diff mbox series

[v2,1/2] module: Add a new helper delete_module()

Message ID 20240407035730.20282-2-laoar.shao@gmail.com (mailing list archive)
State New, archived
Headers show
Series livepatch, module: Delete the associated module of disabled livepatch | expand

Commit Message

Yafang Shao April 7, 2024, 3:57 a.m. UTC
Introduce a new helper function, delete_module(), designed to delete kernel
modules from locations outside of the `kernel/module` directory.

No functional change.

Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
---
 include/linux/module.h |  1 +
 kernel/module/main.c   | 82 ++++++++++++++++++++++++++++++++----------
 2 files changed, 65 insertions(+), 18 deletions(-)

Comments

Yafang Shao April 24, 2024, 12:09 p.m. UTC | #1
On Sun, Apr 7, 2024 at 11:58 AM Yafang Shao <laoar.shao@gmail.com> wrote:
>
> Introduce a new helper function, delete_module(), designed to delete kernel
> modules from locations outside of the `kernel/module` directory.
>
> No functional change.
>
> Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
> ---
>  include/linux/module.h |  1 +
>  kernel/module/main.c   | 82 ++++++++++++++++++++++++++++++++----------
>  2 files changed, 65 insertions(+), 18 deletions(-)
>
> diff --git a/include/linux/module.h b/include/linux/module.h
> index 1153b0d99a80..c24557f1b795 100644
> --- a/include/linux/module.h
> +++ b/include/linux/module.h
> @@ -75,6 +75,7 @@ extern struct module_attribute module_uevent;
>  /* These are either module local, or the kernel's dummy ones. */
>  extern int init_module(void);
>  extern void cleanup_module(void);
> +extern int delete_module(struct module *mod);
>
>  #ifndef MODULE
>  /**
> diff --git a/kernel/module/main.c b/kernel/module/main.c
> index e1e8a7a9d6c1..3b48ee66db41 100644
> --- a/kernel/module/main.c
> +++ b/kernel/module/main.c
> @@ -695,12 +695,74 @@ EXPORT_SYMBOL(module_refcount);
>  /* This exists whether we can unload or not */
>  static void free_module(struct module *mod);
>
> +static void __delete_module(struct module *mod)
> +{
> +       char buf[MODULE_FLAGS_BUF_SIZE];
> +
> +       WARN_ON_ONCE(mod->state != MODULE_STATE_GOING);
> +
> +       /* Final destruction now no one is using it. */
> +       if (mod->exit != NULL)
> +               mod->exit();
> +       blocking_notifier_call_chain(&module_notify_list,
> +                                    MODULE_STATE_GOING, mod);
> +       klp_module_going(mod);
> +       ftrace_release_mod(mod);
> +
> +       async_synchronize_full();
> +
> +       /* Store the name and taints of the last unloaded module for diagnostic purposes */
> +       strscpy(last_unloaded_module.name, mod->name, sizeof(last_unloaded_module.name));
> +       strscpy(last_unloaded_module.taints, module_flags(mod, buf, false),
> +               sizeof(last_unloaded_module.taints));
> +
> +       free_module(mod);
> +       /* someone could wait for the module in add_unformed_module() */
> +       wake_up_all(&module_wq);
> +}
> +
> +int delete_module(struct module *mod)
> +{
> +       int ret;
> +
> +       mutex_lock(&module_mutex);
> +       if (!list_empty(&mod->source_list)) {
> +               /* Other modules depend on us: get rid of them first. */
> +               ret = -EWOULDBLOCK;
> +               goto out;
> +       }
> +
> +       /* Doing init or already dying? */
> +       if (mod->state != MODULE_STATE_LIVE) {
> +               ret = -EBUSY;
> +               goto out;
> +       }
> +
> +       /* If it has an init func, it must have an exit func to unload */
> +       if (mod->init && !mod->exit) {
> +               ret = -EBUSY;
> +               goto out;
> +       }
> +
> +       if (try_release_module_ref(mod) != 0) {
> +               ret = -EWOULDBLOCK;
> +               goto out;
> +       }
> +       mod->state = MODULE_STATE_GOING;
> +       mutex_unlock(&module_mutex);
> +       __delete_module(mod);
> +       return 0;
> +
> +out:
> +       mutex_unlock(&module_mutex);
> +       return ret;
> +}
> +
>  SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
>                 unsigned int, flags)
>  {
>         struct module *mod;
>         char name[MODULE_NAME_LEN];
> -       char buf[MODULE_FLAGS_BUF_SIZE];
>         int ret, forced = 0;
>
>         if (!capable(CAP_SYS_MODULE) || modules_disabled)
> @@ -750,23 +812,7 @@ SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
>                 goto out;
>
>         mutex_unlock(&module_mutex);
> -       /* Final destruction now no one is using it. */
> -       if (mod->exit != NULL)
> -               mod->exit();
> -       blocking_notifier_call_chain(&module_notify_list,
> -                                    MODULE_STATE_GOING, mod);
> -       klp_module_going(mod);
> -       ftrace_release_mod(mod);
> -
> -       async_synchronize_full();
> -
> -       /* Store the name and taints of the last unloaded module for diagnostic purposes */
> -       strscpy(last_unloaded_module.name, mod->name, sizeof(last_unloaded_module.name));
> -       strscpy(last_unloaded_module.taints, module_flags(mod, buf, false), sizeof(last_unloaded_module.taints));
> -
> -       free_module(mod);
> -       /* someone could wait for the module in add_unformed_module() */
> -       wake_up_all(&module_wq);
> +       __delete_module(mod);
>         return 0;
>  out:
>         mutex_unlock(&module_mutex);
> --
> 2.39.1
>

