diff options
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/Makefile | 22 | ||||
-rw-r--r-- | kernel/module.c | 140 | ||||
-rw-r--r-- | kernel/panic.c | 34 | ||||
-rw-r--r-- | kernel/sched/core.c | 2 | ||||
-rw-r--r-- | kernel/sysctl.c | 2 |
5 files changed, 108 insertions, 92 deletions
diff --git a/kernel/Makefile b/kernel/Makefile index 6c072b6da239..eceac38f3c65 100644 --- a/kernel/Makefile +++ b/kernel/Makefile | |||
@@ -153,23 +153,7 @@ kernel/modsign_certificate.o: signing_key.x509 extra_certificates | |||
153 | # fail and that the kernel may be used afterwards. | 153 | # fail and that the kernel may be used afterwards. |
154 | # | 154 | # |
155 | ############################################################################### | 155 | ############################################################################### |
156 | sign_key_with_hash := | 156 | ifndef CONFIG_MODULE_SIG_HASH |
157 | ifeq ($(CONFIG_MODULE_SIG_SHA1),y) | ||
158 | sign_key_with_hash := -sha1 | ||
159 | endif | ||
160 | ifeq ($(CONFIG_MODULE_SIG_SHA224),y) | ||
161 | sign_key_with_hash := -sha224 | ||
162 | endif | ||
163 | ifeq ($(CONFIG_MODULE_SIG_SHA256),y) | ||
164 | sign_key_with_hash := -sha256 | ||
165 | endif | ||
166 | ifeq ($(CONFIG_MODULE_SIG_SHA384),y) | ||
167 | sign_key_with_hash := -sha384 | ||
168 | endif | ||
169 | ifeq ($(CONFIG_MODULE_SIG_SHA512),y) | ||
170 | sign_key_with_hash := -sha512 | ||
171 | endif | ||
172 | ifeq ($(sign_key_with_hash),) | ||
173 | $(error Could not determine digest type to use from kernel config) | 157 | $(error Could not determine digest type to use from kernel config) |
174 | endif | 158 | endif |
175 | 159 | ||
@@ -182,8 +166,8 @@ signing_key.priv signing_key.x509: x509.genkey | |||
182 | @echo "### needs to be run as root, and uses a hardware random" | 166 | @echo "### needs to be run as root, and uses a hardware random" |
183 | @echo "### number generator if one is available." | 167 | @echo "### number generator if one is available." |
184 | @echo "###" | 168 | @echo "###" |
185 | openssl req -new -nodes -utf8 $(sign_key_with_hash) -days 36500 -batch \ | 169 | openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \ |
186 | -x509 -config x509.genkey \ | 170 | -batch -x509 -config x509.genkey \ |
187 | -outform DER -out signing_key.x509 \ | 171 | -outform DER -out signing_key.x509 \ |
188 | -keyout signing_key.priv | 172 | -keyout signing_key.priv |
189 | @echo "###" | 173 | @echo "###" |
diff --git a/kernel/module.c b/kernel/module.c index eab08274ec9b..921bed4794e9 100644 --- a/kernel/module.c +++ b/kernel/module.c | |||
@@ -197,9 +197,10 @@ static inline int strong_try_module_get(struct module *mod) | |||
197 | return -ENOENT; | 197 | return -ENOENT; |
198 | } | 198 | } |
199 | 199 | ||
200 | static inline void add_taint_module(struct module *mod, unsigned flag) | 200 | static inline void add_taint_module(struct module *mod, unsigned flag, |
201 | enum lockdep_ok lockdep_ok) | ||
201 | { | 202 | { |
202 | add_taint(flag); | 203 | add_taint(flag, lockdep_ok); |
203 | mod->taints |= (1U << flag); | 204 | mod->taints |= (1U << flag); |
204 | } | 205 | } |
205 | 206 | ||
@@ -727,7 +728,7 @@ static inline int try_force_unload(unsigned int flags) | |||
727 | { | 728 | { |
728 | int ret = (flags & O_TRUNC); | 729 | int ret = (flags & O_TRUNC); |
729 | if (ret) | 730 | if (ret) |
730 | add_taint(TAINT_FORCED_RMMOD); | 731 | add_taint(TAINT_FORCED_RMMOD, LOCKDEP_NOW_UNRELIABLE); |
