mbox series

[00/12] Module Validation Refactor

Message ID 20241015231651.3851138-1-mmaurer@google.com (mailing list archive)
Headers show
Series Module Validation Refactor | expand

Message

Matthew Maurer Oct. 15, 2024, 11:16 p.m. UTC
Split out from Extended MODVERSIONS Support [1]

This series refactors module validation during loading to ensure that
everything is checked on its way in. This is intended to make the code
robust enough that we can more confidently add new pieces like extended
MODVERSIONS.

[1] https://lore.kernel.org/all/20240925233854.90072-1-mmaurer@google.com/

Matthew Maurer (12):
  module: Take const arg in validate_section_offset
  module: Factor out elf_validity_ehdr
  module: Factor out elf_validity_cache_sechdrs
  module: Factor out elf_validity_cache_secstrings
  module: Factor out elf_validity_cache_index_info
  module: Factor out elf_validity_cache_index_mod
  module: Factor out elf_validity_cache_index_sym
  module: Factor out elf_validity_cache_index_str
  module: Group section index calculations together
  module: Factor out elf_validity_cache_strtab
  module: Additional validation in elf_validity_cache_strtab
  module: Reformat struct for code style

 kernel/module/internal.h |   7 +-
 kernel/module/main.c     | 569 +++++++++++++++++++++++++++++----------
 2 files changed, 428 insertions(+), 148 deletions(-)

Comments

Sami Tolvanen Oct. 17, 2024, 12:44 a.m. UTC | #1
Hi,

On Tue, Oct 15, 2024 at 4:16 PM Matthew Maurer <mmaurer@google.com> wrote:
>
> Split out from Extended MODVERSIONS Support [1]
>
> This series refactors module validation during loading to ensure that
> everything is checked on its way in. This is intended to make the code
> robust enough that we can more confidently add new pieces like extended
> MODVERSIONS.
>
> [1] https://lore.kernel.org/all/20240925233854.90072-1-mmaurer@google.com/
>
> Matthew Maurer (12):
>   module: Take const arg in validate_section_offset
>   module: Factor out elf_validity_ehdr
>   module: Factor out elf_validity_cache_sechdrs
>   module: Factor out elf_validity_cache_secstrings
>   module: Factor out elf_validity_cache_index_info
>   module: Factor out elf_validity_cache_index_mod
>   module: Factor out elf_validity_cache_index_sym
>   module: Factor out elf_validity_cache_index_str
>   module: Group section index calculations together
>   module: Factor out elf_validity_cache_strtab
>   module: Additional validation in elf_validity_cache_strtab
>   module: Reformat struct for code style
>
>  kernel/module/internal.h |   7 +-
>  kernel/module/main.c     | 569 +++++++++++++++++++++++++++++----------
>  2 files changed, 428 insertions(+), 148 deletions(-)

Looks like these patches are unchanged from the pre-split version[1].
For the series:

Reviewed-by: Sami Tolvanen <samitolvanen@google.com>

[1] https://lore.kernel.org/linux-modules/20240925233854.90072-1-mmaurer@google.com/

Sami
Luis Chamberlain Oct. 19, 2024, 10:10 p.m. UTC | #2
On Tue, Oct 15, 2024 at 11:16:34PM +0000, Matthew Maurer wrote:
> Split out from Extended MODVERSIONS Support [1]
> 
> This series refactors module validation during loading to ensure that
> everything is checked on its way in. This is intended to make the code
> robust enough that we can more confidently add new pieces like extended
> MODVERSIONS.
> 
> [1] https://lore.kernel.org/all/20240925233854.90072-1-mmaurer@google.com/

Thanks! KPD [0] picked this up and ran automated tests for us using kdevops,
and the tests passed [1], I've included that into the last commit log and
pushed to modules-next [2].

[0] https://github.com/facebookincubator/kernel-patches-daemon
[1] https://github.com/linux-kdevops/linux-modules-kpd/actions/runs/11420095343
[2] git://git.kernel.org/pub/scm/linux/kernel/git/modules/linux.git

  Luis