Do not access memory out of bounds if the first character read by fgets
is NUL. Treat such a character as EOL instead. This is a purely
defensive measure since /proc/modules should normaly not contain such
characters.
Make sure that symbol names in ELF files are actually NUL terminated.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/222 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Whenever sizeof(mv->crc) is used, it's called crclen, not offcrc.
Move retrieval of field sizes into its own function.
Prepare this as a cleanup for easier auditing.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/222 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
This may be useful for anyone trying a non-debug build and serve as
baseline for distros. Even for developers, when benchmarking kmod, it's
better to run a release-oriented kmod rather than the slow one due to
all debug/sanitizers.
By keeping the -D in the command line rather than in a ini file,
we also guarantee meson shows it in the summary, regardless of
https://github.com/mesonbuild/meson/issues/13865.
Closes: https://github.com/kmod-project/kmod/issues/220 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/221
Emil Velikov [Fri, 1 Nov 2024 13:03:46 +0000 (13:03 +0000)]
ci: re-enable sanitizers with Fedora 41
We had the sanitizers disabled on Fedora 40, since the shared library
sanitizers comings with clang were not packaged. With Fedora 41 that has
changed, so let's try re-enabling them.
Emil Velikov [Fri, 1 Nov 2024 13:37:47 +0000 (13:37 +0000)]
scripts/sanitizer-env.sh: check and warn if OUR_PRELOAD is not a file
As seen with the upcoming clang 19 change, the library name has changed.
Enhance the current test to check if the compiler provided string is a
file and produce a warning with some handy tips when that's not the
case.
Emil Velikov [Mon, 4 Nov 2024 13:45:17 +0000 (13:45 +0000)]
scripts/sanitizer-env.sh: convert to heredoc
Convert to heredoc and add leading/trailing blank lines so it stands out
from the rest. It makes for cleaner reading experience both of the
script itself and its output.
Emil Velikov [Thu, 7 Nov 2024 15:14:14 +0000 (15:14 +0000)]
meson: s/modulesi/modules/ typo
Fix the typo in the option description.
Reported-by: Lucas De Marchi <lucas.de.marchi@gmail.com> Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/225 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Emil Velikov [Mon, 4 Nov 2024 18:40:51 +0000 (18:40 +0000)]
meson: default enable compression and openssl
The default for the compressions and openssl is based on the autotools
build ones. With the initial goal to make migration as easy as possible
- identical option names, help messages, defaults...
Although a bunch of these have changed already, plus we want builders to
get support for compressed/signed modules out of the box.
So let's flip the defaults - everyone is welcome to adjust those when
calling `meson setup -D foo=bar`.
Emil Velikov [Thu, 31 Oct 2024 13:16:37 +0000 (13:16 +0000)]
meson: don't escape module_foo in kmod.pc
The kmod.pc file, contains module_signatures and module_compressions
space-separated lists, indicating how kmod is built. For the meson
generated file, any spaces are escaped where the autotools one does not
do that.
Update the meson build to be consistent with the original autotools one
and omit the escaping that we don't want.
Aside: seems like autotools does not escape the directory variables
either, so if the path(s) have any spaces in them pkg-config (pkgconf at
least) produces rubbish, quite rightfully IMHO.
Eg.
$ cat .../autotools-file.pc
prefix=/usr
includedir=${prefix}/include bar
Cflags: -I${includedir}
...
$ pkg-config --cflags autotools-file.pc
bar
$ cat .../meson-file.pc
prefix=/usr
includedir=${prefix}/include\ bar
Cflags: -I${includedir}
...
$ pkg-config --cflags meson-file.pc
-I/usr/include\ bar
This fixes a regression introduced while converting pointer to
offset arithmetics.
The for-loop itself starts at 1 already, so reflect this with the
manually performed offset + length calculation right at the start.
Closes: https://github.com/kmod-project/kmod/issues/214 Fixes: 25ab561b ("libkmod: Use ELF offsets more often") Reported-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Link: https://github.com/kmod-project/kmod/pull/215 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Return result of kmod_module_new directly in kmod_module_new_from_alias
so this function handles return values like the others.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/211 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
If kmod_module_parse_depline runs out of memory, it is possible
that not all dependency modules are unlinked.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/211 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The module_get_dependencies_noref function may modify content of
given kmod_module struct, so clarify this fact.
Actually we would have to adjust kmod API for total clarification,
but let's start with internally used functions first.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/211 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The return value of kmod_module_parse_depline and
module_get_dependencies_noref are never used, and the same is true for
n_dep in struct kmod_module.
Remove them and turn variable n in kmod_module_parse_depline into a
size_t to make sure that it never overflows.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/211 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/211 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
If functions exist which cover the exact explicitly written code, use
them instead.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/211 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
This is in sync with read_char, which uses getc_unlocked. This and
previous FILE based index adjustments improved FILE based index dump
performance by 8 %.