731 | return ret; | 732 | return ret; |
732 | } | 733 | } |
733 | #else | 734 | #else |
@@ -1138,7 +1139,7 @@ static int try_to_force_load(struct module *mod, const char *reason) | |||
1138 | if (!test_taint(TAINT_FORCED_MODULE)) | 1139 | if (!test_taint(TAINT_FORCED_MODULE)) |
1139 | printk(KERN_WARNING "%s: %s: kernel tainted.\n", | 1140 | printk(KERN_WARNING "%s: %s: kernel tainted.\n", |
1140 | mod->name, reason); | 1141 | mod->name, reason); |
1141 | add_taint_module(mod, TAINT_FORCED_MODULE); | 1142 | add_taint_module(mod, TAINT_FORCED_MODULE, LOCKDEP_NOW_UNRELIABLE); |
1142 | return 0; | 1143 | return 0; |
1143 | #else | 1144 | #else |
1144 | return -ENOEXEC; | 1145 | return -ENOEXEC; |
@@ -2147,7 +2148,8 @@ static void set_license(struct module *mod, const char *license) | |||
2147 | if (!test_taint(TAINT_PROPRIETARY_MODULE)) | 2148 | if (!test_taint(TAINT_PROPRIETARY_MODULE)) |
2148 | printk(KERN_WARNING "%s: module license '%s' taints " | 2149 | printk(KERN_WARNING "%s: module license '%s' taints " |
2149 | "kernel.\n", mod->name, license); | 2150 | "kernel.\n", mod->name, license); |
2150 | add_taint_module(mod, TAINT_PROPRIETARY_MODULE); | 2151 | add_taint_module(mod, TAINT_PROPRIETARY_MODULE, |
2152 | LOCKDEP_NOW_UNRELIABLE); | ||
2151 | } | 2153 | } |
2152 | } | 2154 | } |
2153 | 2155 | ||
@@ -2700,10 +2702,10 @@ static int check_modinfo(struct module *mod, struct load_info *info, int flags) | |||
2700 | } | 2702 | } |
2701 | 2703 | ||
2702 | if (!get_modinfo(info, "intree")) | 2704 | if (!get_modinfo(info, "intree")) |
2703 | add_taint_module(mod, TAINT_OOT_MODULE); | 2705 | add_taint_module(mod, TAINT_OOT_MODULE, LOCKDEP_STILL_OK); |
2704 | 2706 | ||
2705 | if (get_modinfo(info, "staging")) { | 2707 | if (get_modinfo(info, "staging")) { |
2706 | add_taint_module(mod, TAINT_CRAP); | 2708 | add_taint_module(mod, TAINT_CRAP, LOCKDEP_STILL_OK); |
2707 | printk(KERN_WARNING "%s: module is from the staging directory," | 2709 | printk(KERN_WARNING "%s: module is from the staging directory," |
2708 | " the quality is unknown, you have been warned.\n", | 2710 | " the quality is unknown, you have been warned.\n", |
2709 | mod->name); | 2711 | mod->name); |
@@ -2869,15 +2871,17 @@ static int check_module_license_and_versions(struct module *mod) | |||
2869 | * using GPL-only symbols it needs. | 2871 | * using GPL-only symbols it needs. |
2870 | */ | 2872 | */ |
2871 | if (strcmp(mod->name, "ndiswrapper") == 0) | 2873 | if (strcmp(mod->name, "ndiswrapper") == 0) |
2872 | add_taint(TAINT_PROPRIETARY_MODULE); | 2874 | add_taint(TAINT_PROPRIETARY_MODULE, LOCKDEP_NOW_UNRELIABLE); |
2873 | 2875 | ||
2874 | /* driverloader was caught wrongly pretending to be under GPL */ | 2876 | /* driverloader was caught wrongly pretending to be under GPL */ |
2875 | if (strcmp(mod->name, "driverloader") == 0) | 2877 | if (strcmp(mod->name, "driverloader") == 0) |
2876 | add_taint_module(mod, TAINT_PROPRIETARY_MODULE); | 2878 | add_taint_module(mod, TAINT_PROPRIETARY_MODULE, |
2879 | LOCKDEP_NOW_UNRELIABLE); | ||
2877 | 2880 | ||
2878 | /* lve claims to be GPL but upstream won't provide source */ | 2881 | /* lve claims to be GPL but upstream won't provide source */ |
2879 | if (strcmp(mod->name, "lve") == 0) | 2882 | if (strcmp(mod->name, "lve") == 0) |
2880 | add_taint_module(mod, TAINT_PROPRIETARY_MODULE); | 2883 | add_taint_module(mod, TAINT_PROPRIETARY_MODULE, |
2884 | LOCKDEP_NOW_UNRELIABLE); | ||
2881 | 2885 | ||