Luis, Greg,

Since the last version, there hasn't been any response. Would you mind
taking a moment to review it and provide your feedback on the
kernel/module changes?
Greg Kroah-Hartman May 4, 2024, 4:53 p.m. UTC | #2
On Wed, Apr 24, 2024 at 08:09:05PM +0800, Yafang Shao wrote:
> On Sun, Apr 7, 2024 at 11:58 AM Yafang Shao <laoar.shao@gmail.com> wrote:
> >
> > Introduce a new helper function, delete_module(), designed to delete kernel
> > modules from locations outside of the `kernel/module` directory.
> >
> > No functional change.
> >
> > Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
> > ---
> >  include/linux/module.h |  1 +
> >  kernel/module/main.c   | 82 ++++++++++++++++++++++++++++++++----------
> >  2 files changed, 65 insertions(+), 18 deletions(-)
> >
> > diff --git a/include/linux/module.h b/include/linux/module.h
> > index 1153b0d99a80..c24557f1b795 100644
> > --- a/include/linux/module.h
> > +++ b/include/linux/module.h
> > @@ -75,6 +75,7 @@ extern struct module_attribute module_uevent;
> >  /* These are either module local, or the kernel's dummy ones. */
> >  extern int init_module(void);
> >  extern void cleanup_module(void);
> > +extern int delete_module(struct module *mod);
> >
> >  #ifndef MODULE
> >  /**
> > diff --git a/kernel/module/main.c b/kernel/module/main.c
> > index e1e8a7a9d6c1..3b48ee66db41 100644
> > --- a/kernel/module/main.c
> > +++ b/kernel/module/main.c
> > @@ -695,12 +695,74 @@ EXPORT_SYMBOL(module_refcount);
> >  /* This exists whether we can unload or not */
> >  static void free_module(struct module *mod);
> >
> > +static void __delete_module(struct module *mod)
> > +{
> > +       char buf[MODULE_FLAGS_BUF_SIZE];
> > +
> > +       WARN_ON_ONCE(mod->state != MODULE_STATE_GOING);
> > +
> > +       /* Final destruction now no one is using it. */
> > +       if (mod->exit != NULL)
> > +               mod->exit();
> > +       blocking_notifier_call_chain(&module_notify_list,
> > +                                    MODULE_STATE_GOING, mod);
> > +       klp_module_going(mod);
> > +       ftrace_release_mod(mod);
> > +
> > +       async_synchronize_full();
> > +
> > +       /* Store the name and taints of the last unloaded module for diagnostic purposes */
> > +       strscpy(last_unloaded_module.name, mod->name, sizeof(last_unloaded_module.name));
> > +       strscpy(last_unloaded_module.taints, module_flags(mod, buf, false),
> > +               sizeof(last_unloaded_module.taints));
> > +
> > +       free_module(mod);
> > +       /* someone could wait for the module in add_unformed_module() */
> > +       wake_up_all(&module_wq);
> > +}
> > +
> > +int delete_module(struct module *mod)
> > +{
> > +       int ret;
> > +
> > +       mutex_lock(&module_mutex);
> > +       if (!list_empty(&mod->source_list)) {
> > +               /* Other modules depend on us: get rid of them first. */
> > +               ret = -EWOULDBLOCK;
> > +               goto out;
> > +       }
> > +
> > +       /* Doing init or already dying? */
