62b159444e
Linux 4.4.196
NFC: fix attrs checks in netlink interface
* smack: use GFP_NOFS while holding inode_smack::smk_lock
security/smack/smack_access.c
security/smack/smack_lsm.c
* Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
security/smack/smack_lsm.c
sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
net/rds: Fix error handling in rds_ib_add_one()
xen-netfront: do not use ~0U as error return value for xennet_fill_frags()
sch_dsmark: fix potential NULL deref in dsmark_init()
nfc: fix memory leak in llcp_sock_bind()
net: qlogic: Fix memory leak in ql_alloc_large_buffers
* net: ipv4: avoid mixed n_redirects and rate_tokens usage
net/ipv4/route.c
* ipv6: drop incoming packets having a v4mapped source address
net/ipv6/ip6_input.c
hso: fix NULL-deref on tty open
* ANDROID: binder: synchronize_rcu() when using POLLFREE.
drivers/android/binder.c
* ANDROID: binder: remove waitqueue when thread exits.
drivers/android/binder.c
* kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K
lib/Kconfig.debug
ocfs2: wait for recovering done after direct unlock request
hypfs: Fix error number left in struct pointer member
* fat: work around race with userspace's read via blockdev while mounting
fs/fat/dir.c
fs/fat/fatent.c
* security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
security/smack/smack_lsm.c
* HID: apple: Fix stuck function keys when using FN
drivers/hid/hid-apple.c
ARM: 8898/1: mm: Don't treat faults reported from cache maintenance as writes
mfd: intel-lpss: Remove D3cold delay
* scsi: core: Reduce memory required for SCSI logging
drivers/scsi/scsi_logging.c
include/scsi/scsi_dbg.h
powerpc/pseries: correctly track irq state in default idle
powerpc/64s/exception: machine check use correct cfar for late handler
vfio_pci: Restore original state on release
pinctrl: tegra: Fix write barrier placement in pmx_writel
powerpc/pseries/mobility: use cond_resched when updating device tree
powerpc/futex: Fix warning: 'oldval' may be used uninitialized in this function
powerpc/rtas: use device model APIs and serialization during LPM
clk: sirf: Don't reference clk_init_data after registration
clk: qoriq: Fix -Wunused-const-variable
ipmi_si: Only schedule continuously in the thread in maintenance mode
gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property()
video: ssd1307fb: Start page range at page_offset
Linux 4.4.195
Btrfs: fix race setting up and completing qgroup rescan workers
btrfs: Relinquish CPUs in btrfs_compare_trees
Btrfs: fix use-after-free when using the tree modification log
* ovl: filter of trusted xattr results in audit
fs/overlayfs/inode.c
CIFS: Fix oplock handling for SMB 2.1+ protocols
i2c: riic: Clear NACK in tend isr
* hwrng: core - don't wait on add_early_randomness()
drivers/char/hw_random/core.c
* quota: fix wrong condition in is_quota_modification()
include/linux/quotaops.h
* ext4: fix punch hole for inline_data file systems
fs/ext4/inode.c
* /dev/mem: Bail out upon SIGKILL.
drivers/char/mem.c
* cfg80211: Purge frame registrations on iftype change
net/wireless/util.c
md/raid6: Set R5_ReadError when there is read failure on parity disk
* alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP
kernel/time/alarmtimer.c
ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up
ASoC: Intel: Fix use of potentially uninitialized variable
media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table
KVM: x86: Manually calculate reserved bits when loading PDPTRS
KVM: x86: set ctxt->have_exception in x86_decode_insn()
KVM: x86: always stop emulation on page fault
parisc: Disable HP HSC-PCI Cards to prevent kernel crash
* fuse: fix missing unlock_page in fuse_writepage()
fs/fuse/file.c
* printk: Do not lose last line in kmsg buffer dump
kernel/printk/printk.c
ALSA: firewire-tascam: check intermediate state of clock status and retry
ALSA: firewire-tascam: handle error code when getting current source of clock
media: omap3isp: Set device on omap3isp subdevs
btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type
ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93
media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()
libertas: Add missing sentinel at end of if_usb.c fw_table
mmc: sdhci: Fix incorrect switch to HS mode
ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
* kprobes: Prohibit probing on BUG() and WARN() address
include/linux/bug.h
dmaengine: ti: edma: Do not reset reserved paRAM slots
md/raid1: fail run raid1 array when active disk less than one
hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
ACPI: custom_method: fix memory leaks
libtraceevent: Change users plugin directory
ACPI / CPPC: do not require the _PSD method
media: ov9650: add a sanity check
media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
media: cpia2_usb: fix memory leaks
media: saa7146: add cleanup in hexium_attach()
media: hdpvr: add terminating 0 at end of string
media: radio/si470x: kill urb on error
net: lpc-enet: fix printk format strings
media: omap3isp: Don't set streaming state on random subdevs
dmaengine: iop-adma: use correct printk format strings
media: gspca: zero usb_buf on error
efi: cper: print AER info of PCIe fatal error
* md: don't set In_sync if array is frozen
drivers/md/md.c
* md: don't call spare_active in md_reap_sync_thread if all member devices can't work
drivers/md/md.c
ia64:unwind: fix double free for mod->arch.init_unw_table
* ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid
sound/usb/pcm.c
* base: soc: Export soc_device_register/unregister APIs
drivers/base/soc.c
media: iguanair: add sanity checks
ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls()
ALSA: hda - Show the fatal CORB/RIRB error more clearly
x86/apic: Soft disable APIC before initializing it
x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails
* sched/core: Fix CPU controller for !RT_GROUP_SCHED
kernel/sched/core.c
* sched/fair: Fix imbalance due to CPU affinity
kernel/sched/fair.c
media: hdpvr: Add device num check and handling
media: dib0700: fix link error for dibx000_i2c_set_speed
leds: leds-lp5562 allow firmware files up to the maximum length
dmaengine: bcm2835: Print error in case setting DMA mask fails
ASoC: sgtl5000: Fix charge pump source assignment
ALSA: hda: Flush interrupts on disabling
nfc: enforce CAP_NET_RAW for raw sockets
ieee802154: enforce CAP_NET_RAW for raw sockets
ax25: enforce CAP_NET_RAW for raw sockets
appletalk: enforce CAP_NET_RAW for raw sockets
mISDN: enforce CAP_NET_RAW for raw sockets
* usbnet: sanity checking of packet sizes and device mtu
drivers/net/usb/usbnet.c
* usbnet: ignore endpoints with invalid wMaxPacketSize
drivers/net/usb/usbnet.c
skge: fix checksum byte order
sch_netem: fix a divide by zero in tabledist()
openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
net/phy: fix DP83865 10 Mbps HDX loopback disable function
* cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
drivers/net/usb/cdc_ncm.c
arcnet: provide a buffer big enough to actually receive packets
Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices
drm: Flush output polling on shutdown
f2fs: fix to do sanity check on segment bitmap of LFS curseg
Revert "f2fs: avoid out-of-range memory access"
f2fs: check all the data segments against all node ones
* irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices
drivers/irqchip/irq-gic-v3-its.c
locking/lockdep: Add debug_locks check in __lock_downgrade()
mac80211: handle deauthentication/disassociation from TDLS peer
mac80211: Print text for disassociation reason
ALSA: hda - Add laptop imic fixup for ASUS M9V laptop
ASoC: fsl: Fix of-node refcount unbalance in fsl_ssi_probe_from_dt()
net: rds: Fix NULL ptr use in rds_tcp_kill_sock
crypto: talitos - fix missing break in switch statement
mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword()
* HID: hidraw: Fix invalid read in hidraw_ioctl
drivers/hid/hidraw.c
* HID: logitech: Fix general protection fault caused by Logitech driver
drivers/hid/hid-lg.c
drivers/hid/hid-lg4ff.c
* HID: lg: make transfer buffers DMA capable
drivers/hid/hid-lg.c
HID: prodikeys: Fix general protection fault during probe
* Revert "Bluetooth: validate BLE connection interval updates"
net/bluetooth/hci_event.c
net/bluetooth/l2cap_core.c
Linux 4.4.194
* net_sched: let qdisc_put() accept NULL pointer
net/sched/sch_generic.c
ARC: export "abort" for modules
media: technisat-usb2: break out of loop at end of buffer
floppy: fix usercopy direction
* keys: Fix missing null pointer check in request_key_auth_describe()
security/keys/request_key_auth.c
dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe()
net: seeq: Fix the function used to release some memory in an error handling path
tools/power turbostat: fix buffer overrun
sky2: Disable MSI on yet another ASUS boards (P6Xxxx)
cifs: Use kzfree() to zero out the password
cifs: set domainName when a domain-key is used in multiuser
NFSv2: Fix write regression
NFSv2: Fix eof handling
* netfilter: nf_conntrack_ftp: Fix debug output
net/netfilter/nf_conntrack_ftp.c
x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines
* r8152: Set memory to all 0xFFs on failed reg reads
drivers/net/usb/r8152.c
ARM: 8874/1: mm: only adjust sections of valid mm structures
* Kconfig: Fix the reference to the IDT77105 Phy driver in the description of ATM_NICSTAR_USE_IDT77105
drivers/atm/Kconfig
NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup
NFSv4: Fix return values for nfs4_file_open()
s390/bpf: use 32-bit index for tail calls
ARM: OMAP2+: Fix omap4 errata warning on other SoCs
s390/bpf: fix lcgr instruction encoding
mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
tty/serial: atmel: reschedule TX after RX was started
serial: sprd: correct the wrong sequence of arguments
KVM: coalesced_mmio: add bounds checking
xen-netfront: do not assume sk_buff_head list is empty in error handling
x86/boot: Add missing bootparam that breaks boot on some platforms
media: tm6000: double free if usb disconnect while streaming
* USB: usbcore: Fix slab-out-of-bounds bug during device reset
drivers/usb/core/config.c
ARC: configs: Remove CONFIG_INITRAMFS_SOURCE from defconfigs
MIPS: netlogic: xlr: Remove erroneous check in nlm_fmn_send()
x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence GCC9 build warning
crypto: talitos - check data blocksize in ablkcipher.
crypto: talitos - check AES key size
* driver core: Fix use-after-free and double free on glue directory
drivers/base/core.c
clk: rockchip: Don't yell about bad mmc phases when getting
MIPS: VDSO: Use same -m%-float cflag as the kernel proper
MIPS: VDSO: Prevent use of smp_processor_id()
KVM: nVMX: handle page fault in vmread
KVM: x86: work around leak of uninitialized stack contents
KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl
* genirq: Prevent NULL pointer dereference in resend_irqs()
kernel/irq/resend.c
Btrfs: fix assertion failure during fsync and use of stale transaction
Revert "MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur"
* tun: fix use-after-free when register netdev failed
drivers/net/tun.c
tipc: add NULL pointer check before calling kfree_rcu
* tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
net/ipv4/tcp_input.c
sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
* net: Fix null de-reference of device refcount
net/core/dev.c
isdn/capi: check message length in capi_write()
* ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
net/ipv6/ping.c
* cdc_ether: fix rndis support for Mediatek based smartphones
drivers/net/usb/cdc_ether.c
* bridge/mdb: remove wrong use of NLM_F_MULTI
net/bridge/br_mdb.c
Linux 4.4.193
vhost: make sure log_num < in_num
* af_packet: tone down the Tx-ring unsupported spew.
net/packet/af_packet.c
x86, boot: Remove multiple copy of static function sanitize_boot_params()
clk: s2mps11: Add used attribute to s2mps11_dt_match
scripts/decode_stacktrace: match basepath using shell prefix operator, not regex
vhost/test: fix build for vhost test
* xfrm: clean up xfrm protocol checks
include/net/xfrm.h
net/key/af_key.c
net/xfrm/xfrm_state.c
net/xfrm/xfrm_user.c
ALSA: hda/realtek - Fix overridden device-specific initialization
ALSA: hda - Fix potential endless loop at applying quirks
Linux 4.4.192
net: stmmac: dwmac-rk: Don't fail if phy regulator is absent
net: fix skb use after free in netpoll
Revert "x86/apic: Include the LDR when clearing out APIC registers"
spi: bcm2835aux: fix corruptions for longer spi transfers
spi: bcm2835aux: remove dangerous uncontrolled read of fifo
spi: bcm2835aux: unifying code between polling and interrupt driven code
spi: bcm2835aux: ensure interrupts are enabled for shared handler
libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer
KVM: arm/arm64: Only skip MMIO insn once
ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr()
IB/mlx4: Fix memory leaks
Tools: hv: kvp: eliminate 'may be used uninitialized' warning
ravb: Fix use-after-free ravb_tstamp_skb
wimax/i2400m: fix a memory leak bug
net: kalmia: fix memory leaks
cx82310_eth: fix a memory leak bug
net: myri10ge: fix memory leaks
cxgb4: fix a memory leak bug
* gpio: Fix build error of function redefinition
include/linux/gpio.h
ibmveth: Convert multicast list size for little-endian system
Bluetooth: btqca: Add a short delay before downloading the NVM
net: tc35815: Explicitly check NET_IP_ALIGN is not zero in tc35815_rx
net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ context
Linux 4.4.191
x86/ptrace: fix up botched merge of spectrev1 fix
mac80211: fix possible sta leak
* Revert "cfg80211: fix processing world regdomain when non modular"
net/wireless/reg.c
VMCI: Release resource if the work is already queued
stm class: Fix a double free of stm_source_device
mmc: core: Fix init of SD cards reporting an invalid VDD range
mmc: sdhci-of-at91: add quirk for broken HS200
uprobes/x86: Fix detection of 32-bit user mode
ptrace,x86: Make user_64bit_mode() available to 32-bit builds
USB: storage: ums-realtek: Whitelist auto-delink support
USB: storage: ums-realtek: Update module parameter description for auto_delink_en
usb: host: ohci: fix a race condition between shutdown and irq
USB: cdc-wdm: fix race between write and disconnect due to flag abuse
* usb-storage: Add new JMS567 revision to unusual_devs
drivers/usb/storage/unusual_devs.h
x86/apic: Include the LDR when clearing out APIC registers
x86/apic: Do not initialize LDR and DFR for bigsmp
KVM: x86: Don't update RIP or do single-step on faulting emulation
ALSA: seq: Fix potential concurrent access to the deleted pool
* tcp: make sure EPOLLOUT wont be missed
net/core/stream.c
* ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
sound/usb/mixer.c
* ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
sound/usb/mixer.c
* tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
include/net/tcp.h
watchdog: bcm2835_wdt: Fix module autoload
tools: hv: fix KVP and VSS daemons exit code
usb: host: fotg2: restart hcd after port reset
* usb: gadget: composite: Clear "suspended" on reset/disconnect
drivers/usb/gadget/composite.c
dmaengine: ste_dma40: fix unneeded variable warning
* scsi: ufs: Fix NULL pointer dereference in ufshcd_config_vreg_hpm()
drivers/scsi/ufs/ufshcd.c
x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h
x86/pm: Introduce quirk framework to save/restore extra MSR registers around suspend/resume
Revert "perf test 6: Fix missing kvm module load for s390"
* netfilter: conntrack: Use consistent ct id hash calculation
net/netfilter/nf_conntrack_core.c
* netfilter: ctnetlink: don't use conntrack/expect object addresses as id
include/net/netfilter/nf_conntrack.h
net/netfilter/nf_conntrack_core.c
net/netfilter/nf_conntrack_netlink.c
* inet: switch IP ID generator to siphash
include/linux/siphash.h
include/net/netns/ipv4.h
net/ipv4/route.c
net/ipv6/output_core.c
* siphash: implement HalfSipHash1-3 for hash tables
include/linux/siphash.h
lib/siphash.c
* siphash: add cryptographically secure PRF
include/linux/siphash.h
lib/Kconfig.debug
lib/Makefile
lib/siphash.c
vhost: scsi: add weight support
vhost_net: fix possible infinite loop
vhost: introduce vhost_exceeds_weight()
vhost_net: introduce vhost_exceeds_weight()
vhost_net: use packet weight for rx handler, too
vhost-net: set packet weight of tx polling to 2 * vq size
net: arc_emac: fix koops caused by sk_buff free
GFS2: don't set rgrp gl_object until it's inserted into rgrp tree
* cgroup: Disable IRQs while holding css_set_lock
kernel/cgroup.c
* dm table: fix invalid memory accesses with too high sector number
drivers/md/dm-table.c
dm space map metadata: fix missing store of apply_bops() return value
dm btree: fix order of block initialization in btree_split_beneath
x86/boot: Fix boot regression caused by bootparam sanitizing
x86/boot: Save fields explicitly, zero out everything else
x86/apic: Handle missing global clockevent gracefully
x86/retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386
userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx
* Revert "dm bufio: fix deadlock with loop device"
drivers/md/dm-bufio.c
* HID: wacom: correct misreported EKR ring values
drivers/hid/wacom_wac.c
selftests: kvm: Adding config fragments
libata: add SG safety checks in SFF pio transfers
net: hisilicon: Fix dma_map_single failed on arm64
net: hisilicon: fix hip04-xmit never return TX_BUSY
net: hisilicon: make hip04_tx_reclaim non-reentrant
net: cxgb3_main: Fix a resource leak in a error path in 'init_one()'
NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim()
can: peak_usb: force the string buffer NULL-terminated
can: sja1000: force the string buffer NULL-terminated
perf bench numa: Fix cpu0 binding
isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack
isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain()
net: usb: qmi_wwan: Add the BroadMobi BM818 card
ASoC: ti: davinci-mcasp: Correct slot_width posed constraint
st_nci_hci_connectivity_event_received: null check the allocation
st21nfca_connectivity_event_received: null check the allocation
can: dev: call netif_carrier_off() in register_candev()
* bonding: Force slave speed check after link state recovery for 802.3ad
drivers/net/bonding/bond_main.c
* netfilter: ebtables: fix a memory leak bug in compat
net/bridge/netfilter/ebtables.c
MIPS: kernel: only use i8253 clocksource with periodic clockevent
* HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT
drivers/hid/hid-tmff.c
Linux 4.4.190
* bonding: Add vlan tx offload to hw_enc_features
drivers/net/bonding/bond_main.c
sctp: fix the transport error_count check
net/mlx5e: Only support tx/rx pause setting for port owner
xen/netback: Reset nr_frags before freeing skb
* net/packet: fix race in tpacket_snd()
net/packet/af_packet.c
x86/boot: Disable the address-of-packed-member compiler warning
iommu/amd: Move iommu_init_pci() to .init section
x86/vdso: Remove direct HPET access through the vDSO
IB/mlx5: Make coding style more consistent
RDMA: Directly cast the sockaddr union to sockaddr
scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure
* asm-generic: default BUG_ON(x) to if(x)BUG()
include/asm-generic/bug.h
Input: psmouse - fix build error of multiple definition
* arm64: compat: Allow single-byte watchpoints on all addresses
arch/arm64/kernel/hw_breakpoint.c
* include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
include/linux/module.h
* Backport minimal compiler_attributes.h to support GCC 9
include/linux/compiler.h
USB: serial: option: Add Motorola modem UARTs
USB: serial: option: add the BroadMobi BM818 card
USB: serial: option: Add support for ZTE MF871A
USB: serial: option: add D-Link DWM-222 device ID
usb: cdc-acm: make sure a refcount is taken early enough
* USB: core: Fix races in character device registration and deregistraion
drivers/usb/core/file.c
staging: comedi: dt3000: Fix rounding up of timer divisor
staging: comedi: dt3000: Fix signed integer overflow 'divider * base'
* asm-generic: fix -Wtype-limits compiler warnings
include/asm-generic/getorder.h
ocfs2: remove set but not used variable 'last_hash'
IB/core: Add mitigation for Spectre V1
* kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external modules
scripts/Makefile.modpost
ata: libahci: do not complain in case of deferred probe
scsi: hpsa: correct scsi command status issue after reset
libata: zpodd: Fix small read overflow in zpodd_get_mech_type()
perf header: Fix use of unitialized value warning
perf header: Fix divide by zero error if f_header.attr_size==0
irqchip/irq-imx-gpcv2: Forward irq type to parent
xen/pciback: remove set but not used variable 'old_state'
net: usb: pegasus: fix improper read if get_registers() fail
Input: iforce - add sanity checks
Input: kbtab - sanity check for endpoint type
HID: hiddev: do cleanup in failure of opening a device
HID: hiddev: avoid opening a disconnected device
HID: holtek: test for sanity of intfdata
ALSA: hda - Fix a memory leak bug
mm/memcontrol.c: fix use after free in mem_cgroup_iter()
* USB: gadget: f_midi: fixing a possible double-free in f_midi
drivers/usb/gadget/function/f_midi.c
drivers/usb/gadget/u_f.h
* usb: gadget: f_midi: fail if set_alt fails to allocate requests
drivers/usb/gadget/function/f_midi.c
sh: kernel: hw_breakpoint: Fix missing break in switch statement
scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA
mwifiex: fix 802.11n/WPA detection
smb3: send CAP_DFS capability during session setup
SMB3: Fix deadlock in validate negotiate hits reconnect
mac80211: don't WARN on short WMM parameters from AP
ALSA: firewire: fix a memory leak bug
hwmon: (nct7802) Fix wrong detection of in4 presence
can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices
* perf/core: Fix creating kernel counters for PMUs that override event->cpu
kernel/events/core.c
* tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop
drivers/tty/tty_ldsem.c
scsi: ibmvfc: fix WARN_ON during event pool release
scsi: megaraid_sas: fix panic on loading firmware crashdump
ARM: davinci: fix sleep.S build error on ARMv4
perf probe: Avoid calling freeing routine multiple times for same pointer
* ALSA: compress: Be more restrictive about when a drain is allowed
sound/core/compress_offload.c
* ALSA: compress: Prevent bypasses of set_params
sound/core/compress_offload.c
* ALSA: compress: Fix regression on compressed capture streams
include/sound/compress_driver.h
sound/core/compress_offload.c
s390/qdio: add sanity checks to the fast-requeue path
cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init()
hwmon: (nct6775) Fix register address and added missed tolerance for nct6106
mac80211: don't warn about CW params when not using them
* iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND
drivers/firmware/Kconfig
* netfilter: nfnetlink: avoid deadlock due to synchronous request_module
net/netfilter/nfnetlink.c
can: peak_usb: fix potential double kfree_skb()
usb: yurex: Fix use-after-free in yurex_delete
perf db-export: Fix thread__exec_comm()
* mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()
mm/vmalloc.c
x86/mm: Sync also unmappings in vmalloc_sync_all()
x86/mm: Check for pfn instead of page in vmalloc_sync_one()
* sound: fix a memory leak bug
sound/sound_core.c
usb: iowarrior: fix deadlock on disconnect
Linux 4.4.189
x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS
x86/entry/64: Use JMP instead of JMPQ
x86/speculation: Enable Spectre v1 swapgs mitigations
x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
x86/entry/64: Fix context tracking state warning when load_gs_index fails
x86: cpufeatures: Sort feature word 7
spi: bcm2835: Fix 3-wire mode if DMA is enabled
* block: blk_init_allocated_queue() set q->fq as NULL in the fail case
block/blk-core.c
* compat_ioctl: pppoe: fix PPPOEIOCSFWD handling
drivers/net/ppp/pppoe.c
drivers/net/ppp/pppox.c
fs/compat_ioctl.c
include/linux/if_pppox.h
net/l2tp/l2tp_ppp.c
bnx2x: Disable multi-cos feature.
net/mlx5: Use reversed order when unregister devices
net: sched: Fix a possible null-pointer dereference in dequeue_func()
tipc: compat: allow tipc commands without arguments
* net: fix ifindex collision during namespace removal
net/core/dev.c
net: bridge: delete local fdb on device init failure
atm: iphase: Fix Spectre v1 vulnerability
* tcp: be more careful in tcp_fragment()
include/net/tcp.h
net/ipv4/tcp_output.c
* HID: Add quirk for HP X1200 PIXART OEM mouse
drivers/hid/hid-ids.h
drivers/hid/usbhid/hid-quirks.c
netfilter: nfnetlink_acct: validate NFACCT_QUOTA parameter
* arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}
arch/arm64/include/asm/cpufeature.h
arch/arm64/kernel/cpufeature.c
* arm64: cpufeature: Fix CTR_EL0 field definitions
arch/arm64/kernel/cpufeature.c
Linux 4.4.188
xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
s390/dasd: fix endless loop after read unit address configuration
* selinux: fix memory leak in policydb_init()
security/selinux/ss/policydb.c
x86/kvm: Don't call kvm_spurious_fault() from .fixup
ipc/mqueue.c: only perform resource calculation if user valid
uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers
coda: fix build using bare-metal toolchain
coda: add error handling for fget
* mm/cma.c: fail if fixed declaration can't be honored
mm/cma.c
x86: math-emu: Hide clang warnings for 16-bit overflow
x86/apic: Silence -Wtype-limits compiler warnings
be2net: Signal that the device cannot transmit during reconfiguration
* ACPI: fix false-positive -Wuninitialized warning
include/linux/acpi.h
scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized
ceph: fix improper use of smp_mb__before_atomic()
btrfs: fix minimum number of chunk errors for DUP
fs/adfs: super: fix use-after-free bug
dmaengine: rcar-dmac: Reject zero-length slave DMA requests
MIPS: lantiq: Fix bitfield masking
* kernel/module.c: Only return -EEXIST for modules that have finished loading
kernel/module.c
ARM: dts: rockchip: Mark that the rk3288 timer might stop in suspend
ARM: riscpc: fix DMA
Linux 4.4.187
ceph: hold i_ceph_lock when removing caps for freeing inode
drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
* sched/fair: Don't free p->numa_faults with concurrent readers
fs/exec.c
include/linux/sched.h
kernel/fork.c
kernel/sched/fair.c
Bluetooth: hci_uart: check for missing tty operations
media: radio-raremono: change devm_k*alloc to k*alloc
media: cpia2_usb: first wake up, then free in disconnect
ISDN: hfcsusb: checking idx of ep configuration
* tcp: reset sk_send_head in tcp_write_queue_purge
include/net/tcp.h
ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt
* mm, vmstat: make quiet_vmstat lighter
mm/vmstat.c
* vmstat: Remove BUG_ON from vmstat_update
mm/vmstat.c
* access: avoid the RCU grace period for the temporary subjective credentials
fs/open.c
include/linux/cred.h
kernel/cred.c
powerpc/tm: Fix oops on sigreturn on systems without TM
ALSA: hda - Add a conexant codec entry to let mute led work
ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
hpet: Fix division by zero in hpet_time_div()
x86/speculation/mds: Apply more accurate check on hypervisor platform
x86/sysfb_efi: Add quirks for some devices with swapped width and height
* usb: pci-quirks: Correct AMD PLL quirk detection
drivers/usb/host/pci-quirks.c
usb: wusbcore: fix unbalanced get/put cluster_id
locking/lockdep: Hide unused 'class' variable
locking/lockdep: Fix lock used or unused stats error
mm/mmu_notifier: use hlist_add_head_rcu()
9p: pass the correct prototype to read_cache_page
mm/kmemleak.c: fix check for softirq context
sh: prevent warnings when using iounmap
powerpc/eeh: Handle hugepages in ioremap space
mailbox: handle failed named mailbox channel request
f2fs: avoid out-of-range memory access
perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
* kallsyms: exclude kasan local symbols on s390
scripts/kallsyms.c
serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
powerpc/4xx/uic: clear pending interrupt after irq type/pol change
um: Silence lockdep complaint about mmap_sem
mfd: arizona: Fix undefined behavior
* mfd: core: Set fwnode for created devices
drivers/mfd/mfd-core.c
recordmcount: Fix spurious mcount entries on powerpc
iio: iio-utils: Fix possible incorrect mask calculation
* PCI: sysfs: Ignore lockdep for remove attribute
drivers/pci/pci-sysfs.c
powerpc/pci/of: Fix OF flags parsing for 64bit BARs
* usb: gadget: Zero ffs_io_data
drivers/usb/gadget/function/f_fs.c
phy: renesas: rcar-gen2: Fix memory leak at error paths
drm/virtio: Add memory barriers for capset cache.
* tty: serial: msm_serial: avoid system lockup condition
drivers/tty/serial/msm_serial.c
tty/serial: digicolor: Fix digicolor-usart already registered warning
memstick: Fix error cleanup path of memstick_init
tty: serial: cpm_uart - fix init when SMC is relocated
pinctrl: rockchip: fix leaked of_node references
tty: max310x: Fix invalid baudrate divisors calculator
* usb: core: hub: Disable hub-initiated U1/U2
drivers/usb/core/hub.c
drm/panel: simple: Fix panel_simple_dsi_probe
nfsd: Fix overflow causing non-working mounts on 1 TB machines
nfsd: fix performance-limiting session calculation
nfsd: give out fewer session slots as limit approaches
nfsd: increase DRC cache limit
NFSv4: Fix open create exclusive when the server reboots
* elevator: fix truncation of icq_cache_name
include/linux/elevator.h
* net: bridge: stp: don't cache eth dest pointer before skb pull
net/bridge/br_stp_bpdu.c
* net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
net/bridge/br_multicast.c
* net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
net/bridge/br_multicast.c
* bonding: validate ip header before check IPPROTO_IGMP
drivers/net/bonding/bond_main.c
* tcp: Reset bytes_acked and bytes_received when disconnecting
net/ipv4/tcp.c
netrom: hold sock when setting skb->destructor
netrom: fix a memory leak in nr_rx_frame()
sky2: Disable MSI on ASUS P6T
nfc: fix potential illegal memory access
* net: neigh: fix multiple neigh timer scheduling
net/core/neighbour.c
net: bcmgenet: use promisc for unsupported filters
* ipv4: don't set IPv6 only flags to IPv4 addresses
net/ipv4/devinet.c
caif-hsi: fix possible deadlock in cfhsi_exit_module()
bnx2x: Prevent load reordering in tx completion processing
* dm bufio: fix deadlock with loop device
drivers/md/dm-bufio.c
* usb: Handle USB3 remote wakeup for LPM enabled devices correctly
drivers/usb/core/hub.c
* Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
net/bluetooth/smp.c
intel_th: msu: Fix single mode with disabled IOMMU
eCryptfs: fix a couple type promotion bugs
powerpc/watchpoint: Restore NV GPRs while returning from exception
powerpc/32s: fix suspend/resume when IBATs 4-7 are used
parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
coda: pass the host file in vma->vm_file on mmap
floppy: fix out-of-bounds read in copy_buffer
floppy: fix invalid pointer dereference in drive_name
floppy: fix out-of-bounds read in next_valid_format
floppy: fix div-by-zero in setup_format_params
* take floppy compat ioctls to sodding floppy.c
block/compat_ioctl.c
* PCI: Do not poll for PME if the device is in D3cold
drivers/pci/pci.c
9p/virtio: Add cleanup path in p9_virtio_init
padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
drm/nouveau/i2c: Enable i2c pads & busses during preinit
KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
media: coda: Remove unbalanced and unneeded mutex unlock
* media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
drivers/media/v4l2-core/v4l2-ctrls.c
ALSA: seq: Break too long mutex context in the write loop
* lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
lib/scatterlist.c
NFSv4: Handle the special Linux file open access mode
* tracing/snapshot: Resize spare buffer if size changed
kernel/trace/trace.c
regulator: s2mps11: Fix buck7 and buck8 wrong voltages
Input: gtco - bounds check collection indent level
* crypto: arm64/sha2-ce - correct digest for empty data in finup
arch/arm64/crypto/sha2-ce-glue.c
* crypto: arm64/sha1-ce - correct digest for empty data in finup
arch/arm64/crypto/sha1-ce-glue.c
* crypto: ghash - fix unaligned memory access in ghash_setkey()
crypto/ghash-generic.c
* Bluetooth: validate BLE connection interval updates
net/bluetooth/hci_event.c
net/bluetooth/l2cap_core.c
* Bluetooth: Check state in l2cap_disconnect_rsp
net/bluetooth/l2cap_core.c
Bluetooth: 6lowpan: search for destination address in all peers
Bluetooth: hci_bcsp: Fix memory leak in rx_skb
bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
* EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
drivers/edac/edac_mc_sysfs.c
drivers/edac/edac_module.h
ixgbe: Check DDM existence in transceiver before access
* rslib: Fix handling of of caller provided syndrome
lib/reed_solomon/decode_rs.c
* rslib: Fix decoding of shortened codes
lib/reed_solomon/decode_rs.c
ath10k: fix PCIE device wake up failed
mt7601u: fix possible memory leak when the device is disconnected
x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
mt7601u: do not schedule rx_tasklet when the device has been disconnected
media: coda: increment sequence offset for the last returned frame
media: coda: fix mpeg2 sequence number handling
* acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
arch/arm64/kernel/acpi.c
* timer_list: Guard procfs specific code
kernel/time/timer_list.c
* ntp: Limit TAI-UTC offset
kernel/time/ntp.c
* media: i2c: fix warning same module names
drivers/media/i2c/Makefile
* EDAC/sysfs: Fix memory leak when creating a csrow object
drivers/edac/edac_mc_sysfs.c
vhost_net: disable zerocopy by default
perf evsel: Make perf_evsel__name() accept a NULL argument
* xfrm: fix sa selector validation
net/xfrm/xfrm_user.c
* rcu: Force inlining of rcu_read_lock()
include/linux/rcupdate.h
* bpf: silence warning messages in core
kernel/bpf/Makefile
* regmap: fix bulk writes on paged registers
drivers/base/regmap/regmap.c
gpio: omap: ensure irq is enabled before wakeup
gpio: omap: fix lack of irqstatus_raw0 for OMAP4
perf test 6: Fix missing kvm module load for s390
s390/qdio: handle PENDING state for QEBSM devices
net: axienet: Fix race condition causing TX hang
net: fec: Do not use netdev messages too early
cpupower : frequency-set -r option misses the last cpu in related cpu list
media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
locking/lockdep: Fix merging of hlocks with non-zero references
tua6100: Avoid build warnings.