2882 | #ifdef CONFIG_MODVERSIONS | 2886 | #ifdef CONFIG_MODVERSIONS |
2883 | if ((mod->num_syms && !mod->crcs) | 2887 | if ((mod->num_syms && !mod->crcs) |
@@ -3141,12 +3145,72 @@ static int may_init_module(void) | |||
3141 | return 0; | 3145 | return 0; |
3142 | } | 3146 | } |
3143 | 3147 | ||
3148 | /* | ||
3149 | * We try to place it in the list now to make sure it's unique before | ||
3150 | * we dedicate too many resources. In particular, temporary percpu | ||
3151 | * memory exhaustion. | ||
3152 | */ | ||
3153 | static int add_unformed_module(struct module *mod) | ||
3154 | { | ||
3155 | int err; | ||
3156 | struct module *old; | ||
3157 | |||
3158 | mod->state = MODULE_STATE_UNFORMED; | ||
3159 | |||
3160 | again: | ||
3161 | mutex_lock(&module_mutex); | ||
3162 | if ((old = find_module_all(mod->name, true)) != NULL) { | ||
3163 | if (old->state == MODULE_STATE_COMING | ||
3164 | || old->state == MODULE_STATE_UNFORMED) { | ||
3165 | /* Wait in case it fails to load. */ | ||
3166 | mutex_unlock(&module_mutex); | ||
3167 | err = wait_event_interruptible(module_wq, | ||
3168 | finished_loading(mod->name)); | ||
3169 | if (err) | ||
3170 | goto out_unlocked; | ||
3171 | goto again; | ||
3172 | } | ||
3173 | err = -EEXIST; | ||
3174 | goto out; | ||
3175 | } | ||
3176 | list_add_rcu(&mod->list, &modules); | ||
3177 | err = 0; | ||
3178 | |||
3179 | out: | ||
3180 | mutex_unlock(&module_mutex); | ||
3181 | out_unlocked: | ||
3182 | return err; | ||
3183 | } | ||
3184 | |||
3185 | static int complete_formation(struct module *mod, struct load_info *info) | ||
3186 | { | ||
3187 | int err; | ||
3188 | |||
3189 | mutex_lock(&module_mutex); | ||
3190 | |||
3191 | /* Find duplicate symbols (must be called under lock). */ | ||
3192 | err = verify_export_symbols(mod); | ||
3193 | if (err < 0) | ||
3194 | goto out; | ||
3195 | |||
3196 | /* This relies on module_mutex for list integrity. */ | ||
3197 | module_bug_finalize(info->hdr, info->sechdrs, mod); | ||
3198 | |||
3199 | /* Mark state as coming so strong_try_module_get() ignores us, | ||
3200 | * but kallsyms etc. can see us. */ | ||
3201 | mod->state = MODULE_STATE_COMING; | ||
3202 | |||
3203 | out: | ||
3204 | mutex_unlock(&module_mutex); | ||
3205 | return err; | ||
3206 | } | ||
3207 | |||
3144 | /* Allocate and load the module: note that size of section 0 is always | 3208 | /* Allocate and load the module: note that size of section 0 is always |
3145 | zero, and we rely on this for optional sections. */ | 3209 | zero, and we rely on this for optional sections. */ |
3146 | static int load_module(struct load_info *info, const char __user *uargs, | 3210 | static int load_module(struct load_info *info, const char __user *uargs, |
3147 | int flags) | 3211 | int flags) |
3148 | { | 3212 | { |
3149 | struct module *mod, *old; | 3213 | struct module *mod; |
3150 | long err; | 3214 | long err; |
3151 | 3215 | ||
3152 | err = module_sig_check(info); | 3216 | err = module_sig_check(info); |
@@ -3164,36 +3228,20 @@ static int load_module(struct load_info *info, const char __user *uargs, | |||
3164 | goto free_copy; | 3228 | goto free_copy; |
3165 | } | 3229 | } |
3166 | 3230 | ||
3167 | /* | 3231 | /* Reserve our place in the list. */ |
3168 | * We try to place it in the list now to make sure it's unique | 3232 | err = add_unformed_module(mod); |
3169 | * before we dedicate too many resources. In particular, | 3233 | if (err) |
3170 | * temporary percpu memory exhaustion. | ||
3171 | */ | ||
