1 files changed, 27 insertions, 31 deletions
diff --git a/kernel/module.c b/kernel/module.c
index d856e96a3cce..b34813f725e9 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -56,6 +56,7 @@
 #include <linux/async.h>
 #include <linux/percpu.h>
 #include <linux/kmemleak.h>
+#include <linux/kasan.h>
 #include <linux/jump_label.h>
 #include <linux/pfn.h>
 #include <linux/bsearch.h>
@@ -1225,6 +1226,12 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
        const unsigned long *crc;
        int err;
+        /*
+         * The module_mutex should not be a heavily contended lock;
+         * if we get the occasional sleep here, we'll go an extra iteration
+         * in the wait_event_interruptible(), which is harmless.
+         */
+        sched_annotate_sleep();
        mutex_lock(&module_mutex);
        sym = find_symbol(name, &owner, &crc,
                          !(mod->taints & (1 << TAINT_PROPRIETARY_MODULE)), true);
@@ -1807,6 +1814,7 @@ static void unset_module_init_ro_nx(struct module *mod) { }
 void __weak module_memfree(void *module_region)
 {
        vfree(module_region);
+        kasan_module_free(module_region);
 }
 void __weak module_arch_cleanup(struct module *mod)
@@ -2978,6 +2986,12 @@ static bool finished_loading(const char *name)
        struct module *mod;
        bool ret;
+        /*
+         * The module_mutex should not be a heavily contended lock;
+         * if we get the occasional sleep here, we'll go an extra iteration
+         * in the wait_event_interruptible(), which is harmless.
+         */
+        sched_annotate_sleep();
        mutex_lock(&module_mutex);
        mod = find_module_all(name, strlen(name), true);
        ret = !mod || mod->state == MODULE_STATE_LIVE
@@ -3011,8 +3025,13 @@ static void do_free_init(struct rcu_head *head)
        kfree(m);
 }
-/* This is where the real work happens */
+/*
-static int do_init_module(struct module *mod)
+ * This is where the real work happens.
+ *
+ * Keep it uninlined to provide a reliable breakpoint target, e.g. for the gdb
+ * helper command 'lx-symbols'.
+ */
+static noinline int do_init_module(struct module *mod)
 {
        int ret = 0;
        struct mod_initfree *freeinit;
@@ -3120,32 +3139,6 @@ static int may_init_module(void)
 }
 /*
- * Can't use wait_event_interruptible() because our condition
- * 'finished_loading()' contains a blocking primitive itself (mutex_lock).
- */
-static int wait_finished_loading(struct module *mod)
-{
-        DEFINE_WAIT_FUNC(wait, woken_wake_function);
-        int ret = 0;
-        add_wait_queue(&module_wq, &wait);
-        for (;;) {
-                if (finished_loading(mod->name))
-                        break;
-                if (signal_pending(current)) {
-                        ret = -ERESTARTSYS;
-                        break;
-                }
-                wait_woken(&wait, TASK_INTERRUPTIBLE, MAX_SCHEDULE_TIMEOUT);
-        }
-        remove_wait_queue(&module_wq, &wait);
-        return ret;
-}
-/*
 * We try to place it in the list now to make sure it's unique before
 * we dedicate too many resources.  In particular, temporary percpu
 * memory exhaustion.
