From a5dd69707424a35d2d2cc094e870f595ad61e916 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Fri, 9 May 2008 16:24:21 +1000 Subject: module: be more picky about allowing missing module versions We allow missing __versions sections, because modprobe --force strips it. It makes less sense to allow sections where there's no version for a specific symbol the module uses, so disallow that. Signed-off-by: Rusty Russell Signed-off-by: Linus Torvalds --- kernel/module.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'kernel/module.c') diff --git a/kernel/module.c b/kernel/module.c index 8e4528c9909f..2584c0e2762d 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -917,6 +917,10 @@ static int check_version(Elf_Shdr *sechdrs, if (!crc) return 1; + /* No versions at all? modprobe --force does this. */ + if (versindex == 0) + return try_to_force_load(mod, symname) == 0; + versions = (void *) sechdrs[versindex].sh_addr; num_versions = sechdrs[versindex].sh_size / sizeof(struct modversion_info); @@ -932,8 +936,9 @@ static int check_version(Elf_Shdr *sechdrs, goto bad_version; } - if (!try_to_force_load(mod, symname)) - return 1; + printk(KERN_WARNING "%s: no symbol version for %s\n", + mod->name, symname); + return 0; bad_version: printk("%s: disagrees about version of symbol %s\n", -- cgit v1.2.2 From 91e37a793b5a9436a2d12b2f0a8f52db3a133e1d Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Fri, 9 May 2008 16:25:28 +1000 Subject: module: don't ignore vermagic string if module doesn't have modversions Linus found a logic bug: we ignore the version number in a module's vermagic string if we have CONFIG_MODVERSIONS set, but modversions also lets through a module with no __versions section for modprobe --force (with tainting, but still). We should only ignore the start of the vermagic string if the module actually *has* crcs to check. Rather than (say) having an entertaining hissy fit and creating a config option to work around the buggy code. Signed-off-by: Rusty Russell Signed-off-by: Linus Torvalds --- kernel/module.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'kernel/module.c') diff --git a/kernel/module.c b/kernel/module.c index 2584c0e2762d..f5e9491ef7ac 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -957,11 +957,14 @@ static inline int check_modstruct_version(Elf_Shdr *sechdrs, return check_version(sechdrs, versindex, "struct_module", mod, crc); } -/* First part is kernel version, which we ignore. */ -static inline int same_magic(const char *amagic, const char *bmagic) +/* First part is kernel version, which we ignore if module has crcs. */ +static inline int same_magic(const char *amagic, const char *bmagic, + bool has_crcs) { - amagic += strcspn(amagic, " "); - bmagic += strcspn(bmagic, " "); + if (has_crcs) { + amagic += strcspn(amagic, " "); + bmagic += strcspn(bmagic, " "); + } return strcmp(amagic, bmagic) == 0; } #else @@ -981,7 +984,8 @@ static inline int check_modstruct_version(Elf_Shdr *sechdrs, return 1; } -static inline int same_magic(const char *amagic, const char *bmagic) +static inline int same_magic(const char *amagic, const char *bmagic, + bool has_crcs) { return strcmp(amagic, bmagic) == 0; } @@ -1874,7 +1878,7 @@ static struct module *load_module(void __user *umod, err = try_to_force_load(mod, "magic"); if (err) goto free_hdr; - } else if (!same_magic(modmagic, vermagic)) { + } else if (!same_magic(modmagic, vermagic, versindex)) { printk(KERN_ERR "%s: version magic '%s' should be '%s'\n", mod->name, modmagic, vermagic); err = -ENOEXEC; -- cgit v1.2.2