Dmitry Antipov [Fri, 19 May 2023 07:46:38 +0000 (10:46 +0300)]
libkmod: fix possible out-of-bounds memory access
An attempt to pass too long module name to, say, rmmod, may
cause an out-of-bounds memory access (as repoted by UBSan):
$ rmmod $(for i in $(seq 0 4200); do echo -ne x; done)
libkmod/libkmod-module.c:1828:8: runtime error: index 4107 out of bounds for type 'char [4096]'
This is because 'snprintf(path, sizeof(path), ...)' may return the
value which exceeds 'sizeof(path)' (which happens when an output
gets truncated). To play it safe, such a suspicious output is
better to be rejected explicitly.
Dmitry Antipov [Fri, 19 May 2023 09:36:30 +0000 (12:36 +0300)]
libkmod, depmod: prefer -ENODATA over -ENOENT if no section found
When the module is definitely present but CONFIG_MODVERSIONS is
disabled, the following error message may be somewhat confusing:
modprobe --dump-modversions /path/to/module.ko.xz
modprobe: FATAL: could not get modversions of /path/to/module.ko.xz: No such file or directory
Choosing among the convenient errno values, I would suggest to use
ENODATA when the module lacks a particular ELF section (and vermagic
as well). So now it is expected to be:
modprobe: FATAL: could not get modversions of /path/to/module.ko.xz: No data available
Nicolas Schier [Tue, 18 Apr 2023 08:52:38 +0000 (10:52 +0200)]
modprobe: rmmod_do_module: Free kmod list of holders
Add a missing kmod_module_unref_list() to fix a memory leak.
Fixes: 42b32d30c38e ("modprobe: Fix holders removal") Signed-off-by: Nicolas Schier <n.schier@avm.de> Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Emil Velikov [Tue, 21 Feb 2023 13:19:29 +0000 (13:19 +0000)]
configure: manage libkmod.pc.in and version.py.in via AC_CONFIG_FILES
Replace the manual sed command, build rules and dist/clean for using
AC_CONFIG_FILES. It does the exact same thing, with an added bonus...
Currently we're missing version.py.in in the EXTRA_DIST. Thus a simple
"touch Makefile" should retrigger the regeneration of version.py. Which
would presumably fail, since the input file isn't in the distribution
tarball.
Signed-off-by: Emil Velikov <emil.velikov@collabora.com> Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Lucas De Marchi [Thu, 9 Feb 2023 19:19:45 +0000 (11:19 -0800)]
testsuite: Move setup-rootfs logic from Makefile to script
It's easier to implement the logic outside of the Makefile, so rename
the populate-modules.sh script to setup-rootfs.sh and move the
additional logic from the makefile to the script.
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com>
Emil Velikov [Mon, 6 Feb 2023 14:32:59 +0000 (14:32 +0000)]
libkmod: error out on unknown hash algorithm
Currently if we see unknown algorithm, we'll do an OOB read in
pkey_hash_algo. This can happen for example if OPENSSL_NO_SM3 is set and
the kernel module uses a SM3 hash.
Cc: Mikhail Novosyolov <m.novosyolov@rosalinux.ru> Cc: Lucas De Marchi <lucas.demarchi@intel.com> Signed-off-by: Emil Velikov <emil.velikov@collabora.com> Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Emil Velikov [Mon, 6 Feb 2023 14:04:49 +0000 (14:04 +0000)]
testsuite/depmod: use defines for the rootfs/lib_modules
The uname used across the tests is same, so drop "_ORDER" from the macro
name and use it throughout. Similarly - add respective LIB_MODULES
defines and use them in the tests.
Signed-off-by: Emil Velikov <emil.velikov@collabora.com> Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Emil Velikov [Mon, 6 Feb 2023 13:18:34 +0000 (13:18 +0000)]
depmod: Introduce outdir option
This option is equivalent to basedir, with the small difference being
that's where the meta-data files are generated. In other words, this
allows us to have read-only input modules and modules.dep, while still
being able to generate the meta-data files.
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
[ Move files to a different dir so input files (produced by kernel build
system is separate from the files generated by depmod (output) ] Signed-off-by: Lucas De Marchi <lucas.demarchi@gmail.com>
Yauheni Kaliuta [Thu, 2 Feb 2023 13:47:36 +0000 (15:47 +0200)]
man/rmmod: explain why modprobe -r is more useful
Improve user experience by explaining the option so the user may
not search explanations in other manpages (modprobe).
Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com> Reviewed-by: Luis Chamberlain <mcgrof@kernel.org> Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Gustavo Sousa [Fri, 13 Jan 2023 21:37:45 +0000 (18:37 -0300)]
modprobe: Allow passing path to module
This is useful to kernel module developers for testing a just compiled
module: instead of using insmod, they can load the module from the path
while getting all the benefits of modprobe (e.g. module dependency
resolution).
v2:
- Add test for relative path as well. (Lucas)
- Add note warning about modules with dependencies not matching the
installed depmod database. (Lucas)
Signed-off-by: Gustavo Sousa <gustavo.sousa@intel.com> Cc: Lucas De Marchi <lucas.demarchi@intel.com> Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Gustavo Sousa [Fri, 13 Jan 2023 21:37:44 +0000 (18:37 -0300)]
modprobe: Move insertion block into separate function
That same logic will be used for enabling modprobe for paths in the next
patch. As such, prepare for that by extracting that block into its own
function.
Signed-off-by: Gustavo Sousa <gustavo.sousa@intel.com> Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
libkmod: do not crash on unknown signature algorithm
Example kernel module:
https://file-store.rosalinux.ru/download/7281f97e0c04c0f818ad3f936706f4a407e8dc7e
(/lib/modules/5.15.67-generic-1rosa2021.1-x86_64/kernel/drivers/usb/host/xhci-pci.ko.zst)
It is signed with Streebog 512.
libkmod v30 crashed in libkmod-module.c:2413 in this code:
n = kmod_module_info_append(list,
"sig_hashalgo", strlen("sig_hashalgo"),
sig_info.hash_algo, strlen(sig_info.hash_algo));
testsuite: fix override of `stat` on 32-bit architectures
When _FILE_OFFSET_BITS is 64, glibc headers turn `stat` calls into
`stat64`, and our `stat` override into a `stat64` function. However,
because we use dlsym to get the address of libc's `stat`, we end up
calling into the "real" `stat` function, which deals with 32-bit off_t,
and we treat its result as if it were returned from stat64. On most
architectures this seems to have been harmless, but on 32-bit mips,
st_mode's offset in struct stat and struct stat64 are different, so we
read garbage.
To fix this, explicitly unset _FILE_OFFSET_BITS in path.c, to turn off
the redirect magic in glibc headers, and override both the 32-bit and
64-bit functions so each call ends up wrapping the right libc function.
build: enable building & running tests from a subdir
During dpkg build, in a subdir, it is currently not possible to run
tests. Building testsuite/modules due to non-existance of the
testsuite directory under the build dir. Thus create it, when it is
not there.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Jan Engelhardt [Thu, 30 Jun 2022 16:47:25 +0000 (18:47 +0200)]
testsuite: repair read of uninitialized memory
Function ``test_backoff_time`` does not initialize ``delta``, and
``get_backoff_delta_msec`` then performs a read from uninitialized
memory with the ``!*delta`` expression.
Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Lucas De Marchi [Fri, 3 Jun 2022 21:50:47 +0000 (14:50 -0700)]
modprobe: Add --wait
Retry module removal if it fails due to EAGAIN. This allows user to pass
--wait <timeout>, during which `modprobe -r` will keep trying to remove
the module.
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Lucas De Marchi [Tue, 29 Mar 2022 09:05:40 +0000 (02:05 -0700)]
modprobe: Make rmmod_do_module() contain all the removal sequence
Move the remaining part of the removal sequence dangling in
rmmod_do_remove_module() to rmmod_do_module() so we can consider this
function is the one controlling all the module removals.
While at it, add some comments about the removal order and normalize
coding style in this function.
Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com> Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Lucas De Marchi [Tue, 29 Mar 2022 09:05:37 +0000 (02:05 -0700)]
modprobe: Fix holders removal
The idea behind --remove-dependencies was to remove other modules that
depend on the current module being removed. It's the reverse
dependency list, not the dependency list of the current module: that
never works since the current module would still hold a ref on it.
Fix it by replacing the call to kmod_module_get_dependencies() with
kmod_module_get_holders() when using that option. Also try to cleanup
the confusion by renaming the option to --remove-holders: "holder" is
the name used in sysfs and by libkmod to refer to a "live" reverse
dependency like what we are interested in.
Before:
./tools/modprobe -D -r --remove-dependencies video
rmmod video
After:
./tools/modprobe -D -r --remove-holders video
rmmod i915
rmmod thinkpad_acpi
rmmod video
Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com> Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Saul Wold [Thu, 31 Mar 2022 21:56:28 +0000 (14:56 -0700)]
depmod: Add support for excluding a directory
This adds support to depmod to enable a new exclude directive in
the depmod.d/*.conf configuration file. Currently depmod
already excludes directories named source or build. This change
will allow additional directories like .debug to be excluded also
via a new exclude directive.
depmod.d/exclude.conf example:
exclude .debug
Signed-off-by: Saul Wold <saul.wold@windriver.com>
[ Fix warnings and make should_exclude_dir() return bool ] Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com>
Lucas De Marchi [Wed, 16 Feb 2022 07:36:49 +0000 (23:36 -0800)]
modinfo: Allow to force arg as module name
If the Linux kernel or userspace sets an alias with the same name as a
module, they force the tools to use that. However in some situations it
may be desired to query the module itself. Getting the module
information through modinfo is one such situation. So, add a option to
modinfo to explicitly instruct it to handle the argument as a module
name.