@@ -3165,8 +3158,8 @@ again:
                    || old->state == MODULE_STATE_UNFORMED) {
                        /* Wait in case it fails to load. */
                        mutex_unlock(&module_mutex);
+                        err = wait_event_interruptible(module_wq,
-                        err = wait_finished_loading(mod);
+                                               finished_loading(mod->name));
                        if (err)
                                goto out_unlocked;
                        goto again;
@@ -3265,7 +3258,7 @@ static int load_module(struct load_info *info, const char __user *uargs,
        mod->sig_ok = info->sig_ok;
        if (!mod->sig_ok) {
                pr_notice_once("%s: module verification failed: signature "
-                               "and/or  required key missing - tainting "
+                               "and/or required key missing - tainting "
                               "kernel\n", mod->name);
                add_taint_module(mod, TAINT_UNSIGNED_MODULE, LOCKDEP_STILL_OK);
        }
@@ -3356,6 +3349,9 @@ static int load_module(struct load_info *info, const char __user *uargs,
        module_bug_cleanup(mod);
        mutex_unlock(&module_mutex);
+        /* Free lock-classes: */
+        lockdep_free_key_range(mod->module_core, mod->core_size);
        /* we can't deallocate the module until we clear memory protection */
        unset_module_init_ro_nx(mod);
        unset_module_core_ro_nx(mod);

diff --git a/kernel/module.c b/kernel/module.c index d856e96a3cce..b34813f725e9 100644 --- a/kernel/module.c +++ b/kernel/module.c
@@ -56,6 +56,7 @@
56	#include <linux/async.h>	56	#include <linux/async.h>
57	#include <linux/percpu.h>	57	#include <linux/percpu.h>
58	#include <linux/kmemleak.h>	58	#include <linux/kmemleak.h>
		59	#include <linux/kasan.h>
59	#include <linux/jump_label.h>	60	#include <linux/jump_label.h>
60	#include <linux/pfn.h>	61	#include <linux/pfn.h>
61	#include <linux/bsearch.h>	62	#include <linux/bsearch.h>
@@ -1225,6 +1226,12 @@ static const struct kernel_symbol resolve_symbol(struct module mod,
1225	const unsigned long *crc;	1226	const unsigned long *crc;
1226	int err;	1227	int err;
1227		1228
		1229	/*
		1230	* The module_mutex should not be a heavily contended lock;
		1231	* if we get the occasional sleep here, we'll go an extra iteration
		1232	* in the wait_event_interruptible(), which is harmless.
		1233	*/
		1234	sched_annotate_sleep();
1228	mutex_lock(&module_mutex);	1235	mutex_lock(&module_mutex);
1229	sym = find_symbol(name, &owner, &crc,	1236	sym = find_symbol(name, &owner, &crc,
1230	!(mod->taints & (1 << TAINT_PROPRIETARY_MODULE)), true);	1237	!(mod->taints & (1 << TAINT_PROPRIETARY_MODULE)), true);
@@ -1807,6 +1814,7 @@ static void unset_module_init_ro_nx(struct module *mod) { }
1807	void __weak module_memfree(void *module_region)	1814	void __weak module_memfree(void *module_region)
1808	{	1815	{
1809	vfree(module_region);	1816	vfree(module_region);
		1817	kasan_module_free(module_region);
1810	}	1818	}
1811		1819
1812	void __weak module_arch_cleanup(struct module *mod)	1820	void __weak module_arch_cleanup(struct module *mod)
@@ -2978,6 +2986,12 @@ static bool finished_loading(const char *name)
2978	struct module *mod;	2986	struct module *mod;
2979	bool ret;	2987	bool ret;
2980		2988
		2989	/*
		2990	* The module_mutex should not be a heavily contended lock;
		2991	* if we get the occasional sleep here, we'll go an extra iteration
		2992	* in the wait_event_interruptible(), which is harmless.
		2993	*/
		2994	sched_annotate_sleep();
2981	mutex_lock(&module_mutex);	2995	mutex_lock(&module_mutex);
2982	mod = find_module_all(name, strlen(name), true);	2996	mod = find_module_all(name, strlen(name), true);
2983	ret = !mod \|\| mod->state == MODULE_STATE_LIVE	2997	ret = !mod \|\| mod->state == MODULE_STATE_LIVE
@@ -3011,8 +3025,13 @@ static void do_free_init(struct rcu_head *head)
3011	kfree(m);	3025	kfree(m);
3012	}	3026	}
3013		3027
3014	/* This is where the real work happens */	3028	/*
3015	static int do_init_module(struct module *mod)	3029	* This is where the real work happens.
