mirror of
https://github.com/torvalds/linux.git
synced 2025-10-31 16:48:26 +02:00
0ce2c20293
The entire file is now conditionally compiled only when CONFIG_MODULES is enabled, and this this is a bool. Just move this conditional to the Makefile as its easier to read this way. Link: http://lkml.kernel.org/r/20170810180618.22457-5-mcgrof@kernel.org Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Cc: Kees Cook <keescook@chromium.org> Cc: Dmitry Torokhov <dmitry.torokhov@gmail.com> Cc: Jessica Yu <jeyu@redhat.com> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Michal Marek <mmarek@suse.com> Cc: Petr Mladek <pmladek@suse.com> Cc: Miroslav Benes <mbenes@suse.cz> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Guenter Roeck <linux@roeck-us.net> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Matt Redfearn <matt.redfearn@imgtec.com> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: Colin Ian King <colin.king@canonical.com> Cc: Daniel Mentz <danielmentz@google.com> Cc: David Binderman <dcb314@hotmail.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
178 lines
5 KiB
C
178 lines
5 KiB
C
/*
|
|
* kmod - the kernel module loader
|
|
*/
|
|
#include <linux/module.h>
|
|
#include <linux/sched.h>
|
|
#include <linux/sched/task.h>
|
|
#include <linux/binfmts.h>
|
|
#include <linux/syscalls.h>
|
|
#include <linux/unistd.h>
|
|
#include <linux/kmod.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/completion.h>
|
|
#include <linux/cred.h>
|
|
#include <linux/file.h>
|
|
#include <linux/fdtable.h>
|
|
#include <linux/workqueue.h>
|
|
#include <linux/security.h>
|
|
#include <linux/mount.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/init.h>
|
|
#include <linux/resource.h>
|
|
#include <linux/notifier.h>
|
|
#include <linux/suspend.h>
|
|
#include <linux/rwsem.h>
|
|
#include <linux/ptrace.h>
|
|
#include <linux/async.h>
|
|
#include <linux/uaccess.h>
|
|
|
|
#include <trace/events/module.h>
|
|
|
|
/*
|
|
* Assuming:
|
|
*
|
|
* threads = div64_u64((u64) totalram_pages * (u64) PAGE_SIZE,
|
|
* (u64) THREAD_SIZE * 8UL);
|
|
*
|
|
* If you need less than 50 threads would mean we're dealing with systems
|
|
* smaller than 3200 pages. This assuems you are capable of having ~13M memory,
|
|
* and this would only be an be an upper limit, after which the OOM killer
|
|
* would take effect. Systems like these are very unlikely if modules are
|
|
* enabled.
|
|
*/
|
|
#define MAX_KMOD_CONCURRENT 50
|
|
static atomic_t kmod_concurrent_max = ATOMIC_INIT(MAX_KMOD_CONCURRENT);
|
|
static DECLARE_WAIT_QUEUE_HEAD(kmod_wq);
|
|
|
|
/*
|
|
* This is a restriction on having *all* MAX_KMOD_CONCURRENT threads
|
|
* running at the same time without returning. When this happens we
|
|
* believe you've somehow ended up with a recursive module dependency
|
|
* creating a loop.
|
|
*
|
|
* We have no option but to fail.
|
|
*
|
|
* Userspace should proactively try to detect and prevent these.
|
|
*/
|
|
#define MAX_KMOD_ALL_BUSY_TIMEOUT 5
|
|
|
|
/*
|
|
modprobe_path is set via /proc/sys.
