--- /dev/null
+From 262e6ae7081df304fc625cf368d5c2cbba2bb991 Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Tue, 28 Jul 2020 23:33:33 +0200
+Subject: modules: inherit TAINT_PROPRIETARY_MODULE
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit 262e6ae7081df304fc625cf368d5c2cbba2bb991 upstream.
+
+If a TAINT_PROPRIETARY_MODULE exports symbol, inherit the taint flag
+for all modules importing these symbols, and don't allow loading
+symbols from TAINT_PROPRIETARY_MODULE modules if the module previously
+imported gplonly symbols. Add a anti-circumvention devices so people
+don't accidentally get themselves into trouble this way.
+
+Comment from Greg:
+ "Ah, the proven-to-be-illegal "GPL Condom" defense :)"
+
+[jeyu: pr_info -> pr_err and pr_warn as per discussion]
+Link: http://lore.kernel.org/r/20200730162957.GA22469@lst.de
+Acked-by: Daniel Vetter <daniel.vetter@ffwll.ch>
+Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/module.h | 1 +
+ kernel/module.c | 27 +++++++++++++++++++++++++++
+ 2 files changed, 28 insertions(+)
+
+--- a/include/linux/module.h
++++ b/include/linux/module.h
+@@ -357,6 +357,7 @@ struct module {
+ unsigned int num_gpl_syms;
+ const struct kernel_symbol *gpl_syms;
+ const s32 *gpl_crcs;
++ bool using_gplonly_symbols;
+
+ #ifdef CONFIG_UNUSED_SYMBOLS
+ /* unused exported symbols. */
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -1380,6 +1380,25 @@ static inline int same_magic(const char
+ }
+ #endif /* CONFIG_MODVERSIONS */
+
++static bool inherit_taint(struct module *mod, struct module *owner)
++{
++ if (!owner || !test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints))
++ return true;
++
++ if (mod->using_gplonly_symbols) {
++ pr_err("%s: module using GPL-only symbols uses symbols from proprietary module %s.\n",
++ mod->name, owner->name);
++ return false;
++ }
++
++ if (!test_bit(TAINT_PROPRIETARY_MODULE, &mod->taints)) {
++ pr_warn("%s: module uses symbols from proprietary module %s, inheriting taint.\n",
++ mod->name, owner->name);
++ set_bit(TAINT_PROPRIETARY_MODULE, &mod->taints);
++ }
++ return true;
++}
++
+ /* Resolve a symbol for this module. I.e. if we find one, record usage. */
+ static const struct kernel_symbol *resolve_symbol(struct module *mod,
+ const struct load_info *info,
+@@ -1404,6 +1423,14 @@ static const struct kernel_symbol *resol
+ if (!sym)
+ goto unlock;
+
++ if (license == GPL_ONLY)
++ mod->using_gplonly_symbols = true;
++
++ if (!inherit_taint(mod, owner)) {
++ sym = NULL;
++ goto getname;
++ }
++
+ if (!check_version(info, name, mod, crc)) {
+ sym = ERR_PTR(-EINVAL);
+ goto getname;
--- /dev/null
+From a54e04914c211b5678602a46b3ede5d82ec1327d Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 30 Jul 2020 08:10:22 +0200
+Subject: modules: mark each_symbol_section static
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit a54e04914c211b5678602a46b3ede5d82ec1327d upstream.
+
+each_symbol_section is only used inside of module.c.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/module.h | 9 ---------
+ kernel/module.c | 3 +--
+ 2 files changed, 1 insertion(+), 11 deletions(-)
+
+--- a/include/linux/module.h
++++ b/include/linux/module.h
+@@ -530,15 +530,6 @@ struct symsearch {
+ bool unused;
+ };
+
+-/*
+- * Walk the exported symbol table
+- *
+- * Must be called with module_mutex held or preemption disabled.
