[v3,00/16] Extended MODVERSIONS Support

Message ID	20240806212106.617164-1-mmaurer@google.com (mailing list archive)
Headers	show Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BAE2613E881 for <linux-kbuild@vger.kernel.org>; Tue, 6 Aug 2024 21:21:11 +0000 (UTC) Date: Tue, 6 Aug 2024 21:20:26 +0000 Precedence: bulk Mime-Version: 1.0 Message-ID: <20240806212106.617164-1-mmaurer@google.com> Subject: [PATCH v3 00/16] Extended MODVERSIONS Support From: Matthew Maurer <mmaurer@google.com> To: masahiroy@kernel.org, ndesaulniers@google.com, ojeda@kernel.org, gary@garyguo.net, mcgrof@kernel.org, Alex Gaynor <alex.gaynor@gmail.com>, Wedson Almeida Filho <wedsonaf@gmail.com> Cc: Matthew Maurer <mmaurer@google.com>, rust-for-linux@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, neal@gompa.dev, marcan@marcan.st, j@jannau.net, asahi@lists.linux.dev, Boqun Feng <boqun.feng@gmail.com>, " =?utf-8?q?Bj=C3=B6rn_Roy_Baron?= " <bjorn3_gh@protonmail.com>, Benno Lossin <benno.lossin@proton.me>, Andreas Hindborg <a.hindborg@samsung.com>, Alice Ryhl <aliceryhl@google.com> Content-Type: text/plain; charset="UTF-8"
Series	Extended MODVERSIONS Support \| expand [v3,00/16] Extended MODVERSIONS Support [v3,01/16] module: Take const arg in validate_section_offset [v3,02/16] module: Factor out elf_validity_ehdr [v3,03/16] module: Factor out elf_validity_cache_sechdrs [v3,04/16] module: Factor out elf_validity_cache_secstrings [v3,05/16] module: Factor out elf_validity_cache_index_info [v3,06/16] module: Factor out elf_validity_cache_index_mod [v3,07/16] module: Factor out elf_validity_cache_index_sym [v3,08/16] module: Factor out elf_validity_cache_index_str [v3,09/16] module: Group section index calculations together [v3,10/16] module: Factor out elf_validity_cache_strtab [v3,11/16] module: Additional validation in elf_validity_cache_strtab [v3,12/16] module: Reformat struct for code style [v3,13/16] export_report: Rehabilitate script [v3,14/16] modules: Support extended MODVERSIONS info [v3,15/16] modpost: Produce extended modversion information [v3,16/16] export_report: Use new version info format

Message ID

20240806212106.617164-1-mmaurer@google.com (mailing list archive)

Headers

Date: Tue,  6 Aug 2024 21:20:26 +0000
Precedence: bulk
Mime-Version: 1.0
Message-ID: <20240806212106.617164-1-mmaurer@google.com>
Subject: [PATCH v3 00/16] Extended MODVERSIONS Support
From: Matthew Maurer <mmaurer@google.com>
To: masahiroy@kernel.org, ndesaulniers@google.com, ojeda@kernel.org,
	gary@garyguo.net, mcgrof@kernel.org, Alex Gaynor <alex.gaynor@gmail.com>,
	Wedson Almeida Filho <wedsonaf@gmail.com>
Cc: Matthew Maurer <mmaurer@google.com>, rust-for-linux@vger.kernel.org,
  linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, neal@gompa.dev,
  marcan@marcan.st, j@jannau.net, asahi@lists.linux.dev,
  Boqun Feng <boqun.feng@gmail.com>,
  " =?utf-8?q?Bj=C3=B6rn_Roy_Baron?= " <bjorn3_gh@protonmail.com>,
 Benno Lossin <benno.lossin@proton.me>,
  Andreas Hindborg <a.hindborg@samsung.com>, Alice Ryhl <aliceryhl@google.com>
Content-Type: text/plain; charset="UTF-8"

Series

Extended MODVERSIONS Support | expand

Message

Matthew Maurer Aug. 6, 2024, 9:20 p.m. UTC

Previously MODVERSIONS + RUST Redux [1]

This patch series is intended for use alongside the Implement
MODVERSIONS for RUST [2] series as a replacement for the symbol name
hashing approach used there to enable RUST and MODVERSIONS at the same
time.

Elsewhere, we've seen a desire for long symbol name support for LTO
symbol names [3], and the previous series came up [4] as a possible
solution rather than hashing, which some have objected [5] to.

This series adds a MODVERSIONS format which uses a section per column.
This avoids userspace tools breaking if we need to make a similar change
to the format in the future - we would do so by adding a new section,
rather than editing the struct definition. In the new format, the name
section is formatted as a concatenated sequence of NUL-terminated
strings, which allows for arbitrary length names.

Currently, this series emits both the extended format and the current
format on all modules, and prefers the extended format when checking if
present. I'm open to various other policies via Kconfig knobs, but this
seemed like a good initial default.