* net: phy: Check against net_device being NULL
drivers/net/phy/phy_device.c
media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
* xfrm: Fix xfrm sel prefix length validation
net/xfrm/xfrm_user.c
* af_key: fix leaks in key_pol_get_resp and dump_sp.
net/key/af_key.c
signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
net: stmmac: dwmac1000: Clear unused address entries
media: vpss: fix a potential NULL pointer dereference
media: marvell-ccic: fix DMA s/g desc number calculation
crypto: talitos - fix skcipher failure due to wrong output IV
media: dvb: usb: fix use after free in dvb_usb_device_exit
batman-adv: fix for leaked TVLV handler.
ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
ath6kl: add some bounds checking
ath9k: Check for errors when reading SREV register
ath10k: Do not send probe response template for mesh
dmaengine: imx-sdma: fix use-after-free on probe error path
MIPS: fix build on non-linux hosts
MIPS: ath79: fix ar933x uart parity mode
Linux 4.4.186
KVM: x86: protect KVM_CREATE_PIT/KVM_CREATE_PIT2 with kvm->lock
s390/qdio: don't touch the dsci in tiqdio_add_input_queues()
s390/qdio: (re-)initialize tiqdio list entries
s390: fix stfle zero padding
ARC: hide unused function unw_hdr_alloc
kvm: x86: avoid warning on repeated KVM_SET_TSS_ADDR
dm verity: use message limit for data block corruption message
sis900: fix TX completion
* ppp: mppe: Add softdep to arc4
drivers/net/ppp/ppp_mppe.c
be2net: fix link failure after ethtool offline test
ARM: omap2: remove incorrect __init annotation
* perf/core: Fix perf_sample_regs_user() mm check
kernel/events/core.c
e1000e: start network tx queue only when link is up
MIPS: Remove superfluous check for __linux__
VMCI: Fix integer overflow in VMCI handle arrays
carl9170: fix misuse of device driver API
staging: comedi: amplc_pci230: fix null pointer deref on interrupt
staging: comedi: dt282x: fix a null pointer deref on interrupt
usb: renesas_usbhs: add a workaround for a race condition of workqueue
* usb: gadget: ether: Fix race between gether_disconnect and rx_submit
drivers/usb/gadget/function/u_ether.c
USB: serial: option: add support for GosunCn ME3630 RNDIS mode
USB: serial: ftdi_sio: add ID for isodebug v1
mwifiex: Don't abort on small, spec-compliant vendor IEs
* fscrypt: don't set policy for a dead directory
fs/ext4/crypto_policy.c
mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()
mwifiex: Abort at too short BSS descriptor element
x86/tls: Fix possible spectre-v1 in do_get_thread_area()
x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
bnx2x: Check if transceiver implements DDM before access
* md: fix for divide error in status_resync
drivers/md/md.c
ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
ARM: davinci: da850-evm: call regulator_has_full_constraints()
Input: imx_keypad - make sure keyboard can always wake up system
* can: mcp251x: add support for mcp25625
drivers/net/can/spi/Kconfig
dt-bindings: can: mcp251x: add mcp25625 support
mwifiex: Fix possible buffer overflows at parsing bss descriptor
mac80211: mesh: fix RCU warning
samples, bpf: fix to change the buffer size for read()
Input: elantech - enable middle button support on 2 ThinkPads
Linux 4.4.185
dmaengine: imx-sdma: remove BD_INTR for channel0
KVM: x86: degrade WARN to pr_warn_ratelimited
* arm64, vdso: Define vdso_{start,end} as array
arch/arm64/kernel/vdso.c
ARC: handle gcc generated __builtin_trap for older compiler
tty: rocket: fix incorrect forward declaration of 'rp_init()'
btrfs: Ensure replaced device doesn't have pending chunk allocation
* lib/mpi: Fix karactx leak in mpi_powm
lib/mpi/mpi-pow.c
* ALSA: usb-audio: fix sign unintended sign extension on left shifts
sound/usb/mixer_quirks.c
ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages
ALSA: seq: fix incorrect order of dest_client/dest_ports arguments
crypto: user - prevent operating on larval algorithms
* ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME
kernel/ptrace.c
MIPS: Workaround GCC __builtin_unreachable reordering bug
* bug.h: work around GCC PR82365 in BUG()
include/asm-generic/bug.h
include/linux/compiler-gcc.h
include/linux/compiler.h
* swiotlb: Make linux/swiotlb.h standalone includible
include/linux/swiotlb.h
mfd: omap-usb-tll: Fix register offsets
MIPS: math-emu: do not use bools for arithmetic
ARC: fix build warning in elf.h
ARC: Assume multiplier is always present
scsi: hpsa: correct ioaccel2 chaining
usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC
usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i]
ASoC: max98090: remove 24-bit format support if RJ is 0
spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
ASoC : cs4265 : readable register too low
um: Compile with modern headers
* Bluetooth: Fix faulty expression for minimum encryption key size check
net/bluetooth/l2cap_core.c
* net: check before dereferencing netdev_ops during busy poll
include/net/busy_poll.h
* bonding: Always enable vlan tx offload
drivers/net/bonding/bond_main.c
* ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop
net/ipv4/raw.c
team: Always enable vlan tx offload
tipc: check msg->req data len in tipc_nl_compat_bearer_disable
tipc: change to use register_pernet_device
sctp: change to hold sk after auth shkey is created successfully
* cpu/speculation: Warn on unsupported mitigations= parameter
kernel/cpu.c
x86/speculation: Allow guests to use SSBD even if host does not
* ovl: modify ovl_permission() to do checks on two inodes
fs/overlayfs/inode.c
KVM: X86: Fix scan ioapic use-before-initialization
net/9p: include trans_common.h to fix missing prototype warning.
9p: p9dirent_read: check network-provided name length
9p/rdma: remove useless check in cm_event_handler
9p: acl: fix uninitialized iattr access
9p/rdma: do not disconnect on down_interruptible EAGAIN
perf help: Remove needless use of strncpy()
perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul
mac80211: drop robust management frames from unknown TA
* cfg80211: fix memory leak of wiphy device name
net/wireless/core.c
SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write
* Bluetooth: Fix regression with minimum encryption key size alignment
net/bluetooth/hci_conn.c
net/bluetooth/l2cap_core.c
* Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
include/net/bluetooth/hci_core.h
net/bluetooth/hci_conn.c
ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX
can: purge socket error queue on sock destruct
can: flexcan: fix timeout when set small bitrate
btrfs: start readahead also in seed devices
Btrfs: fix race between readahead and device replace/removal
hwmon: (pmbus/core) Treat parameters as paged if on multiple pages
s390/qeth: fix VLAN attribute in bridge_hostnotify udev event
* scsi: ufs: Check that space was properly alloced in copy_query_response
drivers/scsi/ufs/ufshcd.c
scripts/checkstack.pl: Fix arm64 wrong or unknown architecture
sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD
net: hns: Fix loopback test failed at copper ports
MIPS: uprobes: remove set but not used variable 'epc'
IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
parisc: Fix compiler warnings in float emulation code
parport: Fix mem leak in parport_register_dev_model
apparmor: enforce nullbyte at end of tag string
* Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
drivers/input/misc/uinput.c
usb: chipidea: udc: workaround for endpoint conflict issue
* gcc-9: silence 'address-of-packed-member' warning
Makefile
* tracing: Silence GCC 9 array bounds warning
kernel/trace/trace.c
kernel/trace/trace.h
scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
fs/binfmt_flat.c: make load_flat_shared_library() work
Linux 4.4.184
* tcp: refine memory limit test in tcp_fragment()
net/ipv4/tcp_output.c
Linux 4.4.183
* Abort file_remove_privs() for non-reg. files
fs/inode.c
* coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
drivers/android/binder.c
fs/proc/task_mmu.c
include/linux/mm.h
mm/mmap.c
Revert "crypto: crypto4xx - properly set IV after de- and encrypt"
scsi: libsas: delete sas port if expander discover failed
scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route()
net: sh_eth: fix mdio access in sh_eth_close() for R-Car Gen2 and RZ/A1 SoCs
KVM: PPC: Book3S: Use new mutex to synchronize access to rtas token list
ia64: fix build errors by exporting paddr_to_nid()
* configfs: Fix use-after-free when accessing sd->s_dentry
fs/configfs/dir.c
* i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr
drivers/i2c/i2c-dev.c
net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE()
* gpio: fix gpio-adp5588 build errors
drivers/gpio/Kconfig
* perf/ring_buffer: Add ordering to rb->nest increment
kernel/events/ring_buffer.c
* perf/ring_buffer: Fix exposing a temporarily decreased data_head
kernel/events/ring_buffer.c
x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor
mISDN: make sure device name is NUL terminated
sunhv: Fix device naming inconsistency between sunhv_console and sunhv_reg
* neigh: fix use-after-free read in pneigh_get_next
net/core/neighbour.c
lapb: fixed leak of control-blocks.
* ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero
net/ipv6/ip6_flowlabel.c
be2net: Fix number of Rx queues used for flow hashing
ax25: fix inconsistent lock state in ax25_destroy_timer
USB: serial: option: add Telit 0x1260 and 0x1261 compositions
USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode
USB: serial: pl2303: add Allied Telesis VT-Kit3
* USB: usb-storage: Add new ID to ums-realtek
drivers/usb/storage/unusual_realtek.h
* USB: Fix chipmunk-like voice when using Logitech C270 for recording audio.
drivers/usb/core/quirks.c
drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define()
drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read
KVM: s390: fix memory slot handling for KVM_SET_USER_MEMORY_REGION
KVM: x86/pmu: do not mask the value that is written to fixed PMUs
usbnet: ipheth: fix racing condition
scsi: bnx2fc: fix incorrect cast to u64 on shift operation
scsi: lpfc: add check for loss of ndlp when sending RRQ
Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var
ASoC: cs42xx8: Add regcache mask dirty
* cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css()
include/linux/cgroup.h
bcache: fix stack corruption by PRECEDING_KEY()
i2c: acorn: fix i2c warning
* ptrace: restore smp_rmb() in __ptrace_may_access()
kernel/cred.c
kernel/ptrace.c
* signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO
kernel/ptrace.c
fs/ocfs2: fix race in ocfs2_dentry_attach_lock()
* mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node
mm/list_lru.c
libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk
ALSA: seq: Cover unsubscribe_port() in list_mutex
* Revert "Bluetooth: Align minimum encryption key size for LE and BR/EDR connections"
include/net/bluetooth/hci_core.h
net/bluetooth/hci_conn.c
* futex: Fix futex lock the wrong page
kernel/futex.c
ARM: exynos: Fix undefined instruction during Exynos5422 resume
* pwm: Fix deadlock warning when removing PWM device
drivers/pwm/core.c
drivers/pwm/sysfs.c
include/linux/pwm.h
ARM: dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8 regulators on Arndale Octa
pwm: tiehrpwm: Update shadow register for disabling PWMs
dmaengine: idma64: Use actual device for DMA transfers
gpio: gpio-omap: add check for off wake capable gpios
PCI: xilinx: Check for __get_free_pages() failure
video: imsttfb: fix potential NULL pointer dereferences
video: hgafb: fix potential NULL pointer dereference
PCI: rcar: Fix a potential NULL pointer dereference
PCI: rpadlpar: Fix leaked device_node references in add/remove paths
ARM: dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA
ARM: dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA
ARM: dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA
clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288
soc: mediatek: pwrap: Zero initialize rdata in pwrap_init_cipher
platform/chrome: cros_ec_proto: check for NULL transfer function
x86/PCI: Fix PCI IRQ routing table memory leak
nfsd: allow fh_want_write to be called twice
* fuse: retrieve: cap requested size to negotiated max_write
fs/fuse/dev.c
nvmem: core: fix read buffer in place
ALSA: hda - Register irq handler after the chip initialization
iommu/vt-d: Set intel_iommu_gfx_mapped correctly
f2fs: fix to do sanity check on valid block count of segment
f2fs: fix to avoid panic in do_recover_data()
* ntp: Allow TAI-UTC offset to be set to zero
kernel/time/ntp.c
drm/bridge: adv7511: Fix low refresh rate selection
perf/x86/intel: Allow PEBS multi-entry in watermark mode
mfd: twl6040: Fix device init errors for ACCCTL register
mfd: intel-lpss: Set the device in reset state when init
* kernel/sys.c: prctl: fix false positive in validate_prctl_map()
kernel/sys.c
* mm/cma_debug.c: fix the break condition in cma_maxchunk_get()
mm/cma_debug.c
* mm/cma.c: fix crash on CMA allocation if bitmap allocation fails
mm/cma.c
hugetlbfs: on restore reserve error path retain subpool reservation
ipc: prevent lockup on alloc_msg and free_msg
* sysctl: return -EINVAL if val violates minmax
kernel/sysctl.c
* fs/fat/file.c: issue flush after the writeback of FAT
fs/fat/file.c
Linux 4.4.182
* tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
net/ipv4/tcp_timer.c
* tcp: add tcp_min_snd_mss sysctl
include/net/netns/ipv4.h
net/ipv4/sysctl_net_ipv4.c
net/ipv4/tcp_ipv4.c
net/ipv4/tcp_output.c
* tcp: tcp_fragment() should apply sane memory limits
include/uapi/linux/snmp.h
net/ipv4/proc.c
net/ipv4/tcp_output.c
* tcp: limit payload size of sacked skbs
include/linux/tcp.h
include/net/tcp.h
net/ipv4/tcp.c
net/ipv4/tcp_input.c
net/ipv4/tcp_output.c
Linux 4.4.181
* ethtool: check the return value of get_regs_len
net/core/ethtool.c
* ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
include/net/arp.h
* fuse: Add FOPEN_STREAM to use stream_open()
fs/fuse/file.c
include/uapi/linux/fuse.h
* fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock
fs/open.c
fs/read_write.c
include/linux/fs.h
drm/gma500/cdv: Check vbt config bits when detecting lvds panels
genwqe: Prevent an integer overflow in the ioctl
MIPS: pistachio: Build uImage.gz by default
* fuse: fallocate: fix return with locked inode
fs/fuse/file.c
parisc: Use implicit space register selection for loading the coherence index of I/O pdirs
* rcu: locking and unlocking need to always be at least barriers
include/linux/rcupdate.h
pktgen: do not sleep with the thread lock held.
net: rds: fix memory leak in rds_ib_flush_mr_pool
net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query
* neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit
net/core/neighbour.c
* ethtool: fix potential userspace buffer overflow
net/core/ethtool.c
media: uvcvideo: Fix uvc_alloc_entity() allocation alignment
* usb: gadget: fix request length error for isoc transfer
include/linux/usb/gadget.h
* net: cdc_ncm: GetNtbFormat endian fix
drivers/net/usb/cdc_ncm.c
Revert "x86/build: Move _etext to actual end of .text"
* userfaultfd: don't pin the user memory in userfaultfd_file_create()
include/linux/sched.h
brcmfmac: add subtype check for event handling in data path
brcmfmac: add length checks in scheduled scan result handler
brcmfmac: fix incorrect event channel deduction
brcmfmac: revise handling events in receive path
brcmfmac: screening firmware event packet
brcmfmac: Add length checks on firmware events
bnx2x: disable GSO where gso_size is too big for hardware
* net: create skb_gso_validate_mac_len()
include/linux/skbuff.h
* binder: replace "%p" with "%pK"
drivers/android/binder.c
* binder: Replace "%p" with "%pK" for stable
drivers/android/binder.c
CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM
* kernel/signal.c: trace_signal_deliver when signal_group_exit
kernel/signal.c
* memcg: make it work on sparse non-0-node systems
include/linux/list_lru.h
mm/list_lru.c
tty: max310x: Fix external crystal register setup
* tty: serial: msm_serial: Fix XON/XOFF
drivers/tty/serial/msm_serial.c
drm/nouveau/i2c: Disable i2c bus access after ->fini()
ALSA: hda/realtek - Set default power save node to 0
Btrfs: fix race updating log root item during fsync
scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs)
scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove
media: smsusb: better handle optional alignment
media: usb: siano: Fix false-positive "uninitialized variable" warning
media: usb: siano: Fix general protection fault in smsusb
USB: rio500: fix memory leak in close after disconnect
USB: rio500: refuse more than one device at a time
* USB: Add LPM quirk for Surface Dock GigE adapter
drivers/usb/core/quirks.c
USB: sisusbvga: fix oops in error path of sisusb_probe
* USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
drivers/usb/core/config.c
* usb: xhci: avoid null pointer deref when bos field is NULL
drivers/usb/host/xhci.c
* xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic()
drivers/usb/host/xhci.c
* include/linux/bitops.h: sanitize rotate primitives
include/linux/bitops.h
sparc64: Fix regression in non-hypervisor TLB flush xcall
tipc: fix modprobe tipc failed after switch order of device registration -v2
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
crypto: vmx - ghash: do nosimd fallback manually
net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value
bnxt_en: Fix aggregation buffer leak under OOM condition.
tipc: Avoid copying bytes beyond the supplied data
* usbnet: fix kernel crash after disconnect
drivers/net/usb/usbnet.c
net: stmmac: fix reset gpio free missing
* net-gro: fix use-after-free read in napi_gro_frags()
net/core/dev.c
* llc: fix skb leak in llc_build_and_send_ui_pkt()
net/llc/llc_output.c
* ipv6: Consider sk_bound_dev_if when binding a raw socket to an address
net/ipv6/raw.c
ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM
* spi: Fix zero length xfer bug
drivers/spi/spi.c
spi: rspi: Fix sequencer reset during initialization
spi : spi-topcliff-pch: Fix to handle empty DMA buffers
scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices
media: saa7146: avoid high stack usage with clang
media: go7007: avoid clang frame overflow warning with KASAN
media: m88ds3103: serialize reset messages in m88ds3103_set_frontend
scsi: qla4xxx: avoid freeing unallocated dma memory
* usb: core: Add PM runtime calls to usb_hcd_platform_shutdown
drivers/usb/core/hcd.c
rcutorture: Fix cleanup path for invalid torture_type strings
tty: ipwireless: fix missing checks for ioremap
virtio_console: initialize vtermno value for ports
media: wl128x: prevent two potential buffer overflows
spi: tegra114: reset controller on probe
cxgb3/l2t: Fix undefined behaviour
ASoC: fsl_utils: fix a leaked reference by adding missing of_node_put
ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put
* HID: core: move Usage Page concatenation to Main item
drivers/hid/hid-core.c
include/linux/hid.h
* chardev: add additional check for minor range overlap
fs/char_dev.c
x86/ia32: Fix ia32_restore_sigcontext() AC leak
* arm64: cpu_ops: fix a leaked reference by adding missing of_node_put
arch/arm64/kernel/cpu_ops.c
* scsi: ufs: Avoid configuring regulator with undefined voltage range
drivers/scsi/ufs/ufshcd.c
* scsi: ufs: Fix regulator load and icc-level configuration
drivers/scsi/ufs/ufshcd.c
brcmfmac: fix race during disconnect when USB completion is in progress
brcmfmac: convert dev_init_lock mutex to completion
b43: shut up clang -Wuninitialized variable warning
brcmfmac: fix missing checks for kmemdup
rtlwifi: fix a potential NULL pointer dereference
iio: common: ssp_sensors: Initialize calculated_time in ssp_common_process_data
iio: hmc5843: fix potential NULL pointer dereferences
iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion
x86/build: Keep local relocations with ld.lld
cpufreq: pmac32: fix possible object reference leak
cpufreq/pasemi: fix possible object reference leak
cpufreq: ppc_cbe: fix possible object reference leak
s390: cio: fix cio_irb declaration
extcon: arizona: Disable mic detect if running when driver is removed
* PM / core: Propagate dev->power.wakeup_path when no callbacks
drivers/base/power/main.c
mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support
mmc: sdhci-of-esdhc: add erratum eSDHC5 support
mmc_spi: add a status check for spi_sync_locked
scsi: libsas: Do discovery on empty PHY to update PHY info
hwmon: (f71805f) Use request_muxed_region for Super-IO accesses
hwmon: (pc87427) Use request_muxed_region for Super-IO accesses
hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses
hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses
hwmon: (vt1211) Use request_muxed_region for Super-IO accesses
RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure
i40e: don't allow changes to HW VLAN stripping on active port VLANs
x86/irq/64: Limit IST stack overflow check to #DB stack
* USB: core: Don't unbind interfaces following device reset failure
drivers/usb/core/hub.c
* sched/core: Handle overflow in cpu_shares_write_u64
kernel/sched/core.c
* sched/core: Check quota and period overflow at usec to nsec conversion
kernel/sched/core.c
powerpc/numa: improve control of topology updates
media: pvrusb2: Prevent a buffer overflow
media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable()
* audit: fix a memory leak bug
kernel/auditfilter.c
media: ov2659: make S_FMT succeed even if requested format doesn't match
media: au0828: stop video streaming only when last user stops
media: ov6650: Move v4l2_clk_get() to ov6650_video_probe() helper
media: coda: clear error return value before picture run
dmaengine: at_xdmac: remove BUG_ON macro in tasklet
pinctrl: pistachio: fix leaked of_node references
* HID: logitech-hidpp: use RAP instead of FAP to get the protocol version
drivers/hid/hid-logitech-hidpp.c
* mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions
lib/strncpy_from_user.c
lib/strnlen_user.c
x86/mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault()
* smpboot: Place the __percpu annotation correctly
include/linux/smpboot.h
x86/build: Move _etext to actual end of .text
bcache: avoid clang -Wunintialized warning
bcache: add failure check to run_cache_set() for journal replay
bcache: fix failure in journal relplay
bcache: return error immediately in bch_journal_replay()
net: cw1200: fix a NULL pointer dereference
mwifiex: prevent an array overflow
ASoC: fsl_sai: Update is_slave_mode with correct value
* mac80211/cfg80211: update bss channel on channel switch
net/wireless/nl80211.c
dmaengine: pl330: _stop: clear interrupt status
w1: fix the resume command API
rtc: 88pm860x: prevent use-after-free on device remove
brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler()
spi: pxa2xx: fix SCR (divisor) calculation
* ASoC: imx: fix fiq dependencies
sound/soc/fsl/Kconfig
powerpc/boot: Fix missing check of lseek() return value
mmc: core: Verify SD bus width
cxgb4: Fix error path in cxgb4_init_module
gfs2: Fix lru_count going negative
tools include: Adopt linux/bits.h
perf tools: No need to include bitops.h in util.h
at76c50x-usb: Don't register led_trigger if usb_register_driver failed
ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit
media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
media: cpia2: Fix use-after-free in cpia2_exit
* fbdev: fix WARNING in __alloc_pages_nodemask bug
drivers/video/fbdev/core/fbcmap.c
* hugetlb: use same fault hash key for shared and private mappings
include/linux/hugetlb.h
* fbdev: fix divide error in fb_var_to_videomode
drivers/video/fbdev/core/modedb.c
btrfs: sysfs: don't leak memory when failing add fsid
Btrfs: fix race between ranged fsync and writeback of adjacent ranges
gfs2: Fix sign extension bug in gfs2_update_stats
crypto: vmx - CTR: always increment IV as quadword
* Revert "scsi: sd: Keep disk read-only when re-reading partition"
drivers/scsi/sd.c
* bio: fix improper use of smp_mb__before_atomic()
include/linux/bio.h
KVM: x86: fix return value for reserved EFER
* ext4: do not delete unlinked inode from orphan list on failed truncate
fs/ext4/inode.c
fbdev: sm712fb: fix memory frequency by avoiding a switch/case fallthrough
btrfs: Honour FITRIM range constraints during free space trim
md/raid: raid5 preserve the writeback action after the parity check
Revert "Don't jump to compute_result state from check_result state"
perf bench numa: Add define for RUSAGE_THREAD if not present
ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
* power: supply: sysfs: prevent endless uevent loop with CONFIG_POWER_SUPPLY_DEBUG
drivers/power/power_supply_sysfs.c
KVM: arm/arm64: Ensure vcpu target is unset on reset failure
* xfrm4: Fix uninitialized memory read in _decode_session4
net/ipv4/xfrm4_policy.c
* vti4: ipip tunnel deregistration fixes.
