git.ipfire.org Git - thirdparty/linux.git/commit

author	Nicholas Sielicki <linux@opensource.nslick.com>
	Sat, 7 Mar 2026 09:00:09 +0000 (03:00 -0600)
committer	Sami Tolvanen <samitolvanen@google.com>
	Thu, 19 Mar 2026 22:24:55 +0000 (22:24 +0000)
commit	3fe1dcbc2d20c5dbc581c0bb458e05365bfffcf7
tree	5f09c585488802034a43b353bdc8dc94afbeaff2	tree \| snapshot
parent	44a063c00fb13cf1f2e8a53a2ab10b232a44954b	commit \| diff

module: expose imported namespaces via sysfs

Add /sys/module/*/import_ns to expose imported namespaces for
currently loaded modules. The file contains one namespace per line and
only exists for modules that import at least one namespace.

Previously, the only way for userspace to inspect the symbol
namespaces a module imports is to locate the .ko on disk and invoke
modinfo(8) to decompress/parse the metadata. The kernel validated
namespaces at load time, but it was otherwise discarded.

Exposing this data via sysfs provides a runtime mechanism to verify
which namespaces are being used by modules. For example, this allows
userspace to audit driver API access in Android GKI, which uses symbol
namespaces to restrict vendor drivers from using specific kernel
interfaces (e.g., direct filesystem access).

Signed-off-by: Nicholas Sielicki <linux@opensource.nslick.com>
[Sami: Updated the commit message to explain motivation.]
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

Documentation/ABI/testing/sysfs-module		diff \| blob \| blame \| history
include/linux/module.h		diff \| blob \| blame \| history
kernel/module/main.c		diff \| blob \| blame \| history