previously
>imported gplonly symbols.  Add a anti-circumvention devices so people
>don't accidentally get themselves into trouble this way.
>
>Comment from Greg:
> Ah, the proven-to-be-illegal "GPL Condom" defense :)
>
>Signed-off-by: Christoph Hellwig <hch@lst.de>
>Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>---
> include/linux/module.h |  1 +
> kernel/module.c        | 12 ++++++++++++
> 2 files changed, 13 insertions(+)
>
>diff --git a/include/linux/module.h b/include/linux/module.h
>index 30b0f5fcdb3c37..e30ed5fa33a738 100644
>--- a/include/linux/module.h
>+++ b/include/linux/module.h
>@@ -389,6 +389,7 @@ struct module {
> 	unsigned int num_gpl_syms;
> 	const struct kernel_symbol *gpl_syms;
> 	const s32 *gpl_crcs;
>+	bool using_gplonly_symbols;
>
> #ifdef CONFIG_UNUSED_SYMBOLS
> 	/* unused exported symbols. */
>diff --git a/kernel/module.c b/kernel/module.c
>index afb2bfdd5134b3..04f993863ae417 100644
>--- a/kernel/module.c
>+++ b/kernel/module.c
>@@ -1456,6 +1456,18 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
> 	if (!sym)
> 		goto unlock;
>
>+	if (license == GPL_ONLY)
>+		mod->using_gplonly_symbols = true;
>+
>+	if (owner && test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints)) {
>+		if (mod->using_gplonly_symbols) {
>+			sym = NULL;
>+			goto getname;
>+		}
>+		add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
>+				 LOCKDEP_NOW_UNRELIABLE);
>+	}

Sorry that I didn't think of this yesterday, but I'm wondering if we
should print a warning before add_taint_module(). Maybe something
along the lines of, "%s: module uses symbols from proprietary module
%s, inheriting taint.", with %s being mod->name, owner->name. We can
check mod->taints for TAINT_PROPRIETARY_MODULE and print the warning once.

Additionally, maybe it's a good idea to print an error before goto
getname (e.g., "%s: module using GPL-only symbols uses symbols from
proprietary module %s."), so one would know why the module load
failed, right now this manifests itself as an unknown symbol error.

Otherwise, this patchset looks good to me and I agree with it in
principle. Thanks Christoph!

^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE
  2020-07-30 14:12   ` Jessica Yu
@ 2020-07-30 16:29     ` Christoph Hellwig
  2020-07-31  8:51       ` Jessica Yu
  0 siblings, 1 reply; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-30 16:29 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Christoph Hellwig, Greg Kroah-Hartman, open list

On Thu, Jul 30, 2020 at 04:12:32PM +0200, Jessica Yu wrote:
>> +	if (owner && test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints)) {
>> +		if (mod->using_gplonly_symbols) {
>> +			sym = NULL;
>> +			goto getname;
>> +		}
>> +		add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
>> +				 LOCKDEP_NOW_UNRELIABLE);
>> +	}
>
> Sorry that I didn't think of this yesterday, but I'm wondering if we
> should print a warning before add_taint_module(). Maybe something
> along the lines of, "%s: module uses symbols from proprietary module
> %s, inheriting taint.", with %s being mod->name, owner->name. We can
> check mod->taints for TAINT_PROPRIETARY_MODULE and print the warning once.
>
> Additionally, maybe it's a good idea to print an error before goto
> getname (e.g., "%s: module using GPL-only symbols uses symbols from
> proprietary module %s."), so one would know why the module load
> failed, right now this manifests itself as an unknown symbol error.
>
> Otherwise, this patchset looks good to me and I agree with it in
> principle. Thanks Christoph!

What about this version?  It also factors the code out into a new
helper, and replaces the add_taint_module with a simple set_bit,
as the system-wide tain must have been set before by definition:

---
From 25e928b6b691911717d30b3449e56fca3e13dba9 Mon Sep 17 00:00:00 2001
From: Christoph Hellwig <hch@lst.de>
Date: Tue, 28 Jul 2020 23:33:33 +0200
Subject: modules: inherit TAINT_PROPRIETARY_MODULE

If a TAINT_PROPRIETARY_MODULE exports symbol, inherit the taint flag
for all modules importing these symbols, and don't allow loading
symbols from TAINT_PROPRIETARY_MODULE modules if the module previously
imported gplonly symbols.  Add a anti-circumvention devices so people
don't accidentally get themselves into trouble this way.