Emil Velikov [Thu, 24 Oct 2024 12:46:47 +0000 (13:46 +0100)]
meson: disable automatic shell completion on prefix missmatch
Currently one can choose a prefix completely different from the one
bash-completion and fish use, as per their pkg-config file.
In such cases, flag a warning and disable it. People can always manually
provide the completion directory/ies to re-enable.
$ meson setup --prefix=/tmp/example build/
...
WARNING: User provided prefix '/tmp/example' differs from bash-completion one '/usr'. Disabling completion.
...
WARNING: User provided prefix '/tmp/example' differs from fish one '/usr'. Disabling completion.
Many values are never needed, so only parse them on demand. Also keep
pointers into memory-mapped area without copying data into dynamically
sized structs, which allows nodes to be kept on stack.
Improves performance of `modprobe -c` by around 3 %.
Emil Velikov [Mon, 21 Oct 2024 13:08:59 +0000 (14:08 +0100)]
docs: annotate the deprecated API
The kmod_module_get_filtered_blacklist() was deprecated since kmod v6 in
favour of kmod_module_apply_filter().
Add the decoration so gtk-doc includes it in the generated html and also
add a designated index.
It seem that gtk-doc insists on having deprecation guards, so not it
prints an extra warning like:
warning: XXX is deprecated in the inline comments, but no deprecation
guards were found around the declaration. (See the --deprecated-guards
option for gtkdoc-scan.)
Emil Velikov [Tue, 22 Oct 2024 20:28:27 +0000 (21:28 +0100)]
meson: always pass complete path to kmod-symlink.sh
The end-user can provide either relative (to prefix) or an absolute
directory for bindir. Just fold the prefix and bindir with join_path()
which handles this correctly and pass that to kmod-symlink.sh instead of
relying on the MESON_INSTALL_DESTDIR_PREFIX environment variable.
This was previously failing due to trying to create the symlink in the
wrong location:
$ meson setup --prefix /usr --bindir /bin build-gentoo
$ DESTDIR=/tmp/install-gentoo meson install -C build-gentoo/
...
ln: failed to create symbolic link '/tmp/install-gentoo/usr//bin/depmod': No such file or directory
FAILED: install script '/home/ldmartin/p/kmod/scripts/kmod-symlink.sh /bin/depmod' failed with exit code 1.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/205
[ fix typo, add repro ] Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
On 32 bit systems it's possible to overflow the final calculation of
required memory for symbols retrieved from __ksymtab_strings.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/198 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Emil Velikov [Sun, 20 Oct 2024 12:39:02 +0000 (13:39 +0100)]
tools/depmod: use separate arrays for alias,xxxdep values
Currently, we walk the info list multiples times each time filtering all
but one key. Just create a few arrays to avoid that, saving 2-3% cycles
at the cost of extra ~500bytes per module.
Add a blank between variable declaration and function calls.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Use correct format specifiers for size_t variables.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The contents of s and strings are identical at this point, but iterate
over the correct variable nonetheless.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
An empty section is very unlikely, so reorder code to account for it.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The function's purpose can be merged into elf_get_section. Reduces
amount of duplicated code.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Its only caller can do the processing directly (kmod_elf_new).
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The name of string section is not needed, so it does not have to stored.
If section name is needed, return a char pointer instead of forcing the
caller to handle offset and memory calculations.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Returned pointers are converted back to offsets in some functions. It is
more readable to turn offsets into pointers though.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
This struct name is never used. Define it just like the other ones in
kmod_elf.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
A huge module file could contain more symbols than could be represented
with an int. Use size_t instead.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The range check should be performed in its own function for better
readability and reusability. Also, perform range checks before loops
or otherwise repeated calls by checking whole ranges instead of
single byte areas within said ranges iteratively.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/196 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Add a cheap but important check to make sure that offsets do not point
outside of memory-mapped area.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/203 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Calling qsort with NULL argument is invalid, although size 0 would
prevent anything bad from happening. Make sure that UBSAN is not
triggered.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/193 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Use shared/strbuf instead of manually re-implementing its features.
Reduces the amount of custom code in depmod, simplifies auditing,
reduces binary size, and has the nice benefit of slightly faster
runtime due to memory reusage.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/193 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
The shared/array implementation is already used within depmod, but not
for dependency output. Adding it here reduces the amount of custom code
in depmod, simplifies auditing, reduces binary size, and has the nice
benefit of slightly faster runtime due to memory reusage.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/193 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
If we have native endianess, i.e. parsing modules for the running
system, assist the compiler to note that it is really much faster to
move a word/qword etc. instead of actually running through a loop.
Reduces library instructions on x86_64 by 1.4 % and binary instructions
by 3 % with default configuration.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/187 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Compilers on x86_64 use two instructions to test value of class
variable, i.e. loading a mask and then comparing with value.
