Function find_module_all() searches for module by name and must be
called with module_mutex. module_kallsyms_lookup_name() calls it without
this mutex which emits a warning message (CONFIG_LOCKDEP=y) by failed
assertion for testing this module_mutex lock, as following:
[ 202.877152] ------------[ cut here ]------------
[ 202.881070] WARNING: CPU: 0 PID: 1010 at kernel/module.c:281
module_assert_mutex+0x35/0x40()
[ 202.885446] Modules linked in: test_bpf
[ 202.886997] CPU: 0 PID: 1010 Comm: perf Tainted: G W 4.2.0-rc3+ #5
...
This patch wraps this call with mutex_{lock,unlock} and fix the bug.
Signed-off-by: He Kuang <[email protected]>
---
kernel/module.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/kernel/module.c b/kernel/module.c
index 4d2b82e..43d728b 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -3802,8 +3802,10 @@ unsigned long module_kallsyms_lookup_name(const char *name)
/* Don't lock: we're in enough trouble already. */
preempt_disable();
if ((colon = strchr(name, ':')) != NULL) {
+ mutex_lock(&module_mutex);
if ((mod = find_module_all(name, colon - name, false)) != NULL)
ret = mod_find_symname(mod, colon+1);
+ mutex_unlock(&module_mutex);
} else {
list_for_each_entry_rcu(mod, &modules, list) {
if (mod->state == MODULE_STATE_UNFORMED)
--
1.8.5.2
He Kuang <[email protected]> writes:
> Function find_module_all() searches for module by name and must be
> called with module_mutex. module_kallsyms_lookup_name() calls it without
> this mutex which emits a warning message (CONFIG_LOCKDEP=y) by failed
> assertion for testing this module_mutex lock, as following:
>
> [ 202.877152] ------------[ cut here ]------------
> [ 202.881070] WARNING: CPU: 0 PID: 1010 at kernel/module.c:281
> module_assert_mutex+0x35/0x40()
> [ 202.885446] Modules linked in: test_bpf
> [ 202.886997] CPU: 0 PID: 1010 Comm: perf Tainted: G W 4.2.0-rc3+ #5
> ...
>
> This patch wraps this call with mutex_{lock,unlock} and fix the bug.
Hi He!
Thanks for this report! This warning is overzealous; preempt
disabling should be enough to read the list.
Unfortunately, as you can see from the comment, taking a lock is a bad
idea here: it's called in the oops path (we don't want to risk
deadlock).
Peter?
Cheers,
Rusty.
module: weaken locking assertion for oops path.
We don't actually hold the module_mutex when calling find_module_all
from module_kallsyms_lookup_name: that's because it's used by the oops
code and we don't want to deadlock.
However, access to the list read-only is safe if preempt is disabled,
so we can weaken the assertion. Keep a strong version for external
callers though.
Fixes: 0be964be0d45 ("module: Sanitize RCU usage and locking")
Reported-by: He Kuang <[email protected]>
Signed-off-by: Rusty Russell <[email protected]>
diff --git a/kernel/module.c b/kernel/module.c
index 4d2b82e610e2..b86b7bf1be38 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -602,13 +602,16 @@ const struct kernel_symbol *find_symbol(const char *name,
}
EXPORT_SYMBOL_GPL(find_symbol);
-/* Search for module by name: must hold module_mutex. */
+/*
+ * Search for module by name: must hold module_mutex (or preempt disabled
+ * for read-only access).
+ */
static struct module *find_module_all(const char *name, size_t len,
bool even_unformed)
{
struct module *mod;
- module_assert_mutex();
+ module_assert_mutex_or_preempt();
list_for_each_entry(mod, &modules, list) {
if (!even_unformed && mod->state == MODULE_STATE_UNFORMED)
@@ -621,6 +624,7 @@ static struct module *find_module_all(const char *name, size_t len,
struct module *find_module(const char *name)
{
+ module_assert_mutex();
return find_module_all(name, strlen(name), false);
}
EXPORT_SYMBOL_GPL(find_module);
On Tue, Jul 28, 2015 at 10:01:35AM +0930, Rusty Russell wrote:
> Peter?
> module: weaken locking assertion for oops path.
>
> We don't actually hold the module_mutex when calling find_module_all
> from module_kallsyms_lookup_name: that's because it's used by the oops
> code and we don't want to deadlock.
>
> However, access to the list read-only is safe if preempt is disabled,
> so we can weaken the assertion. Keep a strong version for external
> callers though.
>
> Fixes: 0be964be0d45 ("module: Sanitize RCU usage and locking")
> Reported-by: He Kuang <[email protected]>
> Signed-off-by: Rusty Russell <[email protected]>
>
> diff --git a/kernel/module.c b/kernel/module.c
> index 4d2b82e610e2..b86b7bf1be38 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -602,13 +602,16 @@ const struct kernel_symbol *find_symbol(const char *name,
> }
> EXPORT_SYMBOL_GPL(find_symbol);
>
> -/* Search for module by name: must hold module_mutex. */
> +/*
> + * Search for module by name: must hold module_mutex (or preempt disabled
> + * for read-only access).
> + */
> static struct module *find_module_all(const char *name, size_t len,
> bool even_unformed)
> {
> struct module *mod;
>
> - module_assert_mutex();
> + module_assert_mutex_or_preempt();
Yeah, that should be fine indeed, I went by that comment you just
expanded.
The operation itself does indeed not modify data at all, so the
preempt_disable is perfectly adequate.
Thanks!
Acked-by: Peter Zijlstra (Intel) <[email protected]>