Comment from Greg:
  "Ah, the proven-to-be-illegal "GPL Condom" defense :)"

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 include/linux/module.h |  1 +
 kernel/module.c        | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/include/linux/module.h b/include/linux/module.h
index 30b0f5fcdb3c37..e30ed5fa33a738 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -389,6 +389,7 @@ struct module {
 	unsigned int num_gpl_syms;
 	const struct kernel_symbol *gpl_syms;
 	const s32 *gpl_crcs;
+	bool using_gplonly_symbols;
 
 #ifdef CONFIG_UNUSED_SYMBOLS
 	/* unused exported symbols. */
diff --git a/kernel/module.c b/kernel/module.c
index afb2bfdd5134b3..81d5facce28c14 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1431,6 +1431,24 @@ static int verify_namespace_is_imported(const struct load_info *info,
 	return 0;
 }
 
+static bool inherit_taint(struct module *mod, struct module *owner)
+{
+	if (!owner || !test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints))
+		return true;
+
+	if (mod->using_gplonly_symbols) {
+		pr_info("%s: module using GPL-only symbols uses symbols from proprietary module %s.\n",
+			mod->name, owner->name);
+		return false;
+	}
+
+	if (!test_bit(TAINT_PROPRIETARY_MODULE, &mod->taints)) {
+		pr_info("%s: module uses symbols from proprietary module %s, inheriting taint.\n",
+			mod->name, owner->name);
+		set_bit(TAINT_PROPRIETARY_MODULE, &mod->taints);
+	}
+	return true;
+}
 
 /* Resolve a symbol for this module.  I.e. if we find one, record usage. */
 static const struct kernel_symbol *resolve_symbol(struct module *mod,
@@ -1456,6 +1474,14 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
 	if (!sym)
 		goto unlock;
 
+	if (license == GPL_ONLY)
+		mod->using_gplonly_symbols = true;
+
+	if (!inherit_taint(mod, owner)) {
+		sym = NULL;
+		goto getname;
+	}
+
 	if (!check_version(info, name, mod, crc)) {
 		sym = ERR_PTR(-EINVAL);
 		goto getname;
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 19+ messages in thread

* Re: [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE
  2020-07-30 16:29     ` Christoph Hellwig
@ 2020-07-31  8:51       ` Jessica Yu
  2020-07-31  9:00         ` Christoph Hellwig
  0 siblings, 1 reply; 19+ messages in thread
From: Jessica Yu @ 2020-07-31  8:51 UTC (permalink / raw)
  To: Christoph Hellwig; +Cc: Greg Kroah-Hartman, open list

+++ Christoph Hellwig [30/07/20 18:29 +0200]:
>On Thu, Jul 30, 2020 at 04:12:32PM +0200, Jessica Yu wrote:
>>> +	if (owner && test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints)) {
>>> +		if (mod->using_gplonly_symbols) {
>>> +			sym = NULL;
>>> +			goto getname;
>>> +		}
>>> +		add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
>>> +				 LOCKDEP_NOW_UNRELIABLE);
>>> +	}
>>
>> Sorry that I didn't think of this yesterday, but I'm wondering if we
>> should print a warning before add_taint_module(). Maybe something
>> along the lines of, "%s: module uses symbols from proprietary module
>> %s, inheriting taint.", with %s being mod->name, owner->name. We can
>> check mod->taints for TAINT_PROPRIETARY_MODULE and print the warning once.
>>
>> Additionally, maybe it's a good idea to print an error before goto
>> getname (e.g., "%s: module using GPL-only symbols uses symbols from
>> proprietary module %s."), so one would know why the module load
>> failed, right now this manifests itself as an unknown symbol error.
>>
>> Otherwise, this patchset looks good to me and I agree with it in
>> principle. Thanks Christoph!
>
>What about this version?  It also factors the code out into a new
>helper, and replaces the add_taint_module with a simple set_bit,
>as the system-wide tain must have been set before by definition:

Yep, this version looks much better. See below for nits.