> > +       if (mod->state != MODULE_STATE_LIVE) {
> > +               ret = -EBUSY;
> > +               goto out;
> > +       }
> > +
> > +       /* If it has an init func, it must have an exit func to unload */
> > +       if (mod->init && !mod->exit) {
> > +               ret = -EBUSY;
> > +               goto out;
> > +       }
> > +
> > +       if (try_release_module_ref(mod) != 0) {
> > +               ret = -EWOULDBLOCK;
> > +               goto out;
> > +       }
> > +       mod->state = MODULE_STATE_GOING;
> > +       mutex_unlock(&module_mutex);
> > +       __delete_module(mod);
> > +       return 0;
> > +
> > +out:
> > +       mutex_unlock(&module_mutex);
> > +       return ret;
> > +}
> > +
> >  SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
> >                 unsigned int, flags)
> >  {
> >         struct module *mod;
> >         char name[MODULE_NAME_LEN];
> > -       char buf[MODULE_FLAGS_BUF_SIZE];
> >         int ret, forced = 0;
> >
> >         if (!capable(CAP_SYS_MODULE) || modules_disabled)
> > @@ -750,23 +812,7 @@ SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
> >                 goto out;
> >
> >         mutex_unlock(&module_mutex);
> > -       /* Final destruction now no one is using it. */
> > -       if (mod->exit != NULL)
> > -               mod->exit();
> > -       blocking_notifier_call_chain(&module_notify_list,
> > -                                    MODULE_STATE_GOING, mod);
> > -       klp_module_going(mod);
> > -       ftrace_release_mod(mod);
> > -
> > -       async_synchronize_full();
> > -
> > -       /* Store the name and taints of the last unloaded module for diagnostic purposes */
> > -       strscpy(last_unloaded_module.name, mod->name, sizeof(last_unloaded_module.name));
> > -       strscpy(last_unloaded_module.taints, module_flags(mod, buf, false), sizeof(last_unloaded_module.taints));
> > -
> > -       free_module(mod);
> > -       /* someone could wait for the module in add_unformed_module() */
> > -       wake_up_all(&module_wq);
> > +       __delete_module(mod);
> >         return 0;
> >  out:
> >         mutex_unlock(&module_mutex);
> > --
> > 2.39.1
> >
> 
> Luis, Greg,
> 
> Since the last version, there hasn't been any response. Would you mind
> taking a moment to review it and provide your feedback on the
> kernel/module changes?

There was response on patch 2/2, which is why I deleted this from my
review queue a long time ago.

Please address that if you wish to, and then resend if you feel this is
still needed.

Personally, I really don't like this function you added...

thanks,

greg k-h
Luis Chamberlain May 4, 2024, 9:36 p.m. UTC | #3
On Wed, Apr 24, 2024 at 08:09:05PM +0800, Yafang Shao wrote:
> Luis, Greg,
> 
> Since the last version, there hasn't been any response. Would you mind
> taking a moment to review it and provide your feedback on the
> kernel/module changes?

Josh had feedback for you. Without any Acked-by from livepatch folks this
isn't capturing the full picture.