+- */
+-bool each_symbol_section(bool (*fn)(const struct symsearch *arr,
+- struct module *owner,
+- void *data), void *data);
+-
+ /* Returns 0 and fills in value, defined and namebuf, or -ERANGE if
+ symnum out of range. */
+ int module_get_kallsym(unsigned int symnum, unsigned long *value, char *type,
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -430,7 +430,7 @@ static bool each_symbol_in_section(const
+ }
+
+ /* Returns true as soon as fn returns true, otherwise false. */
+-bool each_symbol_section(bool (*fn)(const struct symsearch *arr,
++static bool each_symbol_section(bool (*fn)(const struct symsearch *arr,
+ struct module *owner,
+ void *data),
+ void *data)
+@@ -491,7 +491,6 @@ bool each_symbol_section(bool (*fn)(cons
+ }
+ return false;
+ }
+-EXPORT_SYMBOL_GPL(each_symbol_section);
+
+ struct find_symbol_arg {
+ /* Input */
--- /dev/null
+From 773110470e2fa3839523384ae014f8a723c4d178 Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 30 Jul 2020 08:10:21 +0200
+Subject: modules: mark find_symbol static
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit 773110470e2fa3839523384ae014f8a723c4d178 upstream.
+
+find_symbol is only used in module.c.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/module.h | 11 -----------
+ kernel/module.c | 3 +--
+ 2 files changed, 1 insertion(+), 13 deletions(-)
+
+--- a/include/linux/module.h
++++ b/include/linux/module.h
+@@ -531,17 +531,6 @@ struct symsearch {
+ };
+
+ /*
+- * Search for an exported symbol by name.
+- *
+- * Must be called with module_mutex held or preemption disabled.
+- */
+-const struct kernel_symbol *find_symbol(const char *name,
+- struct module **owner,
+- const s32 **crc,
+- bool gplok,
+- bool warn);
+-
+-/*
+ * Walk the exported symbol table
+ *
+ * Must be called with module_mutex held or preemption disabled.
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -565,7 +565,7 @@ static bool find_symbol_in_section(const
+
+ /* Find a symbol and return it, along with, (optional) crc and
+ * (optional) module which owns it. Needs preempt disabled or module_mutex. */
+-const struct kernel_symbol *find_symbol(const char *name,
++static const struct kernel_symbol *find_symbol(const char *name,
+ struct module **owner,
+ const s32 **crc,
+ bool gplok,
+@@ -588,7 +588,6 @@ const struct kernel_symbol *find_symbol(
+ pr_debug("Failed to find symbol %s\n", name);
+ return NULL;
+ }
+-EXPORT_SYMBOL_GPL(find_symbol);
+
+ /*
+ * Search for module by name: must hold module_mutex (or preempt disabled
--- /dev/null
+From 7ef5264de773279b9f23b6cc8afb5addb30e970b Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 30 Jul 2020 08:10:20 +0200
+Subject: modules: mark ref_module static
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit 7ef5264de773279b9f23b6cc8afb5addb30e970b upstream.
+
+ref_module isn't used anywhere outside of module.c.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/module.h | 1 -
+ kernel/module.c | 6 ++----
+ 2 files changed, 2 insertions(+), 5 deletions(-)
+
+--- a/include/linux/module.h
++++ b/include/linux/module.h
+@@ -597,7 +597,6 @@ static inline void __module_get(struct m
+ #define symbol_put_addr(p) do { } while (0)
+
+ #endif /* CONFIG_MODULE_UNLOAD */
+-int ref_module(struct module *a, struct module *b);
+
+ /* This is a #define so the string doesn't get put in every .o file */
+ #define module_name(mod) \
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -850,7 +850,7 @@ static int add_module_usage(struct modul
+ }
+
+ /* Module a uses b: caller needs module_mutex() */
+-int ref_module(struct module *a, struct module *b)
++static int ref_module(struct module *a, struct module *b)
+ {
+ int err;
+
+@@ -869,7 +869,6 @@ int ref_module(struct module *a, struct
+ }
+ return 0;
+ }
+-EXPORT_SYMBOL_GPL(ref_module);
+
+ /* Clear the unload stuff of the module. */
+ static void module_unload_free(struct module *mod)
+@@ -1150,11 +1149,10 @@ static inline void module_unload_free(st
+ {
+ }
+
+-int ref_module(struct module *a, struct module *b)
++static int ref_module(struct module *a, struct module *b)
+ {
+ return strong_try_module_get(b);
+ }
+-EXPORT_SYMBOL_GPL(ref_module);
+
+ static inline int module_unload_init(struct module *mod)
+ {
--- /dev/null
+From cd8732cdcc37d7077c4fa2c966b748c0662b607e Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 30 Jul 2020 08:10:25 +0200
+Subject: modules: rename the licence field in struct symsearch to license
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit cd8732cdcc37d7077c4fa2c966b748c0662b607e upstream.