net/ipv4/ip_vti.c
* xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module
net/ipv6/xfrm6_tunnel.c
* xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
net/xfrm/xfrm_user.c
dm delay: fix a crash when invalid device is specified
* PCI: Mark Atheros AR9462 to avoid bus reset
drivers/pci/quirks.c
fbdev: sm712fb: fix crashes and garbled display during DPMS modesetting
fbdev: sm712fb: use 1024x768 by default on non-MIPS, fix garbled display
fbdev: sm712fb: fix support for 1024x768-16 mode
fbdev: sm712fb: fix crashes during framebuffer writes by correctly mapping VRAM
fbdev: sm712fb: fix boot screen glitch when sm712fb replaces VGA
fbdev: sm712fb: fix white screen of death on reboot, don't set CR3B-CR3F
fbdev: sm712fb: fix VRAM detection, don't set SR70/71/74/75
fbdev: sm712fb: fix brightness control on reboot, don't set SR30
perf intel-pt: Fix sample timestamp wrt non-taken branches
perf intel-pt: Fix improved sample timestamp
perf intel-pt: Fix instructions sampling rate
memory: tegra: Fix integer overflow on tick value calculation
* tracing: Fix partial reading of trace event's id file
kernel/trace/trace_events.c
ceph: flush dirty inodes before proceeding with remount
iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114
* fuse: honor RLIMIT_FSIZE in fuse_file_fallocate
fs/fuse/file.c
* fuse: fix writepages on 32bit
fs/fuse/file.c
clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider
NFS4: Fix v4.0 client state corruption when mount
media: ov6650: Fix sensor possibly not detected on probe
cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level()
* of: fix clang -Wunsequenced for be32_to_cpu()
include/linux/of.h
intel_th: msu: Fix single mode with IOMMU
* md: add mddev->pers to avoid potential NULL pointer dereference
drivers/md/md.c
stm class: Fix channel free in stm output free path
tipc: fix modprobe tipc failed after switch order of device registration
tipc: switch order of device registration to fix a crash
* ppp: deflate: Fix possible crash in deflate_init
drivers/net/ppp/ppp_deflate.c
net/mlx4_core: Change the error print to info print
* net: avoid weird emergency message
net/core/dev.c
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
* ext4: zero out the unused memory region in the extent tree block
fs/ext4/extents.c
* fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
fs/fs-writeback.c
* writeback: synchronize sync(2) against cgroup writeback membership switches
fs/fs-writeback.c
include/linux/backing-dev-defs.h
mm/backing-dev.c
crypto: arm/aes-neonbs - don't access already-freed walk.iv
crypto: salsa20 - don't access already-freed walk.iv
crypto: chacha20poly1305 - set cra_name correctly
* crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto/gcm.c
* crypto: gcm - Fix error return code in crypto_gcm_create_common()
crypto/gcm.c
ipmi:ssif: compare block number correctly for multi-part return messages
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
bcache: fix a race between cache register and cacheset unregister
Btrfs: do not start a transaction at iterate_extent_inodes()
* ext4: fix ext4_show_options for file systems w/o journal
fs/ext4/super.c
* ext4: actually request zeroing of inode table after grow
fs/ext4/ioctl.c
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
* mm/mincore.c: make mincore() more conservative
mm/mincore.c
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
ASoC: max98090: Fix restore of DAPM Muxes
ALSA: hda/realtek - EAPD turn on later
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
* ALSA: usb-audio: Fix a memory leak bug
sound/usb/mixer.c
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: vmx - fix copy-paste error in CTR mode
ARM: exynos: Fix a leaked reference by adding missing of_node_put
x86/speculation/mds: Improve CPU buffer clear documentation
x86/speculation/mds: Revert CPU buffer clear on double fault exit
Linux 4.4.180
powerpc/lib: fix book3s/32 boot failure due to code patching
powerpc/booke64: set RI in default MSR
drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl
drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl
* bonding: fix arp_validate toggling in active-backup mode
drivers/net/bonding/bond_options.c
* ipv4: Fix raw socket lookup for local traffic
net/ipv4/raw.c
* vrf: sit mtu should not be updated when vrf netdev is the link
net/ipv6/sit.c
vlan: disable SIOCSHWTSTAMP in container
* packet: Fix error path in packet_init
net/packet/af_packet.c
net: ucc_geth - fix Oops when changing number of buffers in the ring
* bridge: Fix error path for kobject_init_and_add()
net/bridge/br_if.c
powerpc/64s: Include cpu header
USB: serial: fix unthrottle races
USB: serial: use variable for status
x86/bugs: Change L1TF mitigation string to match upstream
x86/speculation/mds: Fix documentation typo
Documentation: Correct the possible MDS sysfs values
x86/mds: Add MDSUM variant to the MDS documentation
x86/speculation/mds: Add 'mitigations=' support for MDS
x86/speculation: Support 'mitigations=' cmdline option
* cpu/speculation: Add 'mitigations=' cmdline option
include/linux/cpu.h
kernel/cpu.c
x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
x86/speculation/mds: Fix comment
x86/speculation/mds: Add SMT warning message
x86/speculation: Move arch_smt_update() call to after mitigation decisions
x86/cpu/bugs: Use __initconst for 'const' init data
Documentation: Add MDS vulnerability documentation
Documentation: Move L1TF to separate directory
x86/speculation/mds: Add mitigation mode VMWERV
* x86/speculation/mds: Add sysfs reporting for MDS
drivers/base/cpu.c
include/linux/cpu.h
x86/speculation/l1tf: Document l1tf in sysfs
x86/speculation/mds: Add mitigation control for MDS
x86/speculation/mds: Conditionally clear CPU buffers on idle entry
x86/speculation/mds: Clear CPU buffers on exit to user
x86/speculation/mds: Add mds_clear_cpu_buffers()
x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
x86/speculation/mds: Add BUG_MSBDS_ONLY
x86/speculation/mds: Add basic bug infrastructure for MDS
x86/speculation: Consolidate CPU whitelists
x86/msr-index: Cleanup bit defines
kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
x86/speculation: Provide IBPB always command line options
x86/speculation: Add seccomp Spectre v2 user space protection mode
x86/speculation: Enable prctl mode for spectre_v2_user
* x86/speculation: Add prctl() control for indirect branch speculation
include/linux/sched.h
include/uapi/linux/prctl.h
x86/speculation: Prevent stale SPEC_CTRL msr content
x86/speculation: Prepare arch_smt_update() for PRCTL mode
x86/speculation: Split out TIF update
x86/speculation: Prepare for conditional IBPB in switch_mm()
x86/speculation: Avoid __switch_to_xtra() calls
x86/process: Consolidate and simplify switch_to_xtra() code
x86/speculation: Prepare for per task indirect branch speculation control
x86/speculation: Add command line control for indirect branch speculation
x86/speculation: Unify conditional spectre v2 print functions
x86/speculataion: Mark command line parser data __initdata
x86/speculation: Mark string arrays const correctly
x86/speculation: Reorder the spec_v2 code
* x86/speculation: Rework SMT state change
include/linux/sched/smt.h
kernel/cpu.c
* sched: Add sched_smt_active()
include/linux/sched/smt.h
kernel/sched/core.c
kernel/sched/sched.h
x86/Kconfig: Select SCHED_SMT if SMP enabled
x86/speculation: Reorganize speculation control MSRs update
x86/speculation: Rename SSBD update functions
x86/speculation: Disable STIBP when enhanced IBRS is in use
x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common()
x86/speculation: Remove unnecessary ret variable in cpu_show_common()
x86/speculation: Clean up spectre_v2_parse_cmdline()
x86/speculation: Update the TIF_SSBD comment
x86/speculation: Propagate information about RSB filling mitigation to sysfs
x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
* x86/speculation: Apply IBPB more strictly to avoid cross-process data leak
include/linux/ptrace.h
kernel/ptrace.c
x86/mm: Use WRITE_ONCE() when setting PTEs
KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled
x86/cpu: Sanitize FAM6_ATOM naming
x86/microcode: Update the new microcode revision unconditionally
x86/microcode: Make sure boot_cpu_data.microcode is up-to-date
x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR
* locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file
include/linux/bitops.h
include/linux/bits.h
x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features
x86/bugs: Add AMD's SPEC_CTRL MSR usage
x86/bugs: Add AMD's variant of SSB_NO
x86/speculation: Simplify the CPU bug detection logic
x86/speculation: Support Enhanced IBRS on future CPUs
x86/cpufeatures: Hide AMD-specific speculation flags
x86/MCE: Save microcode revision in machine check records
x86/microcode/intel: Check microcode revision before updating sibling threads
* bitops: avoid integer overflow in GENMASK(_ULL)
include/linux/bitops.h
x86: stop exporting msr-index.h to userland
x86/microcode/intel: Add a helper which gives the microcode revision
* locking/static_keys: Provide DECLARE and well as DEFINE macros
include/linux/jump_label.h
Don't jump to compute_result state from check_result state
x86/vdso: Pass --eh-frame-hdr to the linker
cw1200: fix missing unlock on error in cw1200_hw_scan()
gpu: ipu-v3: dp: fix CSC handling
selftests/net: correct the return value for run_netsocktests
s390: ctcm: fix ctcm_new_device error return code
ipvs: do not schedule icmp errors from tunnels
* init: initialize jump labels before command line option parsing
init/main.c
tools lib traceevent: Fix missing equality check for strcmp
KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing
s390/3270: fix lockdep false positive on view->lock
s390/dasd: Fix capacity calculation for large volumes
libnvdimm/btt: Fix a kmemdup failure check
* HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys
drivers/hid/hid-input.c
* HID: input: add mapping for Expose/Overview key
drivers/hid/hid-input.c
iio: adc: xilinx: fix potential use-after-free on remove
platform/x86: sony-laptop: Fix unintentional fall-through
* netfilter: compat: initialize all fields in xt_init
net/netfilter/x_tables.c
* timer/debug: Change /proc/timer_stats from 0644 to 0600
kernel/time/timer_stats.c
ASoC: Intel: avoid Oops if DMA setup fails
* ipv6: fix a potential deadlock in do_ipv6_setsockopt()
include/net/addrconf.h
net/ipv6/ipv6_sockglue.c
net/ipv6/mcast.c
UAS: fix alignment of scatter/gather segments
* Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
include/net/bluetooth/hci_core.h
net/bluetooth/hci_conn.c
Bluetooth: hidp: fix buffer overflow
scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines
* usb: dwc3: Fix default lpm_nyet_threshold value
drivers/usb/dwc3/core.c
* genirq: Prevent use-after-free and work list corruption
kernel/irq/manage.c
iommu/amd: Set exclusion range correctly
scsi: csiostor: fix missing data copy in csio_scsi_err_handler()
perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
ASoC: tlv320aic32x4: Fix Common Pins
ASoC: cs4270: Set auto-increment bit for register writes
* ASoC:soc-pcm:fix a codec fixup issue in TDM case
sound/soc/soc-pcm.c
scsi: libsas: fix a race condition when smp task timeout
media: v4l2: i2c: ov7670: Fix PLL bypass register values
x86/mce: Improve error message when kernel cannot recover, p2
* selinux: never allow relabeling on context mounts
security/selinux/hooks.c
Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ
staging: iio: adt7316: fix the dac write calculation
staging: iio: adt7316: fix the dac read calculation
staging: iio: adt7316: allow adt751x to use internal vref for all dacs
usb: usbip: fix isoc packet num validation in get_pipe
ARM: iop: don't use using 64-bit DMA masks
ARM: orion: don't use using 64-bit DMA masks
xsysace: Fix error handling in ace_setup
hugetlbfs: fix memory leak for resv_map
net: hns: Fix WARNING when remove HNS driver with SMMU enabled
net: hns: Use NAPI_POLL_WEIGHT for hns driver
scsi: storvsc: Fix calculation of sub-channel count
vfio/pci: use correct format characters
rtc: da9063: set uie_unsupported when relevant
* debugfs: fix use-after-free on symlink traversal
fs/debugfs/inode.c
jffs2: fix use-after-free on symlink traversal
* bonding: show full hw address in sysfs for slave entries
drivers/net/bonding/bond_sysfs_slave.c
igb: Fix WARN_ONCE on runtime suspend
rtc: sh: Fix invalid alarm warning for non-enabled alarm
* HID: debug: fix race condition with between rdesc_show() and device removal
drivers/hid/hid-debug.c
* USB: core: Fix bug caused by duplicate interface PM usage counter
drivers/usb/core/driver.c
include/linux/usb.h
* USB: core: Fix unterminated string returned by usb_string()
drivers/usb/core/message.c
USB: w1 ds2490: Fix bug caused by improper use of altsetting array
USB: yurex: Fix protection fault after device removal
* packet: validate msg_namelen in send directly
net/packet/af_packet.c
bnxt_en: Improve multicast address setup logic.
* ipv6: invert flowlabel sharing check in process and user mode
net/ipv6/ip6_flowlabel.c
* ipv6/flowlabel: wait rcu grace period before put_pid()
net/ipv6/ip6_flowlabel.c
* ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
net/ipv4/ip_output.c
ALSA: line6: use dynamic buffers
vfio/type1: Limit DMA mappings per container
kconfig/[mn]conf: handle backspace (^H) key
libata: fix using DMA buffers on stack
scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN
ceph: fix use-after-free on symlink traversal
usb: u132-hcd: fix resource leak
scsi: qla4xxx: fix a potential NULL pointer dereference
net: ethernet: ti: fix possible object reference leak
net: ibm: fix possible object reference leak
net: xilinx: fix possible object reference leak
net: ks8851: Set initial carrier state to down
net: ks8851: Delay requesting IRQ until opened
net: ks8851: Reassert reset pin if chip ID check fails
net: ks8851: Dequeue RX packets explicitly
ARM: dts: pfla02: increase phy reset duration
usb: gadget: net2272: Fix net2272_dequeue()
usb: gadget: net2280: Fix net2280_dequeue()
usb: gadget: net2280: Fix overrun of OUT messages
sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING
qlcnic: Avoid potential NULL pointer dereference
usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set
usbnet: ipheth: prevent TX queue timeouts when device not ready
Documentation: Add nospectre_v1 parameter
powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg
powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'
powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms
powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)
powerpc/fsl: Emulate SPRN_BUCSR register
powerpc/fsl: Flush branch predictor when entering KVM
powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used
* ipv4: set the tcp_min_rtt_wlen range from 0 to one day
net/ipv4/sysctl_net_ipv4.c
net: stmmac: move stmmac_check_ether_addr() to driver probe
team: fix possible recursive locking when add slaves
* ipv4: add sanity checks in ipv4_link_failure()
net/ipv4/route.c
* Revert "block/loop: Use global lock for ioctl() operation."
drivers/block/loop.c
drivers/block/loop.h
* bpf: reject wrong sized filters earlier
net/core/filter.c
tipc: check link name with right length in tipc_nl_compat_link_set
tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
* netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
net/bridge/netfilter/ebtables.c
NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
* fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
fs/proc/proc_sysctl.c
intel_th: gth: Fix an off-by-one in output unassigning
* slip: make slhc_free() silently accept an error pointer
drivers/net/slip/slhc.c
tipc: handle the err returned from cmd header function
powerpc/fsl: Fix the flush of branch predictor.
powerpc/security: Fix spectre_v2 reporting
powerpc/fsl: Update Spectre v2 reporting
powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)
powerpc/fsl: Add nospectre_v2 command line argument
powerpc/fsl: Fix spectre_v2 mitigations reporting
powerpc/fsl: Add macro to flush the branch predictor
powerpc/fsl: Add infrastructure to fixup branch predictor flush
powerpc: Avoid code patching freed init sections
powerpc/powernv: Query firmware for count cache flush settings
powerpc/pseries: Query hypervisor for count cache flush settings
powerpc/64s: Add support for software count cache flush
powerpc/64s: Add new security feature flags for count cache flush
powerpc/asm: Add a patch_site macro & helpers for patching instructions
powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E
powerpc/64: Make meltdown reporting Book3S 64 specific
powerpc/64: Call setup_barrier_nospec() from setup_arch()
powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
powerpc/64: Disable the speculation barrier from the command line
powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
powerpc/64s: Enhance the information in cpu_show_spectre_v1()
powerpc: Use barrier_nospec in copy_from_user()
powerpc/64: Use barrier_nospec in syscall entry
powerpc/64s: Enable barrier_nospec based on firmware settings
powerpc/64s: Patch barrier_nospec in modules
powerpc/64s: Add support for ori barrier_nospec patching
powerpc/64s: Add barrier_nospec
powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
powerpc/pseries: Restore default security feature flags on setup
powerpc: Move default security feature flags
powerpc/pseries: Fix clearing of security feature flags
powerpc/64s: Wire up cpu_show_spectre_v2()
powerpc/64s: Wire up cpu_show_spectre_v1()
powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
powerpc/64s: Enhance the information in cpu_show_meltdown()
powerpc/64s: Move cpu_show_meltdown()
powerpc/powernv: Set or clear security feature flags
powerpc/pseries: Set or clear security feature flags
powerpc: Add security feature flags for Spectre/Meltdown
powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
powerpc/rfi-flush: Differentiate enabled and patched flush types
powerpc/rfi-flush: Always enable fallback flush on pseries
powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
powerpc/powernv: Support firmware disable of RFI flush
powerpc/pseries: Support firmware disable of RFI flush
powerpc/64s: Improve RFI L1-D cache flush fallback
powerpc/xmon: Add RFI flush related fields to paca dump
* USB: Consolidate LPM checks to avoid enabling LPM twice
drivers/usb/core/driver.c
drivers/usb/core/hub.c
drivers/usb/core/message.c
* USB: Add new USB LPM helpers
drivers/usb/core/driver.c
drivers/usb/core/hub.c
drivers/usb/core/message.c
drivers/usb/core/sysfs.c
drivers/usb/core/usb.h
sunrpc: don't mark uninitialised items as VALID.
nfsd: Don't release the callback slot unless it was actually held
ceph: fix ci->i_head_snapc leak
ceph: ensure d_name stability in ceph_dentry_hash()
* sched/numa: Fix a possible divide-by-zero
kernel/sched/fair.c
* trace: Fix preempt_enable_no_resched() abuse
kernel/trace/ring_buffer.c
MIPS: scall64-o32: Fix indirect syscall number load
cifs: do not attempt cifs operation on smb2+ rename error
KVM: fail KVM_SET_VCPU_EVENTS with invalid exception number
* kbuild: simplify ld-option implementation
scripts/Kbuild.include
Linux 4.4.179
* kernel/sysctl.c: fix out-of-bounds access when setting file-max
kernel/sysctl.c
Revert "locking/lockdep: Add debug_locks check in __lock_downgrade()"
* ALSA: info: Fix racy addition/deletion of nodes
sound/core/info.c
* mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n
mm/vmstat.c
device_cgroup: fix RCU imbalance in error case
* sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
kernel/sched/fair.c
* Revert "kbuild: use -Oz instead of -Os when using clang"
Makefile
mac80211: do not call driver wake_tx_queue op during reconfig
kprobes: Fix error check when reusing optimized probes
kprobes: Mark ftrace mcount handler functions nokprobe
* x86/kprobes: Verify stack frame on kretprobe
include/linux/kprobes.h
* arm64: futex: Restore oldval initialization to work around buggy compilers
arch/arm64/include/asm/futex.h
crypto: x86/poly1305 - fix overflow during partial reduction
* ALSA: core: Fix card races between register and disconnect
sound/core/init.c
staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
staging: comedi: ni_usb6501: Fix use of uninitialized mutex
staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
staging: comedi: vmk80xx: Fix use of uninitialized semaphore
io: accel: kxcjk1013: restore the range after resume.
iio: adc: at91: disable adc channel interrupt in timeout case
iio: ad_sigma_delta: select channel when reading register
iio/gyro/bmg160: Use millidegrees for temperature scale
KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
* modpost: file2alias: check prototype of handler
scripts/mod/file2alias.c
* modpost: file2alias: go back to simple devtable lookup
scripts/mod/file2alias.c
crypto: crypto4xx - properly set IV after de- and encrypt
* ipv4: ensure rcu_read_lock() in ipv4_link_failure()
net/ipv4/route.c
* ipv4: recompile ip options in ipv4_link_failure
net/ipv4/route.c
* tcp: tcp_grow_window() needs to respect tcp_space()
net/ipv4/tcp_input.c
net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
* net: bridge: multicast: use rcu to access port list from br_multicast_start_querier
net/bridge/br_multicast.c
net: atm: Fix potential Spectre v1 vulnerabilities
* bonding: fix event handling for stacked bonds
drivers/net/bonding/bond_main.c
* appletalk: Fix compile regression
include/linux/atalk.h
* ovl: fix uid/gid when creating over whiteout
fs/overlayfs/dir.c
tpm/tpm_crb: Avoid unaligned reads in crb_recv()
* include/linux/swap.h: use offsetof() instead of custom __swapoffset macro
include/linux/swap.h
* lib/div64.c: off by one in shift
lib/div64.c
* appletalk: Fix use-after-free in atalk_proc_exit
include/linux/atalk.h
ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t
iommu/dmar: Fix buffer overflow during PCI bus notification
crypto: sha512/arm - fix crash bug in Thumb2 build
crypto: sha256/arm - fix crash bug in Thumb2 build
cifs: fallback to older infolevels on findfirst queryinfo retry
ACPI / SBS: Fix GPE storm on recent MacBookPro's
ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
serial: uartps: console_setup() can't be placed to init section
f2fs: fix to do sanity check with current segment number
9p locks: add mount option for lock retry interval
9p: do not trust pdu content for stat item size
rsi: improve kernel thread handling to fix kernel panic
* ext4: prohibit fstrim in norecovery mode
fs/ext4/ioctl.c
fix incorrect error code mapping for OBJECTID_NOT_FOUND
x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error
iommu/vt-d: Check capability before disabling protected memory
x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors
x86/hpet: Prevent potential NULL pointer dereference
perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test()
perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test
perf evsel: Free evsel->counts in perf_evsel__exit()
perf top: Fix error handling in cmd_top()
tools/power turbostat: return the exit status of a command
thermal/int340x_thermal: fix mode setting
thermal/int340x_thermal: Add additional UUIDs
ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration
mmc: davinci: remove extraneous __init annotation
IB/mlx4: Fix race condition between catas error reset and aliasguid flows
ALSA: sb8: add a check for request_region
ALSA: echoaudio: add a check for ioremap_nocache
* ext4: report real fs size after failed resize
fs/ext4/resize.c
* ext4: add missing brelse() in add_new_gdb_meta_bg()
fs/ext4/resize.c
* perf/core: Restore mmap record type correctly
kernel/events/core.c
* PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
drivers/pci/quirks.c
xtensa: fix return_address
* sched/fair: Do not re-read ->h_load_next during hierarchical load calculation
kernel/sched/fair.c
xen: Prevent buffer overflow in privcmd ioctl
* arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value
arch/arm64/include/asm/futex.h
ARM: dts: at91: Fix typo in ISC_D0 on PC9
* genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent()
kernel/irq/chip.c
* block: do not leak memory in bio_copy_user_iov()
block/bio.c
ASoC: fsl_esai: fix channel swap issue when stream starts
* include/linux/bitrev.h: fix constant bitrev
include/linux/bitrev.h
ALSA: seq: Fix OOB-reads from strlcpy
* ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
net/ipv6/ip6_tunnel.c
* net: ethtool: not call vzalloc for zero sized memory request
net/core/ethtool.c
* netns: provide pure entropy for net_hash_mix()
include/net/net_namespace.h
include/net/netns/hash.h
net/core/net_namespace.c
tcp: Ensure DCTCP reacts to losses
sctp: initialize _pad of sockaddr_in before copying to user memory
qmi_wwan: add Olicard 600
openvswitch: fix flow actions reallocation
net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock().
* ipv6: sit: reset ip header pointer in ipip6_rcv
net/ipv6/sit.c
* ipv6: Fix dangling pointer when ipv6 fragment
net/ipv6/ip6_output.c
* tty: ldisc: add sysctl to prevent autoloading of ldiscs
drivers/tty/Kconfig
drivers/tty/tty_io.c
drivers/tty/tty_ldisc.c
* tty: mark Siemens R3964 line discipline as BROKEN
drivers/char/Kconfig
* lib/string.c: implement a basic bcmp
include/linux/string.h
lib/string.c
x86/vdso: Drop implicit common-page-size linker flag
x86: vdso: Use $LD instead of $CC to link
x86/build: Specify elf_i386 linker emulation explicitly for i386 objects
* kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD
Makefile
* binfmt_elf: switch to new creds when switching to new mm
fs/binfmt_elf.c
drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers
dmaengine: tegra: avoid overflow of byte tracking
x86/build: Mark per-CPU symbols as absolute explicitly for LLD
wlcore: Fix memory leak in case wl12xx_fetch_firmware failure
regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting
media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration
netfilter: physdev: relax br_netfilter dependency
dmaengine: imx-dma: fix warning comparison of distinct pointer types
hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable
soc/tegra: fuse: Fix illegal free of IO base address
hwrng: virtio - Avoid repeated init of completion
media: mt9m111: set initial frame size other than 0x0
* tty: increase the default flip buffer limit to 2*640K
drivers/tty/tty_buffer.c
ARM: avoid Cortex-A9 livelock on tight dmb loops
mt7601u: bump supported EEPROM version
soc: qcom: gsbi: Fix error handling in gsbi_probe()
ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe
cdrom: Fix race condition in cdrom_sysctl_register
* fbdev: fbmem: fix memory access if logo is bigger than the screen
drivers/video/fbdev/core/fbmem.c
bcache: improve sysfs_strtoul_clamp()
bcache: fix input overflow to sequential_cutoff
bcache: fix input overflow to cache set sysfs file io_error_halflife
* ALSA: PCM: check if ops are defined before suspending PCM
sound/core/pcm_native.c
ARM: 8833/1: Ensure that NEON code always compiles with Clang
* kprobes: Prohibit probing on bsearch()
lib/bsearch.c
leds: lp55xx: fix null deref on firmware load failure
media: mx2_emmaprp: Correct return type for mem2mem buffer helpers
media: s5p-g2d: Correct return type for mem2mem buffer helpers
media: s5p-jpeg: Correct return type for mem2mem buffer helpers
media: sh_veu: Correct return type for mem2mem buffer helpers
SoC: imx-sgtl5000: add missing put_device()
perf test: Fix failure of 'evsel-tp-sched' test on s390
scsi: megaraid_sas: return error when create DMA pool failed
IB/mlx4: Increase the timeout for CM cache
e1000e: Fix -Wformat-truncation warnings
mmc: omap: fix the maximum timeout setting
ARM: 8840/1: use a raw_spinlock_t in unwind
coresight: etm4x: Add support to enable ETMv4.2
* scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c
drivers/scsi/scsi_scan.c
usb: chipidea: Grab the (legacy) USB PHY by phandle first
tools lib traceevent: Fix buffer overflow in arg_eval
* fs: fix guard_bio_eod to check for real EOD errors
fs/buffer.c
cifs: Fix NULL pointer dereference of devname
dm thin: add sanity checks to thin-pool and external snapshot creation
cifs: use correct format characters
* fs/file.c: initialize init_files.resize_wait
fs/file.c
f2fs: do not use mutex lock in atomic context
ocfs2: fix a panic problem caused by o2cb_ctl
mm/slab.c: kmemleak no scan alien caches
* mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512!
mm/vmalloc.c
mm/page_ext.c: fix an imbalance with kmemleak
* mm/cma.c: cma_declare_contiguous: correct err handling
mm/cma.c
enic: fix build warning without CONFIG_CPUMASK_OFFSTACK
* sysctl: handle overflow for file-max
kernel/sysctl.c
gpio: gpio-omap: fix level interrupt idling
* tracing: kdb: Fix ftdump to not sleep
include/linux/ring_buffer.h
kernel/trace/ring_buffer.c
kernel/trace/trace.c
h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux-
CIFS: fix POSIX lock leak and invalid ptr deref
tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped
* Bluetooth: Fix decrementing reference count twice in releasing socket
net/bluetooth/hci_sock.c
* i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA
drivers/i2c/i2c-core.c
mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified
tty/serial: atmel: Add is_half_duplex helper
* lib/int_sqrt: optimize initial value compute
lib/int_sqrt.c
* ext4: cleanup bh release code in ext4_ind_remove_space()
fs/ext4/indirect.c
arm64: debug: Ensure debug handlers check triggering exception level
* arm64: debug: Don't propagate UNKNOWN FAR into si_code for debug signals
arch/arm64/mm/fault.c
Linux 4.4.178
* stm class: Hide STM-specific options if STM is disabled
drivers/hwtracing/stm/Kconfig
coresight: removing bind/unbind options from sysfs
* arm64: support keyctl() system call in 32-bit mode
arch/arm64/Kconfig
* Revert "USB: core: only clean up what we allocated"
drivers/usb/core/config.c
* xhci: Fix port resume done detection for SS ports with LPM enabled
drivers/usb/host/xhci-ring.c
drivers/usb/host/xhci.h
KVM: Reject device ioctls from processes other than the VM's creator
x86/smp: Enforce CONFIG_HOTPLUG_CPU when SMP=y
perf intel-pt: Fix TSC slip
gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input
* fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links
fs/proc/proc_sysctl.c
Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc
USB: serial: option: add Olicard 600
USB: serial: option: set driver_info for SIM5218 and compatibles
USB: serial: mos7720: fix mos_parport refcount imbalance on error path
USB: serial: ftdi_sio: add additional NovaTech products
USB: serial: cp210x: add new device id
serial: sh-sci: Fix setting SCSCR_TIE while transferring data
serial: max310x: Fix to avoid potential NULL pointer dereference
staging: vt6655: Fix interrupt race condition on device start up.
staging: vt6655: Remove vif check from vnt_interrupt
tty: atmel_serial: fix a potential NULL pointer dereference
scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices
scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host
* scsi: sd: Fix a race between closing an sd device and sd I/O
drivers/scsi/sd.c
* ALSA: pcm: Don't suspend stream in unrecoverable PCM state
sound/core/pcm_native.c
ALSA: pcm: Fix possible OOB access in PCM oss plugins
ALSA: seq: oss: Fix Spectre v1 vulnerability
* ALSA: rawmidi: Fix potential Spectre v1 vulnerability
sound/core/rawmidi.c
* ALSA: compress: add support for 32bit calls in a 64bit kernel
sound/core/compress_offload.c
ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
btrfs: raid56: properly unmap parity page in finish_parity_scrub()
btrfs: remove WARN_ON in log_dir_items
mac8390: Fix mmio access size probe
* sctp: get sctphdr by offset in sctp_compute_cksum
include/net/sctp/checksum.h
vxlan: Don't call gro_cells_destroy() before device is unregistered
* tcp: do not use ipv6 header for ipv4 flow
net/ipv6/tcp_ipv6.c
* packets: Always register packet sk in the same order
include/net/sock.h
net/packet/af_packet.c
* Add hlist_add_tail_rcu() (Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net)
include/linux/rculist.h
net: rose: fix a possible stack overflow
* net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
net/packet/af_packet.c
mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
dccp: do not use ipv6 header for ipv4 flow
stmmac: copy unicast mac address to MAC registers
* cfg80211: size various nl80211 messages correctly
net/wireless/nl80211.c
mmc: mmc: fix switch timeout issue caused by jiffies precision
* arm64: kconfig: drop CONFIG_RTC_LIB dependency
arch/arm64/Kconfig
video: fbdev: Set pixclock = 0 in goldfishfb
* cpu/hotplug: Handle unbalanced hotplug enable/disable
kernel/cpu.c
* usb: gadget: rndis: free response queue during REMOTE_NDIS_RESET_MSG
drivers/usb/gadget/function/rndis.c
* usb: gadget: configfs: add mutex lock before unregister gadget
drivers/usb/gadget/configfs.c
* ipv6: fix endianness error in icmpv6_err
net/ipv6/icmp.c
stm class: Fix stm device initialization order
stm class: Do not leak the chrdev in error path
PM / Hibernate: Call flush_icache_range() on pages restored in-place
* arm64: kernel: Include _AC definition in page.h
arch/arm64/include/asm/page.h
* perf/ring_buffer: Refuse to begin AUX transaction after rb->aux_mmap_count drops
kernel/events/ring_buffer.c
mac80211: fix "warning: ‘target_metric’ may be used uninitialized"
* arm64/kernel: fix incorrect EL0 check in inv_entry macro
arch/arm64/kernel/entry.S
ARM: 8510/1: rework ARM_CPU_SUSPEND dependencies
staging: goldfish: audio: fix compiliation on arm
* staging: ion: Set minimum carveout heap allocation order to PAGE_SHIFT
drivers/staging/android/ion/ion_carveout_heap.c
* staging: ashmem: Add missing include
drivers/staging/android/uapi/ashmem.h
* staging: ashmem: Avoid deadlock with mmap/shrink
drivers/staging/android/ashmem.c
* asm-generic: Fix local variable shadow in __set_fixmap_offset
include/asm-generic/fixmap.h
coresight: etm4x: Check every parameter used by dma_xx_coherent.
coresight: "DEVICE_ATTR_RO" should defined as static.
stm class: Fix a race in unlinking
stm class: Fix unbalanced module/device refcounting
stm class: Guard output assignment against concurrency
stm class: Fix unlocking braino in the error path
stm class: Support devices with multiple instances
stm class: Prevent user-controllable allocations
stm class: Fix link list locking
stm class: Fix locking in unbinding policy path
coresight: remove csdev's link from topology
coresight: release reference taken by 'bus_find_device()'
coresight: coresight_unregister() function cleanup
coresight: fixing lockdep error
* writeback: initialize inode members that track writeback history
fs/inode.c
Revert "mmc: block: don't use parameter prefix if built as module"
* net: diag: support v4mapped sockets in inet_diag_find_one_icsk()
net/ipv4/inet_diag.c
* perf: Synchronously free aux pages in case of allocation failure
kernel/events/ring_buffer.c
* arm64: hide __efistub_ aliases from kallsyms
arch/arm64/kernel/image.h
hid-sensor-hub.c: fix wrong do_div() usage
* vmstat: make vmstat_updater deferrable again and shut down on idle
include/linux/vmstat.h
kernel/sched/idle.c
mm/vmstat.c
* android: unconditionally remove callbacks in sync_fence_free()
drivers/staging/android/sync.c
ARM: 8494/1: mm: Enable PXN when running non-LPAE kernel on LPAE processor
ARM: 8458/1: bL_switcher: add GIC dependency
* efi: stub: define DISABLE_BRANCH_PROFILING for all architectures
drivers/firmware/efi/libstub/Makefile
* arm64: fix COMPAT_SHMLBA definition for large pages
arch/arm64/include/asm/shmparam.h
mmc: block: Allow more than 8 partitions per card
* sched/fair: Fix new task's load avg removed from source CPU in wake_up_new_task()
kernel/sched/fair.c
* Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
net/bluetooth/l2cap_core.c
* Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
net/bluetooth/l2cap_core.c
ath10k: avoid possible string overflow
* rtc: Fix overflow when converting time64_t to rtc_time
drivers/rtc/rtc-lib.c
* USB: core: only clean up what we allocated
drivers/usb/core/config.c
* lib/int_sqrt: optimize small argument
lib/int_sqrt.c
serial: sprd: clear timeout interrupt only rather than all interrupts
usb: renesas_usbhs: gadget: fix unused-but-set-variable warning
* arm64: traps: disable irq in die()
arch/arm64/kernel/traps.c
* Hang/soft lockup in d_invalidate with simultaneous calls
fs/dcache.c
serial: sprd: adjust TIMEOUT to a big value
* tcp/dccp: drop SYN packets if accept queue is full
include/net/inet_connection_sock.h
net/ipv4/tcp_input.c
usb: gadget: Add the gserial port checking in gs_start_tx()
* usb: gadget: composite: fix dereference after null check coverify warning
drivers/usb/gadget/composite.c
* kbuild: setlocalversion: print error to STDERR
scripts/setlocalversion
extcon: usb-gpio: Don't miss event during suspend/resume
* mm/rmap: replace BUG_ON(anon_vma->degree) with VM_WARN_ON
mm/rmap.c
mmc: core: fix using wrong io voltage if mmc_select_hs200 fails
* arm64: mm: Add trace_irqflags annotations to do_debug_exception()
arch/arm64/mm/fault.c
* usb: dwc3: gadget: Fix suspend/resume during device mode
drivers/usb/dwc3/gadget.c
mmc: core: shut up "voltage-ranges unspecified" pr_info()
mmc: sanitize 'bus width' in debug output
mmc: make MAN_BKOPS_EN message a debug
mmc: debugfs: Add a restriction to mmc debugfs clock setting
mmc: pwrseq_simple: Make reset-gpios optional to match doc
ALSA: hda - Enforces runtime_resume after S3 and S4 for each codec
ALSA: hda - Record the current power state before suspend/resume calls
locking/lockdep: Add debug_locks check in __lock_downgrade()
* media: v4l2-ctrls.c/uvc: zero v4l2_event
drivers/media/v4l2-core/v4l2-ctrls.c
mmc: tmio_mmc_core: don't claim spurious interrupts
* ext4: brelse all indirect buffer in ext4_ind_remove_space()
fs/ext4/indirect.c
* ext4: fix data corruption caused by unaligned direct AIO
fs/ext4/file.c
* ext4: fix NULL pointer dereference while journal is aborted
fs/ext4/ext4_jbd2.h
* futex: Ensure that futex address is aligned in handle_futex_death()
kernel/futex.c
MIPS: Fix kernel crash for R6 in jump label branch function
mips: loongson64: lemote-2f: Add IRQF_NO_SUSPEND to "cascade" irqaction.
udf: Fix crash on IO error during truncate
drm/vmwgfx: Don't double-free the mode stored in par->set_mode
mmc: pxamci: fix enum type confusion
Change-Id: Ib7e4ac2952d7fc0808e515749ea6b3c2bbfc40e5
Signed-off-by: Robin Peng <robinpeng@google.com>
4170 lines
105 KiB
C
4170 lines
105 KiB
C
/*
|
|
Copyright (C) 2002 Richard Henderson
|
|
Copyright (C) 2001 Rusty Russell, 2002, 2010 Rusty Russell IBM.