The refactor to MODVERSIONS is prefixed to this series as result of an
explicit request [6] by Luis in response to the original patchset.

If you are testing this patch alongside RUST by manually removing the
!MODVERSIONS restriction (this series doesn't remove it, because the
CRCs don't mean what we'd want them to yet, we need the DWARF patch for
that) and have kernel hardening enabled, you may need the CPU
Mitigations [7] series. Without it, the foo.mod.o file produced by the
C compiler will reference __x86_return_thunk, but foo.o will not.
This means that the version table will not contain a version for
__x86_return_thunk, but foo.ko will reference it, which will result
in a version check failure.

[1] https://lore.kernel.org/all/20231118025748.2778044-1-mmaurer@google.com/
[2] https://lore.kernel.org/all/20240617175818.58219-17-samitolvanen@google.com/
[3] https://lore.kernel.org/lkml/20240605032120.3179157-1-song@kernel.org/
[4] https://lore.kernel.org/lkml/ZoxbEEsK40ASi1cY@bombadil.infradead.org/
[5] https://lore.kernel.org/lkml/0b2697fd-7ab4-469f-83a6-ec9ebc701ba0@suse.com/
[6] https://lore.kernel.org/lkml/ZVZNh%2FPA5HiVRkeb@bombadil.infradead.org/
[7] https://lore.kernel.org/all/20240725183325.122827-1-ojeda@kernel.org/

Matthew Maurer (16):
  module: Take const arg in validate_section_offset
  module: Factor out elf_validity_ehdr
  module: Factor out elf_validity_cache_sechdrs
  module: Factor out elf_validity_cache_secstrings
  module: Factor out elf_validity_cache_index_info
  module: Factor out elf_validity_cache_index_mod
  module: Factor out elf_validity_cache_index_sym
  module: Factor out elf_validity_cache_index_str
  module: Group section index calculations together
  module: Factor out elf_validity_cache_strtab
  module: Additional validation in elf_validity_cache_strtab
  module: Reformat struct for code style
  export_report: Rehabilitate script
  modules: Support extended MODVERSIONS info
  modpost: Produce extended modversion information
  export_report: Use new version info format

 arch/powerpc/kernel/module_64.c |  24 +-
 kernel/module/internal.h        |  18 +-
 kernel/module/main.c            | 647 ++++++++++++++++++++++++--------
 kernel/module/version.c         |  43 +++
 scripts/export_report.pl        |  17 +-
 scripts/mod/modpost.c           |  39 +-
 6 files changed, 627 insertions(+), 161 deletions(-)

Comments

Sami Tolvanen Aug. 15, 2024, 8:57 p.m. UTC | #1

Hi Matt,

On Tue, Aug 6, 2024 at 9:21 PM Matthew Maurer <mmaurer@google.com> wrote:
>
> Previously MODVERSIONS + RUST Redux [1]
>
> This patch series is intended for use alongside the Implement
> MODVERSIONS for RUST [2] series as a replacement for the symbol name
> hashing approach used there to enable RUST and MODVERSIONS at the same
> time.
>
> Elsewhere, we've seen a desire for long symbol name support for LTO
> symbol names [3], and the previous series came up [4] as a possible
> solution rather than hashing, which some have objected [5] to.
>
> This series adds a MODVERSIONS format which uses a section per column.
> This avoids userspace tools breaking if we need to make a similar change
> to the format in the future - we would do so by adding a new section,
> rather than editing the struct definition. In the new format, the name
> section is formatted as a concatenated sequence of NUL-terminated
> strings, which allows for arbitrary length names.
>
> Currently, this series emits both the extended format and the current
> format on all modules, and prefers the extended format when checking if
> present. I'm open to various other policies via Kconfig knobs, but this
> seemed like a good initial default.
>
> The refactor to MODVERSIONS is prefixed to this series as result of an
> explicit request [6] by Luis in response to the original patchset.
>
> If you are testing this patch alongside RUST by manually removing the
> !MODVERSIONS restriction (this series doesn't remove it, because the
> CRCs don't mean what we'd want them to yet, we need the DWARF patch for
> that) and have kernel hardening enabled, you may need the CPU
> Mitigations [7] series. Without it, the foo.mod.o file produced by the
> C compiler will reference __x86_return_thunk, but foo.o will not.
> This means that the version table will not contain a version for
> __x86_return_thunk, but foo.ko will reference it, which will result
> in a version check failure.

Thanks for reviving this series!

I tested your patches on top of my DWARF modversions series and it
seems to work as expected. I confirmed that Rust modules have
versions, the kernel verifies them correctly, loading the modules
succeeds, and scripts/export_report.pl seems to produce correct output
as well. Here's the tree I used, it includes the prerequisite patch
sets you mentioned:

https://github.com/samitolvanen/linux/commits/rustmodversions/

With the minor comments I had about patch 14 addressed:

Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Tested-by: Sami Tolvanen <samitolvanen@google.com>

Sami