Example, when trying to output information about the crc32 module that
is builtin:
Lucas De Marchi [Wed, 16 Feb 2022 07:10:58 +0000 (23:10 -0800)]
libkmod: Add lookup from module name
Slightly different than kmod_module_new_from_lookup(): it doesn't
consider aliases, only module names. This is useful for cases we want to
force a tool to handle something as the module name, without trying to
interpret it as an alias.
Lucas De Marchi [Wed, 16 Feb 2022 03:12:05 +0000 (19:12 -0800)]
libkmod: Add helper function to iterate lookup options
The CHECK_ERR_AND_FINISH macro with conditional code flow changes has
been a source of bugs. Get rid of it replacing with a helper function
to iterate an array of lookup functions. This helper may also be useful
in future to create different lookup APIs in libkmod.
Lucas De Marchi [Tue, 15 Feb 2022 22:09:14 +0000 (14:09 -0800)]
libkmod-module: Fix return code for kmod_module_new_from_lookup()
When kmod_module_new_from_lookup() resolves to an alias, `err` will be
set to a positive value from the lookup function. Do not return a
positive value to follow the behavior when it matches a module name
and the documentation.
Lucas De Marchi [Tue, 15 Feb 2022 22:05:13 +0000 (14:05 -0800)]
test-initstate: Check for negative value on error
Documentation says kmod_module_new_from_lookup() returns < 0 on error
and 0 otherwise. There are bugs in libkmod however making it return
a positive value in some situations, that need to be fixed. However
it's best to check for the error explicitly like is done in the rest
of the library to avoid this kind of issues.
Lucas De Marchi [Thu, 10 Feb 2022 02:07:03 +0000 (18:07 -0800)]
depmod: Stop opening modules.modinfo once per module
Since the addition of modules.aliases.bin, depmod has to open that
index multiple times and parse it over and over again:
$ sudo strace -e openat ./tools/depmod 2>&1 | grep modules.builtin.modinfo | wc -l
299
$ time sudo ./tools/depmod
real 0m7.814s
user 0m7.571s
sys 0m0.237s
Rework the logic in depmod so it does everything: open, read and parse. The
format is very straightforward and we don't need to keep it in a data structure
since we only want to add the result to a index. New output:
$ sudo strace -e openat ./tools/depmod 2>&1 | grep modules.builtin.modinfo | wc -l
1
$ time sudo ./tools/depmod
real 0m7.663s
user 0m7.516s
sys 0m0.139s
From the kernel we get both modules.builtin and modules.builtin.modinfo.
depmod generates modules.builtin.bin and modules.builtin.alias.bin
from them respectively. modules.bultin is not going away: it's not
deprecated by the new index added. So, let's just stop duplicating the
information inside modules.builtin.alias.bin and just use the other
index.
Michal Suchanek [Wed, 18 Aug 2021 20:52:00 +0000 (22:52 +0200)]
libkmod: Set builtin to no when module is created from path.
A recent bug report showed that modinfo doesn't give the signature
information for certain modules, and it turned out to happen only on
the modules that are built-in on the running kernel; then modinfo
skips the signature check, as if the target module file never exists.
The behavior is, however, inconsistent when modinfo is performed for
external modules (no matter which kernel version is) and the module
file path is explicitly given by a command-line argument, which
guarantees the presence of the module file itself.
Luis Chamberlain [Tue, 10 Aug 2021 05:16:00 +0000 (22:16 -0700)]
libkmod: add a library notice log level print
When you use pass the -v argument to modprobe we bump
the log level from the default modprobe log level of
LOG_WARNING (4) to LOG_NOTICE (5), however the library
only has avaiable to print:
LOG_INFO (6) however is too high of a level for it to be
effective at printing anything when modprobe -v is passed.
And so the only way in which modprobe -v can trigger the
library to print a verbose message is to use ERR() but that
always prints something and we don't want that in some
situations.
We need to add a new log level macro which uses LOG_NOTICE (5)
for a "normal but significant condition" which users and developers
can use to look underneath the hood to confirm if a situation is
happening.
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org> Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com>
Yauheni Kaliuta [Tue, 8 Jun 2021 06:29:22 +0000 (09:29 +0300)]
libkmod-module: check "new_from_name" return value in get_builtin
kmod_module_new_from_name() may fail and return error value. It is
handled properly across the code, but in this particular place the
check is missing.