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*/
|
|
#include <linux/export.h>
|
|
#include <linux/moduleloader.h>
|
|
#include <linux/trace_events.h>
|
|
#include <linux/init.h>
|
|
#include <linux/kallsyms.h>
|
|
#include <linux/file.h>
|
|
#include <linux/fs.h>
|
|
#include <linux/sysfs.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/vmalloc.h>
|
|
#include <linux/elf.h>
|
|
#include <linux/proc_fs.h>
|
|
#include <linux/security.h>
|
|
#include <linux/seq_file.h>
|
|
#include <linux/syscalls.h>
|
|
#include <linux/fcntl.h>
|
|
#include <linux/rcupdate.h>
|
|
#include <linux/capability.h>
|
|
#include <linux/cpu.h>
|
|
#include <linux/moduleparam.h>
|
|
#include <linux/errno.h>
|
|
#include <linux/err.h>
|
|
#include <linux/vermagic.h>
|
|
#include <linux/notifier.h>
|
|
#include <linux/sched.h>
|
|
#include <linux/device.h>
|
|
#include <linux/string.h>
|
|
#include <linux/mutex.h>
|
|
#include <linux/rculist.h>
|
|
#include <asm/uaccess.h>
|
|
#include <asm/cacheflush.h>
|
|
#include <asm/mmu_context.h>
|
|
#include <linux/license.h>
|
|
#include <asm/sections.h>
|
|
#include <linux/tracepoint.h>
|
|
#include <linux/ftrace.h>
|
|
#include <linux/async.h>
|
|
#include <linux/percpu.h>
|
|
#include <linux/kmemleak.h>
|
|
#include <linux/jump_label.h>
|
|
#include <linux/pfn.h>
|
|
#include <linux/bsearch.h>
|
|
#include <uapi/linux/module.h>
|
|
#include "module-internal.h"
|
|
|
|
#define CREATE_TRACE_POINTS
|
|
#include <trace/events/module.h>
|
|
|
|
#ifndef ARCH_SHF_SMALL
|
|
#define ARCH_SHF_SMALL 0
|
|
#endif
|
|
|
|
/*
|
|
* Modules' sections will be aligned on page boundaries
|
|
* to ensure complete separation of code and data, but
|
|
* only when CONFIG_DEBUG_SET_MODULE_RONX=y
|
|
*/
|
|
#ifdef CONFIG_DEBUG_SET_MODULE_RONX
|
|
# define debug_align(X) ALIGN(X, PAGE_SIZE)
|
|
#else
|
|
# define debug_align(X) (X)
|
|
#endif
|
|
|
|
/*
|
|
* Given BASE and SIZE this macro calculates the number of pages the
|
|
* memory regions occupies
|
|
*/
|
|
#define MOD_NUMBER_OF_PAGES(BASE, SIZE) (((SIZE) > 0) ? \
|
|
(PFN_DOWN((unsigned long)(BASE) + (SIZE) - 1) - \
|
|
PFN_DOWN((unsigned long)BASE) + 1) \
|
|
: (0UL))
|
|
|
|
/* If this is set, the section belongs in the init part of the module */
|
|
#define INIT_OFFSET_MASK (1UL << (BITS_PER_LONG-1))
|
|
|
|
/*
|
|
* Mutex protects:
|
|
* 1) List of modules (also safely readable with preempt_disable),
|
|
* 2) module_use links,
|
|
* 3) module_addr_min/module_addr_max.
|
|
* (delete and add uses RCU list operations). */
|
|
DEFINE_MUTEX(module_mutex);
|
|
EXPORT_SYMBOL_GPL(module_mutex);
|
|
static LIST_HEAD(modules);
|
|
|
|
#ifdef CONFIG_MODULES_TREE_LOOKUP
|
|
|
|
/*
|
|
* Use a latched RB-tree for __module_address(); this allows us to use
|
|
* RCU-sched lookups of the address from any context.
|
|
*
|
|
* Because modules have two address ranges: init and core, we need two
|
|
* latch_tree_nodes entries. Therefore we need the back-pointer from
|
|
* mod_tree_node.
|
|
*
|
|
* Because init ranges are short lived we mark them unlikely and have placed
|
|
* them outside the critical cacheline in struct module.
|
|
*
|
|
* This is conditional on PERF_EVENTS || TRACING because those can really hit
|
|
* __module_address() hard by doing a lot of stack unwinding; potentially from
|
|
* NMI context.
|
|
*/
|
|
|
|
static __always_inline unsigned long __mod_tree_val(struct latch_tree_node *n)
|
|
{
|
|
struct mod_tree_node *mtn = container_of(n, struct mod_tree_node, node);
|
|
struct module *mod = mtn->mod;
|
|
|
|
if (unlikely(mtn == &mod->mtn_init))
|
|
return (unsigned long)mod->module_init;
|
|
|
|
return (unsigned long)mod->module_core;
|
|
}
|
|
|
|
static __always_inline unsigned long __mod_tree_size(struct latch_tree_node *n)
|
|
{
|
|
struct mod_tree_node *mtn = container_of(n, struct mod_tree_node, node);
|
|
struct module *mod = mtn->mod;
|
|
|
|
if (unlikely(mtn == &mod->mtn_init))
|
|
return (unsigned long)mod->init_size;
|
|
|
|
return (unsigned long)mod->core_size;
|
|
}
|
|
|
|
static __always_inline bool
|
|
mod_tree_less(struct latch_tree_node *a, struct latch_tree_node *b)
|
|
{
|
|
return __mod_tree_val(a) < __mod_tree_val(b);
|
|
}
|
|
|
|
static __always_inline int
|
|
mod_tree_comp(void *key, struct latch_tree_node *n)
|
|
{
|
|
unsigned long val = (unsigned long)key;
|
|
unsigned long start, end;
|
|
|
|
start = __mod_tree_val(n);
|
|
if (val < start)
|
|
return -1;
|
|
|
|
end = start + __mod_tree_size(n);
|
|
if (val >= end)
|
|
return 1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static const struct latch_tree_ops mod_tree_ops = {
|
|
.less = mod_tree_less,
|
|
.comp = mod_tree_comp,
|
|
};
|
|
|
|
static struct mod_tree_root {
|
|
struct latch_tree_root root;
|
|
unsigned long addr_min;
|
|
unsigned long addr_max;
|
|
} mod_tree __cacheline_aligned = {
|
|
.addr_min = -1UL,
|
|
};
|
|
|
|
#define module_addr_min mod_tree.addr_min
|
|
#define module_addr_max mod_tree.addr_max
|
|
|
|
static noinline void __mod_tree_insert(struct mod_tree_node *node)
|
|
{
|
|
latch_tree_insert(&node->node, &mod_tree.root, &mod_tree_ops);
|
|
}
|
|
|
|
static void __mod_tree_remove(struct mod_tree_node *node)
|
|
{
|
|
latch_tree_erase(&node->node, &mod_tree.root, &mod_tree_ops);
|
|
}
|
|
|
|
/*
|
|
* These modifications: insert, remove_init and remove; are serialized by the
|
|
* module_mutex.
|
|
*/
|
|
static void mod_tree_insert(struct module *mod)
|
|
{
|
|
mod->mtn_core.mod = mod;
|
|
mod->mtn_init.mod = mod;
|
|
|
|
__mod_tree_insert(&mod->mtn_core);
|
|
if (mod->init_size)
|
|
__mod_tree_insert(&mod->mtn_init);
|
|
}
|
|
|
|
static void mod_tree_remove_init(struct module *mod)
|
|
{
|
|
if (mod->init_size)
|
|
__mod_tree_remove(&mod->mtn_init);
|
|
}
|
|
|
|
static void mod_tree_remove(struct module *mod)
|
|
{
|
|
__mod_tree_remove(&mod->mtn_core);
|
|
mod_tree_remove_init(mod);
|
|
}
|
|
|
|
static struct module *mod_find(unsigned long addr)
|
|
{
|
|
struct latch_tree_node *ltn;
|
|
|
|
ltn = latch_tree_find((void *)addr, &mod_tree.root, &mod_tree_ops);
|
|
if (!ltn)
|
|
return NULL;
|
|
|
|
return container_of(ltn, struct mod_tree_node, node)->mod;
|
|
}
|
|
|
|
#else /* MODULES_TREE_LOOKUP */
|
|
|
|
static unsigned long module_addr_min = -1UL, module_addr_max = 0;
|
|
|
|
static void mod_tree_insert(struct module *mod) { }
|
|
static void mod_tree_remove_init(struct module *mod) { }
|
|
static void mod_tree_remove(struct module *mod) { }
|
|
|
|
static struct module *mod_find(unsigned long addr)
|
|
{
|
|
struct module *mod;
|
|
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (within_module(addr, mod))
|
|
return mod;
|
|
}
|
|
|
|
return NULL;
|
|
}
|
|
|
|
#endif /* MODULES_TREE_LOOKUP */
|
|
|
|
/*
|
|
* Bounds of module text, for speeding up __module_address.
|
|
* Protected by module_mutex.
|
|
*/
|
|
static void __mod_update_bounds(void *base, unsigned int size)
|
|
{
|
|
unsigned long min = (unsigned long)base;
|
|
unsigned long max = min + size;
|
|
|
|
if (min < module_addr_min)
|
|
module_addr_min = min;
|
|
if (max > module_addr_max)
|
|
module_addr_max = max;
|
|
}
|
|
|
|
static void mod_update_bounds(struct module *mod)
|
|
{
|
|
__mod_update_bounds(mod->module_core, mod->core_size);
|
|
if (mod->init_size)
|
|
__mod_update_bounds(mod->module_init, mod->init_size);
|
|
}
|
|
|
|
#ifdef CONFIG_KGDB_KDB
|
|
struct list_head *kdb_modules = &modules; /* kdb needs the list of modules */
|
|
#endif /* CONFIG_KGDB_KDB */
|
|
|
|
static void module_assert_mutex(void)
|
|
{
|
|
lockdep_assert_held(&module_mutex);
|
|
}
|
|
|
|
static void module_assert_mutex_or_preempt(void)
|
|
{
|
|
#ifdef CONFIG_LOCKDEP
|
|
if (unlikely(!debug_locks))
|
|
return;
|
|
|
|
WARN_ON(!rcu_read_lock_sched_held() &&
|
|
!lockdep_is_held(&module_mutex));
|
|
#endif
|
|
}
|
|
|
|
static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
|
|
#ifndef CONFIG_MODULE_SIG_FORCE
|
|
module_param(sig_enforce, bool_enable_only, 0644);
|
|
#endif /* !CONFIG_MODULE_SIG_FORCE */
|
|
|
|
/* Block module loading/unloading? */
|
|
int modules_disabled = 0;
|
|
core_param(nomodule, modules_disabled, bint, 0);
|
|
|
|
/* Waiting for a module to finish initializing? */
|
|
static DECLARE_WAIT_QUEUE_HEAD(module_wq);
|
|
|
|
static BLOCKING_NOTIFIER_HEAD(module_notify_list);
|
|
|
|
int register_module_notifier(struct notifier_block *nb)
|
|
{
|
|
return blocking_notifier_chain_register(&module_notify_list, nb);
|
|
}
|
|
EXPORT_SYMBOL(register_module_notifier);
|
|
|
|
int unregister_module_notifier(struct notifier_block *nb)
|
|
{
|
|
return blocking_notifier_chain_unregister(&module_notify_list, nb);
|
|
}
|
|
EXPORT_SYMBOL(unregister_module_notifier);
|
|
|
|
struct load_info {
|
|
Elf_Ehdr *hdr;
|
|
unsigned long len;
|
|
Elf_Shdr *sechdrs;
|
|
char *secstrings, *strtab;
|
|
unsigned long symoffs, stroffs;
|
|
struct _ddebug *debug;
|
|
unsigned int num_debug;
|
|
bool sig_ok;
|
|
#ifdef CONFIG_KALLSYMS
|
|
unsigned long mod_kallsyms_init_off;
|
|
#endif
|
|
struct {
|
|
unsigned int sym, str, mod, vers, info, pcpu;
|
|
} index;
|
|
};
|
|
|
|
/* We require a truly strong try_module_get(): 0 means failure due to
|
|
ongoing or failed initialization etc. */
|
|
static inline int strong_try_module_get(struct module *mod)
|
|
{
|
|
BUG_ON(mod && mod->state == MODULE_STATE_UNFORMED);
|
|
if (mod && mod->state == MODULE_STATE_COMING)
|
|
return -EBUSY;
|
|
if (try_module_get(mod))
|
|
return 0;
|
|
else
|
|
return -ENOENT;
|
|
}
|
|
|
|
static inline void add_taint_module(struct module *mod, unsigned flag,
|
|
enum lockdep_ok lockdep_ok)
|
|
{
|
|
add_taint(flag, lockdep_ok);
|
|
mod->taints |= (1U << flag);
|
|
}
|
|
|
|
/*
|
|
* A thread that wants to hold a reference to a module only while it
|
|
* is running can call this to safely exit. nfsd and lockd use this.
|
|
*/
|
|
void __module_put_and_exit(struct module *mod, long code)
|
|
{
|
|
module_put(mod);
|
|
do_exit(code);
|
|
}
|
|
EXPORT_SYMBOL(__module_put_and_exit);
|
|
|
|
/* Find a module section: 0 means not found. */
|
|
static unsigned int find_sec(const struct load_info *info, const char *name)
|
|
{
|
|
unsigned int i;
|
|
|
|
for (i = 1; i < info->hdr->e_shnum; i++) {
|
|
Elf_Shdr *shdr = &info->sechdrs[i];
|
|
/* Alloc bit cleared means "ignore it." */
|
|
if ((shdr->sh_flags & SHF_ALLOC)
|
|
&& strcmp(info->secstrings + shdr->sh_name, name) == 0)
|
|
return i;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
/* Find a module section, or NULL. */
|
|
static void *section_addr(const struct load_info *info, const char *name)
|
|
{
|
|
/* Section 0 has sh_addr 0. */
|
|
return (void *)info->sechdrs[find_sec(info, name)].sh_addr;
|
|
}
|
|
|
|
/* Find a module section, or NULL. Fill in number of "objects" in section. */
|
|
static void *section_objs(const struct load_info *info,
|
|
const char *name,
|
|
size_t object_size,
|
|
unsigned int *num)
|
|
{
|
|
unsigned int sec = find_sec(info, name);
|
|
|
|
/* Section 0 has sh_addr 0 and sh_size 0. */
|
|
*num = info->sechdrs[sec].sh_size / object_size;
|
|
return (void *)info->sechdrs[sec].sh_addr;
|
|
}
|
|
|
|
/* Provided by the linker */
|
|
extern const struct kernel_symbol __start___ksymtab[];
|
|
extern const struct kernel_symbol __stop___ksymtab[];
|
|
extern const struct kernel_symbol __start___ksymtab_gpl[];
|
|
extern const struct kernel_symbol __stop___ksymtab_gpl[];
|
|
extern const struct kernel_symbol __start___ksymtab_gpl_future[];
|
|
extern const struct kernel_symbol __stop___ksymtab_gpl_future[];
|
|
extern const unsigned long __start___kcrctab[];
|
|
extern const unsigned long __start___kcrctab_gpl[];
|
|
extern const unsigned long __start___kcrctab_gpl_future[];
|
|
#ifdef CONFIG_UNUSED_SYMBOLS
|
|
extern const struct kernel_symbol __start___ksymtab_unused[];
|
|
extern const struct kernel_symbol __stop___ksymtab_unused[];
|
|
extern const struct kernel_symbol __start___ksymtab_unused_gpl[];
|
|
extern const struct kernel_symbol __stop___ksymtab_unused_gpl[];
|
|
extern const unsigned long __start___kcrctab_unused[];
|
|
extern const unsigned long __start___kcrctab_unused_gpl[];
|
|
#endif
|
|
|
|
#ifndef CONFIG_MODVERSIONS
|
|
#define symversion(base, idx) NULL
|
|
#else
|
|
#define symversion(base, idx) ((base != NULL) ? ((base) + (idx)) : NULL)
|
|
#endif
|
|
|
|
static bool each_symbol_in_section(const struct symsearch *arr,
|
|
unsigned int arrsize,
|
|
struct module *owner,
|
|
bool (*fn)(const struct symsearch *syms,
|
|
struct module *owner,
|
|
void *data),
|
|
void *data)
|
|
{
|
|
unsigned int j;
|
|
|
|
for (j = 0; j < arrsize; j++) {
|
|
if (fn(&arr[j], owner, data))
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/* Returns true as soon as fn returns true, otherwise false. */
|
|
bool each_symbol_section(bool (*fn)(const struct symsearch *arr,
|
|
struct module *owner,
|
|
void *data),
|
|
void *data)
|
|
{
|
|
struct module *mod;
|
|
static const struct symsearch arr[] = {
|
|
{ __start___ksymtab, __stop___ksymtab, __start___kcrctab,
|
|
NOT_GPL_ONLY, false },
|
|
{ __start___ksymtab_gpl, __stop___ksymtab_gpl,
|
|
__start___kcrctab_gpl,
|
|
GPL_ONLY, false },
|
|
{ __start___ksymtab_gpl_future, __stop___ksymtab_gpl_future,
|
|
__start___kcrctab_gpl_future,
|
|
WILL_BE_GPL_ONLY, false },
|
|
#ifdef CONFIG_UNUSED_SYMBOLS
|
|
{ __start___ksymtab_unused, __stop___ksymtab_unused,
|
|
__start___kcrctab_unused,
|
|
NOT_GPL_ONLY, true },
|
|
{ __start___ksymtab_unused_gpl, __stop___ksymtab_unused_gpl,
|
|
__start___kcrctab_unused_gpl,
|
|
GPL_ONLY, true },
|
|
#endif
|
|
};
|
|
|
|
module_assert_mutex_or_preempt();
|
|
|
|
if (each_symbol_in_section(arr, ARRAY_SIZE(arr), NULL, fn, data))
|
|
return true;
|
|
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
struct symsearch arr[] = {
|
|
{ mod->syms, mod->syms + mod->num_syms, mod->crcs,
|
|
NOT_GPL_ONLY, false },
|
|
{ mod->gpl_syms, mod->gpl_syms + mod->num_gpl_syms,
|
|
mod->gpl_crcs,
|
|
GPL_ONLY, false },
|
|
{ mod->gpl_future_syms,
|
|
mod->gpl_future_syms + mod->num_gpl_future_syms,
|
|
mod->gpl_future_crcs,
|
|
WILL_BE_GPL_ONLY, false },
|
|
#ifdef CONFIG_UNUSED_SYMBOLS
|
|
{ mod->unused_syms,
|
|
mod->unused_syms + mod->num_unused_syms,
|
|
mod->unused_crcs,
|
|
NOT_GPL_ONLY, true },
|
|
{ mod->unused_gpl_syms,
|
|
mod->unused_gpl_syms + mod->num_unused_gpl_syms,
|
|
mod->unused_gpl_crcs,
|
|
GPL_ONLY, true },
|
|
#endif
|
|
};
|
|
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
|
|
if (each_symbol_in_section(arr, ARRAY_SIZE(arr), mod, fn, data))
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
EXPORT_SYMBOL_GPL(each_symbol_section);
|
|
|
|
struct find_symbol_arg {
|
|
/* Input */
|
|
const char *name;
|
|
bool gplok;
|
|
bool warn;
|
|
|
|
/* Output */
|
|
struct module *owner;
|
|
const unsigned long *crc;
|
|
const struct kernel_symbol *sym;
|
|
};
|
|
|
|
static bool check_symbol(const struct symsearch *syms,
|
|
struct module *owner,
|
|
unsigned int symnum, void *data)
|
|
{
|
|
struct find_symbol_arg *fsa = data;
|
|
|
|
if (!fsa->gplok) {
|
|
if (syms->licence == GPL_ONLY)
|
|
return false;
|
|
if (syms->licence == WILL_BE_GPL_ONLY && fsa->warn) {
|
|
pr_warn("Symbol %s is being used by a non-GPL module, "
|
|
"which will not be allowed in the future\n",
|
|
fsa->name);
|
|
}
|
|
}
|
|
|
|
#ifdef CONFIG_UNUSED_SYMBOLS
|
|
if (syms->unused && fsa->warn) {
|
|
pr_warn("Symbol %s is marked as UNUSED, however this module is "
|
|
"using it.\n", fsa->name);
|
|
pr_warn("This symbol will go away in the future.\n");
|
|
pr_warn("Please evaluate if this is the right api to use and "
|
|
"if it really is, submit a report to the linux kernel "
|
|
"mailing list together with submitting your code for "
|
|
"inclusion.\n");
|
|
}
|
|
#endif
|
|
|
|
fsa->owner = owner;
|
|
fsa->crc = symversion(syms->crcs, symnum);
|
|
fsa->sym = &syms->start[symnum];
|
|
return true;
|
|
}
|
|
|
|
static int cmp_name(const void *va, const void *vb)
|
|
{
|
|
const char *a;
|
|
const struct kernel_symbol *b;
|
|
a = va; b = vb;
|
|
return strcmp(a, b->name);
|
|
}
|
|
|
|
static bool find_symbol_in_section(const struct symsearch *syms,
|
|
struct module *owner,
|
|
void *data)
|
|
{
|
|
struct find_symbol_arg *fsa = data;
|
|
struct kernel_symbol *sym;
|
|
|
|
sym = bsearch(fsa->name, syms->start, syms->stop - syms->start,
|
|
sizeof(struct kernel_symbol), cmp_name);
|
|
|
|
if (sym != NULL && check_symbol(syms, owner, sym - syms->start, data))
|
|
return true;
|
|
|
|
return false;
|
|
}
|
|
|
|
/* Find a symbol and return it, along with, (optional) crc and
|
|
* (optional) module which owns it. Needs preempt disabled or module_mutex. */
|
|
const struct kernel_symbol *find_symbol(const char *name,
|
|
struct module **owner,
|
|
const unsigned long **crc,
|
|
bool gplok,
|
|
bool warn)
|
|
{
|
|
struct find_symbol_arg fsa;
|
|
|
|
fsa.name = name;
|
|
fsa.gplok = gplok;
|
|
fsa.warn = warn;
|
|
|
|
if (each_symbol_section(find_symbol_in_section, &fsa)) {
|
|
if (owner)
|
|
*owner = fsa.owner;
|
|
if (crc)
|
|
*crc = fsa.crc;
|
|
return fsa.sym;
|
|
}
|
|
|
|
pr_debug("Failed to find symbol %s\n", name);
|
|
return NULL;
|
|
}
|
|
EXPORT_SYMBOL_GPL(find_symbol);
|
|
|
|
/*
|
|
* Search for module by name: must hold module_mutex (or preempt disabled
|
|
* for read-only access).
|
|
*/
|
|
static struct module *find_module_all(const char *name, size_t len,
|
|
bool even_unformed)
|
|
{
|
|
struct module *mod;
|
|
|
|
module_assert_mutex_or_preempt();
|
|
|
|
list_for_each_entry(mod, &modules, list) {
|
|
if (!even_unformed && mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
if (strlen(mod->name) == len && !memcmp(mod->name, name, len))
|
|
return mod;
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
struct module *find_module(const char *name)
|
|
{
|
|
module_assert_mutex();
|
|
return find_module_all(name, strlen(name), false);
|
|
}
|
|
EXPORT_SYMBOL_GPL(find_module);
|
|
|
|
#ifdef CONFIG_SMP
|
|
|
|
static inline void __percpu *mod_percpu(struct module *mod)
|
|
{
|
|
return mod->percpu;
|
|
}
|
|
|
|
static int percpu_modalloc(struct module *mod, struct load_info *info)
|
|
{
|
|
Elf_Shdr *pcpusec = &info->sechdrs[info->index.pcpu];
|
|
unsigned long align = pcpusec->sh_addralign;
|
|
|
|
if (!pcpusec->sh_size)
|
|
return 0;
|
|
|
|
if (align > PAGE_SIZE) {
|
|
pr_warn("%s: per-cpu alignment %li > %li\n",
|
|
mod->name, align, PAGE_SIZE);
|
|
align = PAGE_SIZE;
|
|
}
|
|
|
|
mod->percpu = __alloc_reserved_percpu(pcpusec->sh_size, align);
|
|
if (!mod->percpu) {
|
|
pr_warn("%s: Could not allocate %lu bytes percpu data\n",
|
|
mod->name, (unsigned long)pcpusec->sh_size);
|
|
return -ENOMEM;
|
|
}
|
|
mod->percpu_size = pcpusec->sh_size;
|
|
return 0;
|
|
}
|
|
|
|
static void percpu_modfree(struct module *mod)
|
|
{
|
|
free_percpu(mod->percpu);
|
|
}
|
|
|
|
static unsigned int find_pcpusec(struct load_info *info)
|
|
{
|
|
return find_sec(info, ".data..percpu");
|
|
}
|
|
|
|
static void percpu_modcopy(struct module *mod,
|
|
const void *from, unsigned long size)
|
|
{
|
|
int cpu;
|
|
|
|
for_each_possible_cpu(cpu)
|
|
memcpy(per_cpu_ptr(mod->percpu, cpu), from, size);
|
|
}
|
|
|
|
/**
|
|
* is_module_percpu_address - test whether address is from module static percpu
|
|
* @addr: address to test
|
|
*
|
|
* Test whether @addr belongs to module static percpu area.
|
|
*
|
|
* RETURNS:
|
|
* %true if @addr is from module static percpu area
|
|
*/
|
|
bool is_module_percpu_address(unsigned long addr)
|
|
{
|
|
struct module *mod;
|
|
unsigned int cpu;
|
|
|
|
preempt_disable();
|
|
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
if (!mod->percpu_size)
|
|
continue;
|
|
for_each_possible_cpu(cpu) {
|
|
void *start = per_cpu_ptr(mod->percpu, cpu);
|
|
|
|
if ((void *)addr >= start &&
|
|
(void *)addr < start + mod->percpu_size) {
|
|
preempt_enable();
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
|
|
preempt_enable();
|
|
return false;
|
|
}
|
|
|
|
#else /* ... !CONFIG_SMP */
|
|
|
|
static inline void __percpu *mod_percpu(struct module *mod)
|
|
{
|
|
return NULL;
|
|
}
|
|
static int percpu_modalloc(struct module *mod, struct load_info *info)
|
|
{
|
|
/* UP modules shouldn't have this section: ENOMEM isn't quite right */
|
|
if (info->sechdrs[info->index.pcpu].sh_size != 0)
|
|
return -ENOMEM;
|
|
return 0;
|
|
}
|
|
static inline void percpu_modfree(struct module *mod)
|
|
{
|
|
}
|
|
static unsigned int find_pcpusec(struct load_info *info)
|
|
{
|
|
return 0;
|
|
}
|
|
static inline void percpu_modcopy(struct module *mod,
|
|
const void *from, unsigned long size)
|
|
{
|
|
/* pcpusec should be 0, and size of that section should be 0. */
|
|
BUG_ON(size != 0);
|
|
}
|
|
bool is_module_percpu_address(unsigned long addr)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
#endif /* CONFIG_SMP */
|
|
|
|
#define MODINFO_ATTR(field) \
|
|
static void setup_modinfo_##field(struct module *mod, const char *s) \
|
|
{ \
|
|
mod->field = kstrdup(s, GFP_KERNEL); \
|
|
} \
|
|
static ssize_t show_modinfo_##field(struct module_attribute *mattr, \
|
|
struct module_kobject *mk, char *buffer) \
|
|
{ \
|
|
return scnprintf(buffer, PAGE_SIZE, "%s\n", mk->mod->field); \
|
|
} \
|
|
static int modinfo_##field##_exists(struct module *mod) \
|
|
{ \
|
|
return mod->field != NULL; \
|
|
} \
|
|
static void free_modinfo_##field(struct module *mod) \
|
|
{ \
|
|
kfree(mod->field); \
|
|
mod->field = NULL; \
|
|
} \
|
|
static struct module_attribute modinfo_##field = { \
|
|
.attr = { .name = __stringify(field), .mode = 0444 }, \
|
|
.show = show_modinfo_##field, \
|
|
.setup = setup_modinfo_##field, \
|
|
.test = modinfo_##field##_exists, \
|
|
.free = free_modinfo_##field, \
|
|
};
|
|
|
|
MODINFO_ATTR(version);
|
|
MODINFO_ATTR(srcversion);
|
|
|
|
static char last_unloaded_module[MODULE_NAME_LEN+1];
|
|
|
|
#ifdef CONFIG_MODULE_UNLOAD
|
|
|
|
EXPORT_TRACEPOINT_SYMBOL(module_get);
|
|
|
|
/* MODULE_REF_BASE is the base reference count by kmodule loader. */
|
|
#define MODULE_REF_BASE 1
|
|
|
|
/* Init the unload section of the module. */
|
|
static int module_unload_init(struct module *mod)
|
|
{
|
|
/*
|
|
* Initialize reference counter to MODULE_REF_BASE.
|
|
* refcnt == 0 means module is going.