		3030	*
		3031	* Keep it uninlined to provide a reliable breakpoint target, e.g. for the gdb
		3032	* helper command 'lx-symbols'.
		3033	*/
		3034	static noinline int do_init_module(struct module *mod)
3016	{	3035	{
3017	int ret = 0;	3036	int ret = 0;
3018	struct mod_initfree *freeinit;	3037	struct mod_initfree *freeinit;
@@ -3120,32 +3139,6 @@ static int may_init_module(void)
3120	}	3139	}
3121		3140
3122	/*	3141	/*
3123	* Can't use wait_event_interruptible() because our condition
3124	* 'finished_loading()' contains a blocking primitive itself (mutex_lock).
3125	*/
3126	static int wait_finished_loading(struct module *mod)
3127	{
3128	DEFINE_WAIT_FUNC(wait, woken_wake_function);
3129	int ret = 0;
3130
3131	add_wait_queue(&module_wq, &wait);
3132	for (;;) {
3133	if (finished_loading(mod->name))
3134	break;
3135
3136	if (signal_pending(current)) {
3137	ret = -ERESTARTSYS;
3138	break;
3139	}
3140
3141	wait_woken(&wait, TASK_INTERRUPTIBLE, MAX_SCHEDULE_TIMEOUT);
3142	}
3143	remove_wait_queue(&module_wq, &wait);
3144
3145	return ret;
3146	}
3147
3148	/*
3149	* We try to place it in the list now to make sure it's unique before	3142	* We try to place it in the list now to make sure it's unique before
3150	* we dedicate too many resources. In particular, temporary percpu	3143	* we dedicate too many resources. In particular, temporary percpu
3151	* memory exhaustion.	3144	* memory exhaustion.
@@ -3165,8 +3158,8 @@ again:
3165	\|\| old->state == MODULE_STATE_UNFORMED) {	3158	\|\| old->state == MODULE_STATE_UNFORMED) {
3166	/* Wait in case it fails to load. */	3159	/* Wait in case it fails to load. */
3167	mutex_unlock(&module_mutex);	3160	mutex_unlock(&module_mutex);
3168		3161	err = wait_event_interruptible(module_wq,
3169	err = wait_finished_loading(mod);	3162	finished_loading(mod->name));
3170	if (err)	3163	if (err)
3171	goto out_unlocked;	3164	goto out_unlocked;
3172	goto again;	3165	goto again;
@@ -3265,7 +3258,7 @@ static int load_module(struct load_info info, const char __user uargs,
3265	mod->sig_ok = info->sig_ok;	3258	mod->sig_ok = info->sig_ok;
3266	if (!mod->sig_ok) {	3259	if (!mod->sig_ok) {
3267	pr_notice_once("%s: module verification failed: signature "	3260	pr_notice_once("%s: module verification failed: signature "
3268	"and/or required key missing - tainting "	3261	"and/or required key missing - tainting "
3269	"kernel\n", mod->name);	3262	"kernel\n", mod->name);
3270	add_taint_module(mod, TAINT_UNSIGNED_MODULE, LOCKDEP_STILL_OK);	3263	add_taint_module(mod, TAINT_UNSIGNED_MODULE, LOCKDEP_STILL_OK);
3271	}	3264	}
@@ -3356,6 +3349,9 @@ static int load_module(struct load_info info, const char __user uargs,
3356	module_bug_cleanup(mod);	3349	module_bug_cleanup(mod);
3357	mutex_unlock(&module_mutex);	3350	mutex_unlock(&module_mutex);
3358		3351
		3352	/* Free lock-classes: */
		3353	lockdep_free_key_range(mod->module_core, mod->core_size);
		3354
3359	/* we can't deallocate the module until we clear memory protection */	3355	/* we can't deallocate the module until we clear memory protection */
3360	unset_module_init_ro_nx(mod);	3356	unset_module_init_ro_nx(mod);
3361	unset_module_core_ro_nx(mod);	3357	unset_module_core_ro_nx(mod);