  Luis
Josh Poimboeuf May 4, 2024, 10:26 p.m. UTC | #4
On Sat, May 04, 2024 at 06:53:05PM +0200, Greg KH wrote:
> > Luis, Greg,
> > 
> > Since the last version, there hasn't been any response. Would you mind
> > taking a moment to review it and provide your feedback on the
> > kernel/module changes?
> 
> There was response on patch 2/2, which is why I deleted this from my
> review queue a long time ago.

Assuming you're referring to my comment (which is the only one I've
seen), that was only yesterday ;-)

> Please address that if you wish to, and then resend if you feel this is
> still needed.
> 
> Personally, I really don't like this function you added...

I tend to agree...
Petr Mladek May 6, 2024, 11:58 a.m. UTC | #5
On Sun 2024-04-07 11:57:29, Yafang Shao wrote:
> Introduce a new helper function, delete_module(), designed to delete kernel
> modules from locations outside of the `kernel/module` directory.
> 
> No functional change.
> 
> --- a/kernel/module/main.c
> +++ b/kernel/module/main.c
> @@ -695,12 +695,74 @@ EXPORT_SYMBOL(module_refcount);
>  /* This exists whether we can unload or not */
>  static void free_module(struct module *mod);
>  
> +static void __delete_module(struct module *mod)
> +{
> +	char buf[MODULE_FLAGS_BUF_SIZE];
> +
> +	WARN_ON_ONCE(mod->state != MODULE_STATE_GOING);
> +
> +	/* Final destruction now no one is using it. */
> +	if (mod->exit != NULL)
> +		mod->exit();
> +	blocking_notifier_call_chain(&module_notify_list,
> +				     MODULE_STATE_GOING, mod);
> +	klp_module_going(mod);
> +	ftrace_release_mod(mod);
> +
> +	async_synchronize_full();
> +
> +	/* Store the name and taints of the last unloaded module for diagnostic purposes */
> +	strscpy(last_unloaded_module.name, mod->name, sizeof(last_unloaded_module.name));
> +	strscpy(last_unloaded_module.taints, module_flags(mod, buf, false),
> +		sizeof(last_unloaded_module.taints));
> +
> +	free_module(mod);
> +	/* someone could wait for the module in add_unformed_module() */
> +	wake_up_all(&module_wq);
> +}
> +
> +int delete_module(struct module *mod)
> +{
> +	int ret;
> +
> +	mutex_lock(&module_mutex);
> +	if (!list_empty(&mod->source_list)) {
> +		/* Other modules depend on us: get rid of them first. */
> +		ret = -EWOULDBLOCK;
> +		goto out;
> +	}

This is cut&paste from SYSCALL_DEFINE2(delete_module...

> +
> +	/* Doing init or already dying? */
> +	if (mod->state != MODULE_STATE_LIVE) {
> +		ret = -EBUSY;
> +		goto out;
> +	}

Same here. You only removed the debug message. Why?

> +
> +	/* If it has an init func, it must have an exit func to unload */
> +	if (mod->init && !mod->exit) {
> +		ret = -EBUSY;
> +		goto out;
> +	}

Same code, just without the "forced" handling.

> +
> +	if (try_release_module_ref(mod) != 0) {
> +		ret = -EWOULDBLOCK;
> +		goto out;
> +	}

This is the same as try_stop_module() without the "forced" handling.

> +	mod->state = MODULE_STATE_GOING;
> +	mutex_unlock(&module_mutex);
> +	__delete_module(mod);
> +	return 0;

I am sure that we could better refactor the code to remove
the code duplication.

> +
> +out:
> +	mutex_unlock(&module_mutex);
> +	return ret;
> +}
> +
>  SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
>  		unsigned int, flags)
>  {
>  	struct module *mod;
>  	char name[MODULE_NAME_LEN];
> -	char buf[MODULE_FLAGS_BUF_SIZE];
>  	int ret, forced = 0;
>  
>  	if (!capable(CAP_SYS_MODULE) || modules_disabled)

Otherwise, it looks good to me.