|
|
*/
|
|
atomic_set(&mod->refcnt, MODULE_REF_BASE);
|
|
|
|
INIT_LIST_HEAD(&mod->source_list);
|
|
INIT_LIST_HEAD(&mod->target_list);
|
|
|
|
/* Hold reference count during initialization. */
|
|
atomic_inc(&mod->refcnt);
|
|
|
|
return 0;
|
|
}
|
|
|
|
/* Does a already use b? */
|
|
static int already_uses(struct module *a, struct module *b)
|
|
{
|
|
struct module_use *use;
|
|
|
|
list_for_each_entry(use, &b->source_list, source_list) {
|
|
if (use->source == a) {
|
|
pr_debug("%s uses %s!\n", a->name, b->name);
|
|
return 1;
|
|
}
|
|
}
|
|
pr_debug("%s does not use %s!\n", a->name, b->name);
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Module a uses b
|
|
* - we add 'a' as a "source", 'b' as a "target" of module use
|
|
* - the module_use is added to the list of 'b' sources (so
|
|
* 'b' can walk the list to see who sourced them), and of 'a'
|
|
* targets (so 'a' can see what modules it targets).
|
|
*/
|
|
static int add_module_usage(struct module *a, struct module *b)
|
|
{
|
|
struct module_use *use;
|
|
|
|
pr_debug("Allocating new usage for %s.\n", a->name);
|
|
use = kmalloc(sizeof(*use), GFP_ATOMIC);
|
|
if (!use) {
|
|
pr_warn("%s: out of memory loading\n", a->name);
|
|
return -ENOMEM;
|
|
}
|
|
|
|
use->source = a;
|
|
use->target = b;
|
|
list_add(&use->source_list, &b->source_list);
|
|
list_add(&use->target_list, &a->target_list);
|
|
return 0;
|
|
}
|
|
|
|
/* Module a uses b: caller needs module_mutex() */
|
|
int ref_module(struct module *a, struct module *b)
|
|
{
|
|
int err;
|
|
|
|
if (b == NULL || already_uses(a, b))
|
|
return 0;
|
|
|
|
/* If module isn't available, we fail. */
|
|
err = strong_try_module_get(b);
|
|
if (err)
|
|
return err;
|
|
|
|
err = add_module_usage(a, b);
|
|
if (err) {
|
|
module_put(b);
|
|
return err;
|
|
}
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL_GPL(ref_module);
|
|
|
|
/* Clear the unload stuff of the module. */
|
|
static void module_unload_free(struct module *mod)
|
|
{
|
|
struct module_use *use, *tmp;
|
|
|
|
mutex_lock(&module_mutex);
|
|
list_for_each_entry_safe(use, tmp, &mod->target_list, target_list) {
|
|
struct module *i = use->target;
|
|
pr_debug("%s unusing %s\n", mod->name, i->name);
|
|
module_put(i);
|
|
list_del(&use->source_list);
|
|
list_del(&use->target_list);
|
|
kfree(use);
|
|
}
|
|
mutex_unlock(&module_mutex);
|
|
}
|
|
|
|
#ifdef CONFIG_MODULE_FORCE_UNLOAD
|
|
static inline int try_force_unload(unsigned int flags)
|
|
{
|
|
int ret = (flags & O_TRUNC);
|
|
if (ret)
|
|
add_taint(TAINT_FORCED_RMMOD, LOCKDEP_NOW_UNRELIABLE);
|
|
return ret;
|
|
}
|
|
#else
|
|
static inline int try_force_unload(unsigned int flags)
|
|
{
|
|
return 0;
|
|
}
|
|
#endif /* CONFIG_MODULE_FORCE_UNLOAD */
|
|
|
|
/* Try to release refcount of module, 0 means success. */
|
|
static int try_release_module_ref(struct module *mod)
|
|
{
|
|
int ret;
|
|
|
|
/* Try to decrement refcnt which we set at loading */
|
|
ret = atomic_sub_return(MODULE_REF_BASE, &mod->refcnt);
|
|
BUG_ON(ret < 0);
|
|
if (ret)
|
|
/* Someone can put this right now, recover with checking */
|
|
ret = atomic_add_unless(&mod->refcnt, MODULE_REF_BASE, 0);
|
|
|
|
return ret;
|
|
}
|
|
|
|
static int try_stop_module(struct module *mod, int flags, int *forced)
|
|
{
|
|
/* If it's not unused, quit unless we're forcing. */
|
|
if (try_release_module_ref(mod) != 0) {
|
|
*forced = try_force_unload(flags);
|
|
if (!(*forced))
|
|
return -EWOULDBLOCK;
|
|
}
|
|
|
|
/* Mark it as dying. */
|
|
mod->state = MODULE_STATE_GOING;
|
|
|
|
return 0;
|
|
}
|
|
|
|
/**
|
|
* module_refcount - return the refcount or -1 if unloading
|
|
*
|
|
* @mod: the module we're checking
|
|
*
|
|
* Returns:
|
|
* -1 if the module is in the process of unloading
|
|
* otherwise the number of references in the kernel to the module
|
|
*/
|
|
int module_refcount(struct module *mod)
|
|
{
|
|
return atomic_read(&mod->refcnt) - MODULE_REF_BASE;
|
|
}
|
|
EXPORT_SYMBOL(module_refcount);
|
|
|
|
/* This exists whether we can unload or not */
|
|
static void free_module(struct module *mod);
|
|
|
|
SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
|
|
unsigned int, flags)
|
|
{
|
|
struct module *mod;
|
|
char name[MODULE_NAME_LEN];
|
|
int ret, forced = 0;
|
|
|
|
if (!capable(CAP_SYS_MODULE) || modules_disabled)
|
|
return -EPERM;
|
|
|
|
if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
|
|
return -EFAULT;
|
|
name[MODULE_NAME_LEN-1] = '\0';
|
|
|
|
if (mutex_lock_interruptible(&module_mutex) != 0)
|
|
return -EINTR;
|
|
|
|
mod = find_module(name);
|
|
if (!mod) {
|
|
ret = -ENOENT;
|
|
goto out;
|
|
}
|
|
|
|
if (!list_empty(&mod->source_list)) {
|
|
/* Other modules depend on us: get rid of them first. */
|
|
ret = -EWOULDBLOCK;
|
|
goto out;
|
|
}
|
|
|
|
/* Doing init or already dying? */
|
|
if (mod->state != MODULE_STATE_LIVE) {
|
|
/* FIXME: if (force), slam module count damn the torpedoes */
|
|
pr_debug("%s already dying\n", mod->name);
|
|
ret = -EBUSY;
|
|
goto out;
|
|
}
|
|
|
|
/* If it has an init func, it must have an exit func to unload */
|
|
if (mod->init && !mod->exit) {
|
|
forced = try_force_unload(flags);
|
|
if (!forced) {
|
|
/* This module can't be removed */
|
|
ret = -EBUSY;
|
|
goto out;
|
|
}
|
|
}
|
|
|
|
/* Stop the machine so refcounts can't move and disable module. */
|
|
ret = try_stop_module(mod, flags, &forced);
|
|
if (ret != 0)
|
|
goto out;
|
|
|
|
mutex_unlock(&module_mutex);
|
|
/* Final destruction now no one is using it. */
|
|
if (mod->exit != NULL)
|
|
mod->exit();
|
|
blocking_notifier_call_chain(&module_notify_list,
|
|
MODULE_STATE_GOING, mod);
|
|
async_synchronize_full();
|
|
|
|
/* Store the name of the last unloaded module for diagnostic purposes */
|
|
strlcpy(last_unloaded_module, mod->name, sizeof(last_unloaded_module));
|
|
|
|
free_module(mod);
|
|
return 0;
|
|
out:
|
|
mutex_unlock(&module_mutex);
|
|
return ret;
|
|
}
|
|
|
|
static inline void print_unload_info(struct seq_file *m, struct module *mod)
|
|
{
|
|
struct module_use *use;
|
|
int printed_something = 0;
|
|
|
|
seq_printf(m, " %i ", module_refcount(mod));
|
|
|
|
/*
|
|
* Always include a trailing , so userspace can differentiate
|
|
* between this and the old multi-field proc format.
|
|
*/
|
|
list_for_each_entry(use, &mod->source_list, source_list) {
|
|
printed_something = 1;
|
|
seq_printf(m, "%s,", use->source->name);
|
|
}
|
|
|
|
if (mod->init != NULL && mod->exit == NULL) {
|
|
printed_something = 1;
|
|
seq_puts(m, "[permanent],");
|
|
}
|
|
|
|
if (!printed_something)
|
|
seq_puts(m, "-");
|
|
}
|
|
|
|
void __symbol_put(const char *symbol)
|
|
{
|
|
struct module *owner;
|
|
|
|
preempt_disable();
|
|
if (!find_symbol(symbol, &owner, NULL, true, false))
|
|
BUG();
|
|
module_put(owner);
|
|
preempt_enable();
|
|
}
|
|
EXPORT_SYMBOL(__symbol_put);
|
|
|
|
/* Note this assumes addr is a function, which it currently always is. */
|
|
void symbol_put_addr(void *addr)
|
|
{
|
|
struct module *modaddr;
|
|
unsigned long a = (unsigned long)dereference_function_descriptor(addr);
|
|
|
|
if (core_kernel_text(a))
|
|
return;
|
|
|
|
/*
|
|
* Even though we hold a reference on the module; we still need to
|
|
* disable preemption in order to safely traverse the data structure.
|
|
*/
|
|
preempt_disable();
|
|
modaddr = __module_text_address(a);
|
|
BUG_ON(!modaddr);
|
|
module_put(modaddr);
|
|
preempt_enable();
|
|
}
|
|
EXPORT_SYMBOL_GPL(symbol_put_addr);
|
|
|
|
static ssize_t show_refcnt(struct module_attribute *mattr,
|
|
struct module_kobject *mk, char *buffer)
|
|
{
|
|
return sprintf(buffer, "%i\n", module_refcount(mk->mod));
|
|
}
|
|
|
|
static struct module_attribute modinfo_refcnt =
|
|
__ATTR(refcnt, 0444, show_refcnt, NULL);
|
|
|
|
void __module_get(struct module *module)
|
|
{
|
|
if (module) {
|
|
preempt_disable();
|
|
atomic_inc(&module->refcnt);
|
|
trace_module_get(module, _RET_IP_);
|
|
preempt_enable();
|
|
}
|
|
}
|
|
EXPORT_SYMBOL(__module_get);
|
|
|
|
bool try_module_get(struct module *module)
|
|
{
|
|
bool ret = true;
|
|
|
|
if (module) {
|
|
preempt_disable();
|
|
/* Note: here, we can fail to get a reference */
|
|
if (likely(module_is_live(module) &&
|
|
atomic_inc_not_zero(&module->refcnt) != 0))
|
|
trace_module_get(module, _RET_IP_);
|
|
else
|
|
ret = false;
|
|
|
|
preempt_enable();
|
|
}
|
|
return ret;
|
|
}
|
|
EXPORT_SYMBOL(try_module_get);
|
|
|
|
void module_put(struct module *module)
|
|
{
|
|
int ret;
|
|
|
|
if (module) {
|
|
preempt_disable();
|
|
ret = atomic_dec_if_positive(&module->refcnt);
|
|
WARN_ON(ret < 0); /* Failed to put refcount */
|
|
trace_module_put(module, _RET_IP_);
|
|
preempt_enable();
|
|
}
|
|
}
|
|
EXPORT_SYMBOL(module_put);
|
|
|
|
#else /* !CONFIG_MODULE_UNLOAD */
|
|
static inline void print_unload_info(struct seq_file *m, struct module *mod)
|
|
{
|
|
/* We don't know the usage count, or what modules are using. */
|
|
seq_puts(m, " - -");
|
|
}
|
|
|
|
static inline void module_unload_free(struct module *mod)
|
|
{
|
|
}
|
|
|
|
int ref_module(struct module *a, struct module *b)
|
|
{
|
|
return strong_try_module_get(b);
|
|
}
|
|
EXPORT_SYMBOL_GPL(ref_module);
|
|
|
|
static inline int module_unload_init(struct module *mod)
|
|
{
|
|
return 0;
|
|
}
|
|
#endif /* CONFIG_MODULE_UNLOAD */
|
|
|
|
static size_t module_flags_taint(struct module *mod, char *buf)
|
|
{
|
|
size_t l = 0;
|
|
|
|
if (mod->taints & (1 << TAINT_PROPRIETARY_MODULE))
|
|
buf[l++] = 'P';
|
|
if (mod->taints & (1 << TAINT_OOT_MODULE))
|
|
buf[l++] = 'O';
|
|
if (mod->taints & (1 << TAINT_FORCED_MODULE))
|
|
buf[l++] = 'F';
|
|
if (mod->taints & (1 << TAINT_CRAP))
|
|
buf[l++] = 'C';
|
|
if (mod->taints & (1 << TAINT_UNSIGNED_MODULE))
|
|
buf[l++] = 'E';
|
|
/*
|
|
* TAINT_FORCED_RMMOD: could be added.
|
|
* TAINT_CPU_OUT_OF_SPEC, TAINT_MACHINE_CHECK, TAINT_BAD_PAGE don't
|
|
* apply to modules.
|
|
*/
|
|
return l;
|
|
}
|
|
|
|
static ssize_t show_initstate(struct module_attribute *mattr,
|
|
struct module_kobject *mk, char *buffer)
|
|
{
|
|
const char *state = "unknown";
|
|
|
|
switch (mk->mod->state) {
|
|
case MODULE_STATE_LIVE:
|
|
state = "live";
|
|
break;
|
|
case MODULE_STATE_COMING:
|
|
state = "coming";
|
|
break;
|
|
case MODULE_STATE_GOING:
|
|
state = "going";
|
|
break;
|
|
default:
|
|
BUG();
|
|
}
|
|
return sprintf(buffer, "%s\n", state);
|
|
}
|
|
|
|
static struct module_attribute modinfo_initstate =
|
|
__ATTR(initstate, 0444, show_initstate, NULL);
|
|
|
|
static ssize_t store_uevent(struct module_attribute *mattr,
|
|
struct module_kobject *mk,
|
|
const char *buffer, size_t count)
|
|
{
|
|
enum kobject_action action;
|
|
|
|
if (kobject_action_type(buffer, count, &action) == 0)
|
|
kobject_uevent(&mk->kobj, action);
|
|
return count;
|
|
}
|
|
|
|
struct module_attribute module_uevent =
|
|
__ATTR(uevent, 0200, NULL, store_uevent);
|
|
|
|
static ssize_t show_coresize(struct module_attribute *mattr,
|
|
struct module_kobject *mk, char *buffer)
|
|
{
|
|
return sprintf(buffer, "%u\n", mk->mod->core_size);
|
|
}
|
|
|
|
static struct module_attribute modinfo_coresize =
|
|
__ATTR(coresize, 0444, show_coresize, NULL);
|
|
|
|
static ssize_t show_initsize(struct module_attribute *mattr,
|
|
struct module_kobject *mk, char *buffer)
|
|
{
|
|
return sprintf(buffer, "%u\n", mk->mod->init_size);
|
|
}
|
|
|
|
static struct module_attribute modinfo_initsize =
|
|
__ATTR(initsize, 0444, show_initsize, NULL);
|
|
|
|
static ssize_t show_taint(struct module_attribute *mattr,
|
|
struct module_kobject *mk, char *buffer)
|
|
{
|
|
size_t l;
|
|
|
|
l = module_flags_taint(mk->mod, buffer);
|
|
buffer[l++] = '\n';
|
|
return l;
|
|
}
|
|
|
|
static struct module_attribute modinfo_taint =
|
|
__ATTR(taint, 0444, show_taint, NULL);
|
|
|
|
static struct module_attribute *modinfo_attrs[] = {
|
|
&module_uevent,
|
|
&modinfo_version,
|
|
&modinfo_srcversion,
|
|
&modinfo_initstate,
|
|
&modinfo_coresize,
|
|
&modinfo_initsize,
|
|
&modinfo_taint,
|
|
#ifdef CONFIG_MODULE_UNLOAD
|
|
&modinfo_refcnt,
|
|
#endif
|
|
NULL,
|
|
};
|
|
|
|
static const char vermagic[] = VERMAGIC_STRING;
|
|
|
|
static int try_to_force_load(struct module *mod, const char *reason)
|
|
{
|
|
#ifdef CONFIG_MODULE_FORCE_LOAD
|
|
if (!test_taint(TAINT_FORCED_MODULE))
|
|
pr_warn("%s: %s: kernel tainted.\n", mod->name, reason);
|
|
add_taint_module(mod, TAINT_FORCED_MODULE, LOCKDEP_NOW_UNRELIABLE);
|
|
return 0;
|
|
#else
|
|
return -ENOEXEC;
|
|
#endif
|
|
}
|
|
|
|
#ifdef CONFIG_MODVERSIONS
|
|
/* If the arch applies (non-zero) relocations to kernel kcrctab, unapply it. */
|
|
static unsigned long maybe_relocated(unsigned long crc,
|
|
const struct module *crc_owner)
|
|
{
|
|
#ifdef ARCH_RELOCATES_KCRCTAB
|
|
if (crc_owner == NULL)
|
|
return crc - (unsigned long)reloc_start;
|
|
#endif
|
|
return crc;
|
|
}
|
|
|
|
static int check_version(Elf_Shdr *sechdrs,
|
|
unsigned int versindex,
|
|
const char *symname,
|
|
struct module *mod,
|
|
const unsigned long *crc,
|
|
const struct module *crc_owner)
|
|
{
|
|
unsigned int i, num_versions;
|
|
struct modversion_info *versions;
|
|
|
|
/* Exporting module didn't supply crcs? OK, we're already tainted. */
|
|
if (!crc)
|
|
return 1;
|
|
|
|
/* No versions at all? modprobe --force does this. */
|
|
if (versindex == 0)
|
|
return try_to_force_load(mod, symname) == 0;
|
|
|
|
versions = (void *) sechdrs[versindex].sh_addr;
|
|
num_versions = sechdrs[versindex].sh_size
|
|
/ sizeof(struct modversion_info);
|
|
|
|
for (i = 0; i < num_versions; i++) {
|
|
if (strcmp(versions[i].name, symname) != 0)
|
|
continue;
|
|
|
|
if (versions[i].crc == maybe_relocated(*crc, crc_owner))
|
|
return 1;
|
|
pr_debug("Found checksum %lX vs module %lX\n",
|
|
maybe_relocated(*crc, crc_owner), versions[i].crc);
|
|
goto bad_version;
|
|
}
|
|
|
|
pr_warn("%s: no symbol version for %s\n", mod->name, symname);
|
|
return 0;
|
|
|
|
bad_version:
|
|
pr_warn("%s: disagrees about version of symbol %s\n",
|
|
mod->name, symname);
|
|
return 0;
|
|
}
|
|
|
|
static inline int check_modstruct_version(Elf_Shdr *sechdrs,
|
|
unsigned int versindex,
|
|
struct module *mod)
|
|
{
|
|
const unsigned long *crc;
|
|
|
|
/*
|
|
* Since this should be found in kernel (which can't be removed), no
|
|
* locking is necessary -- use preempt_disable() to placate lockdep.
|
|
*/
|
|
preempt_disable();
|
|
if (!find_symbol(VMLINUX_SYMBOL_STR(module_layout), NULL,
|
|
&crc, true, false)) {
|
|
preempt_enable();
|
|
BUG();
|
|
}
|
|
preempt_enable();
|
|
return check_version(sechdrs, versindex,
|
|
VMLINUX_SYMBOL_STR(module_layout), mod, crc,
|
|
NULL);
|
|
}
|
|
|
|
/* First part is kernel version, which we ignore if module has crcs. */
|
|
static inline int same_magic(const char *amagic, const char *bmagic,
|
|
bool has_crcs)
|
|
{
|
|
if (has_crcs) {
|
|
amagic += strcspn(amagic, " ");
|
|
bmagic += strcspn(bmagic, " ");
|
|
}
|
|
return strcmp(amagic, bmagic) == 0;
|
|
}
|
|
#else
|
|
static inline int check_version(Elf_Shdr *sechdrs,
|
|
unsigned int versindex,
|
|
const char *symname,
|
|
struct module *mod,
|
|
const unsigned long *crc,
|
|
const struct module *crc_owner)
|
|
{
|
|
return 1;
|
|
}
|
|
|
|
static inline int check_modstruct_version(Elf_Shdr *sechdrs,
|
|
unsigned int versindex,
|
|
struct module *mod)
|
|
{
|
|
return 1;
|
|
}
|
|
|
|
static inline int same_magic(const char *amagic, const char *bmagic,
|
|
bool has_crcs)
|
|
{
|
|
return strcmp(amagic, bmagic) == 0;
|
|
}
|
|
#endif /* CONFIG_MODVERSIONS */
|
|
|
|
/* Resolve a symbol for this module. I.e. if we find one, record usage. */
|
|
static const struct kernel_symbol *resolve_symbol(struct module *mod,
|
|
const struct load_info *info,
|
|
const char *name,
|
|
char ownername[])
|
|
{
|
|
struct module *owner;
|
|
const struct kernel_symbol *sym;
|
|
const unsigned long *crc;
|
|
int err;
|
|
|
|
/*
|
|
* The module_mutex should not be a heavily contended lock;
|
|
* if we get the occasional sleep here, we'll go an extra iteration
|
|
* in the wait_event_interruptible(), which is harmless.
|
|
*/
|
|
sched_annotate_sleep();
|
|
mutex_lock(&module_mutex);
|
|
sym = find_symbol(name, &owner, &crc,
|
|
!(mod->taints & (1 << TAINT_PROPRIETARY_MODULE)), true);
|
|
if (!sym)
|
|
goto unlock;
|
|
|
|
if (!check_version(info->sechdrs, info->index.vers, name, mod, crc,
|
|
owner)) {
|
|
sym = ERR_PTR(-EINVAL);
|
|
goto getname;
|
|
}
|
|
|
|
err = ref_module(mod, owner);
|
|
if (err) {
|
|
sym = ERR_PTR(err);
|
|
goto getname;
|
|
}
|
|
|
|
getname:
|
|
/* We must make copy under the lock if we failed to get ref. */
|
|
strncpy(ownername, module_name(owner), MODULE_NAME_LEN);
|
|
unlock:
|
|
mutex_unlock(&module_mutex);
|
|
return sym;
|
|
}
|
|
|
|
static const struct kernel_symbol *
|
|
resolve_symbol_wait(struct module *mod,
|
|
const struct load_info *info,
|
|
const char *name)
|
|
{
|
|
const struct kernel_symbol *ksym;
|
|
char owner[MODULE_NAME_LEN];
|
|
|
|
if (wait_event_interruptible_timeout(module_wq,
|
|
!IS_ERR(ksym = resolve_symbol(mod, info, name, owner))
|
|
|| PTR_ERR(ksym) != -EBUSY,
|
|
30 * HZ) <= 0) {
|
|
pr_warn("%s: gave up waiting for init of module %s.\n",
|
|
mod->name, owner);
|
|
}
|
|
return ksym;
|
|
}
|
|
|
|
/*
|
|
* /sys/module/foo/sections stuff
|
|
* J. Corbet <corbet@lwn.net>
|
|
*/
|
|
#ifdef CONFIG_SYSFS
|
|
|
|
#ifdef CONFIG_KALLSYMS
|
|
static inline bool sect_empty(const Elf_Shdr *sect)
|
|
{
|
|
return !(sect->sh_flags & SHF_ALLOC) || sect->sh_size == 0;
|
|
}
|
|
|
|
struct module_sect_attr {
|
|
struct module_attribute mattr;
|
|
char *name;
|
|
unsigned long address;
|
|
};
|
|
|
|
struct module_sect_attrs {
|
|
struct attribute_group grp;
|
|
unsigned int nsections;
|
|
struct module_sect_attr attrs[0];
|
|
};
|
|
|
|
static ssize_t module_sect_show(struct module_attribute *mattr,
|
|
struct module_kobject *mk, char *buf)
|
|
{
|
|
struct module_sect_attr *sattr =
|
|
container_of(mattr, struct module_sect_attr, mattr);
|
|
return sprintf(buf, "0x%pK\n", (void *)sattr->address);
|
|
}
|
|
|
|
static void free_sect_attrs(struct module_sect_attrs *sect_attrs)
|
|
{
|
|
unsigned int section;
|
|
|
|
for (section = 0; section < sect_attrs->nsections; section++)
|
|
kfree(sect_attrs->attrs[section].name);
|
|
kfree(sect_attrs);
|
|
}
|
|
|
|
static void add_sect_attrs(struct module *mod, const struct load_info *info)
|
|
{
|
|
unsigned int nloaded = 0, i, size[2];
|
|
struct module_sect_attrs *sect_attrs;
|
|
struct module_sect_attr *sattr;
|
|
struct attribute **gattr;
|
|
|
|
/* Count loaded sections and allocate structures */
|
|
for (i = 0; i < info->hdr->e_shnum; i++)
|
|
if (!sect_empty(&info->sechdrs[i]))
|
|
nloaded++;
|
|
size[0] = ALIGN(sizeof(*sect_attrs)
|
|
+ nloaded * sizeof(sect_attrs->attrs[0]),
|
|
sizeof(sect_attrs->grp.attrs[0]));
|
|
size[1] = (nloaded + 1) * sizeof(sect_attrs->grp.attrs[0]);
|
|
sect_attrs = kzalloc(size[0] + size[1], GFP_KERNEL);
|
|
if (sect_attrs == NULL)
|
|
return;
|
|
|
|
/* Setup section attributes. */
|
|
sect_attrs->grp.name = "sections";
|
|
sect_attrs->grp.attrs = (void *)sect_attrs + size[0];
|
|
|
|
sect_attrs->nsections = 0;
|
|
sattr = §_attrs->attrs[0];
|
|
gattr = §_attrs->grp.attrs[0];
|
|
for (i = 0; i < info->hdr->e_shnum; i++) {
|
|
Elf_Shdr *sec = &info->sechdrs[i];
|
|
if (sect_empty(sec))
|
|
continue;
|
|
sattr->address = sec->sh_addr;
|
|
sattr->name = kstrdup(info->secstrings + sec->sh_name,
|
|
GFP_KERNEL);
|
|
if (sattr->name == NULL)
|
|
goto out;
|
|
sect_attrs->nsections++;
|
|
sysfs_attr_init(&sattr->mattr.attr);
|
|
sattr->mattr.show = module_sect_show;
|
|
sattr->mattr.store = NULL;
|
|
sattr->mattr.attr.name = sattr->name;
|
|
sattr->mattr.attr.mode = S_IRUGO;
|
|
*(gattr++) = &(sattr++)->mattr.attr;
|
|
}
|
|
*gattr = NULL;
|
|
|
|
if (sysfs_create_group(&mod->mkobj.kobj, §_attrs->grp))
|
|
goto out;
|
|
|
|
mod->sect_attrs = sect_attrs;
|
|
return;
|
|
out:
|
|
free_sect_attrs(sect_attrs);
|
|
}
|
|
|
|
static void remove_sect_attrs(struct module *mod)
|
|
{
|
|
if (mod->sect_attrs) {
|
|
sysfs_remove_group(&mod->mkobj.kobj,
|
|
&mod->sect_attrs->grp);
|
|
/* We are positive that no one is using any sect attrs
|
|
* at this point. Deallocate immediately. */
|
|
free_sect_attrs(mod->sect_attrs);
|
|
mod->sect_attrs = NULL;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* /sys/module/foo/notes/.section.name gives contents of SHT_NOTE sections.
|
|
*/
|
|
|
|
struct module_notes_attrs {
|
|
struct kobject *dir;
|
|
unsigned int notes;
|
|
struct bin_attribute attrs[0];
|
|
};
|
|
|
|
static ssize_t module_notes_read(struct file *filp, struct kobject *kobj,
|
|
struct bin_attribute *bin_attr,
|
|
char *buf, loff_t pos, size_t count)
|
|
{
|
|
/*
|
|
* The caller checked the pos and count against our size.