>---
>From 25e928b6b691911717d30b3449e56fca3e13dba9 Mon Sep 17 00:00:00 2001
>From: Christoph Hellwig <hch@lst.de>
>Date: Tue, 28 Jul 2020 23:33:33 +0200
>Subject: modules: inherit TAINT_PROPRIETARY_MODULE
>
>If a TAINT_PROPRIETARY_MODULE exports symbol, inherit the taint flag
>for all modules importing these symbols, and don't allow loading
>symbols from TAINT_PROPRIETARY_MODULE modules if the module previously
>imported gplonly symbols.  Add a anti-circumvention devices so people
>don't accidentally get themselves into trouble this way.
>
>Comment from Greg:
>  "Ah, the proven-to-be-illegal "GPL Condom" defense :)"
>
>Signed-off-by: Christoph Hellwig <hch@lst.de>
>Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>---
> include/linux/module.h |  1 +
> kernel/module.c        | 26 ++++++++++++++++++++++++++
> 2 files changed, 27 insertions(+)
>
>diff --git a/include/linux/module.h b/include/linux/module.h
>index 30b0f5fcdb3c37..e30ed5fa33a738 100644
>--- a/include/linux/module.h
>+++ b/include/linux/module.h
>@@ -389,6 +389,7 @@ struct module {
> 	unsigned int num_gpl_syms;
> 	const struct kernel_symbol *gpl_syms;
> 	const s32 *gpl_crcs;
>+	bool using_gplonly_symbols;
>
> #ifdef CONFIG_UNUSED_SYMBOLS
> 	/* unused exported symbols. */
>diff --git a/kernel/module.c b/kernel/module.c
>index afb2bfdd5134b3..81d5facce28c14 100644
>--- a/kernel/module.c
>+++ b/kernel/module.c
>@@ -1431,6 +1431,24 @@ static int verify_namespace_is_imported(const struct load_info *info,
> 	return 0;
> }
>
>+static bool inherit_taint(struct module *mod, struct module *owner)
>+{
>+	if (!owner || !test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints))
>+		return true;
>+
>+	if (mod->using_gplonly_symbols) {
>+		pr_info("%s: module using GPL-only symbols uses symbols from proprietary module %s.\n",
>+			mod->name, owner->name);

pr_err() maybe?

>+		return false;
>+	}
>+
>+	if (!test_bit(TAINT_PROPRIETARY_MODULE, &mod->taints)) {
>+		pr_info("%s: module uses symbols from proprietary module %s, inheriting taint.\n",
>+			mod->name, owner->name);

and pr_warn()? But otherwise this looks much better.

Thanks,

Jessica

^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE
  2020-07-31  8:51       ` Jessica Yu
@ 2020-07-31  9:00         ` Christoph Hellwig
  2020-07-31  9:01           ` Jessica Yu
  0 siblings, 1 reply; 19+ messages in thread
From: Christoph Hellwig @ 2020-07-31  9:00 UTC (permalink / raw)
  To: Jessica Yu; +Cc: Christoph Hellwig, Greg Kroah-Hartman, open list

On Fri, Jul 31, 2020 at 10:51:30AM +0200, Jessica Yu wrote:
>> +	if (mod->using_gplonly_symbols) {
>> +		pr_info("%s: module using GPL-only symbols uses symbols from proprietary module %s.\n",
>> +			mod->name, owner->name);
>
> pr_err() maybe?
>
>> +		return false;
>> +	}
>> +
>> +	if (!test_bit(TAINT_PROPRIETARY_MODULE, &mod->taints)) {
>> +		pr_info("%s: module uses symbols from proprietary module %s, inheriting taint.\n",
>> +			mod->name, owner->name);
>
> and pr_warn()? But otherwise this looks much better.

Ok with me.  Can you just fix it up, or do you want a full resend?

^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE
  2020-07-31  9:00         ` Christoph Hellwig
@ 2020-07-31  9:01           ` Jessica Yu
  0 siblings, 0 replies; 19+ messages in thread
From: Jessica Yu @ 2020-07-31  9:01 UTC (permalink / raw)
  To: Christoph Hellwig; +Cc: Greg Kroah-Hartman, open list

+++ Christoph Hellwig [31/07/20 11:00 +0200]:
>On Fri, Jul 31, 2020 at 10:51:30AM +0200, Jessica Yu wrote:
>>> +	if (mod->using_gplonly_symbols) {
>>> +		pr_info("%s: module using GPL-only symbols uses symbols from proprietary module %s.\n",
>>> +			mod->name, owner->name);
>>
>> pr_err() maybe?
>>
>>> +		return false;
>>> +	}
>>> +
>>> +	if (!test_bit(TAINT_PROPRIETARY_MODULE, &mod->taints)) {
>>> +		pr_info("%s: module uses symbols from proprietary module %s, inheriting taint.\n",
>>> +			mod->name, owner->name);
>>
>> and pr_warn()? But otherwise this looks much better.
>
>Ok with me.  Can you just fix it up, or do you want a full resend?