|
|
*/
|
|
char modprobe_path[KMOD_PATH_LEN] = "/sbin/modprobe";
|
|
|
|
static void free_modprobe_argv(struct subprocess_info *info)
|
|
{
|
|
kfree(info->argv[3]); /* check call_modprobe() */
|
|
kfree(info->argv);
|
|
}
|
|
|
|
static int call_modprobe(char *module_name, int wait)
|
|
{
|
|
struct subprocess_info *info;
|
|
static char *envp[] = {
|
|
"HOME=/",
|
|
"TERM=linux",
|
|
"PATH=/sbin:/usr/sbin:/bin:/usr/bin",
|
|
NULL
|
|
};
|
|
|
|
char **argv = kmalloc(sizeof(char *[5]), GFP_KERNEL);
|
|
if (!argv)
|
|
goto out;
|
|
|
|
module_name = kstrdup(module_name, GFP_KERNEL);
|
|
if (!module_name)
|
|
goto free_argv;
|
|
|
|
argv[0] = modprobe_path;
|
|
argv[1] = "-q";
|
|
argv[2] = "--";
|
|
argv[3] = module_name; /* check free_modprobe_argv() */
|
|
argv[4] = NULL;
|
|
|
|
info = call_usermodehelper_setup(modprobe_path, argv, envp, GFP_KERNEL,
|
|
NULL, free_modprobe_argv, NULL);
|
|
if (!info)
|
|
goto free_module_name;
|
|
|
|
return call_usermodehelper_exec(info, wait | UMH_KILLABLE);
|
|
|
|
free_module_name:
|
|
kfree(module_name);
|
|
free_argv:
|
|
kfree(argv);
|
|
out:
|
|
return -ENOMEM;
|
|
}
|
|
|
|
/**
|
|
* __request_module - try to load a kernel module
|
|
* @wait: wait (or not) for the operation to complete
|
|
* @fmt: printf style format string for the name of the module
|
|
* @...: arguments as specified in the format string
|
|
*
|
|
* Load a module using the user mode module loader. The function returns
|
|
* zero on success or a negative errno code or positive exit code from
|
|
* "modprobe" on failure. Note that a successful module load does not mean
|
|
* the module did not then unload and exit on an error of its own. Callers
|
|
* must check that the service they requested is now available not blindly
|
|
* invoke it.
|
|
*
|
|
* If module auto-loading support is disabled then this function
|
|
* becomes a no-operation.
|
|
*/
|
|
int __request_module(bool wait, const char *fmt, ...)
|
|
{
|
|
va_list args;
|
|
char module_name[MODULE_NAME_LEN];
|
|
int ret;
|
|
|
|
/*
|
|
* We don't allow synchronous module loading from async. Module
|
|
* init may invoke async_synchronize_full() which will end up
|
|
* waiting for this task which already is waiting for the module
|
|
* loading to complete, leading to a deadlock.
|
|
*/
|
|
WARN_ON_ONCE(wait && current_is_async());
|
|
|
|
if (!modprobe_path[0])
|
|
return 0;
|
|
|
|
va_start(args, fmt);
|
|
ret = vsnprintf(module_name, MODULE_NAME_LEN, fmt, args);
|
|
va_end(args);
|
|
if (ret >= MODULE_NAME_LEN)
|
|
return -ENAMETOOLONG;
|
|
|
|
ret = security_kernel_module_request(module_name);
|
|
if (ret)
|
|
return ret;
|
|
|
|
if (atomic_dec_if_positive(&kmod_concurrent_max) < 0) {
|
|
pr_warn_ratelimited("request_module: kmod_concurrent_max (%u) close to 0 (max_modprobes: %u), for module %s, throttling...",
|
|
atomic_read(&kmod_concurrent_max),
|
|
MAX_KMOD_CONCURRENT, module_name);
|
|
ret = wait_event_killable_timeout(kmod_wq,
|
|
atomic_dec_if_positive(&kmod_concurrent_max) >= 0,
|
|
MAX_KMOD_ALL_BUSY_TIMEOUT * HZ);
|
|
if (!ret) {
|
|
pr_warn_ratelimited("request_module: modprobe %s cannot be processed, kmod busy with %d threads for more than %d seconds now",
|
|
module_name, MAX_KMOD_CONCURRENT, MAX_KMOD_ALL_BUSY_TIMEOUT);
|
|
return -ETIME;
|
|
} else if (ret == -ERESTARTSYS) {
|
|
pr_warn_ratelimited("request_module: sigkill sent for modprobe %s, giving up", module_name);
|
|
return ret;
|
|
}
|
|
}
|
|
|
|
trace_module_request(module_name, wait, _RET_IP_);
|
|
|
|
ret = call_modprobe(module_name, wait ? UMH_WAIT_PROC : UMH_WAIT_EXEC);
|
|
|
|
atomic_inc(&kmod_concurrent_max);
|
|
wake_up(&kmod_wq);
|
|
|
|
return ret;
|
|
}
|
|
EXPORT_SYMBOL(__request_module);
|