|
|
*/
|
|
memcpy(buf, bin_attr->private + pos, count);
|
|
return count;
|
|
}
|
|
|
|
static void free_notes_attrs(struct module_notes_attrs *notes_attrs,
|
|
unsigned int i)
|
|
{
|
|
if (notes_attrs->dir) {
|
|
while (i-- > 0)
|
|
sysfs_remove_bin_file(notes_attrs->dir,
|
|
¬es_attrs->attrs[i]);
|
|
kobject_put(notes_attrs->dir);
|
|
}
|
|
kfree(notes_attrs);
|
|
}
|
|
|
|
static void add_notes_attrs(struct module *mod, const struct load_info *info)
|
|
{
|
|
unsigned int notes, loaded, i;
|
|
struct module_notes_attrs *notes_attrs;
|
|
struct bin_attribute *nattr;
|
|
|
|
/* failed to create section attributes, so can't create notes */
|
|
if (!mod->sect_attrs)
|
|
return;
|
|
|
|
/* Count notes sections and allocate structures. */
|
|
notes = 0;
|
|
for (i = 0; i < info->hdr->e_shnum; i++)
|
|
if (!sect_empty(&info->sechdrs[i]) &&
|
|
(info->sechdrs[i].sh_type == SHT_NOTE))
|
|
++notes;
|
|
|
|
if (notes == 0)
|
|
return;
|
|
|
|
notes_attrs = kzalloc(sizeof(*notes_attrs)
|
|
+ notes * sizeof(notes_attrs->attrs[0]),
|
|
GFP_KERNEL);
|
|
if (notes_attrs == NULL)
|
|
return;
|
|
|
|
notes_attrs->notes = notes;
|
|
nattr = ¬es_attrs->attrs[0];
|
|
for (loaded = i = 0; i < info->hdr->e_shnum; ++i) {
|
|
if (sect_empty(&info->sechdrs[i]))
|
|
continue;
|
|
if (info->sechdrs[i].sh_type == SHT_NOTE) {
|
|
sysfs_bin_attr_init(nattr);
|
|
nattr->attr.name = mod->sect_attrs->attrs[loaded].name;
|
|
nattr->attr.mode = S_IRUGO;
|
|
nattr->size = info->sechdrs[i].sh_size;
|
|
nattr->private = (void *) info->sechdrs[i].sh_addr;
|
|
nattr->read = module_notes_read;
|
|
++nattr;
|
|
}
|
|
++loaded;
|
|
}
|
|
|
|
notes_attrs->dir = kobject_create_and_add("notes", &mod->mkobj.kobj);
|
|
if (!notes_attrs->dir)
|
|
goto out;
|
|
|
|
for (i = 0; i < notes; ++i)
|
|
if (sysfs_create_bin_file(notes_attrs->dir,
|
|
¬es_attrs->attrs[i]))
|
|
goto out;
|
|
|
|
mod->notes_attrs = notes_attrs;
|
|
return;
|
|
|
|
out:
|
|
free_notes_attrs(notes_attrs, i);
|
|
}
|
|
|
|
static void remove_notes_attrs(struct module *mod)
|
|
{
|
|
if (mod->notes_attrs)
|
|
free_notes_attrs(mod->notes_attrs, mod->notes_attrs->notes);
|
|
}
|
|
|
|
#else
|
|
|
|
static inline void add_sect_attrs(struct module *mod,
|
|
const struct load_info *info)
|
|
{
|
|
}
|
|
|
|
static inline void remove_sect_attrs(struct module *mod)
|
|
{
|
|
}
|
|
|
|
static inline void add_notes_attrs(struct module *mod,
|
|
const struct load_info *info)
|
|
{
|
|
}
|
|
|
|
static inline void remove_notes_attrs(struct module *mod)
|
|
{
|
|
}
|
|
#endif /* CONFIG_KALLSYMS */
|
|
|
|
static void add_usage_links(struct module *mod)
|
|
{
|
|
#ifdef CONFIG_MODULE_UNLOAD
|
|
struct module_use *use;
|
|
int nowarn;
|
|
|
|
mutex_lock(&module_mutex);
|
|
list_for_each_entry(use, &mod->target_list, target_list) {
|
|
nowarn = sysfs_create_link(use->target->holders_dir,
|
|
&mod->mkobj.kobj, mod->name);
|
|
}
|
|
mutex_unlock(&module_mutex);
|
|
#endif
|
|
}
|
|
|
|
static void del_usage_links(struct module *mod)
|
|
{
|
|
#ifdef CONFIG_MODULE_UNLOAD
|
|
struct module_use *use;
|
|
|
|
mutex_lock(&module_mutex);
|
|
list_for_each_entry(use, &mod->target_list, target_list)
|
|
sysfs_remove_link(use->target->holders_dir, mod->name);
|
|
mutex_unlock(&module_mutex);
|
|
#endif
|
|
}
|
|
|
|
static int module_add_modinfo_attrs(struct module *mod)
|
|
{
|
|
struct module_attribute *attr;
|
|
struct module_attribute *temp_attr;
|
|
int error = 0;
|
|
int i;
|
|
|
|
mod->modinfo_attrs = kzalloc((sizeof(struct module_attribute) *
|
|
(ARRAY_SIZE(modinfo_attrs) + 1)),
|
|
GFP_KERNEL);
|
|
if (!mod->modinfo_attrs)
|
|
return -ENOMEM;
|
|
|
|
temp_attr = mod->modinfo_attrs;
|
|
for (i = 0; (attr = modinfo_attrs[i]) && !error; i++) {
|
|
if (!attr->test ||
|
|
(attr->test && attr->test(mod))) {
|
|
memcpy(temp_attr, attr, sizeof(*temp_attr));
|
|
sysfs_attr_init(&temp_attr->attr);
|
|
error = sysfs_create_file(&mod->mkobj.kobj,
|
|
&temp_attr->attr);
|
|
++temp_attr;
|
|
}
|
|
}
|
|
return error;
|
|
}
|
|
|
|
static void module_remove_modinfo_attrs(struct module *mod)
|
|
{
|
|
struct module_attribute *attr;
|
|
int i;
|
|
|
|
for (i = 0; (attr = &mod->modinfo_attrs[i]); i++) {
|
|
/* pick a field to test for end of list */
|
|
if (!attr->attr.name)
|
|
break;
|
|
sysfs_remove_file(&mod->mkobj.kobj, &attr->attr);
|
|
if (attr->free)
|
|
attr->free(mod);
|
|
}
|
|
kfree(mod->modinfo_attrs);
|
|
}
|
|
|
|
static void mod_kobject_put(struct module *mod)
|
|
{
|
|
DECLARE_COMPLETION_ONSTACK(c);
|
|
mod->mkobj.kobj_completion = &c;
|
|
kobject_put(&mod->mkobj.kobj);
|
|
wait_for_completion(&c);
|
|
}
|
|
|
|
static int mod_sysfs_init(struct module *mod)
|
|
{
|
|
int err;
|
|
struct kobject *kobj;
|
|
|
|
if (!module_sysfs_initialized) {
|
|
pr_err("%s: module sysfs not initialized\n", mod->name);
|
|
err = -EINVAL;
|
|
goto out;
|
|
}
|
|
|
|
kobj = kset_find_obj(module_kset, mod->name);
|
|
if (kobj) {
|
|
pr_err("%s: module is already loaded\n", mod->name);
|
|
kobject_put(kobj);
|
|
err = -EINVAL;
|
|
goto out;
|
|
}
|
|
|
|
mod->mkobj.mod = mod;
|
|
|
|
memset(&mod->mkobj.kobj, 0, sizeof(mod->mkobj.kobj));
|
|
mod->mkobj.kobj.kset = module_kset;
|
|
err = kobject_init_and_add(&mod->mkobj.kobj, &module_ktype, NULL,
|
|
"%s", mod->name);
|
|
if (err)
|
|
mod_kobject_put(mod);
|
|
|
|
/* delay uevent until full sysfs population */
|
|
out:
|
|
return err;
|
|
}
|
|
|
|
static int mod_sysfs_setup(struct module *mod,
|
|
const struct load_info *info,
|
|
struct kernel_param *kparam,
|
|
unsigned int num_params)
|
|
{
|
|
int err;
|
|
|
|
err = mod_sysfs_init(mod);
|
|
if (err)
|
|
goto out;
|
|
|
|
mod->holders_dir = kobject_create_and_add("holders", &mod->mkobj.kobj);
|
|
if (!mod->holders_dir) {
|
|
err = -ENOMEM;
|
|
goto out_unreg;
|
|
}
|
|
|
|
err = module_param_sysfs_setup(mod, kparam, num_params);
|
|
if (err)
|
|
goto out_unreg_holders;
|
|
|
|
err = module_add_modinfo_attrs(mod);
|
|
if (err)
|
|
goto out_unreg_param;
|
|
|
|
add_usage_links(mod);
|
|
add_sect_attrs(mod, info);
|
|
add_notes_attrs(mod, info);
|
|
|
|
kobject_uevent(&mod->mkobj.kobj, KOBJ_ADD);
|
|
return 0;
|
|
|
|
out_unreg_param:
|
|
module_param_sysfs_remove(mod);
|
|
out_unreg_holders:
|
|
kobject_put(mod->holders_dir);
|
|
out_unreg:
|
|
mod_kobject_put(mod);
|
|
out:
|
|
return err;
|
|
}
|
|
|
|
static void mod_sysfs_fini(struct module *mod)
|
|
{
|
|
remove_notes_attrs(mod);
|
|
remove_sect_attrs(mod);
|
|
mod_kobject_put(mod);
|
|
}
|
|
|
|
static void init_param_lock(struct module *mod)
|
|
{
|
|
mutex_init(&mod->param_lock);
|
|
}
|
|
#else /* !CONFIG_SYSFS */
|
|
|
|
static int mod_sysfs_setup(struct module *mod,
|
|
const struct load_info *info,
|
|
struct kernel_param *kparam,
|
|
unsigned int num_params)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static void mod_sysfs_fini(struct module *mod)
|
|
{
|
|
}
|
|
|
|
static void module_remove_modinfo_attrs(struct module *mod)
|
|
{
|
|
}
|
|
|
|
static void del_usage_links(struct module *mod)
|
|
{
|
|
}
|
|
|
|
static void init_param_lock(struct module *mod)
|
|
{
|
|
}
|
|
#endif /* CONFIG_SYSFS */
|
|
|
|
static void mod_sysfs_teardown(struct module *mod)
|
|
{
|
|
del_usage_links(mod);
|
|
module_remove_modinfo_attrs(mod);
|
|
module_param_sysfs_remove(mod);
|
|
kobject_put(mod->mkobj.drivers_dir);
|
|
kobject_put(mod->holders_dir);
|
|
mod_sysfs_fini(mod);
|
|
}
|
|
|
|
#ifdef CONFIG_DEBUG_SET_MODULE_RONX
|
|
/*
|
|
* LKM RO/NX protection: protect module's text/ro-data
|
|
* from modification and any data from execution.
|
|
*/
|
|
void set_page_attributes(void *start, void *end, int (*set)(unsigned long start, int num_pages))
|
|
{
|
|
unsigned long begin_pfn = PFN_DOWN((unsigned long)start);
|
|
unsigned long end_pfn = PFN_DOWN((unsigned long)end);
|
|
|
|
if (end_pfn > begin_pfn)
|
|
set(begin_pfn << PAGE_SHIFT, end_pfn - begin_pfn);
|
|
}
|
|
|
|
static void set_section_ro_nx(void *base,
|
|
unsigned long text_size,
|
|
unsigned long ro_size,
|
|
unsigned long total_size)
|
|
{
|
|
/* begin and end PFNs of the current subsection */
|
|
unsigned long begin_pfn;
|
|
unsigned long end_pfn;
|
|
|
|
/*
|
|
* Set RO for module text and RO-data:
|
|
* - Always protect first page.
|
|
* - Do not protect last partial page.
|
|
*/
|
|
if (ro_size > 0)
|
|
set_page_attributes(base, base + ro_size, set_memory_ro);
|
|
|
|
/*
|
|
* Set NX permissions for module data:
|
|
* - Do not protect first partial page.
|
|
* - Always protect last page.
|
|
*/
|
|
if (total_size > text_size) {
|
|
begin_pfn = PFN_UP((unsigned long)base + text_size);
|
|
end_pfn = PFN_UP((unsigned long)base + total_size);
|
|
if (end_pfn > begin_pfn)
|
|
set_memory_nx(begin_pfn << PAGE_SHIFT, end_pfn - begin_pfn);
|
|
}
|
|
}
|
|
|
|
static void unset_module_core_ro_nx(struct module *mod)
|
|
{
|
|
set_page_attributes(mod->module_core + mod->core_text_size,
|
|
mod->module_core + mod->core_size,
|
|
set_memory_x);
|
|
set_page_attributes(mod->module_core,
|
|
mod->module_core + mod->core_ro_size,
|
|
set_memory_rw);
|
|
}
|
|
|
|
static void unset_module_init_ro_nx(struct module *mod)
|
|
{
|
|
set_page_attributes(mod->module_init + mod->init_text_size,
|
|
mod->module_init + mod->init_size,
|
|
set_memory_x);
|
|
set_page_attributes(mod->module_init,
|
|
mod->module_init + mod->init_ro_size,
|
|
set_memory_rw);
|
|
}
|
|
|
|
/* Iterate through all modules and set each module's text as RW */
|
|
void set_all_modules_text_rw(void)
|
|
{
|
|
struct module *mod;
|
|
|
|
mutex_lock(&module_mutex);
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
if ((mod->module_core) && (mod->core_text_size)) {
|
|
set_page_attributes(mod->module_core,
|
|
mod->module_core + mod->core_text_size,
|
|
set_memory_rw);
|
|
}
|
|
if ((mod->module_init) && (mod->init_text_size)) {
|
|
set_page_attributes(mod->module_init,
|
|
mod->module_init + mod->init_text_size,
|
|
set_memory_rw);
|
|
}
|
|
}
|
|
mutex_unlock(&module_mutex);
|
|
}
|
|
|
|
/* Iterate through all modules and set each module's text as RO */
|
|
void set_all_modules_text_ro(void)
|
|
{
|
|
struct module *mod;
|
|
|
|
mutex_lock(&module_mutex);
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
if ((mod->module_core) && (mod->core_text_size)) {
|
|
set_page_attributes(mod->module_core,
|
|
mod->module_core + mod->core_text_size,
|
|
set_memory_ro);
|
|
}
|
|
if ((mod->module_init) && (mod->init_text_size)) {
|
|
set_page_attributes(mod->module_init,
|
|
mod->module_init + mod->init_text_size,
|
|
set_memory_ro);
|
|
}
|
|
}
|
|
mutex_unlock(&module_mutex);
|
|
}
|
|
#else
|
|
static inline void set_section_ro_nx(void *base, unsigned long text_size, unsigned long ro_size, unsigned long total_size) { }
|
|
static void unset_module_core_ro_nx(struct module *mod) { }
|
|
static void unset_module_init_ro_nx(struct module *mod) { }
|
|
#endif
|
|
|
|
void __weak module_memfree(void *module_region)
|
|
{
|
|
vfree(module_region);
|
|
}
|
|
|
|
void __weak module_arch_cleanup(struct module *mod)
|
|
{
|
|
}
|
|
|
|
void __weak module_arch_freeing_init(struct module *mod)
|
|
{
|
|
}
|
|
|
|
/* Free a module, remove from lists, etc. */
|
|
static void free_module(struct module *mod)
|
|
{
|
|
trace_module_free(mod);
|
|
|
|
mod_sysfs_teardown(mod);
|
|
|
|
/* We leave it in list to prevent duplicate loads, but make sure
|
|
* that noone uses it while it's being deconstructed. */
|
|
mutex_lock(&module_mutex);
|
|
mod->state = MODULE_STATE_UNFORMED;
|
|
mutex_unlock(&module_mutex);
|
|
|
|
/* Remove dynamic debug info */
|
|
ddebug_remove_module(mod->name);
|
|
|
|
/* Arch-specific cleanup. */
|
|
module_arch_cleanup(mod);
|
|
|
|
/* Module unload stuff */
|
|
module_unload_free(mod);
|
|
|
|
/* Free any allocated parameters. */
|
|
destroy_params(mod->kp, mod->num_kp);
|
|
|
|
/* Now we can delete it from the lists */
|
|
mutex_lock(&module_mutex);
|
|
/* Unlink carefully: kallsyms could be walking list. */
|
|
list_del_rcu(&mod->list);
|
|
mod_tree_remove(mod);
|
|
/* Remove this module from bug list, this uses list_del_rcu */
|
|
module_bug_cleanup(mod);
|
|
/* Wait for RCU-sched synchronizing before releasing mod->list and buglist. */
|
|
synchronize_sched();
|
|
mutex_unlock(&module_mutex);
|
|
|
|
/* This may be NULL, but that's OK */
|
|
unset_module_init_ro_nx(mod);
|
|
module_arch_freeing_init(mod);
|
|
module_memfree(mod->module_init);
|
|
kfree(mod->args);
|
|
percpu_modfree(mod);
|
|
|
|
/* Free lock-classes; relies on the preceding sync_rcu(). */
|
|
lockdep_free_key_range(mod->module_core, mod->core_size);
|
|
|
|
/* Finally, free the core (containing the module structure) */
|
|
unset_module_core_ro_nx(mod);
|
|
module_memfree(mod->module_core);
|
|
|
|
#ifdef CONFIG_MPU
|
|
update_protections(current->mm);
|
|
#endif
|
|
}
|
|
|
|
void *__symbol_get(const char *symbol)
|
|
{
|
|
struct module *owner;
|
|
const struct kernel_symbol *sym;
|
|
|
|
preempt_disable();
|
|
sym = find_symbol(symbol, &owner, NULL, true, true);
|
|
if (sym && strong_try_module_get(owner))
|
|
sym = NULL;
|
|
preempt_enable();
|
|
|
|
return sym ? (void *)sym->value : NULL;
|
|
}
|
|
EXPORT_SYMBOL_GPL(__symbol_get);
|
|
|
|
/*
|
|
* Ensure that an exported symbol [global namespace] does not already exist
|
|
* in the kernel or in some other module's exported symbol table.
|
|
*
|
|
* You must hold the module_mutex.
|
|
*/
|
|
static int verify_export_symbols(struct module *mod)
|
|
{
|
|
unsigned int i;
|
|
struct module *owner;
|
|
const struct kernel_symbol *s;
|
|
struct {
|
|
const struct kernel_symbol *sym;
|
|
unsigned int num;
|
|
} arr[] = {
|
|
{ mod->syms, mod->num_syms },
|
|
{ mod->gpl_syms, mod->num_gpl_syms },
|
|
{ mod->gpl_future_syms, mod->num_gpl_future_syms },
|
|
#ifdef CONFIG_UNUSED_SYMBOLS
|
|
{ mod->unused_syms, mod->num_unused_syms },
|
|
{ mod->unused_gpl_syms, mod->num_unused_gpl_syms },
|
|
#endif
|
|
};
|
|
|
|
for (i = 0; i < ARRAY_SIZE(arr); i++) {
|
|
for (s = arr[i].sym; s < arr[i].sym + arr[i].num; s++) {
|
|
if (find_symbol(s->name, &owner, NULL, true, false)) {
|
|
pr_err("%s: exports duplicate symbol %s"
|
|
" (owned by %s)\n",
|
|
mod->name, s->name, module_name(owner));
|
|
return -ENOEXEC;
|
|
}
|
|
}
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
/* Change all symbols so that st_value encodes the pointer directly. */
|
|
static int simplify_symbols(struct module *mod, const struct load_info *info)
|
|
{
|
|
Elf_Shdr *symsec = &info->sechdrs[info->index.sym];
|
|
Elf_Sym *sym = (void *)symsec->sh_addr;
|
|
unsigned long secbase;
|
|
unsigned int i;
|
|
int ret = 0;
|
|
const struct kernel_symbol *ksym;
|
|
|
|
for (i = 1; i < symsec->sh_size / sizeof(Elf_Sym); i++) {
|
|
const char *name = info->strtab + sym[i].st_name;
|
|
|
|
switch (sym[i].st_shndx) {
|
|
case SHN_COMMON:
|
|
/* Ignore common symbols */
|
|
if (!strncmp(name, "__gnu_lto", 9))
|
|
break;
|
|
|
|
/* We compiled with -fno-common. These are not
|
|
supposed to happen. */
|
|
pr_debug("Common symbol: %s\n", name);
|
|
pr_warn("%s: please compile with -fno-common\n",
|
|
mod->name);
|
|
ret = -ENOEXEC;
|
|
break;
|
|
|
|
case SHN_ABS:
|
|
/* Don't need to do anything */
|
|
pr_debug("Absolute symbol: 0x%08lx\n",
|
|
(long)sym[i].st_value);
|
|
break;
|
|
|
|
case SHN_UNDEF:
|
|
ksym = resolve_symbol_wait(mod, info, name);
|
|
/* Ok if resolved. */
|
|
if (ksym && !IS_ERR(ksym)) {
|
|
sym[i].st_value = ksym->value;
|
|
break;
|
|
}
|
|
|
|
/* Ok if weak. */
|
|
if (!ksym && ELF_ST_BIND(sym[i].st_info) == STB_WEAK)
|
|
break;
|
|
|
|
pr_warn("%s: Unknown symbol %s (err %li)\n",
|
|
mod->name, name, PTR_ERR(ksym));
|
|
ret = PTR_ERR(ksym) ?: -ENOENT;
|
|
break;
|
|
|
|
default:
|
|
/* Divert to percpu allocation if a percpu var. */
|
|
if (sym[i].st_shndx == info->index.pcpu)
|
|
secbase = (unsigned long)mod_percpu(mod);
|
|
else
|
|
secbase = info->sechdrs[sym[i].st_shndx].sh_addr;
|
|
sym[i].st_value += secbase;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
static int apply_relocations(struct module *mod, const struct load_info *info)
|
|
{
|
|
unsigned int i;
|
|
int err = 0;
|
|
|
|
/* Now do relocations. */
|
|
for (i = 1; i < info->hdr->e_shnum; i++) {
|
|
unsigned int infosec = info->sechdrs[i].sh_info;
|
|
|
|
/* Not a valid relocation section? */
|
|
if (infosec >= info->hdr->e_shnum)
|
|
continue;
|
|
|
|
/* Don't bother with non-allocated sections */
|
|
if (!(info->sechdrs[infosec].sh_flags & SHF_ALLOC))
|
|
continue;
|
|
|
|
if (info->sechdrs[i].sh_type == SHT_REL)
|
|
err = apply_relocate(info->sechdrs, info->strtab,
|
|
info->index.sym, i, mod);
|
|
else if (info->sechdrs[i].sh_type == SHT_RELA)
|
|
err = apply_relocate_add(info->sechdrs, info->strtab,
|
|
info->index.sym, i, mod);
|
|
if (err < 0)
|
|
break;
|
|
}
|
|
return err;
|
|
}
|
|
|
|
/* Additional bytes needed by arch in front of individual sections */
|
|
unsigned int __weak arch_mod_section_prepend(struct module *mod,
|
|
unsigned int section)
|
|
{
|
|
/* default implementation just returns zero */
|
|
return 0;
|
|
}
|
|
|
|
/* Update size with this section: return offset. */
|
|
static long get_offset(struct module *mod, unsigned int *size,
|
|
Elf_Shdr *sechdr, unsigned int section)
|
|
{
|
|
long ret;
|
|
|
|
*size += arch_mod_section_prepend(mod, section);
|
|
ret = ALIGN(*size, sechdr->sh_addralign ?: 1);
|
|
*size = ret + sechdr->sh_size;
|
|
return ret;
|
|
}
|
|
|
|
/* Lay out the SHF_ALLOC sections in a way not dissimilar to how ld
|
|
might -- code, read-only data, read-write data, small data. Tally
|
|
sizes, and place the offsets into sh_entsize fields: high bit means it
|
|
belongs in init. */
|
|
static void layout_sections(struct module *mod, struct load_info *info)
|
|
{
|
|
static unsigned long const masks[][2] = {
|
|
/* NOTE: all executable code must be the first section
|
|
* in this array; otherwise modify the text_size
|
|
* finder in the two loops below */
|
|
{ SHF_EXECINSTR | SHF_ALLOC, ARCH_SHF_SMALL },
|
|
{ SHF_ALLOC, SHF_WRITE | ARCH_SHF_SMALL },
|
|
{ SHF_WRITE | SHF_ALLOC, ARCH_SHF_SMALL },
|
|
{ ARCH_SHF_SMALL | SHF_ALLOC, 0 }
|
|
};
|
|
unsigned int m, i;
|
|
|
|
for (i = 0; i < info->hdr->e_shnum; i++)
|
|
info->sechdrs[i].sh_entsize = ~0UL;
|
|
|
|
pr_debug("Core section allocation order:\n");
|
|
for (m = 0; m < ARRAY_SIZE(masks); ++m) {
|
|
for (i = 0; i < info->hdr->e_shnum; ++i) {
|
|
Elf_Shdr *s = &info->sechdrs[i];
|
|
const char *sname = info->secstrings + s->sh_name;
|
|
|
|
if ((s->sh_flags & masks[m][0]) != masks[m][0]
|
|
|| (s->sh_flags & masks[m][1])
|
|
|| s->sh_entsize != ~0UL
|
|
|| strstarts(sname, ".init"))
|
|
continue;
|
|
s->sh_entsize = get_offset(mod, &mod->core_size, s, i);
|
|
pr_debug("\t%s\n", sname);
|
|
}
|
|
switch (m) {
|
|
case 0: /* executable */
|
|
mod->core_size = debug_align(mod->core_size);
|
|
mod->core_text_size = mod->core_size;
|
|
break;
|
|
case 1: /* RO: text and ro-data */
|
|
mod->core_size = debug_align(mod->core_size);
|
|
mod->core_ro_size = mod->core_size;
|
|
break;
|
|
case 3: /* whole core */
|
|
mod->core_size = debug_align(mod->core_size);
|
|
break;
|
|
}
|
|
}
|
|
|
|
pr_debug("Init section allocation order:\n");
|
|
for (m = 0; m < ARRAY_SIZE(masks); ++m) {
|
|
for (i = 0; i < info->hdr->e_shnum; ++i) {
|
|
Elf_Shdr *s = &info->sechdrs[i];
|
|
const char *sname = info->secstrings + s->sh_name;
|
|
|
|
if ((s->sh_flags & masks[m][0]) != masks[m][0]
|
|
|| (s->sh_flags & masks[m][1])
|
|
|| s->sh_entsize != ~0UL
|
|
|| !strstarts(sname, ".init"))
|
|
continue;
|
|
s->sh_entsize = (get_offset(mod, &mod->init_size, s, i)
|
|
| INIT_OFFSET_MASK);
|
|
pr_debug("\t%s\n", sname);
|
|
}
|
|
switch (m) {
|
|
case 0: /* executable */
|
|
mod->init_size = debug_align(mod->init_size);
|
|
mod->init_text_size = mod->init_size;
|
|
break;
|
|
case 1: /* RO: text and ro-data */
|
|
mod->init_size = debug_align(mod->init_size);
|
|
mod->init_ro_size = mod->init_size;
|
|
break;
|
|
case 3: /* whole init */
|
|
mod->init_size = debug_align(mod->init_size);
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
static void set_license(struct module *mod, const char *license)
|
|
{
|
|
if (!license)
|
|
license = "unspecified";
|
|
|
|
if (!license_is_gpl_compatible(license)) {
|
|
if (!test_taint(TAINT_PROPRIETARY_MODULE))
|
|
pr_warn("%s: module license '%s' taints kernel.\n",
|
|
mod->name, license);
|
|
add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
|
|
LOCKDEP_NOW_UNRELIABLE);
|
|
}
|
|
}
|
|
|
|
/* Parse tag=value strings from .modinfo section */
|
|
static char *next_string(char *string, unsigned long *secsize)
|
|
{
|
|
/* Skip non-zero chars */
|
|
while (string[0]) {
|
|
string++;
|
|
if ((*secsize)-- <= 1)
|
|
return NULL;
|
|
}
|
|
|
|
/* Skip any zero padding. */
|
|
while (!string[0]) {
|
|
string++;
|
|
if ((*secsize)-- <= 1)
|
|
return NULL;
|
|
}
|
|
return string;
|
|
}
|
|
|
|
static char *get_modinfo(struct load_info *info, const char *tag)
|
|
{
|
|
char *p;
|
|
unsigned int taglen = strlen(tag);
|
|
Elf_Shdr *infosec = &info->sechdrs[info->index.info];
|
|
unsigned long size = infosec->sh_size;
|
|
|
|
for (p = (char *)infosec->sh_addr; p; p = next_string(p, &size)) {
|
|
if (strncmp(p, tag, taglen) == 0 && p[taglen] == '=')
|
|
return p + taglen + 1;
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
static void setup_modinfo(struct module *mod, struct load_info *info)
|
|
{
|
|
struct module_attribute *attr;
|
|
int i;
|
|
|
|
for (i = 0; (attr = modinfo_attrs[i]); i++) {
|
|
if (attr->setup)
|
|
attr->setup(mod, get_modinfo(info, attr->attr.name));
|
|
}
|
|
}
|
|
|
|
static void free_modinfo(struct module *mod)
|
|
{
|
|
struct module_attribute *attr;
|
|
int i;
|
|
|
|
for (i = 0; (attr = modinfo_attrs[i]); i++) {
|
|
if (attr->free)
|
|
attr->free(mod);
|
|
}
|
|
}
|
|
|
|
#ifdef CONFIG_KALLSYMS
|
|
|
|
/* lookup symbol in given range of kernel_symbols */
|
|
static const struct kernel_symbol *lookup_symbol(const char *name,
|
|
const struct kernel_symbol *start,
|
|
const struct kernel_symbol *stop)
|
|
{
|
|
return bsearch(name, start, stop - start,
|
|
sizeof(struct kernel_symbol), cmp_name);
|
|
}
|
|
|
|
static int is_exported(const char *name, unsigned long value,
|
|
const struct module *mod)
|
|
{
|
|
const struct kernel_symbol *ks;
|
|
if (!mod)
|
|
ks = lookup_symbol(name, __start___ksymtab, __stop___ksymtab);
|
|
else
|
|
ks = lookup_symbol(name, mod->syms, mod->syms + mod->num_syms);
|
|
return ks != NULL && ks->value == value;
|
|
}
|
|
|
|
/* As per nm */
|
|
static char elf_type(const Elf_Sym *sym, const struct load_info *info)
|
|
{
|
|
const Elf_Shdr *sechdrs = info->sechdrs;
|
|
|
|
if (ELF_ST_BIND(sym->st_info) == STB_WEAK) {
|
|
if (ELF_ST_TYPE(sym->st_info) == STT_OBJECT)
|
|
return 'v';
|
|
else
|
|
return 'w';
|
|
}
|
|
if (sym->st_shndx == SHN_UNDEF)
|
|
return 'U';
|
|
if (sym->st_shndx == SHN_ABS || sym->st_shndx == info->index.pcpu)
|
|
return 'a';
|
|
if (sym->st_shndx >= SHN_LORESERVE)
|
|
return '?';
|
|
if (sechdrs[sym->st_shndx].sh_flags & SHF_EXECINSTR)
|
|
return 't';
|
|
if (sechdrs[sym->st_shndx].sh_flags & SHF_ALLOC
|
|
&& sechdrs[sym->st_shndx].sh_type != SHT_NOBITS) {
|
|
if (!(sechdrs[sym->st_shndx].sh_flags & SHF_WRITE))
|
|
return 'r';
|
|
else if (sechdrs[sym->st_shndx].sh_flags & ARCH_SHF_SMALL)
|
|
return 'g';
|
|
else
|
|
return 'd';
|
|
}
|
|
if (sechdrs[sym->st_shndx].sh_type == SHT_NOBITS) {
|
|
if (sechdrs[sym->st_shndx].sh_flags & ARCH_SHF_SMALL)
|
|
return 's';
|
|
else
|
|
return 'b';
|
|
}
|
|
if (strstarts(info->secstrings + sechdrs[sym->st_shndx].sh_name,
|
|
".debug")) {
|
|
return 'n';
|
|
}
|
|
return '?';
|
|
}
|
|
|
|
static bool is_core_symbol(const Elf_Sym *src, const Elf_Shdr *sechdrs,
|
|
unsigned int shnum, unsigned int pcpundx)
|
|
{
|
|
const Elf_Shdr *sec;
|
|
|
|
if (src->st_shndx == SHN_UNDEF
|
|
|| src->st_shndx >= shnum
|
|
|| !src->st_name)
|
|
return false;
|
|
|
|
#ifdef CONFIG_KALLSYMS_ALL
|
|
if (src->st_shndx == pcpundx)
|
|
return true;
|
|
#endif
|
|
|
|
sec = sechdrs + src->st_shndx;
|
|
if (!(sec->sh_flags & SHF_ALLOC)
|
|
#ifndef CONFIG_KALLSYMS_ALL
|
|
|| !(sec->sh_flags & SHF_EXECINSTR)
|
|
#endif
|
|
|| (sec->sh_entsize & INIT_OFFSET_MASK))
|
|
return false;
|
|
|
|
return true;
|
|
}
|
|
|
|
/*
|
|
* We only allocate and copy the strings needed by the parts of symtab
|
|
* we keep. This is simple, but has the effect of making multiple
|
|
* copies of duplicates. We could be more sophisticated, see
|
|
* linux-kernel thread starting with
|
|
* <73defb5e4bca04a6431392cc341112b1@localhost>.
