livepatch/module: remove livepatch module notifier

Remove the livepatch module notifier in favor of directly enabling and disabling patches to modules in the module loader. Hard-coding the function calls ensures that ftrace_module_enable() is run before klp_module_coming() during module load, and that klp_module_going() is run before ftrace_release_mod() during module unload. This way, ftrace and livepatch code is run in the correct order during the module load/unload sequence without dependence on the module notifier call chain. Signed-off-by: Jessica Yu <jeyu@redhat.com> Reviewed-by: Petr Mladek <pmladek@suse.cz> Acked-by: Josh Poimboeuf <jpoimboe@redhat.com> Acked-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
author: Jessica Yu <jeyu@redhat.com> 2016-03-16 20:55:39 -0400
committer: Jiri Kosina <jkosina@suse.cz> 2016-03-17 04:45:10 -0400
commit: 7e545d6eca20ce8ef7f66a63146cbff82b2ba760 (patch)
tree: f8c4366009b357842b8b17b3bfddbfc3b634ff40 /kernel/livepatch
parent: 4c973d1620ae08f5cbe27644c5f5b974c8f594ec (diff)
1 files changed, 71 insertions, 76 deletions
diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
index 780f00cdb7e5..d68fbf63b083 100644
--- a/kernel/livepatch/core.c
+++ b/kernel/livepatch/core.c
@@ -99,12 +99,12 @@ static void klp_find_object_module(struct klp_object *obj)
        /*
         * We do not want to block removal of patched modules and therefore
         * we do not take a reference here. The patches are removed by
-         * a going module handler instead.
+         * klp_module_going() instead.
         */
        mod = find_module(obj->name);
        /*
-         * Do not mess work of the module coming and going notifiers.
+         * Do not mess work of klp_module_coming() and klp_module_going().
-         * Note that the patch might still be needed before the going handler
+         * Note that the patch might still be needed before klp_module_going()
         * is called. Module functions can be called even in the GOING state
         * until mod->exit() finishes. This is especially important for
         * patches that modify semantic of the functions.
@@ -866,103 +866,108 @@ int klp_register_patch(struct klp_patch *patch)
 }
 EXPORT_SYMBOL_GPL(klp_register_patch);
-static int klp_module_notify_coming(struct klp_patch *patch,
+int klp_module_coming(struct module *mod)
-                                     struct klp_object *obj)
 {
-        struct module *pmod = patch->mod;
-        struct module *mod = obj->mod;
        int ret;
+        struct klp_patch *patch;
+        struct klp_object *obj;
-        ret = klp_init_object_loaded(patch, obj);
+        if (WARN_ON(mod->state != MODULE_STATE_COMING))
-        if (ret) {
+                return -EINVAL;
-                pr_warn("failed to initialize patch '%s' for module '%s' (%d)\n",
-                        pmod->name, mod->name, ret);
-                return ret;
-        }
-        if (patch->state == KLP_DISABLED)
+        mutex_lock(&klp_mutex);
-                return 0;
+        /*
+         * Each module has to know that klp_module_coming()
+         * has been called. We never know what module will
+         * get patched by a new patch.
+         */
+        mod->klp_alive = true;
-        pr_notice("applying patch '%s' to loading module '%s'\n",
+        list_for_each_entry(patch, &klp_patches, list) {
-                  pmod->name, mod->name);
+                klp_for_each_object(patch, obj) {
+                        if (!klp_is_module(obj) || strcmp(obj->name, mod->name))
+                                continue;
-        ret = klp_enable_object(obj);
+                        obj->mod = mod;
-        if (ret)
-                pr_warn("failed to apply patch '%s' to module '%s' (%d)\n",
-                        pmod->name, mod->name, ret);
-        return ret;
-}
-static void klp_module_notify_going(struct klp_patch *patch,
+                        ret = klp_init_object_loaded(patch, obj);
-                                    struct klp_object *obj)
+                        if (ret) {
-{
+                                pr_warn("failed to initialize patch '%s' for module '%s' (%d)\n",
-        struct module *pmod = patch->mod;
+                                        patch->mod->name, obj->mod->name, ret);
-        struct module *mod = obj->mod;
+                                goto err;
+                        }
-        if (patch->state == KLP_DISABLED)
+                        if (patch->state == KLP_DISABLED)
-                goto disabled;
+                                break;
+                        pr_notice("applying patch '%s' to loading module '%s'\n",
+                                  patch->mod->name, obj->mod->name);
+                        ret = klp_enable_object(obj);
+                        if (ret) {
+                                pr_warn("failed to apply patch '%s' to module '%s' (%d)\n",
+                                        patch->mod->name, obj->mod->name, ret);
+                                goto err;
+                        }
+                        break;
+                }
+        }
-        pr_notice("reverting patch '%s' on unloading module '%s'\n",
+        mutex_unlock(&klp_mutex);
-                  pmod->name, mod->name);
-        klp_disable_object(obj);
+        return 0;
-disabled:
+err:
+        /*
+         * If a patch is unsuccessfully applied, return
+         * error to the module loader.