+
+Use the same spelling variant as the rest of the file.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/module.h | 2 +-
+ kernel/module.c | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/include/linux/module.h
++++ b/include/linux/module.h
+@@ -526,7 +526,7 @@ struct symsearch {
+ NOT_GPL_ONLY,
+ GPL_ONLY,
+ WILL_BE_GPL_ONLY,
+- } licence;
++ } license;
+ bool unused;
+ };
+
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -511,9 +511,9 @@ static bool check_symbol(const struct sy
+ struct find_symbol_arg *fsa = data;
+
+ if (!fsa->gplok) {
+- if (syms->licence == GPL_ONLY)
++ if (syms->license == GPL_ONLY)
+ return false;
+- if (syms->licence == WILL_BE_GPL_ONLY && fsa->warn) {
++ if (syms->license == WILL_BE_GPL_ONLY && fsa->warn) {
+ pr_warn("Symbol %s is being used by a non-GPL module, "
+ "which will not be allowed in the future\n",
+ fsa->name);
--- /dev/null
+From ef1dac6021cc8ec5de02ce31722bf26ac4ed5523 Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 30 Jul 2020 08:10:26 +0200
+Subject: modules: return licensing information from find_symbol
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit ef1dac6021cc8ec5de02ce31722bf26ac4ed5523 upstream.
+
+Report the GPLONLY status through a new argument.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/module.h | 2 +-
+ kernel/module.c | 16 +++++++++++-----
+ 2 files changed, 12 insertions(+), 6 deletions(-)
+
+--- a/include/linux/module.h
++++ b/include/linux/module.h
+@@ -522,7 +522,7 @@ struct module *find_module(const char *n
+ struct symsearch {
+ const struct kernel_symbol *start, *stop;
+ const s32 *crcs;
+- enum {
++ enum mod_license {
+ NOT_GPL_ONLY,
+ GPL_ONLY,
+ WILL_BE_GPL_ONLY,
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -502,6 +502,7 @@ struct find_symbol_arg {
+ struct module *owner;
+ const s32 *crc;
+ const struct kernel_symbol *sym;
++ enum mod_license license;
+ };
+
+ static bool check_symbol(const struct symsearch *syms,
+@@ -535,6 +536,7 @@ static bool check_symbol(const struct sy
+ fsa->owner = owner;
+ fsa->crc = symversion(syms->crcs, symnum);
+ fsa->sym = &syms->start[symnum];
++ fsa->license = syms->license;
+ return true;
+ }
+
+@@ -567,6 +569,7 @@ static bool find_symbol_in_section(const
+ static const struct kernel_symbol *find_symbol(const char *name,
+ struct module **owner,
+ const s32 **crc,
++ enum mod_license *license,
+ bool gplok,
+ bool warn)
+ {
+@@ -581,6 +584,8 @@ static const struct kernel_symbol *find_
+ *owner = fsa.owner;
+ if (crc)
+ *crc = fsa.crc;
++ if (license)
++ *license = fsa.license;
+ return fsa.sym;
+ }
+
+@@ -1055,7 +1060,7 @@ void __symbol_put(const char *symbol)
+ struct module *owner;
+
+ preempt_disable();
+- if (!find_symbol(symbol, &owner, NULL, true, false))
++ if (!find_symbol(symbol, &owner, NULL, NULL, true, false))
+ BUG();
+ module_put(owner);
+ preempt_enable();
+@@ -1334,7 +1339,7 @@ static inline int check_modstruct_versio
+ */
+ preempt_disable();
+ if (!find_symbol(VMLINUX_SYMBOL_STR(module_layout), NULL,
+- &crc, true, false)) {
++ &crc, NULL, true, false)) {
+ preempt_enable();
+ BUG();
+ }