|
|
*/
|
|
static void layout_symtab(struct module *mod, struct load_info *info)
|
|
{
|
|
Elf_Shdr *symsect = info->sechdrs + info->index.sym;
|
|
Elf_Shdr *strsect = info->sechdrs + info->index.str;
|
|
const Elf_Sym *src;
|
|
unsigned int i, nsrc, ndst, strtab_size = 0;
|
|
|
|
/* Put symbol section at end of init part of module. */
|
|
symsect->sh_flags |= SHF_ALLOC;
|
|
symsect->sh_entsize = get_offset(mod, &mod->init_size, symsect,
|
|
info->index.sym) | INIT_OFFSET_MASK;
|
|
pr_debug("\t%s\n", info->secstrings + symsect->sh_name);
|
|
|
|
src = (void *)info->hdr + symsect->sh_offset;
|
|
nsrc = symsect->sh_size / sizeof(*src);
|
|
|
|
/* Compute total space required for the core symbols' strtab. */
|
|
for (ndst = i = 0; i < nsrc; i++) {
|
|
if (i == 0 ||
|
|
is_core_symbol(src+i, info->sechdrs, info->hdr->e_shnum,
|
|
info->index.pcpu)) {
|
|
strtab_size += strlen(&info->strtab[src[i].st_name])+1;
|
|
ndst++;
|
|
}
|
|
}
|
|
|
|
/* Append room for core symbols at end of core part. */
|
|
info->symoffs = ALIGN(mod->core_size, symsect->sh_addralign ?: 1);
|
|
info->stroffs = mod->core_size = info->symoffs + ndst * sizeof(Elf_Sym);
|
|
mod->core_size += strtab_size;
|
|
mod->core_size = debug_align(mod->core_size);
|
|
|
|
/* Put string table section at end of init part of module. */
|
|
strsect->sh_flags |= SHF_ALLOC;
|
|
strsect->sh_entsize = get_offset(mod, &mod->init_size, strsect,
|
|
info->index.str) | INIT_OFFSET_MASK;
|
|
pr_debug("\t%s\n", info->secstrings + strsect->sh_name);
|
|
|
|
/* We'll tack temporary mod_kallsyms on the end. */
|
|
mod->init_size = ALIGN(mod->init_size,
|
|
__alignof__(struct mod_kallsyms));
|
|
info->mod_kallsyms_init_off = mod->init_size;
|
|
mod->init_size += sizeof(struct mod_kallsyms);
|
|
mod->init_size = debug_align(mod->init_size);
|
|
}
|
|
|
|
/*
|
|
* We use the full symtab and strtab which layout_symtab arranged to
|
|
* be appended to the init section. Later we switch to the cut-down
|
|
* core-only ones.
|
|
*/
|
|
static void add_kallsyms(struct module *mod, const struct load_info *info)
|
|
{
|
|
unsigned int i, ndst;
|
|
const Elf_Sym *src;
|
|
Elf_Sym *dst;
|
|
char *s;
|
|
Elf_Shdr *symsec = &info->sechdrs[info->index.sym];
|
|
|
|
/* Set up to point into init section. */
|
|
mod->kallsyms = mod->module_init + info->mod_kallsyms_init_off;
|
|
|
|
mod->kallsyms->symtab = (void *)symsec->sh_addr;
|
|
mod->kallsyms->num_symtab = symsec->sh_size / sizeof(Elf_Sym);
|
|
/* Make sure we get permanent strtab: don't use info->strtab. */
|
|
mod->kallsyms->strtab = (void *)info->sechdrs[info->index.str].sh_addr;
|
|
|
|
/* Set types up while we still have access to sections. */
|
|
for (i = 0; i < mod->kallsyms->num_symtab; i++)
|
|
mod->kallsyms->symtab[i].st_info
|
|
= elf_type(&mod->kallsyms->symtab[i], info);
|
|
|
|
/* Now populate the cut down core kallsyms for after init. */
|
|
mod->core_kallsyms.symtab = dst = mod->module_core + info->symoffs;
|
|
mod->core_kallsyms.strtab = s = mod->module_core + info->stroffs;
|
|
src = mod->kallsyms->symtab;
|
|
for (ndst = i = 0; i < mod->kallsyms->num_symtab; i++) {
|
|
if (i == 0 ||
|
|
is_core_symbol(src+i, info->sechdrs, info->hdr->e_shnum,
|
|
info->index.pcpu)) {
|
|
dst[ndst] = src[i];
|
|
dst[ndst++].st_name = s - mod->core_kallsyms.strtab;
|
|
s += strlcpy(s, &mod->kallsyms->strtab[src[i].st_name],
|
|
KSYM_NAME_LEN) + 1;
|
|
}
|
|
}
|
|
mod->core_kallsyms.num_symtab = ndst;
|
|
}
|
|
#else
|
|
static inline void layout_symtab(struct module *mod, struct load_info *info)
|
|
{
|
|
}
|
|
|
|
static void add_kallsyms(struct module *mod, const struct load_info *info)
|
|
{
|
|
}
|
|
#endif /* CONFIG_KALLSYMS */
|
|
|
|
static void dynamic_debug_setup(struct _ddebug *debug, unsigned int num)
|
|
{
|
|
if (!debug)
|
|
return;
|
|
#ifdef CONFIG_DYNAMIC_DEBUG
|
|
if (ddebug_add_module(debug, num, debug->modname))
|
|
pr_err("dynamic debug error adding module: %s\n",
|
|
debug->modname);
|
|
#endif
|
|
}
|
|
|
|
static void dynamic_debug_remove(struct _ddebug *debug)
|
|
{
|
|
if (debug)
|
|
ddebug_remove_module(debug->modname);
|
|
}
|
|
|
|
void * __weak module_alloc(unsigned long size)
|
|
{
|
|
return vmalloc_exec(size);
|
|
}
|
|
|
|
#if defined(CONFIG_DEBUG_KMEMLEAK) && defined(CONFIG_DEBUG_MODULE_SCAN_OFF)
|
|
static void kmemleak_load_module(const struct module *mod,
|
|
const struct load_info *info)
|
|
{
|
|
kmemleak_no_scan(mod->module_core);
|
|
}
|
|
#elif defined(CONFIG_DEBUG_KMEMLEAK)
|
|
static void kmemleak_load_module(const struct module *mod,
|
|
const struct load_info *info)
|
|
{
|
|
unsigned int i;
|
|
|
|
/* only scan the sections containing data */
|
|
kmemleak_scan_area(mod, sizeof(struct module), GFP_KERNEL);
|
|
|
|
for (i = 1; i < info->hdr->e_shnum; i++) {
|
|
/* Scan all writable sections that's not executable */
|
|
if (!(info->sechdrs[i].sh_flags & SHF_ALLOC) ||
|
|
!(info->sechdrs[i].sh_flags & SHF_WRITE) ||
|
|
(info->sechdrs[i].sh_flags & SHF_EXECINSTR))
|
|
continue;
|
|
|
|
kmemleak_scan_area((void *)info->sechdrs[i].sh_addr,
|
|
info->sechdrs[i].sh_size, GFP_KERNEL);
|
|
}
|
|
}
|
|
#else
|
|
static inline void kmemleak_load_module(const struct module *mod,
|
|
const struct load_info *info)
|
|
{
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_MODULE_SIG
|
|
static int module_sig_check(struct load_info *info, int flags)
|
|
{
|
|
int err = -ENOKEY;
|
|
const unsigned long markerlen = sizeof(MODULE_SIG_STRING) - 1;
|
|
const void *mod = info->hdr;
|
|
|
|
/*
|
|
* Require flags == 0, as a module with version information
|
|
* removed is no longer the module that was signed
|
|
*/
|
|
if (flags == 0 &&
|
|
info->len > markerlen &&
|
|
memcmp(mod + info->len - markerlen, MODULE_SIG_STRING, markerlen) == 0) {
|
|
/* We truncate the module to discard the signature */
|
|
info->len -= markerlen;
|
|
err = mod_verify_sig(mod, &info->len);
|
|
}
|
|
|
|
if (!err) {
|
|
info->sig_ok = true;
|
|
return 0;
|
|
}
|
|
|
|
/* Not having a signature is only an error if we're strict. */
|
|
if (err == -ENOKEY && !sig_enforce)
|
|
err = 0;
|
|
|
|
return err;
|
|
}
|
|
#else /* !CONFIG_MODULE_SIG */
|
|
static int module_sig_check(struct load_info *info, int flags)
|
|
{
|
|
return 0;
|
|
}
|
|
#endif /* !CONFIG_MODULE_SIG */
|
|
|
|
/* Sanity checks against invalid binaries, wrong arch, weird elf version. */
|
|
static int elf_header_check(struct load_info *info)
|
|
{
|
|
if (info->len < sizeof(*(info->hdr)))
|
|
return -ENOEXEC;
|
|
|
|
if (memcmp(info->hdr->e_ident, ELFMAG, SELFMAG) != 0
|
|
|| info->hdr->e_type != ET_REL
|
|
|| !elf_check_arch(info->hdr)
|
|
|| info->hdr->e_shentsize != sizeof(Elf_Shdr))
|
|
return -ENOEXEC;
|
|
|
|
if (info->hdr->e_shoff >= info->len
|
|
|| (info->hdr->e_shnum * sizeof(Elf_Shdr) >
|
|
info->len - info->hdr->e_shoff))
|
|
return -ENOEXEC;
|
|
|
|
return 0;
|
|
}
|
|
|
|
#define COPY_CHUNK_SIZE (16*PAGE_SIZE)
|
|
|
|
static int copy_chunked_from_user(void *dst, const void __user *usrc, unsigned long len)
|
|
{
|
|
do {
|
|
unsigned long n = min(len, COPY_CHUNK_SIZE);
|
|
|
|
if (copy_from_user(dst, usrc, n) != 0)
|
|
return -EFAULT;
|
|
cond_resched();
|
|
dst += n;
|
|
usrc += n;
|
|
len -= n;
|
|
} while (len);
|
|
return 0;
|
|
}
|
|
|
|
/* Sets info->hdr and info->len. */
|
|
static int copy_module_from_user(const void __user *umod, unsigned long len,
|
|
struct load_info *info)
|
|
{
|
|
int err;
|
|
|
|
info->len = len;
|
|
if (info->len < sizeof(*(info->hdr)))
|
|
return -ENOEXEC;
|
|
|
|
err = security_kernel_module_from_file(NULL);
|
|
if (err)
|
|
return err;
|
|
|
|
/* Suck in entire file: we'll want most of it. */
|
|
info->hdr = __vmalloc(info->len,
|
|
GFP_KERNEL | __GFP_HIGHMEM | __GFP_NOWARN, PAGE_KERNEL);
|
|
if (!info->hdr)
|
|
return -ENOMEM;
|
|
|
|
if (copy_chunked_from_user(info->hdr, umod, info->len) != 0) {
|
|
vfree(info->hdr);
|
|
return -EFAULT;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/* Sets info->hdr and info->len. */
|
|
static int copy_module_from_fd(int fd, struct load_info *info)
|
|
{
|
|
struct fd f = fdget(fd);
|
|
int err;
|
|
struct kstat stat;
|
|
loff_t pos;
|
|
ssize_t bytes = 0;
|
|
|
|
if (!f.file)
|
|
return -ENOEXEC;
|
|
|
|
err = security_kernel_module_from_file(f.file);
|
|
if (err)
|
|
goto out;
|
|
|
|
err = vfs_getattr(&f.file->f_path, &stat);
|
|
if (err)
|
|
goto out;
|
|
|
|
if (stat.size > INT_MAX) {
|
|
err = -EFBIG;
|
|
goto out;
|
|
}
|
|
|
|
/* Don't hand 0 to vmalloc, it whines. */
|
|
if (stat.size == 0) {
|
|
err = -EINVAL;
|
|
goto out;
|
|
}
|
|
|
|
info->hdr = vmalloc(stat.size);
|
|
if (!info->hdr) {
|
|
err = -ENOMEM;
|
|
goto out;
|
|
}
|
|
|
|
pos = 0;
|
|
while (pos < stat.size) {
|
|
bytes = kernel_read(f.file, pos, (char *)(info->hdr) + pos,
|
|
stat.size - pos);
|
|
if (bytes < 0) {
|
|
vfree(info->hdr);
|
|
err = bytes;
|
|
goto out;
|
|
}
|
|
if (bytes == 0)
|
|
break;
|
|
pos += bytes;
|
|
}
|
|
info->len = pos;
|
|
|
|
out:
|
|
fdput(f);
|
|
return err;
|
|
}
|
|
|
|
static void free_copy(struct load_info *info)
|
|
{
|
|
vfree(info->hdr);
|
|
}
|
|
|
|
static int rewrite_section_headers(struct load_info *info, int flags)
|
|
{
|
|
unsigned int i;
|
|
|
|
/* This should always be true, but let's be sure. */
|
|
info->sechdrs[0].sh_addr = 0;
|
|
|
|
for (i = 1; i < info->hdr->e_shnum; i++) {
|
|
Elf_Shdr *shdr = &info->sechdrs[i];
|
|
if (shdr->sh_type != SHT_NOBITS
|
|
&& info->len < shdr->sh_offset + shdr->sh_size) {
|
|
pr_err("Module len %lu truncated\n", info->len);
|
|
return -ENOEXEC;
|
|
}
|
|
|
|
/* Mark all sections sh_addr with their address in the
|
|
temporary image. */
|
|
shdr->sh_addr = (size_t)info->hdr + shdr->sh_offset;
|
|
|
|
#ifndef CONFIG_MODULE_UNLOAD
|
|
/* Don't load .exit sections */
|
|
if (strstarts(info->secstrings+shdr->sh_name, ".exit"))
|
|
shdr->sh_flags &= ~(unsigned long)SHF_ALLOC;
|
|
#endif
|
|
}
|
|
|
|
/* Track but don't keep modinfo and version sections. */
|
|
if (flags & MODULE_INIT_IGNORE_MODVERSIONS)
|
|
info->index.vers = 0; /* Pretend no __versions section! */
|
|
else
|
|
info->index.vers = find_sec(info, "__versions");
|
|
info->index.info = find_sec(info, ".modinfo");
|
|
info->sechdrs[info->index.info].sh_flags &= ~(unsigned long)SHF_ALLOC;
|
|
info->sechdrs[info->index.vers].sh_flags &= ~(unsigned long)SHF_ALLOC;
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Set up our basic convenience variables (pointers to section headers,
|
|
* search for module section index etc), and do some basic section
|
|
* verification.
|
|
*
|
|
* Return the temporary module pointer (we'll replace it with the final
|
|
* one when we move the module sections around).
|
|
*/
|
|
static struct module *setup_load_info(struct load_info *info, int flags)
|
|
{
|
|
unsigned int i;
|
|
int err;
|
|
struct module *mod;
|
|
|
|
/* Set up the convenience variables */
|
|
info->sechdrs = (void *)info->hdr + info->hdr->e_shoff;
|
|
info->secstrings = (void *)info->hdr
|
|
+ info->sechdrs[info->hdr->e_shstrndx].sh_offset;
|
|
|
|
err = rewrite_section_headers(info, flags);
|
|
if (err)
|
|
return ERR_PTR(err);
|
|
|
|
/* Find internal symbols and strings. */
|
|
for (i = 1; i < info->hdr->e_shnum; i++) {
|
|
if (info->sechdrs[i].sh_type == SHT_SYMTAB) {
|
|
info->index.sym = i;
|
|
info->index.str = info->sechdrs[i].sh_link;
|
|
info->strtab = (char *)info->hdr
|
|
+ info->sechdrs[info->index.str].sh_offset;
|
|
break;
|
|
}
|
|
}
|
|
|
|
info->index.mod = find_sec(info, ".gnu.linkonce.this_module");
|
|
if (!info->index.mod) {
|
|
pr_warn("No module found in object\n");
|
|
return ERR_PTR(-ENOEXEC);
|
|
}
|
|
/* This is temporary: point mod into copy of data. */
|
|
mod = (void *)info->sechdrs[info->index.mod].sh_addr;
|
|
|
|
if (info->index.sym == 0) {
|
|
pr_warn("%s: module has no symbols (stripped?)\n", mod->name);
|
|
return ERR_PTR(-ENOEXEC);
|
|
}
|
|
|
|
info->index.pcpu = find_pcpusec(info);
|
|
|
|
/* Check module struct version now, before we try to use module. */
|
|
if (!check_modstruct_version(info->sechdrs, info->index.vers, mod))
|
|
return ERR_PTR(-ENOEXEC);
|
|
|
|
return mod;
|
|
}
|
|
|
|
static void check_modinfo_retpoline(struct module *mod, struct load_info *info)
|
|
{
|
|
if (retpoline_module_ok(get_modinfo(info, "retpoline")))
|
|
return;
|
|
|
|
pr_warn("%s: loading module not compiled with retpoline compiler.\n",
|
|
mod->name);
|
|
}
|
|
|
|
static int check_modinfo(struct module *mod, struct load_info *info, int flags)
|
|
{
|
|
const char *modmagic = get_modinfo(info, "vermagic");
|
|
int err;
|
|
|
|
if (flags & MODULE_INIT_IGNORE_VERMAGIC)
|
|
modmagic = NULL;
|
|
|
|
/* This is allowed: modprobe --force will invalidate it. */
|
|
if (!modmagic) {
|
|
err = try_to_force_load(mod, "bad vermagic");
|
|
if (err)
|
|
return err;
|
|
} else if (!same_magic(modmagic, vermagic, info->index.vers)) {
|
|
pr_err("%s: version magic '%s' should be '%s'\n",
|
|
mod->name, modmagic, vermagic);
|
|
return -ENOEXEC;
|
|
}
|
|
|
|
if (!get_modinfo(info, "intree")) {
|
|
if (!test_taint(TAINT_OOT_MODULE))
|
|
pr_warn("%s: loading out-of-tree module taints kernel.\n",
|
|
mod->name);
|
|
add_taint_module(mod, TAINT_OOT_MODULE, LOCKDEP_STILL_OK);
|
|
}
|
|
|
|
check_modinfo_retpoline(mod, info);
|
|
|
|
if (get_modinfo(info, "staging")) {
|
|
add_taint_module(mod, TAINT_CRAP, LOCKDEP_STILL_OK);
|
|
pr_warn("%s: module is from the staging directory, the quality "
|
|
"is unknown, you have been warned.\n", mod->name);
|
|
}
|
|
|
|
/* Set up license info based on the info section */
|
|
set_license(mod, get_modinfo(info, "license"));
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int find_module_sections(struct module *mod, struct load_info *info)
|
|
{
|
|
mod->kp = section_objs(info, "__param",
|
|
sizeof(*mod->kp), &mod->num_kp);
|
|
mod->syms = section_objs(info, "__ksymtab",
|
|
sizeof(*mod->syms), &mod->num_syms);
|
|
mod->crcs = section_addr(info, "__kcrctab");
|
|
mod->gpl_syms = section_objs(info, "__ksymtab_gpl",
|
|
sizeof(*mod->gpl_syms),
|
|
&mod->num_gpl_syms);
|
|
mod->gpl_crcs = section_addr(info, "__kcrctab_gpl");
|
|
mod->gpl_future_syms = section_objs(info,
|
|
"__ksymtab_gpl_future",
|
|
sizeof(*mod->gpl_future_syms),
|
|
&mod->num_gpl_future_syms);
|
|
mod->gpl_future_crcs = section_addr(info, "__kcrctab_gpl_future");
|
|
|
|
#ifdef CONFIG_UNUSED_SYMBOLS
|
|
mod->unused_syms = section_objs(info, "__ksymtab_unused",
|
|
sizeof(*mod->unused_syms),
|
|
&mod->num_unused_syms);
|
|
mod->unused_crcs = section_addr(info, "__kcrctab_unused");
|
|
mod->unused_gpl_syms = section_objs(info, "__ksymtab_unused_gpl",
|
|
sizeof(*mod->unused_gpl_syms),
|
|
&mod->num_unused_gpl_syms);
|
|
mod->unused_gpl_crcs = section_addr(info, "__kcrctab_unused_gpl");
|
|
#endif
|
|
#ifdef CONFIG_CONSTRUCTORS
|
|
mod->ctors = section_objs(info, ".ctors",
|
|
sizeof(*mod->ctors), &mod->num_ctors);
|
|
if (!mod->ctors)
|
|
mod->ctors = section_objs(info, ".init_array",
|
|
sizeof(*mod->ctors), &mod->num_ctors);
|
|
else if (find_sec(info, ".init_array")) {
|
|
/*
|
|
* This shouldn't happen with same compiler and binutils
|
|
* building all parts of the module.
|
|
*/
|
|
pr_warn("%s: has both .ctors and .init_array.\n",
|
|
mod->name);
|
|
return -EINVAL;
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_TRACEPOINTS
|
|
mod->tracepoints_ptrs = section_objs(info, "__tracepoints_ptrs",
|
|
sizeof(*mod->tracepoints_ptrs),
|
|
&mod->num_tracepoints);
|
|
#endif
|
|
#ifdef HAVE_JUMP_LABEL
|
|
mod->jump_entries = section_objs(info, "__jump_table",
|
|
sizeof(*mod->jump_entries),
|
|
&mod->num_jump_entries);
|
|
#endif
|
|
#ifdef CONFIG_EVENT_TRACING
|
|
mod->trace_events = section_objs(info, "_ftrace_events",
|
|
sizeof(*mod->trace_events),
|
|
&mod->num_trace_events);
|
|
mod->trace_enums = section_objs(info, "_ftrace_enum_map",
|
|
sizeof(*mod->trace_enums),
|
|
&mod->num_trace_enums);
|
|
#endif
|
|
#ifdef CONFIG_TRACING
|
|
mod->trace_bprintk_fmt_start = section_objs(info, "__trace_printk_fmt",
|
|
sizeof(*mod->trace_bprintk_fmt_start),
|
|
&mod->num_trace_bprintk_fmt);
|
|
#endif
|
|
#ifdef CONFIG_FTRACE_MCOUNT_RECORD
|
|
/* sechdrs[0].sh_size is always zero */
|
|
mod->ftrace_callsites = section_objs(info, "__mcount_loc",
|
|
sizeof(*mod->ftrace_callsites),
|
|
&mod->num_ftrace_callsites);
|
|
#endif
|
|
|
|
mod->extable = section_objs(info, "__ex_table",
|
|
sizeof(*mod->extable), &mod->num_exentries);
|
|
|
|
if (section_addr(info, "__obsparm"))
|
|
pr_warn("%s: Ignoring obsolete parameters\n", mod->name);
|
|
|
|
info->debug = section_objs(info, "__verbose",
|
|
sizeof(*info->debug), &info->num_debug);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int move_module(struct module *mod, struct load_info *info)
|
|
{
|
|
int i;
|
|
void *ptr;
|
|
|
|
/* Do the allocs. */
|
|
ptr = module_alloc(mod->core_size);
|
|
/*
|
|
* The pointer to this block is stored in the module structure
|
|
* which is inside the block. Just mark it as not being a
|
|
* leak.
|
|
*/
|
|
kmemleak_not_leak(ptr);
|
|
if (!ptr)
|
|
return -ENOMEM;
|
|
|
|
memset(ptr, 0, mod->core_size);
|
|
mod->module_core = ptr;
|
|
|
|
if (mod->init_size) {
|
|
ptr = module_alloc(mod->init_size);
|
|
/*
|
|
* The pointer to this block is stored in the module structure
|
|
* which is inside the block. This block doesn't need to be
|
|
* scanned as it contains data and code that will be freed
|
|
* after the module is initialized.
|
|
*/
|
|
kmemleak_ignore(ptr);
|
|
if (!ptr) {
|
|
module_memfree(mod->module_core);
|
|
return -ENOMEM;
|
|
}
|
|
memset(ptr, 0, mod->init_size);
|
|
mod->module_init = ptr;
|
|
} else
|
|
mod->module_init = NULL;
|
|
|
|
/* Transfer each section which specifies SHF_ALLOC */
|
|
pr_debug("final section addresses:\n");
|
|
for (i = 0; i < info->hdr->e_shnum; i++) {
|
|
void *dest;
|
|
Elf_Shdr *shdr = &info->sechdrs[i];
|
|
|
|
if (!(shdr->sh_flags & SHF_ALLOC))
|
|
continue;
|
|
|
|
if (shdr->sh_entsize & INIT_OFFSET_MASK)
|
|
dest = mod->module_init
|
|
+ (shdr->sh_entsize & ~INIT_OFFSET_MASK);
|
|
else
|
|
dest = mod->module_core + shdr->sh_entsize;
|
|
|
|
if (shdr->sh_type != SHT_NOBITS)
|
|
memcpy(dest, (void *)shdr->sh_addr, shdr->sh_size);
|
|
/* Update sh_addr to point to copy in image. */
|
|
shdr->sh_addr = (unsigned long)dest;
|
|
pr_debug("\t0x%lx %s\n",
|
|
(long)shdr->sh_addr, info->secstrings + shdr->sh_name);
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int check_module_license_and_versions(struct module *mod)
|
|
{
|
|
int prev_taint = test_taint(TAINT_PROPRIETARY_MODULE);
|
|
|
|
/*
|
|
* ndiswrapper is under GPL by itself, but loads proprietary modules.
|
|
* Don't use add_taint_module(), as it would prevent ndiswrapper from
|
|
* using GPL-only symbols it needs.
|
|
*/
|
|
if (strcmp(mod->name, "ndiswrapper") == 0)
|
|
add_taint(TAINT_PROPRIETARY_MODULE, LOCKDEP_NOW_UNRELIABLE);
|
|
|
|
/* driverloader was caught wrongly pretending to be under GPL */
|
|
if (strcmp(mod->name, "driverloader") == 0)
|
|
add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
|
|
LOCKDEP_NOW_UNRELIABLE);
|
|
|
|
/* lve claims to be GPL but upstream won't provide source */
|
|
if (strcmp(mod->name, "lve") == 0)
|
|
add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
|
|
LOCKDEP_NOW_UNRELIABLE);
|
|
|
|
if (!prev_taint && test_taint(TAINT_PROPRIETARY_MODULE))
|
|
pr_warn("%s: module license taints kernel.\n", mod->name);
|
|
|
|
#ifdef CONFIG_MODVERSIONS
|
|
if ((mod->num_syms && !mod->crcs)
|
|
|| (mod->num_gpl_syms && !mod->gpl_crcs)
|
|
|| (mod->num_gpl_future_syms && !mod->gpl_future_crcs)
|
|
#ifdef CONFIG_UNUSED_SYMBOLS
|
|
|| (mod->num_unused_syms && !mod->unused_crcs)
|
|
|| (mod->num_unused_gpl_syms && !mod->unused_gpl_crcs)
|
|
#endif
|
|
) {
|
|
return try_to_force_load(mod,
|
|
"no versions for exported symbols");
|
|
}
|
|
#endif
|
|
return 0;
|
|
}
|
|
|
|
static void flush_module_icache(const struct module *mod)
|
|
{
|
|
mm_segment_t old_fs;
|
|
|
|
/* flush the icache in correct context */
|
|
old_fs = get_fs();
|
|
set_fs(KERNEL_DS);
|
|
|
|
/*
|
|
* Flush the instruction cache, since we've played with text.
|
|
* Do it before processing of module parameters, so the module
|
|
* can provide parameter accessor functions of its own.
|
|
*/
|
|
if (mod->module_init)
|
|
flush_icache_range((unsigned long)mod->module_init,
|
|
(unsigned long)mod->module_init
|
|
+ mod->init_size);
|
|
flush_icache_range((unsigned long)mod->module_core,
|
|
(unsigned long)mod->module_core + mod->core_size);
|
|
|
|
set_fs(old_fs);
|
|
}
|
|
|
|
int __weak module_frob_arch_sections(Elf_Ehdr *hdr,
|
|
Elf_Shdr *sechdrs,
|
|
char *secstrings,
|
|
struct module *mod)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static struct module *layout_and_allocate(struct load_info *info, int flags)
|
|
{
|
|
/* Module within temporary copy. */
|
|
struct module *mod;
|
|
int err;
|
|
|
|
mod = setup_load_info(info, flags);
|
|
if (IS_ERR(mod))
|
|
return mod;
|
|
|
|
err = check_modinfo(mod, info, flags);
|
|
if (err)
|
|
return ERR_PTR(err);
|
|
|
|
/* Allow arches to frob section contents and sizes. */
|
|
err = module_frob_arch_sections(info->hdr, info->sechdrs,
|
|
info->secstrings, mod);
|
|
if (err < 0)
|
|
return ERR_PTR(err);
|
|
|
|
/* We will do a special allocation for per-cpu sections later. */
|
|
info->sechdrs[info->index.pcpu].sh_flags &= ~(unsigned long)SHF_ALLOC;
|
|
|
|
/* Determine total sizes, and put offsets in sh_entsize. For now
|
|
this is done generically; there doesn't appear to be any
|
|
special cases for the architectures. */
|
|
layout_sections(mod, info);
|
|
layout_symtab(mod, info);
|
|
|
|
/* Allocate and move to the final place */
|
|
err = move_module(mod, info);
|
|
if (err)
|
|
return ERR_PTR(err);
|
|
|
|
/* Module has been copied to its final place now: return it. */
|
|
mod = (void *)info->sechdrs[info->index.mod].sh_addr;
|
|
kmemleak_load_module(mod, info);
|
|
return mod;
|
|
}
|
|
|
|
/* mod is no longer valid after this! */
|
|
static void module_deallocate(struct module *mod, struct load_info *info)
|
|
{
|
|
percpu_modfree(mod);
|
|
module_arch_freeing_init(mod);
|
|
module_memfree(mod->module_init);
|
|
module_memfree(mod->module_core);
|
|
}
|
|
|
|
int __weak module_finalize(const Elf_Ehdr *hdr,
|
|
const Elf_Shdr *sechdrs,
|
|
struct module *me)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static int post_relocation(struct module *mod, const struct load_info *info)
|
|
{
|
|
/* Sort exception table now relocations are done. */
|
|
sort_extable(mod->extable, mod->extable + mod->num_exentries);
|
|
|
|
/* Copy relocated percpu area over. */
|
|
percpu_modcopy(mod, (void *)info->sechdrs[info->index.pcpu].sh_addr,
|
|
info->sechdrs[info->index.pcpu].sh_size);
|
|
|
|
/* Setup kallsyms-specific fields. */
|
|
add_kallsyms(mod, info);
|
|
|
|
/* Arch-specific module finalizing. */
|
|
return module_finalize(info->hdr, info->sechdrs, mod);
|
|
}
|
|
|
|
/* Is this module of this name done loading? No locks held. */
|
|
static bool finished_loading(const char *name)
|
|
{
|
|
struct module *mod;
|
|
bool ret;
|
|
|
|
/*
|
|
* The module_mutex should not be a heavily contended lock;
|
|
* if we get the occasional sleep here, we'll go an extra iteration
|
|
* in the wait_event_interruptible(), which is harmless.
|
|
*/
|
|
sched_annotate_sleep();
|
|
mutex_lock(&module_mutex);
|
|
mod = find_module_all(name, strlen(name), true);
|
|
ret = !mod || mod->state == MODULE_STATE_LIVE;
|
|
mutex_unlock(&module_mutex);
|
|
|
|
return ret;
|
|
}
|
|
|
|
/* Call module constructors. */
|
|
static void do_mod_ctors(struct module *mod)
|
|
{
|
|
#ifdef CONFIG_CONSTRUCTORS
|
|
unsigned long i;
|
|
|
|
for (i = 0; i < mod->num_ctors; i++)
|
|
mod->ctors[i]();
|
|
#endif
|
|
}
|
|
|
|
/* For freeing module_init on success, in case kallsyms traversing */
|
|
struct mod_initfree {
|
|
struct rcu_head rcu;
|
|
void *module_init;
|
|
};
|
|
|
|
static void do_free_init(struct rcu_head *head)
|
|
{
|
|
struct mod_initfree *m = container_of(head, struct mod_initfree, rcu);
|
|
module_memfree(m->module_init);
|
|
kfree(m);
|
|
}
|
|
|
|
/*
|
|
* This is where the real work happens.
|
|
*
|
|
* Keep it uninlined to provide a reliable breakpoint target, e.g. for the gdb
|
|
* helper command 'lx-symbols'.