I can fix it up, no need to resend. Thanks!

^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: inherit TAINT_PROPRIETARY_MODULE v2
  2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
                   ` (7 preceding siblings ...)
  2020-07-30  6:10 ` [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE Christoph Hellwig
@ 2020-07-31 20:11 ` josh
  2020-08-01  6:53   ` Christoph Hellwig
  8 siblings, 1 reply; 19+ messages in thread
From: josh @ 2020-07-31 20:11 UTC (permalink / raw)
  To: Christoph Hellwig; +Cc: Greg Kroah-Hartman, Jessica Yu, linux-kernel

Christoph Hellwig wrote:
> we've had a bug in our resolution of _GPL modules since day one, that
> is a module can claim to be GPL licensed and use _GPL exports, while
> it also depends on symbols from non-GPL modules.  This is used as a
> circumvention of the _GPL exports by using a small shim module using
> the _GPL exports and the other functionality.

This looks great. You might also consider doing the reverse: if a module
imports any EXPORT_SYMBOL_GPL symbols, any symbols that module in turn
exports shouldn't be importable by any module that doesn't explicitly
claim to be GPL-compatible. Effectively, if a module imports any
EXPORT_SYMBOL_GPL symbols, all of its exported symbols would then be
treated as EXPORT_SYMBOL_GPL.

This would catch the case of attempting to "wrap" EXPORT_SYMBOL_GPL
symbols in the other direction, by re-exporting the same or similar
functions to another module. (This would help catch mistakes, not just
intentional malice.)

- Josh Triplett

^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: inherit TAINT_PROPRIETARY_MODULE v2
  2020-07-31 20:11 ` inherit TAINT_PROPRIETARY_MODULE v2 josh
@ 2020-08-01  6:53   ` Christoph Hellwig
  2020-08-01  8:16     ` Josh Triplett
  0 siblings, 1 reply; 19+ messages in thread
From: Christoph Hellwig @ 2020-08-01  6:53 UTC (permalink / raw)
  To: josh; +Cc: Greg Kroah-Hartman, Jessica Yu, linux-kernel

[note: private reply now to start a flame fest with the usual suspects]

On Fri, Jul 31, 2020 at 01:11:46PM -0700, josh@joshtriplett.org wrote:
> Christoph Hellwig wrote:
> > we've had a bug in our resolution of _GPL modules since day one, that
> > is a module can claim to be GPL licensed and use _GPL exports, while
> > it also depends on symbols from non-GPL modules.  This is used as a
> > circumvention of the _GPL exports by using a small shim module using
> > the _GPL exports and the other functionality.
> 
> This looks great. You might also consider doing the reverse: if a module
> imports any EXPORT_SYMBOL_GPL symbols, any symbols that module in turn
> exports shouldn't be importable by any module that doesn't explicitly
> claim to be GPL-compatible. Effectively, if a module imports any
> EXPORT_SYMBOL_GPL symbols, all of its exported symbols would then be
> treated as EXPORT_SYMBOL_GPL.
> 
> This would catch the case of attempting to "wrap" EXPORT_SYMBOL_GPL
> symbols in the other direction, by re-exporting the same or similar
> functions to another module. (This would help catch mistakes, not just
> intentional malice.)

I'd personally 100% agree with that, but I'd rather clear it with Linus
privately first.  This would basically make most of the usual
modular subsystems unavailable to proprietary modules as all of them
use _GPL driver core exports, and I suspect he'd cave into the screaming.

^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: inherit TAINT_PROPRIETARY_MODULE v2
  2020-08-01  6:53   ` Christoph Hellwig
@ 2020-08-01  8:16     ` Josh Triplett
  0 siblings, 0 replies; 19+ messages in thread
From: Josh Triplett @ 2020-08-01  8:16 UTC (permalink / raw)
  To: Christoph Hellwig; +Cc: Greg Kroah-Hartman, Jessica Yu, linux-kernel

On July 31, 2020 11:53:08 PM PDT, Christoph Hellwig <hch@lst.de> wrote:
>[note: private reply now to start a flame fest with the usual suspects]

[You still CCed LKML.]