3172 | mod->state = MODULE_STATE_UNFORMED; | ||
3173 | again: | ||
3174 | mutex_lock(&module_mutex); | ||
3175 | if ((old = find_module_all(mod->name, true)) != NULL) { | ||
3176 | if (old->state == MODULE_STATE_COMING | ||
3177 | || old->state == MODULE_STATE_UNFORMED) { | ||
3178 | /* Wait in case it fails to load. */ | ||
3179 | mutex_unlock(&module_mutex); | ||
3180 | err = wait_event_interruptible(module_wq, | ||
3181 | finished_loading(mod->name)); | ||
3182 | if (err) | ||
3183 | goto free_module; | ||
3184 | goto again; | ||
3185 | } | ||
3186 | err = -EEXIST; | ||
3187 | mutex_unlock(&module_mutex); | ||
3188 | goto free_module; | 3234 | goto free_module; |
3189 | } | ||
3190 | list_add_rcu(&mod->list, &modules); | ||
3191 | mutex_unlock(&module_mutex); | ||
3192 | 3235 | ||
3193 | #ifdef CONFIG_MODULE_SIG | 3236 | #ifdef CONFIG_MODULE_SIG |
3194 | mod->sig_ok = info->sig_ok; | 3237 | mod->sig_ok = info->sig_ok; |
3195 | if (!mod->sig_ok) | 3238 | if (!mod->sig_ok) { |
3196 | add_taint_module(mod, TAINT_FORCED_MODULE); | 3239 | printk_once(KERN_NOTICE |
3240 | "%s: module verification failed: signature and/or" | ||
3241 | " required key missing - tainting kernel\n", | ||
3242 | mod->name); | ||
3243 | add_taint_module(mod, TAINT_FORCED_MODULE, LOCKDEP_STILL_OK); | ||
3244 | } | ||
3197 | #endif | 3245 | #endif |
3198 | 3246 | ||
3199 | /* Now module is in final location, initialize linked lists, etc. */ | 3247 | /* Now module is in final location, initialize linked lists, etc. */ |
@@ -3236,21 +3284,11 @@ again: | |||
3236 | 3284 | ||
3237 | dynamic_debug_setup(info->debug, info->num_debug); | 3285 | dynamic_debug_setup(info->debug, info->num_debug); |
3238 | 3286 | ||
3239 | mutex_lock(&module_mutex); | 3287 | /* Finally it's fully formed, ready to start executing. */ |
3240 | /* Find duplicate symbols (must be called under lock). */ | 3288 | err = complete_formation(mod, info); |
3241 | err = verify_export_symbols(mod); | 3289 | if (err) |
3242 | if (err < 0) | ||
3243 | goto ddebug_cleanup; | 3290 | goto ddebug_cleanup; |
3244 | 3291 | ||
3245 | /* This relies on module_mutex for list integrity. */ | ||
3246 | module_bug_finalize(info->hdr, info->sechdrs, mod); | ||
3247 | |||
3248 | /* Mark state as coming so strong_try_module_get() ignores us, | ||
3249 | * but kallsyms etc. can see us. */ | ||
3250 | mod->state = MODULE_STATE_COMING; | ||
3251 | |||
3252 | mutex_unlock(&module_mutex); | ||
3253 | |||
3254 | /* Module is ready to execute: parsing args may do that. */ | 3292 | /* Module is ready to execute: parsing args may do that. */ |
3255 | err = parse_args(mod->name, mod->args, mod->kp, mod->num_kp, | 3293 | err = parse_args(mod->name, mod->args, mod->kp, mod->num_kp, |
3256 | -32768, 32767, &ddebug_dyndbg_module_param_cb); | 3294 | -32768, 32767, &ddebug_dyndbg_module_param_cb); |
@@ -3274,8 +3312,8 @@ again: | |||
3274 | /* module_bug_cleanup needs module_mutex protection */ | 3312 | /* module_bug_cleanup needs module_mutex protection */ |
3275 | mutex_lock(&module_mutex); | 3313 | mutex_lock(&module_mutex); |
3276 | module_bug_cleanup(mod); | 3314 | module_bug_cleanup(mod); |
3277 | ddebug_cleanup: | ||
3278 | mutex_unlock(&module_mutex); | 3315 | mutex_unlock(&module_mutex); |
3316 | ddebug_cleanup: | ||
3279 | dynamic_debug_remove(info->debug); | 3317 | dynamic_debug_remove(info->debug); |
3280 | synchronize_sched(); | 3318 | synchronize_sched(); |
3281 | kfree(mod->args); | 3319 | kfree(mod->args); |