|
|
*/
|
|
static noinline int do_init_module(struct module *mod)
|
|
{
|
|
int ret = 0;
|
|
struct mod_initfree *freeinit;
|
|
|
|
freeinit = kmalloc(sizeof(*freeinit), GFP_KERNEL);
|
|
if (!freeinit) {
|
|
ret = -ENOMEM;
|
|
goto fail;
|
|
}
|
|
freeinit->module_init = mod->module_init;
|
|
|
|
/*
|
|
* We want to find out whether @mod uses async during init. Clear
|
|
* PF_USED_ASYNC. async_schedule*() will set it.
|
|
*/
|
|
current->flags &= ~PF_USED_ASYNC;
|
|
|
|
do_mod_ctors(mod);
|
|
/* Start the module */
|
|
if (mod->init != NULL)
|
|
ret = do_one_initcall(mod->init);
|
|
if (ret < 0) {
|
|
goto fail_free_freeinit;
|
|
}
|
|
if (ret > 0) {
|
|
pr_warn("%s: '%s'->init suspiciously returned %d, it should "
|
|
"follow 0/-E convention\n"
|
|
"%s: loading module anyway...\n",
|
|
__func__, mod->name, ret, __func__);
|
|
dump_stack();
|
|
}
|
|
|
|
/* Now it's a first class citizen! */
|
|
mod->state = MODULE_STATE_LIVE;
|
|
blocking_notifier_call_chain(&module_notify_list,
|
|
MODULE_STATE_LIVE, mod);
|
|
|
|
/*
|
|
* We need to finish all async code before the module init sequence
|
|
* is done. This has potential to deadlock. For example, a newly
|
|
* detected block device can trigger request_module() of the
|
|
* default iosched from async probing task. Once userland helper
|
|
* reaches here, async_synchronize_full() will wait on the async
|
|
* task waiting on request_module() and deadlock.
|
|
*
|
|
* This deadlock is avoided by perfomring async_synchronize_full()
|
|
* iff module init queued any async jobs. This isn't a full
|
|
* solution as it will deadlock the same if module loading from
|
|
* async jobs nests more than once; however, due to the various
|
|
* constraints, this hack seems to be the best option for now.
|
|
* Please refer to the following thread for details.
|
|
*
|
|
* http://thread.gmane.org/gmane.linux.kernel/1420814
|
|
*/
|
|
if (!mod->async_probe_requested && (current->flags & PF_USED_ASYNC))
|
|
async_synchronize_full();
|
|
|
|
mutex_lock(&module_mutex);
|
|
/* Drop initial reference. */
|
|
module_put(mod);
|
|
trim_init_extable(mod);
|
|
#ifdef CONFIG_KALLSYMS
|
|
/* Switch to core kallsyms now init is done: kallsyms may be walking! */
|
|
rcu_assign_pointer(mod->kallsyms, &mod->core_kallsyms);
|
|
#endif
|
|
mod_tree_remove_init(mod);
|
|
unset_module_init_ro_nx(mod);
|
|
module_arch_freeing_init(mod);
|
|
mod->module_init = NULL;
|
|
mod->init_size = 0;
|
|
mod->init_ro_size = 0;
|
|
mod->init_text_size = 0;
|
|
/*
|
|
* We want to free module_init, but be aware that kallsyms may be
|
|
* walking this with preempt disabled. In all the failure paths, we
|
|
* call synchronize_sched(), but we don't want to slow down the success
|
|
* path, so use actual RCU here.
|
|
*/
|
|
call_rcu_sched(&freeinit->rcu, do_free_init);
|
|
mutex_unlock(&module_mutex);
|
|
wake_up_all(&module_wq);
|
|
|
|
return 0;
|
|
|
|
fail_free_freeinit:
|
|
kfree(freeinit);
|
|
fail:
|
|
/* Try to protect us from buggy refcounters. */
|
|
mod->state = MODULE_STATE_GOING;
|
|
synchronize_sched();
|
|
module_put(mod);
|
|
blocking_notifier_call_chain(&module_notify_list,
|
|
MODULE_STATE_GOING, mod);
|
|
free_module(mod);
|
|
wake_up_all(&module_wq);
|
|
return ret;
|
|
}
|
|
|
|
static int may_init_module(void)
|
|
{
|
|
if (!capable(CAP_SYS_MODULE) || modules_disabled)
|
|
return -EPERM;
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* We try to place it in the list now to make sure it's unique before
|
|
* we dedicate too many resources. In particular, temporary percpu
|
|
* memory exhaustion.
|
|
*/
|
|
static int add_unformed_module(struct module *mod)
|
|
{
|
|
int err;
|
|
struct module *old;
|
|
|
|
mod->state = MODULE_STATE_UNFORMED;
|
|
|
|
again:
|
|
mutex_lock(&module_mutex);
|
|
old = find_module_all(mod->name, strlen(mod->name), true);
|
|
if (old != NULL) {
|
|
if (old->state != MODULE_STATE_LIVE) {
|
|
/* Wait in case it fails to load. */
|
|
mutex_unlock(&module_mutex);
|
|
err = wait_event_interruptible(module_wq,
|
|
finished_loading(mod->name));
|
|
if (err)
|
|
goto out_unlocked;
|
|
goto again;
|
|
}
|
|
err = -EEXIST;
|
|
goto out;
|
|
}
|
|
mod_update_bounds(mod);
|
|
list_add_rcu(&mod->list, &modules);
|
|
mod_tree_insert(mod);
|
|
err = 0;
|
|
|
|
out:
|
|
mutex_unlock(&module_mutex);
|
|
out_unlocked:
|
|
return err;
|
|
}
|
|
|
|
static int complete_formation(struct module *mod, struct load_info *info)
|
|
{
|
|
int err;
|
|
|
|
mutex_lock(&module_mutex);
|
|
|
|
/* Find duplicate symbols (must be called under lock). */
|
|
err = verify_export_symbols(mod);
|
|
if (err < 0)
|
|
goto out;
|
|
|
|
/* This relies on module_mutex for list integrity. */
|
|
module_bug_finalize(info->hdr, info->sechdrs, mod);
|
|
|
|
/* Set RO and NX regions for core */
|
|
set_section_ro_nx(mod->module_core,
|
|
mod->core_text_size,
|
|
mod->core_ro_size,
|
|
mod->core_size);
|
|
|
|
/* Set RO and NX regions for init */
|
|
set_section_ro_nx(mod->module_init,
|
|
mod->init_text_size,
|
|
mod->init_ro_size,
|
|
mod->init_size);
|
|
|
|
/* Mark state as coming so strong_try_module_get() ignores us,
|
|
* but kallsyms etc. can see us. */
|
|
mod->state = MODULE_STATE_COMING;
|
|
mutex_unlock(&module_mutex);
|
|
|
|
blocking_notifier_call_chain(&module_notify_list,
|
|
MODULE_STATE_COMING, mod);
|
|
return 0;
|
|
|
|
out:
|
|
mutex_unlock(&module_mutex);
|
|
return err;
|
|
}
|
|
|
|
static int unknown_module_param_cb(char *param, char *val, const char *modname,
|
|
void *arg)
|
|
{
|
|
struct module *mod = arg;
|
|
int ret;
|
|
|
|
if (strcmp(param, "async_probe") == 0) {
|
|
mod->async_probe_requested = true;
|
|
return 0;
|
|
}
|
|
|
|
/* Check for magic 'dyndbg' arg */
|
|
ret = ddebug_dyndbg_module_param_cb(param, val, modname);
|
|
if (ret != 0)
|
|
pr_warn("%s: unknown parameter '%s' ignored\n", modname, param);
|
|
return 0;
|
|
}
|
|
|
|
/* Allocate and load the module: note that size of section 0 is always
|
|
zero, and we rely on this for optional sections. */
|
|
static int load_module(struct load_info *info, const char __user *uargs,
|
|
int flags)
|
|
{
|
|
struct module *mod;
|
|
long err;
|
|
char *after_dashes;
|
|
|
|
err = module_sig_check(info, flags);
|
|
if (err)
|
|
goto free_copy;
|
|
|
|
err = elf_header_check(info);
|
|
if (err)
|
|
goto free_copy;
|
|
|
|
/* Figure out module layout, and allocate all the memory. */
|
|
mod = layout_and_allocate(info, flags);
|
|
if (IS_ERR(mod)) {
|
|
err = PTR_ERR(mod);
|
|
goto free_copy;
|
|
}
|
|
|
|
/* Reserve our place in the list. */
|
|
err = add_unformed_module(mod);
|
|
if (err)
|
|
goto free_module;
|
|
|
|
#ifdef CONFIG_MODULE_SIG
|
|
mod->sig_ok = info->sig_ok;
|
|
if (!mod->sig_ok) {
|
|
pr_notice_once("%s: module verification failed: signature "
|
|
"and/or required key missing - tainting "
|
|
"kernel\n", mod->name);
|
|
add_taint_module(mod, TAINT_UNSIGNED_MODULE, LOCKDEP_STILL_OK);
|
|
}
|
|
#endif
|
|
|
|
/* To avoid stressing percpu allocator, do this once we're unique. */
|
|
err = percpu_modalloc(mod, info);
|
|
if (err)
|
|
goto unlink_mod;
|
|
|
|
/* Now module is in final location, initialize linked lists, etc. */
|
|
err = module_unload_init(mod);
|
|
if (err)
|
|
goto unlink_mod;
|
|
|
|
init_param_lock(mod);
|
|
|
|
/* Now we've got everything in the final locations, we can
|
|
* find optional sections. */
|
|
err = find_module_sections(mod, info);
|
|
if (err)
|
|
goto free_unload;
|
|
|
|
err = check_module_license_and_versions(mod);
|
|
if (err)
|
|
goto free_unload;
|
|
|
|
/* Set up MODINFO_ATTR fields */
|
|
setup_modinfo(mod, info);
|
|
|
|
/* Fix up syms, so that st_value is a pointer to location. */
|
|
err = simplify_symbols(mod, info);
|
|
if (err < 0)
|
|
goto free_modinfo;
|
|
|
|
err = apply_relocations(mod, info);
|
|
if (err < 0)
|
|
goto free_modinfo;
|
|
|
|
err = post_relocation(mod, info);
|
|
if (err < 0)
|
|
goto free_modinfo;
|
|
|
|
flush_module_icache(mod);
|
|
|
|
/* Now copy in args */
|
|
mod->args = strndup_user(uargs, ~0UL >> 1);
|
|
if (IS_ERR(mod->args)) {
|
|
err = PTR_ERR(mod->args);
|
|
goto free_arch_cleanup;
|
|
}
|
|
|
|
dynamic_debug_setup(info->debug, info->num_debug);
|
|
|
|
/* Ftrace init must be called in the MODULE_STATE_UNFORMED state */
|
|
ftrace_module_init(mod);
|
|
|
|
/* Finally it's fully formed, ready to start executing. */
|
|
err = complete_formation(mod, info);
|
|
if (err)
|
|
goto ddebug_cleanup;
|
|
|
|
/* Module is ready to execute: parsing args may do that. */
|
|
after_dashes = parse_args(mod->name, mod->args, mod->kp, mod->num_kp,
|
|
-32768, 32767, mod,
|
|
unknown_module_param_cb);
|
|
if (IS_ERR(after_dashes)) {
|
|
err = PTR_ERR(after_dashes);
|
|
goto bug_cleanup;
|
|
} else if (after_dashes) {
|
|
pr_warn("%s: parameters '%s' after `--' ignored\n",
|
|
mod->name, after_dashes);
|
|
}
|
|
|
|
/* Link in to syfs. */
|
|
err = mod_sysfs_setup(mod, info, mod->kp, mod->num_kp);
|
|
if (err < 0)
|
|
goto bug_cleanup;
|
|
|
|
/* Get rid of temporary copy. */
|
|
free_copy(info);
|
|
|
|
/* Done! */
|
|
trace_module_load(mod);
|
|
|
|
return do_init_module(mod);
|
|
|
|
bug_cleanup:
|
|
/* module_bug_cleanup needs module_mutex protection */
|
|
mutex_lock(&module_mutex);
|
|
module_bug_cleanup(mod);
|
|
mutex_unlock(&module_mutex);
|
|
|
|
blocking_notifier_call_chain(&module_notify_list,
|
|
MODULE_STATE_GOING, mod);
|
|
|
|
/* we can't deallocate the module until we clear memory protection */
|
|
unset_module_init_ro_nx(mod);
|
|
unset_module_core_ro_nx(mod);
|
|
|
|
ddebug_cleanup:
|
|
dynamic_debug_remove(info->debug);
|
|
synchronize_sched();
|
|
kfree(mod->args);
|
|
free_arch_cleanup:
|
|
module_arch_cleanup(mod);
|
|
free_modinfo:
|
|
free_modinfo(mod);
|
|
free_unload:
|
|
module_unload_free(mod);
|
|
unlink_mod:
|
|
mutex_lock(&module_mutex);
|
|
/* Unlink carefully: kallsyms could be walking list. */
|
|
list_del_rcu(&mod->list);
|
|
mod_tree_remove(mod);
|
|
wake_up_all(&module_wq);
|
|
/* Wait for RCU-sched synchronizing before releasing mod->list. */
|
|
synchronize_sched();
|
|
mutex_unlock(&module_mutex);
|
|
free_module:
|
|
/*
|
|
* Ftrace needs to clean up what it initialized.
|
|
* This does nothing if ftrace_module_init() wasn't called,
|
|
* but it must be called outside of module_mutex.
|
|
*/
|
|
ftrace_release_mod(mod);
|
|
/* Free lock-classes; relies on the preceding sync_rcu() */
|
|
lockdep_free_key_range(mod->module_core, mod->core_size);
|
|
|
|
module_deallocate(mod, info);
|
|
free_copy:
|
|
free_copy(info);
|
|
return err;
|
|
}
|
|
|
|
SYSCALL_DEFINE3(init_module, void __user *, umod,
|
|
unsigned long, len, const char __user *, uargs)
|
|
{
|
|
int err;
|
|
struct load_info info = { };
|
|
|
|
err = may_init_module();
|
|
if (err)
|
|
return err;
|
|
|
|
pr_debug("init_module: umod=%p, len=%lu, uargs=%p\n",
|
|
umod, len, uargs);
|
|
|
|
err = copy_module_from_user(umod, len, &info);
|
|
if (err)
|
|
return err;
|
|
|
|
return load_module(&info, uargs, 0);
|
|
}
|
|
|
|
SYSCALL_DEFINE3(finit_module, int, fd, const char __user *, uargs, int, flags)
|
|
{
|
|
int err;
|
|
struct load_info info = { };
|
|
|
|
err = may_init_module();
|
|
if (err)
|
|
return err;
|
|
|
|
pr_debug("finit_module: fd=%d, uargs=%p, flags=%i\n", fd, uargs, flags);
|
|
|
|
if (flags & ~(MODULE_INIT_IGNORE_MODVERSIONS
|
|
|MODULE_INIT_IGNORE_VERMAGIC))
|
|
return -EINVAL;
|
|
|
|
err = copy_module_from_fd(fd, &info);
|
|
if (err)
|
|
return err;
|
|
|
|
return load_module(&info, uargs, flags);
|
|
}
|
|
|
|
static inline int within(unsigned long addr, void *start, unsigned long size)
|
|
{
|
|
return ((void *)addr >= start && (void *)addr < start + size);
|
|
}
|
|
|
|
#ifdef CONFIG_KALLSYMS
|
|
/*
|
|
* This ignores the intensely annoying "mapping symbols" found
|
|
* in ARM ELF files: $a, $t and $d.
|
|
*/
|
|
static inline int is_arm_mapping_symbol(const char *str)
|
|
{
|
|
if (str[0] == '.' && str[1] == 'L')
|
|
return true;
|
|
return str[0] == '$' && strchr("axtd", str[1])
|
|
&& (str[2] == '\0' || str[2] == '.');
|
|
}
|
|
|
|
static const char *symname(struct mod_kallsyms *kallsyms, unsigned int symnum)
|
|
{
|
|
return kallsyms->strtab + kallsyms->symtab[symnum].st_name;
|
|
}
|
|
|
|
static const char *get_ksymbol(struct module *mod,
|
|
unsigned long addr,
|
|
unsigned long *size,
|
|
unsigned long *offset)
|
|
{
|
|
unsigned int i, best = 0;
|
|
unsigned long nextval;
|
|
struct mod_kallsyms *kallsyms = rcu_dereference_sched(mod->kallsyms);
|
|
|
|
/* At worse, next value is at end of module */
|
|
if (within_module_init(addr, mod))
|
|
nextval = (unsigned long)mod->module_init+mod->init_text_size;
|
|
else
|
|
nextval = (unsigned long)mod->module_core+mod->core_text_size;
|
|
|
|
/* Scan for closest preceding symbol, and next symbol. (ELF
|
|
starts real symbols at 1). */
|
|
for (i = 1; i < kallsyms->num_symtab; i++) {
|
|
if (kallsyms->symtab[i].st_shndx == SHN_UNDEF)
|
|
continue;
|
|
|
|
/* We ignore unnamed symbols: they're uninformative
|
|
* and inserted at a whim. */
|
|
if (*symname(kallsyms, i) == '\0'
|
|
|| is_arm_mapping_symbol(symname(kallsyms, i)))
|
|
continue;
|
|
|
|
if (kallsyms->symtab[i].st_value <= addr
|
|
&& kallsyms->symtab[i].st_value > kallsyms->symtab[best].st_value)
|
|
best = i;
|
|
if (kallsyms->symtab[i].st_value > addr
|
|
&& kallsyms->symtab[i].st_value < nextval)
|
|
nextval = kallsyms->symtab[i].st_value;
|
|
}
|
|
|
|
if (!best)
|
|
return NULL;
|
|
|
|
if (size)
|
|
*size = nextval - kallsyms->symtab[best].st_value;
|
|
if (offset)
|
|
*offset = addr - kallsyms->symtab[best].st_value;
|
|
return symname(kallsyms, best);
|
|
}
|
|
|
|
/* For kallsyms to ask for address resolution. NULL means not found. Careful
|
|
* not to lock to avoid deadlock on oopses, simply disable preemption. */
|
|
const char *module_address_lookup(unsigned long addr,
|
|
unsigned long *size,
|
|
unsigned long *offset,
|
|
char **modname,
|
|
char *namebuf)
|
|
{
|
|
const char *ret = NULL;
|
|
struct module *mod;
|
|
|
|
preempt_disable();
|
|
mod = __module_address(addr);
|
|
if (mod) {
|
|
if (modname)
|
|
*modname = mod->name;
|
|
ret = get_ksymbol(mod, addr, size, offset);
|
|
}
|
|
/* Make a copy in here where it's safe */
|
|
if (ret) {
|
|
strncpy(namebuf, ret, KSYM_NAME_LEN - 1);
|
|
ret = namebuf;
|
|
}
|
|
preempt_enable();
|
|
|
|
return ret;
|
|
}
|
|
|
|
int lookup_module_symbol_name(unsigned long addr, char *symname)
|
|
{
|
|
struct module *mod;
|
|
|
|
preempt_disable();
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
if (within_module(addr, mod)) {
|
|
const char *sym;
|
|
|
|
sym = get_ksymbol(mod, addr, NULL, NULL);
|
|
if (!sym)
|
|
goto out;
|
|
strlcpy(symname, sym, KSYM_NAME_LEN);
|
|
preempt_enable();
|
|
return 0;
|
|
}
|
|
}
|
|
out:
|
|
preempt_enable();
|
|
return -ERANGE;
|
|
}
|
|
|
|
int lookup_module_symbol_attrs(unsigned long addr, unsigned long *size,
|
|
unsigned long *offset, char *modname, char *name)
|
|
{
|
|
struct module *mod;
|
|
|
|
preempt_disable();
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
if (within_module(addr, mod)) {
|
|
const char *sym;
|
|
|
|
sym = get_ksymbol(mod, addr, size, offset);
|
|
if (!sym)
|
|
goto out;
|
|
if (modname)
|
|
strlcpy(modname, mod->name, MODULE_NAME_LEN);
|
|
if (name)
|
|
strlcpy(name, sym, KSYM_NAME_LEN);
|
|
preempt_enable();
|
|
return 0;
|
|
}
|
|
}
|
|
out:
|
|
preempt_enable();
|
|
return -ERANGE;
|
|
}
|
|
|
|
int module_get_kallsym(unsigned int symnum, unsigned long *value, char *type,
|
|
char *name, char *module_name, int *exported)
|
|
{
|
|
struct module *mod;
|
|
|
|
preempt_disable();
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
struct mod_kallsyms *kallsyms;
|
|
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
kallsyms = rcu_dereference_sched(mod->kallsyms);
|
|
if (symnum < kallsyms->num_symtab) {
|
|
*value = kallsyms->symtab[symnum].st_value;
|
|
*type = kallsyms->symtab[symnum].st_info;
|
|
strlcpy(name, symname(kallsyms, symnum), KSYM_NAME_LEN);
|
|
strlcpy(module_name, mod->name, MODULE_NAME_LEN);
|
|
*exported = is_exported(name, *value, mod);
|
|
preempt_enable();
|
|
return 0;
|
|
}
|
|
symnum -= kallsyms->num_symtab;
|
|
}
|
|
preempt_enable();
|
|
return -ERANGE;
|
|
}
|
|
|
|
static unsigned long mod_find_symname(struct module *mod, const char *name)
|
|
{
|
|
unsigned int i;
|
|
struct mod_kallsyms *kallsyms = rcu_dereference_sched(mod->kallsyms);
|
|
|
|
for (i = 0; i < kallsyms->num_symtab; i++)
|
|
if (strcmp(name, symname(kallsyms, i)) == 0 &&
|
|
kallsyms->symtab[i].st_shndx != SHN_UNDEF)
|
|
return kallsyms->symtab[i].st_value;
|
|
return 0;
|
|
}
|
|
|
|
/* Look for this name: can be of form module:name. */
|
|
unsigned long module_kallsyms_lookup_name(const char *name)
|
|
{
|
|
struct module *mod;
|
|
char *colon;
|
|
unsigned long ret = 0;
|
|
|
|
/* Don't lock: we're in enough trouble already. */
|
|
preempt_disable();
|
|
if ((colon = strchr(name, ':')) != NULL) {
|
|
if ((mod = find_module_all(name, colon - name, false)) != NULL)
|
|
ret = mod_find_symname(mod, colon+1);
|
|
} else {
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
if ((ret = mod_find_symname(mod, name)) != 0)
|
|
break;
|
|
}
|
|
}
|
|
preempt_enable();
|
|
return ret;
|
|
}
|
|
|
|
int module_kallsyms_on_each_symbol(int (*fn)(void *, const char *,
|
|
struct module *, unsigned long),
|
|
void *data)
|
|
{
|
|
struct module *mod;
|
|
unsigned int i;
|
|
int ret;
|
|
|
|
module_assert_mutex();
|
|
|
|
list_for_each_entry(mod, &modules, list) {
|
|
/* We hold module_mutex: no need for rcu_dereference_sched */
|
|
struct mod_kallsyms *kallsyms = mod->kallsyms;
|
|
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
for (i = 0; i < kallsyms->num_symtab; i++) {
|
|
|
|
if (kallsyms->symtab[i].st_shndx == SHN_UNDEF)
|
|
continue;
|
|
|
|
ret = fn(data, symname(kallsyms, i),
|
|
mod, kallsyms->symtab[i].st_value);
|
|
if (ret != 0)
|
|
return ret;
|
|
}
|
|
}
|
|
return 0;
|
|
}
|
|
#endif /* CONFIG_KALLSYMS */
|
|
|
|
static char *module_flags(struct module *mod, char *buf)
|
|
{
|
|
int bx = 0;
|
|
|
|
BUG_ON(mod->state == MODULE_STATE_UNFORMED);
|
|
if (mod->taints ||
|
|
mod->state == MODULE_STATE_GOING ||
|
|
mod->state == MODULE_STATE_COMING) {
|
|
buf[bx++] = '(';
|
|
bx += module_flags_taint(mod, buf + bx);
|
|
/* Show a - for module-is-being-unloaded */
|
|
if (mod->state == MODULE_STATE_GOING)
|
|
buf[bx++] = '-';
|
|
/* Show a + for module-is-being-loaded */
|
|
if (mod->state == MODULE_STATE_COMING)
|
|
buf[bx++] = '+';
|
|
buf[bx++] = ')';
|
|
}
|
|
buf[bx] = '\0';
|
|
|
|
return buf;
|
|
}
|
|
|
|
#ifdef CONFIG_PROC_FS
|
|
/* Called by the /proc file system to return a list of modules. */
|
|
static void *m_start(struct seq_file *m, loff_t *pos)
|
|
{
|
|
mutex_lock(&module_mutex);
|
|
return seq_list_start(&modules, *pos);
|
|
}
|
|
|
|
static void *m_next(struct seq_file *m, void *p, loff_t *pos)
|
|
{
|
|
return seq_list_next(p, &modules, pos);
|
|
}
|
|
|
|
static void m_stop(struct seq_file *m, void *p)
|
|
{
|
|
mutex_unlock(&module_mutex);
|
|
}
|
|
|
|
static int m_show(struct seq_file *m, void *p)
|
|
{
|
|
struct module *mod = list_entry(p, struct module, list);
|
|
char buf[8];
|
|
|
|
/* We always ignore unformed modules. */
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
return 0;
|
|
|
|
seq_printf(m, "%s %u",
|
|
mod->name, mod->init_size + mod->core_size);
|
|
print_unload_info(m, mod);
|
|
|
|
/* Informative for users. */
|
|
seq_printf(m, " %s",
|
|
mod->state == MODULE_STATE_GOING ? "Unloading" :
|
|
mod->state == MODULE_STATE_COMING ? "Loading" :
|
|
"Live");
|
|
/* Used by oprofile and other similar tools. */
|
|
seq_printf(m, " 0x%pK", mod->module_core);
|
|
|
|
/* Taints info */
|
|
if (mod->taints)
|
|
seq_printf(m, " %s", module_flags(mod, buf));
|
|
|
|
seq_puts(m, "\n");
|
|
return 0;
|
|
}
|
|
|
|
/* Format: modulename size refcount deps address
|
|
|
|
Where refcount is a number or -, and deps is a comma-separated list
|
|
of depends or -.
|
|
*/
|
|
static const struct seq_operations modules_op = {
|
|
.start = m_start,
|
|
.next = m_next,
|
|
.stop = m_stop,
|
|
.show = m_show
|
|
};
|
|
|
|
static int modules_open(struct inode *inode, struct file *file)
|
|
{
|
|
return seq_open(file, &modules_op);
|
|
}
|
|
|
|
static const struct file_operations proc_modules_operations = {
|
|
.open = modules_open,
|
|
.read = seq_read,
|
|
.llseek = seq_lseek,
|
|
.release = seq_release,
|
|
};
|
|
|
|
static int __init proc_modules_init(void)
|
|
{
|
|
proc_create("modules", 0, NULL, &proc_modules_operations);
|
|
return 0;
|
|
}
|
|
module_init(proc_modules_init);
|
|
#endif
|
|
|
|
/* Given an address, look for it in the module exception tables. */
|
|
const struct exception_table_entry *search_module_extables(unsigned long addr)
|
|
{
|
|
const struct exception_table_entry *e = NULL;
|
|
struct module *mod;
|
|
|
|
preempt_disable();
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
if (mod->num_exentries == 0)
|
|
continue;
|
|
|
|
e = search_extable(mod->extable,
|
|
mod->extable + mod->num_exentries - 1,
|
|
addr);
|
|
if (e)
|
|
break;
|
|
}
|
|
preempt_enable();
|
|
|
|
/* Now, if we found one, we are running inside it now, hence
|
|
we cannot unload the module, hence no refcnt needed. */
|
|
return e;
|
|
}
|
|
|
|
/*
|
|
* is_module_address - is this address inside a module?
|
|
* @addr: the address to check.
|
|
*
|
|
* See is_module_text_address() if you simply want to see if the address
|
|
* is code (not data).
|
|
*/
|
|
bool is_module_address(unsigned long addr)
|
|
{
|
|
bool ret;
|
|
|
|
preempt_disable();
|
|
ret = __module_address(addr) != NULL;
|
|
preempt_enable();
|
|
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* __module_address - get the module which contains an address.
|
|
* @addr: the address.
|
|
*
|
|
* Must be called with preempt disabled or module mutex held so that
|
|
* module doesn't get freed during this.
|
|
*/
|
|
struct module *__module_address(unsigned long addr)
|
|
{
|
|
struct module *mod;
|
|
|
|
if (addr < module_addr_min || addr > module_addr_max)
|
|
return NULL;
|
|
|
|
module_assert_mutex_or_preempt();
|
|
|
|
mod = mod_find(addr);
|
|
if (mod) {
|
|
BUG_ON(!within_module(addr, mod));
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
mod = NULL;
|
|
}
|
|
return mod;
|
|
}
|
|
EXPORT_SYMBOL_GPL(__module_address);
|
|
|
|
/*
|
|
* is_module_text_address - is this address inside module code?
|
|
* @addr: the address to check.
|
|
*
|
|
* See is_module_address() if you simply want to see if the address is
|
|
* anywhere in a module. See kernel_text_address() for testing if an
|
|
* address corresponds to kernel or module code.
|
|
*/
|
|
bool is_module_text_address(unsigned long addr)
|
|
{
|
|
bool ret;
|
|
|
|
preempt_disable();
|
|
ret = __module_text_address(addr) != NULL;
|
|
preempt_enable();
|
|
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* __module_text_address - get the module whose code contains an address.
|
|
* @addr: the address.
|
|
*
|
|
* Must be called with preempt disabled or module mutex held so that
|
|
* module doesn't get freed during this.
|
|
*/
|
|
struct module *__module_text_address(unsigned long addr)
|
|
{
|
|
struct module *mod = __module_address(addr);
|
|
if (mod) {
|
|
/* Make sure it's within the text section. */
|
|
if (!within(addr, mod->module_init, mod->init_text_size)
|
|
&& !within(addr, mod->module_core, mod->core_text_size))
|
|
mod = NULL;
|
|
}
|
|
return mod;
|
|
}
|
|
EXPORT_SYMBOL_GPL(__module_text_address);
|
|
|
|
/* Don't grab lock, we're oopsing. */
|
|
void print_modules(void)
|
|
{
|
|
struct module *mod;
|
|
char buf[8];
|
|
|
|
printk(KERN_DEFAULT "Modules linked in:");
|
|
/* Most callers should already have preempt disabled, but make sure */
|
|
preempt_disable();
|
|
list_for_each_entry_rcu(mod, &modules, list) {
|
|
if (mod->state == MODULE_STATE_UNFORMED)
|
|
continue;
|
|
pr_cont(" %s%s", mod->name, module_flags(mod, buf));
|
|
}
|
|
preempt_enable();
|
|
if (last_unloaded_module[0])
|
|
pr_cont(" [last unloaded: %s]", last_unloaded_module);
|
|
pr_cont("\n");
|
|
}
|
|
|
|
#ifdef CONFIG_MODVERSIONS
|
|
/* Generate the signature for all relevant module structures here.
|
|
* If these change, we don't want to try to parse the module. */
|
|
void module_layout(struct module *mod,
|
|
struct modversion_info *ver,
|
|
struct kernel_param *kp,
|
|
struct kernel_symbol *ks,
|
|
struct tracepoint * const *tp)
|
|
{
|
|
}
|
|
EXPORT_SYMBOL(module_layout);
|
|
#endif
|