Implement namespace checking in modpost This checks the namespaces at build time in modpost --- scripts/mod/modpost.c | 360 +++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 324 insertions(+), 36 deletions(-) --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1,8 +1,9 @@ -/* Postprocess module symbol versions +/* Postprocess module symbol versions and do various other module checks. * * Copyright 2003 Kai Germaschewski * Copyright 2002-2004 Rusty Russell, IBM Corporation * Copyright 2006-2008 Sam Ravnborg + * Copyright 2007 Andi Kleen, SUSE Labs (changes licensed GPLv2 only) * Based in part on module-init-tools/depmod.c,file2alias * * This software may be used and distributed according to the terms @@ -14,9 +15,13 @@ #define _GNU_SOURCE #include #include +#include #include "modpost.h" #include "../../include/linux/license.h" +#define NS_SEPARATOR '.' +#define NS_SEPARATOR_STRING "." + /* Are we using CONFIG_MODVERSIONS? */ int modversions = 0; /* Warn about undefined symbols? (do so if we have vmlinux) */ @@ -29,6 +34,9 @@ static int external_module = 0; static int vmlinux_section_warnings = 1; /* Only warn about unresolved symbols */ static int warn_unresolved = 0; +/* Fixing those would cause too many ifdefs -- off by default. */ +static int warn_missing_modules = 0; + /* How a symbol is exported */ static int sec_mismatch_count = 0; static int sec_mismatch_verbose = 1; @@ -110,20 +118,44 @@ static struct module *find_module(char * return mod; } -static struct module *new_module(char *modname) +static const char *my_basename(const char *s) +{ + char *p = strrchr(s, '/'); + if (p) + return p + 1; + return s; +} + +static struct module *find_module_base(char *modname) { struct module *mod; - char *p, *s; - mod = NOFAIL(malloc(sizeof(*mod))); - memset(mod, 0, sizeof(*mod)); - p = NOFAIL(strdup(modname)); + for (mod = modules; mod; mod = mod->next) { + if (strcmp(my_basename(mod->name), modname) == 0) + break; + } + return mod; +} +static void strip_o(char *p) +{ + char *s; /* strip trailing .o */ s = strrchr(p, '.'); if (s != NULL) if (strcmp(s, ".o") == 0) *s = '\0'; +} + +static struct module *new_module(char *modname) +{ + struct module *mod; + char *p; + + mod = NOFAIL(malloc(sizeof(*mod))); + memset(mod, 0, sizeof(*mod)); + p = NOFAIL(strdup(modname)); + strip_o(p); /* add to list */ mod->name = p; @@ -138,10 +170,12 @@ static struct module *new_module(char *m * struct symbol is also used for lists of unresolved symbols */ #define SYMBOL_HASH_SIZE 1024 +#define NSALLOW_HASH_SIZE 64 struct symbol { struct symbol *next; struct module *module; + const char *namespace; unsigned int crc; int crc_valid; unsigned int weak:1; @@ -153,10 +187,19 @@ struct symbol { char name[0]; }; +struct nsallow { + struct nsallow *next; + struct module *mod; + struct module *orig; + int ref; + char name[0]; +}; + static struct symbol *symbolhash[SYMBOL_HASH_SIZE]; +static struct nsallow *nsallowhash[NSALLOW_HASH_SIZE]; /* This is based on the hash agorithm from gdbm, via tdb */ -static inline unsigned int tdb_hash(const char *name) +static unsigned int tdb_hash(const char *name) { unsigned value; /* Used to compute the hash value. */ unsigned i; /* Used to cycle through random values. */ @@ -198,21 +241,66 @@ static struct symbol *new_symbol(const c return new; } -static struct symbol *find_symbol(const char *name) +static struct symbol *find_symbol(const char *name, const char *ns) { - struct symbol *s; + struct symbol *s, *match; /* For our purposes, .foo matches foo. PPC64 needs this. */ if (name[0] == '.') name++; + match = NULL; + for (s = symbolhash[tdb_hash(name) % SYMBOL_HASH_SIZE]; s; s=s->next) { + if (strcmp(s->name, name) == 0) { + match = s; + if (ns && s->namespace && strcmp(s->namespace, ns)) + continue; + return s; + } + } + return ns ? NULL : match; +} + +static struct nsallow *find_nsallow(const char *name, struct module *mod) +{ + struct nsallow *s; - for (s = symbolhash[tdb_hash(name) % SYMBOL_HASH_SIZE]; s; s = s->next) { + for (s = nsallowhash[tdb_hash(name)%NSALLOW_HASH_SIZE]; s; s = s->next) { + if (strcmp(s->name, name) == 0 && s->mod == mod) + return s; + } + return NULL; +} + +static struct nsallow *find_nsallow_name(const char *name) +{ + struct nsallow *s; + + for (s = nsallowhash[tdb_hash(name)%NSALLOW_HASH_SIZE]; s; s=s->next) { if (strcmp(s->name, name) == 0) return s; } return NULL; } +static struct nsallow * +new_nsallow(const char *name, struct module *module, struct module *orig) +{ + unsigned int hash; + struct nsallow *new; + unsigned len; + + len = sizeof(struct nsallow) + strlen(name) + 1; + new = NOFAIL(malloc(len)); + new->mod = module; + new->orig = orig; + new->ref = 0; + strcpy(new->name, name); + hash = tdb_hash(name) % NSALLOW_HASH_SIZE; + new->next = nsallowhash[hash]; + nsallowhash[hash] = new; + return new; +} + static struct { const char *str; enum export export; @@ -260,27 +348,103 @@ static enum export export_from_sec(struc return export_unknown; } +/* Check if all the name space that allows referencing the symbol's + namespace is in the same module as the export. This makes sure a + module doesn't allow itself into a namespace (the kernel checks + this too) */ +static void check_export_namespace(struct symbol *s) +{ + const char *namespace = s->namespace; + struct nsallow *nsa = find_nsallow_name(namespace); + if (!nsa) { + warn("%s: namespace %s used for export `%s', but no module " + "for it allowed\n", s->module->name, namespace, s->name); + } + for (; nsa; nsa = nsa->next) { + if (strcmp(nsa->name, namespace)) + continue; + if (nsa->orig == s->module) { + nsa->ref++; + return; + } + } + merror("No module allowed for namespace %s in %s exporting %s\n", + namespace, + s->module->name, + s->name); +} + +static void check_nsallow_referenced(void) +{ + int i; + struct nsallow *nsa; + for (i = 0; i < NSALLOW_HASH_SIZE; i++) { + for (nsa = nsallowhash[i]; nsa; nsa = nsa->next) + if (nsa->ref == 0 && !nsa->mod->skip) { + warn("%s: namespace %s allowed for module %s, " + "but no exports using it\n", + nsa->orig->name, + nsa->name, + nsa->mod->name); + } + } +} + +static const char *sep_ns(const char **name) +{ + char *p; + const char *s = strchr(*name, NS_SEPARATOR); + if (!s) + return NULL; + *name = NOFAIL(strdup(*name)); + p = strchr(*name, NS_SEPARATOR); + *p = '\0'; + return p + 1; +} + +static int deep_streq(const char *a, const char *b) +{ + if (a == b) + return 1; + if (!a || !b) + return 0; + return !strcmp(a, b); +} + /** * Add an exported symbol - it may have already been added without a * CRC, in this case just update the CRC **/ -static struct symbol *sym_add_exported(const char *name, struct module *mod, +static struct symbol *sym_add_exported(const char *oname, struct module *mod, enum export export) { - struct symbol *s = find_symbol(name); + const char *name = oname; + const char *namespace = sep_ns(&name); + struct symbol *s = find_symbol(name, namespace); if (!s) { s = new_symbol(name, mod, export); + s->namespace = namespace; } else { if (!s->preloaded) { warn("%s: '%s' exported twice. Previous export " - "was in %s%s\n", mod->name, name, + "was in %s%s\n", mod->name, oname, s->module->name, is_vmlinux(s->module->name) ?"":".ko"); + if (!deep_streq(s->namespace, namespace)) { + warn("%s: New namespace '%s' of '%s' doesn't " + "match existing namespace '%s'\n", + s->module->name, + namespace ?: "", + s->name ?: "???", + s->namespace ?: ""); + } } else { /* In case Modules.symvers was out of date */ s->module = mod; } + if (name != oname) + free((char *)name); } s->preloaded = 0; s->vmlinux = is_vmlinux(mod->name); @@ -289,13 +453,58 @@ static struct symbol *sym_add_exported(c return s; } -static void sym_update_crc(const char *name, struct module *mod, +static struct module * +nsmodule(const char *name, int sep, const char *namespace, struct module *orig) +{ + struct module *mod; + char *modname = NOFAIL(malloc(sep + 1)); + + memcpy(modname, name, sep); + modname[sep] = 0; + mod = find_module_base(modname); + if (!mod) { + if (warn_missing_modules) + warn("%s: Namespace allow for %s references unknown" + " module %.*s\n", orig->name, namespace, sep, name); + mod = new_module(modname); + mod->skip = 1; + } else { + free(modname); + } + return mod; +} + +static void sym_add_nsallow(const char *name, struct module *orig) +{ + struct module *mod; + int sep; + const char *namespace; + + sep = strcspn(name, NS_SEPARATOR_STRING); + if (name[sep] == 0 || sep == 0) { + warn("%s: Namespace allow '%s' incorrectly formatted\n", + orig->name, name); + return; + } + namespace = name + sep + 1; + mod = nsmodule(name, sep, namespace, orig); + if (!find_nsallow(namespace, mod)) + new_nsallow(namespace, mod, orig); +} + +static void sym_update_crc(const char *oname, struct module *mod, unsigned int crc, enum export export) { - struct symbol *s = find_symbol(name); + const char *name = oname; + const char *namespace = sep_ns(&name); + struct symbol *s = find_symbol(name, namespace); - if (!s) + if (!s) { s = new_symbol(name, mod, export); + } else if (oname != name) { + assert(deep_streq(s->namespace, namespace)); + free((char *)name); + } s->crc = crc; s->crc_valid = 1; } @@ -488,6 +697,22 @@ static int ignore_undef_symbol(struct el #define CRC_PFX MODULE_SYMBOL_PREFIX "__crc_" #define KSYMTAB_PFX MODULE_SYMBOL_PREFIX "__ksymtab_" +#define NSALLOW_PFX MODULE_SYMBOL_PREFIX "__knamespace_" + + +static void handle_nsallow(struct module *mod, struct elf_info *info, + Elf_Sym *sym, const char *symname) +{ + switch (sym->st_shndx) { + case SHN_COMMON: + case SHN_ABS: + case SHN_UNDEF: + break; + default: + if (!strncmp(symname, NSALLOW_PFX, sizeof(NSALLOW_PFX)-1)) + sym_add_nsallow(symname + sizeof(NSALLOW_PFX) - 1, mod); + } +} static void handle_modversions(struct module *mod, struct elf_info *info, Elf_Sym *sym, const char *symname) @@ -536,18 +761,24 @@ static void handle_modversions(struct mo if (memcmp(symname, MODULE_SYMBOL_PREFIX, strlen(MODULE_SYMBOL_PREFIX)) == 0) { - mod->unres = - alloc_symbol(symname + - strlen(MODULE_SYMBOL_PREFIX), - ELF_ST_BIND(sym->st_info) == STB_WEAK, - mod->unres); + const int plen = strlen(MODULE_SYMBOL_PREFIX); + const char *name = symname + plen; + const char *namespace = sep_ns(&name); + + mod->unres = alloc_symbol(name, + ELF_ST_BIND(sym->st_info) == STB_WEAK, + mod->unres); + mod->unres->namespace = namespace; } break; default: /* All exported symbols */ if (memcmp(symname, KSYMTAB_PFX, strlen(KSYMTAB_PFX)) == 0) { - sym_add_exported(symname + strlen(KSYMTAB_PFX), mod, - export); + struct symbol *s; + s = sym_add_exported(symname + strlen(KSYMTAB_PFX), mod, + export); + if (s->namespace) + check_export_namespace(s); } if (strcmp(symname, MODULE_SYMBOL_PREFIX "init_module") == 0) mod->has_init = 1; @@ -1554,11 +1785,16 @@ static void read_symbols(char *modname) struct elf_info info = { }; Elf_Sym *sym; + char m[strlen(modname) + 1]; + strcpy(m, modname); + strip_o(m); + + mod = find_module(m); + assert(mod != NULL); + if (!parse_elf(&info, modname)) return; - mod = new_module(modname); - /* When there's no vmlinux, don't print warnings about * unresolved symbols (since