diff --git a/kernel/panic.c b/kernel/panic.c index e1b2822fff97..7c57cc9eee2c 100644 --- a/kernel/panic.c +++ b/kernel/panic.c | |||
@@ -259,26 +259,19 @@ unsigned long get_taint(void) | |||
259 | return tainted_mask; | 259 | return tainted_mask; |
260 | } | 260 | } |
261 | 261 | ||
262 | void add_taint(unsigned flag) | 262 | /** |
263 | * add_taint: add a taint flag if not already set. | ||
264 | * @flag: one of the TAINT_* constants. | ||
265 | * @lockdep_ok: whether lock debugging is still OK. | ||
266 | * | ||
267 | * If something bad has gone wrong, you'll want @lockdebug_ok = false, but for | ||
268 | * some notewortht-but-not-corrupting cases, it can be set to true. | ||
269 | */ | ||
270 | void add_taint(unsigned flag, enum lockdep_ok lockdep_ok) | ||
263 | { | 271 | { |
264 | /* | 272 | if (lockdep_ok == LOCKDEP_NOW_UNRELIABLE && __debug_locks_off()) |
265 | * Can't trust the integrity of the kernel anymore. | 273 | printk(KERN_WARNING |
266 | * We don't call directly debug_locks_off() because the issue | 274 | "Disabling lock debugging due to kernel taint\n"); |
267 | * is not necessarily serious enough to set oops_in_progress to 1 | ||
268 | * Also we want to keep up lockdep for staging/out-of-tree | ||
269 | * development and post-warning case. | ||
270 | */ | ||
271 | switch (flag) { | ||
272 | case TAINT_CRAP: | ||
273 | case TAINT_OOT_MODULE: | ||
274 | case TAINT_WARN: | ||
275 | case TAINT_FIRMWARE_WORKAROUND: | ||
276 | break; | ||
277 | |||
278 | default: | ||
279 | if (__debug_locks_off()) | ||
280 | printk(KERN_WARNING "Disabling lock debugging due to kernel taint\n"); | ||
281 | } | ||
282 | 275 | ||
283 | set_bit(flag, &tainted_mask); | 276 | set_bit(flag, &tainted_mask); |
284 | } | 277 | } |
@@ -421,7 +414,8 @@ static void warn_slowpath_common(const char *file, int line, void *caller, | |||
421 | print_modules(); | 414 | print_modules(); |
422 | dump_stack(); | 415 | dump_stack(); |
423 | print_oops_end_marker(); | 416 | print_oops_end_marker(); |
424 | add_taint(taint); | 417 | /* Just a warning, don't kill lockdep. */ |
418 | add_taint(taint, LOCKDEP_STILL_OK); | ||
425 | } | 419 | } |
426 | 420 | ||
427 | void warn_slowpath_fmt(const char *file, int line, const char *fmt, ...) | 421 | void warn_slowpath_fmt(const char *file, int line, const char *fmt, ...) |
diff --git a/kernel/sched/core.c b/kernel/sched/core.c index f1bdecf09afb..fc9103e9ff03 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c | |||
@@ -2796,7 +2796,7 @@ static noinline void __schedule_bug(struct task_struct *prev) | |||
2796 | if (irqs_disabled()) | 2796 | if (irqs_disabled()) |
2797 | print_irqtrace_events(prev); | 2797 | print_irqtrace_events(prev); |
2798 | dump_stack(); | 2798 | dump_stack(); |
2799 | add_taint(TAINT_WARN); | 2799 | add_taint(TAINT_WARN, LOCKDEP_STILL_OK); |
2800 | } | 2800 | } |
2801 | 2801 | ||
2802 | /* | 2802 | /* |
diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 95e9e55602a8..d8df00e69c14 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c | |||
@@ -2018,7 +2018,7 @@ static int proc_taint(struct ctl_table *table, int write, | |||
2018 | int i; | 2018 | int i; |
2019 | for (i = 0; i < BITS_PER_LONG && tmptaint >> i; i++) { | 2019 | for (i = 0; i < BITS_PER_LONG && tmptaint >> i; i++) { |
2020 | if ((tmptaint >> i) & 1) | 2020 | if ((tmptaint >> i) & 1) |
2021 | add_taint(i); | 2021 | add_taint(i, LOCKDEP_STILL_OK); |
2022 | } | 2022 | } |
2023 | } | 2023 | } |
2024 | 2024 | ||