A boolean is faster, shows directly what it is about, and the struct
does not even grow.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/187 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Do not assign variables which are not even used, but merely exist for
the READV macro to work.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/187 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Since we do not want to modify the current position in file, use pread
instead of read + lseek. Removes one lseek call per module, which for
depmod on Arch Linux means 6143 calls.
Emil Velikov [Wed, 9 Oct 2024 15:26:25 +0000 (16:26 +0100)]
ci: add clang permutation
With the clang issues resolved, let's add it to the CI matrix so fewer
issues get it.
Note: Fedora 40 doesn't ship the shared sanitizer library, while older
Fedora versions did. Fedora 41 will be coming with LLVM 19, which will
have the binary (seemingly with different name :facepalm:).
Let's leave the Fedora/clang infra in and just mask it out sanitizers
for the next month or so, until the new version comes out. Then we can
re-evaluate.
Emil Velikov [Thu, 17 Oct 2024 18:17:25 +0000 (19:17 +0100)]
libkmod: _printf_format_ annotate and adjust ELFDBG modifiers
The recently added "always build ELFDBG" patch is already paying
dividends... Clang is flagging a "fmt" is not literal warning.
That's clearly wrong, although without _printf_format_ clang was
struggling to figure things out. With the attribute, it helpfully
flagged that handful of the modifiers are wrong.
Emil Velikov [Thu, 17 Oct 2024 20:30:08 +0000 (21:30 +0100)]
Swap rsync for cp --archive for module sources copying
As Tobias reported, rsync is a bit of heavyweight dependency. We
introduced it, as a replacement for the rm/cp -r previously used.
The rsync was inspired since, unlike make, meson will build all the test
binaries/artefacts even without calling "meson test".
We can go back to cp with --archive (--preserve=timestamps at least),
which will ensure we don't get stale files. To ensure the second run
doesn't copy the source folder as _subfolder_ of the dest we need to
wildcard the copy... Plus we need a proper destination folder in the
first place.
With this, we get a no-op second+ builds - be that with meson or make.
Since the explicit always-dirty state is by design, drop the meson TODO
and document the output variable.
Confirmed by comparing both the `make --debug` output and the execution
times.
Reported-by: Tobias Stoeckmann <tobias@stoeckmann.org> Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/192 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
modinfo: Prevent undefined behavior with long keys
If a key is longer than INT_MAX, it is possible to trigger a signed
integer overflow. Since this overflow only occurs for formatting,
prevent it by checking if key is longer than 15 characters. If it is,
there is no need to add any more spacing anyway.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/184 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
If a module file contains parameter strings longer than INT_MAX, it is
possible to trigger an out of boundary read with memcmp. Since such a
file is very likely broken or of malicious intent, just consider it
invalid and error out.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/184 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Make sure that section is actually large enough to hold a 32 bit value.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/181 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Emil Velikov [Tue, 15 Oct 2024 19:36:50 +0000 (20:36 +0100)]
Always define and use ENABLE_ELFDBG
Convert the "if defined FOO" pre-processor checks for compiler ones "if
(FOO == 1)".
This makes things easier to reason with and ensures both code-paths are
build-tested. In case, the option is disabled DCE will kick in (assuming
you're not force disabling all optimisations) and remove the respective
code.
Emil Velikov [Tue, 15 Oct 2024 19:36:50 +0000 (20:36 +0100)]
Always define and use ENABLE_DEBUG
Convert the "if defined FOO" pre-processor checks for compiler ones "if
(FOO == 1)".
This makes things easier to reason with and ensures both code-paths are
build-tested. In case, the option is disabled DCE will kick in (assuming
you're not force disabling all optimisations) and remove the respective
code.
Emil Velikov [Tue, 15 Oct 2024 19:36:50 +0000 (20:36 +0100)]
Always define and use ENABLE_LOGGING
Convert the "if defined FOO" pre-processor checks for compiler ones "if
(FOO == 1)".
This makes things easier to reason with and ensures both code-paths are
build-tested. In case, the option is disabled DCE will kick in (assuming
you're not force disabling all optimisations) and remove the respective
code.
We try to add from environment, not from command line.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/185 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
It is always called with "__versions" as argument, so remove the
argument and rename function accordingly.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/175 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Keep changed ELF data only around as long as necessary. Otherwise it
can happen that subsequent module operations lead to unintuitive
results.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Link: https://github.com/kmod-project/kmod/pull/175 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Emil Velikov [Wed, 9 Oct 2024 15:26:25 +0000 (16:26 +0100)]
testsuite: fix gcc/libasan.so load order
Currently we silence the ordering warning from libasan, via the
environment: ASAN_OPTIONS=verify_asan_link_order=0...
Instead we should be LD_PRELOAD-ing the library, since otherwise we
might end with miss-matched symbols - one coming from libasan, with the
counter part from the system library.
Plus LD_PRELOAD is the only way to make the clang sanitizers work...
That I have found. Although that's coming with a later patch.
projects / thirdparty / kmod.git / log