>On Fri, Jul 31, 2020 at 01:11:46PM -0700, josh@joshtriplett.org wrote:
>> Christoph Hellwig wrote:
>> > we've had a bug in our resolution of _GPL modules since day one, that
>> > is a module can claim to be GPL licensed and use _GPL exports, while
>> > it also depends on symbols from non-GPL modules.  This is used as a
>> > circumvention of the _GPL exports by using a small shim module using
>> > the _GPL exports and the other functionality.
>> 
>> This looks great. You might also consider doing the reverse: if a module
>> imports any EXPORT_SYMBOL_GPL symbols, any symbols that module in turn
>> exports shouldn't be importable by any module that doesn't explicitly
>> claim to be GPL-compatible. Effectively, if a module imports any
>> EXPORT_SYMBOL_GPL symbols, all of its exported symbols would then be
>> treated as EXPORT_SYMBOL_GPL.
>> 
>> This would catch the case of attempting to "wrap" EXPORT_SYMBOL_GPL
>> symbols in the other direction, by re-exporting the same or similar
>> functions to another module. (This would help catch mistakes, not just
>> intentional malice.)
>
>I'd personally 100% agree with that, but I'd rather clear it with Linus
>privately first.  This would basically make most of the usual
>modular subsystems unavailable to proprietary modules as all of them
>use _GPL driver core exports, and I suspect he'd cave into the screaming.

As a start, what about applying that logic specifically to out-of-tree modules? That would address the shim problem. The justification would be that in-tree modules have at least gone through some level of review on what they're exporting.

(Standard disclaimer: suggesting enhancements to the symbol licensing framework should not be taken as implicit endorsement of any legitimacy for non-GPL-compatible modules.)


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE
  2020-07-30  6:10 ` [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE Christoph Hellwig
@ 2020-08-04 18:52     ` daniel
  2020-08-04 18:52     ` daniel
  1 sibling, 0 replies; 19+ messages in thread
From: daniel @ 2020-08-04 18:52 UTC (permalink / raw)
  To: DRI Development; +Cc: Jessica Yu, Greg Kroah-Hartman, open list

On Thu, Jul 30, 2020 at 08:10:27AM +0200, Christoph Hellwig wrote:
> If a TAINT_PROPRIETARY_MODULE exports symbol, inherit the taint flag
> for all modules importing these symbols, and don't allow loading
> symbols from TAINT_PROPRIETARY_MODULE modules if the module previously
> imported gplonly symbols.  Add a anti-circumvention devices so people
> don't accidentally get themselves into trouble this way.
> 
> Comment from Greg:
>  Ah, the proven-to-be-illegal "GPL Condom" defense :)
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

If this helps to get the next gpu related entertainment at least cc'ed to
dri-devel, maybe even using an upstream driver, I'm all for it.

Acked-by: Daniel Vetter <daniel.vetter@ffwll.ch>

> ---
>  include/linux/module.h |  1 +
>  kernel/module.c        | 12 ++++++++++++
>  2 files changed, 13 insertions(+)
> 
> diff --git a/include/linux/module.h b/include/linux/module.h
> index 30b0f5fcdb3c37..e30ed5fa33a738 100644
> --- a/include/linux/module.h
> +++ b/include/linux/module.h
> @@ -389,6 +389,7 @@ struct module {
>  	unsigned int num_gpl_syms;
>  	const struct kernel_symbol *gpl_syms;
>  	const s32 *gpl_crcs;
> +	bool using_gplonly_symbols;
>  
>  #ifdef CONFIG_UNUSED_SYMBOLS
>  	/* unused exported symbols. */
> diff --git a/kernel/module.c b/kernel/module.c
> index afb2bfdd5134b3..04f993863ae417 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -1456,6 +1456,18 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
>  	if (!sym)
>  		goto unlock;
>  
> +	if (license == GPL_ONLY)
> +		mod->using_gplonly_symbols = true;
> +
> +	if (owner && test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints)) {
> +		if (mod->using_gplonly_symbols) {
> +			sym = NULL;
> +			goto getname;
> +		}
> +		add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
> +				 LOCKDEP_NOW_UNRELIABLE);
> +	}
> +
>  	if (!check_version(info, name, mod, crc)) {
>  		sym = ERR_PTR(-EINVAL);
>  		goto getname;
> -- 
> 2.27.0
> 