+@@ -1384,6 +1389,7 @@ static const struct kernel_symbol *resol
+ struct module *owner;
+ const struct kernel_symbol *sym;
+ const s32 *crc;
++ enum mod_license license;
+ int err;
+
+ /*
+@@ -1393,7 +1399,7 @@ static const struct kernel_symbol *resol
+ */
+ sched_annotate_sleep();
+ mutex_lock(&module_mutex);
+- sym = find_symbol(name, &owner, &crc,
++ sym = find_symbol(name, &owner, &crc, &license,
+ !(mod->taints & (1 << TAINT_PROPRIETARY_MODULE)), true);
+ if (!sym)
+ goto unlock;
+@@ -2197,7 +2203,7 @@ void *__symbol_get(const char *symbol)
+ const struct kernel_symbol *sym;
+
+ preempt_disable();
+- sym = find_symbol(symbol, &owner, NULL, true, true);
++ sym = find_symbol(symbol, &owner, NULL, NULL, true, true);
+ if (sym && strong_try_module_get(owner))
+ sym = NULL;
+ preempt_enable();
+@@ -2232,7 +2238,7 @@ static int verify_export_symbols(struct
+
+ for (i = 0; i < ARRAY_SIZE(arr); i++) {
+ for (s = arr[i].sym; s < arr[i].sym + arr[i].num; s++) {
+- if (find_symbol(s->name, &owner, NULL, true, false)) {
++ if (find_symbol(s->name, &owner, NULL, NULL, true, false)) {
+ pr_err("%s: exports duplicate symbol %s"
+ " (owned by %s)\n",
+ mod->name, s->name, module_name(owner));
--- /dev/null
+From 34e64705ad415ed7a816e60ef62b42fe6d1729d9 Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 30 Jul 2020 08:10:24 +0200
+Subject: modules: unexport __module_address
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit 34e64705ad415ed7a816e60ef62b42fe6d1729d9 upstream.
+
+__module_address is only used by built-in code.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/module.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -4324,7 +4324,6 @@ struct module *__module_address(unsigned
+ }
+ return mod;
+ }
+-EXPORT_SYMBOL_GPL(__module_address);
+
+ /*
+ * is_module_text_address - is this address inside module code?
--- /dev/null
+From 3fe1e56d0e68b623dd62d8d38265d2a052e7e185 Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 30 Jul 2020 08:10:23 +0200
+Subject: modules: unexport __module_text_address
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit 3fe1e56d0e68b623dd62d8d38265d2a052e7e185 upstream.
+
+__module_text_address is only used by built-in code.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/module.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -4363,7 +4363,6 @@ struct module *__module_text_address(uns
+ }
+ return mod;
+ }
+-EXPORT_SYMBOL_GPL(__module_text_address);
+
+ /* Don't grab lock, we're oopsing. */
+ void print_modules(void)
dm-persistent-data-packed-struct-should-have-an-aligned-attribute-too.patch
dm-space-map-common-fix-division-bug-in-sm_ll_find_free_block.patch
dm-rq-fix-double-free-of-blk_mq_tag_set-in-dev-remove-after-table-load-fails.patch
+modules-mark-ref_module-static.patch
+modules-mark-find_symbol-static.patch
+modules-mark-each_symbol_section-static.patch
+modules-unexport-__module_text_address.patch
+modules-unexport-__module_address.patch
+modules-rename-the-licence-field-in-struct-symsearch-to-license.patch
+modules-return-licensing-information-from-find_symbol.patch
+modules-inherit-taint_proprietary_module.patch