Best Regards,
Petr
diff mbox series

Patch

diff --git a/include/linux/module.h b/include/linux/module.h
index 1153b0d99a80..c24557f1b795 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -75,6 +75,7 @@  extern struct module_attribute module_uevent;
 /* These are either module local, or the kernel's dummy ones. */
 extern int init_module(void);
 extern void cleanup_module(void);
+extern int delete_module(struct module *mod);
 
 #ifndef MODULE
 /**
diff --git a/kernel/module/main.c b/kernel/module/main.c
index e1e8a7a9d6c1..3b48ee66db41 100644
--- a/kernel/module/main.c
+++ b/kernel/module/main.c
@@ -695,12 +695,74 @@  EXPORT_SYMBOL(module_refcount);
 /* This exists whether we can unload or not */
 static void free_module(struct module *mod);
 
+static void __delete_module(struct module *mod)
+{
+	char buf[MODULE_FLAGS_BUF_SIZE];
+
+	WARN_ON_ONCE(mod->state != MODULE_STATE_GOING);
+
+	/* Final destruction now no one is using it. */
+	if (mod->exit != NULL)
+		mod->exit();
+	blocking_notifier_call_chain(&module_notify_list,
+				     MODULE_STATE_GOING, mod);
+	klp_module_going(mod);
+	ftrace_release_mod(mod);
+
+	async_synchronize_full();
+
+	/* Store the name and taints of the last unloaded module for diagnostic purposes */
+	strscpy(last_unloaded_module.name, mod->name, sizeof(last_unloaded_module.name));
+	strscpy(last_unloaded_module.taints, module_flags(mod, buf, false),
+		sizeof(last_unloaded_module.taints));
+
+	free_module(mod);
+	/* someone could wait for the module in add_unformed_module() */
+	wake_up_all(&module_wq);
+}
+
+int delete_module(struct module *mod)
+{
+	int ret;
+
+	mutex_lock(&module_mutex);
+	if (!list_empty(&mod->source_list)) {
+		/* Other modules depend on us: get rid of them first. */
+		ret = -EWOULDBLOCK;
+		goto out;
+	}
+
+	/* Doing init or already dying? */
+	if (mod->state != MODULE_STATE_LIVE) {
+		ret = -EBUSY;
+		goto out;
+	}
+
+	/* If it has an init func, it must have an exit func to unload */
+	if (mod->init && !mod->exit) {
+		ret = -EBUSY;
+		goto out;
+	}
+
+	if (try_release_module_ref(mod) != 0) {
+		ret = -EWOULDBLOCK;
+		goto out;
+	}
+	mod->state = MODULE_STATE_GOING;
+	mutex_unlock(&module_mutex);
+	__delete_module(mod);
+	return 0;
+
+out:
+	mutex_unlock(&module_mutex);
+	return ret;
+}
+
 SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
 		unsigned int, flags)
 {
 	struct module *mod;
 	char name[MODULE_NAME_LEN];
-	char buf[MODULE_FLAGS_BUF_SIZE];
 	int ret, forced = 0;
 
 	if (!capable(CAP_SYS_MODULE) || modules_disabled)
@@ -750,23 +812,7 @@  SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
 		goto out;
 
 	mutex_unlock(&module_mutex);
-	/* Final destruction now no one is using it. */
-	if (mod->exit != NULL)
-		mod->exit();
-	blocking_notifier_call_chain(&module_notify_list,
-				     MODULE_STATE_GOING, mod);
-	klp_module_going(mod);
-	ftrace_release_mod(mod);
-
-	async_synchronize_full();
-
-	/* Store the name and taints of the last unloaded module for diagnostic purposes */
-	strscpy(last_unloaded_module.name, mod->name, sizeof(last_unloaded_module.name));
-	strscpy(last_unloaded_module.taints, module_flags(mod, buf, false), sizeof(last_unloaded_module.taints));
-
-	free_module(mod);
-	/* someone could wait for the module in add_unformed_module() */
-	wake_up_all(&module_wq);
+	__delete_module(mod);
 	return 0;
 out:
 	mutex_unlock(&module_mutex);