Re: [PATCH 8/8] modules: inherit TAINT_PROPRIETARY_MODULE

Thu, 30 Jul 2020 07:13:26 -0700 

+++ Christoph Hellwig [30/07/20 08:10 +0200]:

If a TAINT_PROPRIETARY_MODULE exports symbol, inherit the taint flag
for all modules importing these symbols, and don't allow loading
symbols from TAINT_PROPRIETARY_MODULE modules if the module previously
imported gplonly symbols.  Add a anti-circumvention devices so people
don't accidentally get themselves into trouble this way.

Comment from Greg:
Ah, the proven-to-be-illegal "GPL Condom" defense :)

Signed-off-by: Christoph Hellwig <[email protected]>
Reviewed-by: Greg Kroah-Hartman <[email protected]>
---
include/linux/module.h |  1 +
kernel/module.c        | 12 ++++++++++++
2 files changed, 13 insertions(+)

diff --git a/include/linux/module.h b/include/linux/module.h
index 30b0f5fcdb3c37..e30ed5fa33a738 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -389,6 +389,7 @@ struct module {
        unsigned int num_gpl_syms;
        const struct kernel_symbol *gpl_syms;
        const s32 *gpl_crcs;
+       bool using_gplonly_symbols;

#ifdef CONFIG_UNUSED_SYMBOLS
        /* unused exported symbols. */
diff --git a/kernel/module.c b/kernel/module.c
index afb2bfdd5134b3..04f993863ae417 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1456,6 +1456,18 @@ static const struct kernel_symbol *resolve_symbol(struct 
module *mod,
        if (!sym)
                goto unlock;

+       if (license == GPL_ONLY)
+               mod->using_gplonly_symbols = true;
+
+       if (owner && test_bit(TAINT_PROPRIETARY_MODULE, &owner->taints)) {
+               if (mod->using_gplonly_symbols) {
+                       sym = NULL;
+                       goto getname;
+               }
+               add_taint_module(mod, TAINT_PROPRIETARY_MODULE,
+                                LOCKDEP_NOW_UNRELIABLE);
+       }


Sorry that I didn't think of this yesterday, but I'm wondering if we
should print a warning before add_taint_module(). Maybe something
along the lines of, "%s: module uses symbols from proprietary module
%s, inheriting taint.", with %s being mod->name, owner->name. We can
check mod->taints for TAINT_PROPRIETARY_MODULE and print the warning once.

Additionally, maybe it's a good idea to print an error before goto
getname (e.g., "%s: module using GPL-only symbols uses symbols from
proprietary module %s."), so one would know why the module load
failed, right now this manifests itself as an unknown symbol error.

Otherwise, this patchset looks good to me and I agree with it in
principle. Thanks Christoph!

Reply via email to