-- 
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch

^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE
@ 2020-08-04 18:52     ` daniel
  0 siblings, 0 replies; 19+ messages in thread
From: daniel @ 2020-08-04 18:52 UTC (permalink / raw)
  To: DRI Development; +Cc: Greg Kroah-Hartman, open list, Jessica Yu

On Thu, Jul 30, 2020 at 08:10:27AM +0200, Christoph Hellwig wrote:
> If a TAINT_PROPRIETARY_MODULE exports symbol, inherit the taint flag
> for all modules importing these symbols, and don't allow loading
> symbols from TAINT_PROPRIETARY_MODULE modules if the module previously
> imported gplonly symbols.  Add a anti-circumvention devices so people
> don't accidentally get themselves into trouble this way.
> 
> Comment from Greg:
>  Ah, the proven-to-be-illegal "GPL Condom" defense :)
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

If this helps to get the next gpu related entertainment at least cc'ed to
dri-devel, maybe even using an upstream driver, I'm all for it.

Acked-by: Daniel Vetter <daniel.vetter@ffwll.ch>

> ---
>  include/linux/module.h |  1 +
>  kernel/module.c        | 12 ++++++++++++
>  2 files changed, 13 insertions(+)
> 
> diff --git a/include/linux/module.h b/include/linux/module.h
> index 30b0f5fcdb3c37..e30ed5fa33a738 100644
> --- a/include/linux/module.h
> +++ b/include/linux/module.h
> @@ -389,6 +389,7 @@ struct module {
>  	unsigned int num_gpl_syms;
>  	const struct kernel_symbol *gpl_syms;
>  	const s32 *gpl_crcs;
> +	bool using_gplonly_symbols;
>  
>  #ifdef CONFIG_UNUSED_SYMBOLS
>  	/* unused exported symbols. */
> diff --git a/kernel/module.c b/kernel/module.c
> index afb2bfdd5134b3..04f993863ae417 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -1456,6 +1456,18 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
>  	if (!sym)
>  		goto unlock;
>  
> +	if (license == GPL_ONLY)
> +		mod->using_gplonly_symbols = true;
> +
> +	if (owner && test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints)) {
> +		if (mod->using_gplonly_symbols) {
> +			sym = NULL;
> +			goto getname;
> +		}
> +		add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
> +				 LOCKDEP_NOW_UNRELIABLE);
> +	}
> +
>  	if (!check_version(info, name, mod, crc)) {
>  		sym = ERR_PTR(-EINVAL);
>  		goto getname;
> -- 
> 2.27.0
> 

-- 
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch
_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel

^ permalink raw reply	[flat|nested] 19+ messages in thread

end of thread, other threads:[~2020-08-04 18:52 UTC | newest]

Thread overview: 19+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-30  6:10 inherit TAINT_PROPRIETARY_MODULE v2 Christoph Hellwig
2020-07-30  6:10 ` [PATCH 1/8] modules: mark ref_module static Christoph Hellwig
2020-07-30  6:10 ` [PATCH 2/8] modules: mark find_symbol static Christoph Hellwig
2020-07-30  6:10 ` [PATCH 3/8] modules: mark each_symbol_section static Christoph Hellwig
2020-07-30  6:10 ` [PATCH 4/8] modules: unexport __module_text_address Christoph Hellwig
2020-07-30  6:10 ` [PATCH 5/8] modules: unexport __module_address Christoph Hellwig
2020-07-30  6:10 ` [PATCH 6/8] modules: rename the licence field in struct symsearch to license Christoph Hellwig
2020-07-30  6:10 ` [PATCH 7/8] modules: return licensing information from find_symbol Christoph Hellwig
2020-07-30  6:10 ` [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE Christoph Hellwig
2020-07-30 14:12   ` Jessica Yu
2020-07-30 16:29     ` Christoph Hellwig
2020-07-31  8:51       ` Jessica Yu
2020-07-31  9:00         ` Christoph Hellwig
2020-07-31  9:01           ` Jessica Yu
2020-08-04 18:52   ` daniel
2020-08-04 18:52     ` daniel
2020-07-31 20:11 ` inherit TAINT_PROPRIETARY_MODULE v2 josh
2020-08-01  6:53   ` Christoph Hellwig
2020-08-01  8:16     ` Josh Triplett

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.