+         */
+        pr_warn("patch '%s' failed for module '%s', refusing to load module '%s'\n",
+                patch->mod->name, obj->mod->name, obj->mod->name);
+        mod->klp_alive = false;
        klp_free_object_loaded(obj);
+        mutex_unlock(&klp_mutex);
+        return ret;
 }
-static int klp_module_notify(struct notifier_block *nb, unsigned long action,
+void klp_module_going(struct module *mod)
-                             void *data)
 {
-        int ret;
-        struct module *mod = data;
        struct klp_patch *patch;
        struct klp_object *obj;
-        if (action != MODULE_STATE_COMING && action != MODULE_STATE_GOING)
+        if (WARN_ON(mod->state != MODULE_STATE_GOING &&
-                return 0;
+                    mod->state != MODULE_STATE_COMING))
+                return;
        mutex_lock(&klp_mutex);
        /*
-         * Each module has to know that the notifier has been called.
+         * Each module has to know that klp_module_going()
-         * We never know what module will get patched by a new patch.
+         * has been called. We never know what module will
+         * get patched by a new patch.
         */
-        if (action == MODULE_STATE_COMING)
+        mod->klp_alive = false;
-                mod->klp_alive = true;
-        else /* MODULE_STATE_GOING */
-                mod->klp_alive = false;
        list_for_each_entry(patch, &klp_patches, list) {
                klp_for_each_object(patch, obj) {
                        if (!klp_is_module(obj) || strcmp(obj->name, mod->name))
                                continue;
-                        if (action == MODULE_STATE_COMING) {
+                        if (patch->state != KLP_DISABLED) {
-                                obj->mod = mod;
+                                pr_notice("reverting patch '%s' on unloading module '%s'\n",
-                                ret = klp_module_notify_coming(patch, obj);
+                                          patch->mod->name, obj->mod->name);
-                                if (ret) {
+                                klp_disable_object(obj);
-                                        obj->mod = NULL;
+                        }
-                                        pr_warn("patch '%s' is in an inconsistent state!\n",
-                                                patch->mod->name);
-                                }
-                        } else /* MODULE_STATE_GOING */
-                                klp_module_notify_going(patch, obj);
+                        klp_free_object_loaded(obj);
                        break;
                }
        }
        mutex_unlock(&klp_mutex);
-        return 0;
 }
-static struct notifier_block klp_module_nb = {
-        .notifier_call = klp_module_notify,
-        .priority = INT_MIN+1, /* called late but before ftrace notifier */
-};
 static int __init klp_init(void)
 {
        int ret;
@@ -973,21 +978,11 @@ static int __init klp_init(void)
                return -EINVAL;
        }
-        ret = register_module_notifier(&klp_module_nb);
-        if (ret)
-                return ret;
        klp_root_kobj = kobject_create_and_add("livepatch", kernel_kobj);
-        if (!klp_root_kobj) {
+        if (!klp_root_kobj)
-                ret = -ENOMEM;
+                return -ENOMEM;
-                goto unregister;
-        }
        return 0;
-unregister:
-        unregister_module_notifier(&klp_module_nb);
-        return ret;
 }
 module_init(klp_init);
author	Jessica Yu <jeyu@redhat.com>	2016-03-16 20:55:39 -0400
committer	Jiri Kosina <jkosina@suse.cz>	2016-03-17 04:45:10 -0400
commit	7e545d6eca20ce8ef7f66a63146cbff82b2ba760 (patch)
tree	f8c4366009b357842b8b17b3bfddbfc3b634ff40 /kernel/livepatch
parent	4c973d1620ae08f5cbe27644c5f5b974c8f594ec (diff)