there'll be too many ;) */ if (is_vmlinux(modname)) { @@ -1582,6 +1818,12 @@ static void read_symbols(char *modname) "license", license); } + /* First process all nsallows to check them against the symbols */ + for (sym = info.symtab_start; sym < info.symtab_stop; sym++) { + symname = info.strtab + sym->st_name; + handle_nsallow(mod, &info, sym, symname); + } + for (sym = info.symtab_start; sym < info.symtab_stop; sym++) { symname = info.strtab + sym->st_name; @@ -1682,13 +1924,39 @@ static void check_for_unused(enum export } } +/* Check if symbol reference to S from module SYMMOD is allowed in namespace */ +static void check_symbol_ns(struct symbol *s, struct module *symmod, + const char *symmodname) +{ + const char *namespace = s->namespace; + struct nsallow *nsa; + int sep; + + if (is_vmlinux(symmodname)) + return; + nsa = find_nsallow(namespace, symmod); + if (nsa) + return; + sep = strcspn(s->name, NS_SEPARATOR_STRING); + if (!find_nsallow_name(namespace)) { + warn("%s: Unknown namespace %s referenced from `%.*s'\n", + symmodname, namespace, sep, s->name); + } else { + merror("%s: module not allowed to reference symbol " + "'%.*s' in namespace %s\n", + symmodname, + sep, s->name, + namespace); + } +} + static void check_exports(struct module *mod) { struct symbol *s, *exp; for (s = mod->unres; s; s = s->next) { const char *basename; - exp = find_symbol(s->name); + exp = find_symbol(s->name, s->namespace); if (!exp || exp->module == mod) continue; basename = strrchr(mod->name, '/'); @@ -1696,6 +1964,8 @@ static void check_exports(struct module basename++; else basename = mod->name; + if (s->namespace) + check_symbol_ns(s, mod, basename); if (!mod->gpl_compatible) check_for_gpl_usage(exp->export, basename, exp->name); check_for_unused(exp->export, basename, exp->name); @@ -1735,14 +2005,18 @@ static int add_versions(struct buffer *b int err = 0; for (s = mod->unres; s; s = s->next) { - exp = find_symbol(s->name); + exp = find_symbol(s->name, s->namespace); if (!exp || exp->module == mod) { if (have_vmlinux && !s->weak) { if (warn_unresolved) { - warn("\"%s\" [%s.ko] undefined!\n", + warn("\"%s%s%s\" [%s.ko] undefined!\n", + s->namespace ?: "", + s->namespace ? ":" : "", s->name, mod->name); } else { - merror("\"%s\" [%s.ko] undefined!\n", + merror("\"%s%s%s\" [%s.ko] undefined!\n", + s->namespace ?: "", + s->namespace ? ":" : "", s->name, mod->name); err = 1; } @@ -1902,7 +2176,7 @@ static void read_dump(const char *fname, if (!mod) { if (is_vmlinux(modname)) have_vmlinux = 1; - mod = new_module(NOFAIL(strdup(modname))); + mod = new_module(modname); mod->skip = 1; } s = sym_add_exported(symname, mod, export_no(export)); @@ -2049,6 +2323,7 @@ int main(int argc, char **argv) char *markers_write = NULL; int opt; int err; + int c; struct ext_sym_list *extsym_iter; struct ext_sym_list *extsym_start = NULL; @@ -2090,12 +2365,15 @@ int main(int argc, char **argv) case 'w': warn_unresolved = 1; break; - case 'M': - markers_write = optarg; - break; - case 'K': - markers_read = optarg; - break; + case 'M': + markers_write = optarg; + break; + case 'K': + markers_read = optarg; + break; + case 'X': + warn_missing_modules = 1; + break; default: exit(1); } @@ -2105,6 +2383,13 @@ int main(int argc, char **argv) read_dump(kernel_read, 1); if (module_read) read_dump(module_read, 0); + + for (c = optind; c < argc; c++) { + char s[strlen(argv[c]) + 1]; + strcpy(s, argv[c]); + new_module(s); + } + while (extsym_start) { read_dump(extsym_start->file, 0); extsym_iter = extsym_start->next; @@ -2121,6 +2406,9 @@ int main(int argc, char **argv) check_exports(mod); } + if (warn_unresolved) + check_nsallow_referenced(); + err = 0; for (mod = modules; mod; mod = mod->next) {