Lucas De Marchi [Tue, 11 May 2021 16:48:04 +0000 (09:48 -0700)]
depmod: fix modules.builtin.alias.bin output
Due to wrong documentation on kmod_module_get_info() we ended up
checking for 0 as return. Check for > 0 to decided if we want to write
the index to the file, otherwise we would output a 0-sized index on
success.
Lucas De Marchi [Wed, 10 Mar 2021 16:33:01 +0000 (08:33 -0800)]
libkmod-config: more chars allowed as space
Recently in a discussion I noticed that kernel allows more chars to be
considered as space in the kernel command line. Switch to the equivalent
of isspace() instead of considering only ' '.
Lucas De Marchi [Fri, 12 Feb 2021 09:45:23 +0000 (01:45 -0800)]
testsuite: allow to re-use single function for tests
Add a new DEFINE_TEST_WITH_FUNC() that accepts the function
alongside the test name. This will allow us to share a single function
for different tests.
However, even though we could blame grub for doing that, the kernel
happily accepts and re-quotes it when the module is built-in.
So, it's better if kmod also understands it this way and does the same.
Here we basically add additional code to un-mangle it, moving the quote
in way that is acceptable to pass through init_module(). Note that the
interface [f]init_module() gives us mandates the quote to be part of the
value: the module name is not passed and the options are separated by
space.
Lucas De Marchi [Fri, 12 Feb 2021 09:45:21 +0000 (01:45 -0800)]
libkmod-config: revamp kcmdline parsing into a state machine
The handling of spaces and quotes is becoming hard to maintain. Convert
the parser into a state machine so we can check all the states. This
should make it easier to fix a corner case we have right now:
The kernel also accepts a quote before the module name instead of the
value. But this additional is left for later. This is purely an
algorithm change with no behavior change.
Lucas De Marchi [Sat, 30 Jan 2021 02:28:38 +0000 (18:28 -0800)]
testsuite: compress modules if feature is enabled
Since the output needs to be the same, regardless if the module is
compressed, change populate-modules.sh to conditionally compress the
module if that feature is enabled.
This way we can execute the tests with any build-time configuration and
it should still pass.
Suggested-by: Michal Suchánek <msuchanek@suse.de> Reviewed-by: Michal Suchánek <msuchanek@suse.de> Tested-by: Michal Suchánek <msuchanek@suse.de> Reviewed-by: Petr Vorel <pvorel@suse.cz>
Lucas De Marchi [Thu, 21 Jan 2021 02:50:33 +0000 (18:50 -0800)]
README: make github mirror official
For some time I've been maintaining a read-only mirror on github.
I think it's time to allow patches flowing from there besides the
mailing list: I created a new org to host the project:
Lucas De Marchi [Tue, 19 Jan 2021 02:13:25 +0000 (18:13 -0800)]
depmod: fix precedence order
Configuration in /etc should have higher prio than /run.
Given how rarely configuration in /run is used with depmod, this is
likely not to cause any problems, even if it's a change in behavior.
Marco d'Itri [Fri, 8 Jan 2021 04:17:48 +0000 (20:17 -0800)]
Fix "modinfo -F always shows name for built-ins"
Bug reported by Ben Hutchings <ben@decadent.org.uk>:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970871
Now that the kernel provides module information for potentially
modular code that's actually built-in, it's possible to query these
built-ins with "modinfo -F". However, this doesn't work quite right:
Marius Bakke [Sat, 1 Aug 2020 16:02:21 +0000 (18:02 +0200)]
testsuite: Add facility to skip tests.
The Makefile helpfully warns that some tests will fail when
--sysconfdir != /etc, but there are no provisions to easily disable
those. This commit provides an escape hatch.
[ Lucas: add comment detailing the purpose of the field ]
Lucas De Marchi [Fri, 18 Dec 2020 16:02:07 +0000 (08:02 -0800)]
depmod: unconditionally write builtin.alias.bin
The file is always created and unless we return an error, the temporary
file is renamed to its final destination. All other places write the
index without checking if the index is empty, so just do the same.
Yauheni Kaliuta [Sun, 29 Nov 2020 16:47:37 +0000 (18:47 +0200)]
libkmod: kmod_log_null: qualify ctx argument as const
kmod_log_null() does not change ctx (does nothing).
Fix warnings
In file included from libkmod/libkmod-index.c:33:
libkmod/libkmod-index.c: In function ‘index_mm_open’:
libkmod/libkmod-index.c:757:6: warning: passing argument 1 of ‘kmod_log_null’ discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
757 | DBG(ctx, "file=%s\n", filename);
Yauheni Kaliuta [Sun, 29 Nov 2020 16:47:35 +0000 (18:47 +0200)]
libkmod: kmod_builtin_get_modinfo: free modinfo on error
The function allocates array but on building it if get_string()
fails it returns the error leaving the array allocated. The caller
does not care about it in error case either.