Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp1959268pxk; Tue, 1 Sep 2020 11:53:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxBqiUkXaNJoP3ZLIeKwdrIkkleur4wJ1sQBJqHpra8ePCYR9aM9twDK1t3btOr7tAwOkvs X-Received: by 2002:a17:906:76c7:: with SMTP id q7mr3021751ejn.541.1598986435959; Tue, 01 Sep 2020 11:53:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598986435; cv=none; d=google.com; s=arc-20160816; b=TFIUlevqIiQsaPIXfbqk9dKo8Yd+uqI401IFqrr6OYmv3c3sf0JJIP54GM0Qfd2K+1 xu9etl/IEtHKmVWoFLqsXe0Gin/i/2w/abT/S60F+F4IRZQq22qgvTRmfmBo0L1CVvrj pWabI5OEMMyzegqBIl0wlkiQ2hs9nnodHJFL8OuFSWzjT7CwoutZ2yOjtDAmJ8RD1XDU k/ZD1OeeM6k+uYA1Gmj59zxzLVi3G1HCXJIAswPHPWeBAqr1HYr0qugQSFy1zM5QrJVW IvU0kt91XyjDPMqbe7+30A3GIKayKdhsCabgWG9UyzFtzHGsfkjcK3feDLdw8S4xLsnt WhAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=/TXEzcWJ+iyLKfV7X1dfYtC/wjmL+DYnzFdGmA5IIs0=; b=x25eNK/SFDP3i0hZ9SaAnu1KDYxB3Gylnl93aHHhfiNbGevrzmialzZzsBuUrpH+4M PHGBQKoPYjyrtIg0cU6vWKJYkP8S49yYs+F9tGK10i/noucXlkT7XKfSixWASuSGSvI4 MAPGTzh583dZWgHbqKVK7bq6k6LTLevnLjbiUDAhke6TlabGy/YuAW8KVAN9RPnKqP1B MTeRKBPhC1SwHsNu2HnK0xdPY8uEKEElpyZu9U/JjIJ1o3n8s4ZGrxGOT6Js+7uVwNWW qz6fV+rfuljwowJr+ihsDSXDuW3YtB/VHKUrM2oVAT/AAkpJEhGof8Bibm6EIZOoG4Xa S+Yg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=t4IcdZvb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v25si1076387edy.530.2020.09.01.11.53.31; Tue, 01 Sep 2020 11:53:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=t4IcdZvb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730723AbgIASvM (ORCPT + 99 others); Tue, 1 Sep 2020 14:51:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57092 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726102AbgIASvM (ORCPT ); Tue, 1 Sep 2020 14:51:12 -0400 Received: from mail-wr1-x442.google.com (mail-wr1-x442.google.com [IPv6:2a00:1450:4864:20::442]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1ACA1C061244; Tue, 1 Sep 2020 11:51:12 -0700 (PDT) Received: by mail-wr1-x442.google.com with SMTP id m6so2701175wrn.0; Tue, 01 Sep 2020 11:51:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/TXEzcWJ+iyLKfV7X1dfYtC/wjmL+DYnzFdGmA5IIs0=; b=t4IcdZvb7sveYXthFXDSHlRCX7N+1EHxjFYaFZ8j4PBl5mOYPJL/KqUOqtgBB0CN3w BUkMFdyb6IoMBD0x5dcd/ATPlifMnYRrwOtG7D2gaX7KJ+qDclsF5nbOyhtpIUWJmYFf QtJvfgIaaa0DFPalkig6bq6tWYHVxyLoQ054Tt4C3eAsdWYiUbor7KRkNP1cbKZdNvX9 oLP9baSjzxhBSn13dM9vkuVdlAzymncm0RC/BHU8jkD2XVJZ4O0/deR4xDy/NY0KTbfL x15ugTmBX4RorXf8+wU2usgl0rVoK89oLJBU/63C38mU7ExwQON5Rv/joT1gZBBWCwp2 hGGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/TXEzcWJ+iyLKfV7X1dfYtC/wjmL+DYnzFdGmA5IIs0=; b=SoCrMX32y35gJ/zPCjOFp2F6BTVCdhvzTwy9dTu+uUo4uQf/OI1g0m7MbuHMY3MbK0 Tx9zRlNXNKnaytCqmFlpS6dKOFtJ090Vr952okNvA0cQXy4VhCZOoMiqDkf/xHg2/JKq H8UqMkYOPtgEYhMhXFQmh4QbW2VMxaR5fWcGDmhe58tk6KsHMw7Wy5ZPLndW+U4hu78v FgztYqoZcUetqrT6kpnNhFHdpwSyNUyVdIzzwLGMJfncILPvN15lSte4OFrtVCF2G1+l cERRRrGdYpjuZFKssD5FImJPIcsffPYN4buA8/hW4vP3lDJTCvScqABMa3EBNcGxZ4HM vw4Q== X-Gm-Message-State: AOAM532e58tfzGoQneTCITYzN4mhBcIl3/uyY2qxUdNVdaVdSfi7EmxD kc9hxsGYWj076vT6AeHaIK6lkbdMivb4rX54v4O/Y7IENXM= X-Received: by 2002:adf:c3cc:: with SMTP id d12mr3337312wrg.399.1598986270722; Tue, 01 Sep 2020 11:51:10 -0700 (PDT) MIME-Version: 1.0 References: <20200829111437.96334-1-wqu@suse.com> In-Reply-To: <20200829111437.96334-1-wqu@suse.com> From: Lucas De Marchi Date: Tue, 1 Sep 2020 11:50:58 -0700 Message-ID: Subject: Re: [PATCH] module: Add more error message for failed kernel module loading To: Qu Wenruo Cc: lkml , linux-modules , Rusty Russell , Prarit Bhargava Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Aug 29, 2020 at 4:15 AM Qu Wenruo wrote: > > When kernel module loading failed, user space only get one of the > following error messages: > - -ENOEXEC > This is the most confusing one. From corrupted ELF header to bad > WRITE|EXEC flags check introduced by in module_enforce_rwx_sections() > all returns this error number. > > - -EPERM > This is for blacklisted modules. But mod doesn't do extra explain > on this error either. > > - -ENOMEM > The only error which needs no explain. > > This means, if a user got "Exec format error" from modprobe, it provides > no meaningful way for the user to debug, and will take extra time > communicating to get extra info. > > So this patch will add extra error messages for -ENOEXEC and -EPERM > errors, allowing user to do better debugging and reporting. > > Signed-off-by: Qu Wenruo > --- > kernel/module.c | 11 +++++++++-- > 1 file changed, 9 insertions(+), 2 deletions(-) > > diff --git a/kernel/module.c b/kernel/module.c > index 1c5cff34d9f2..9f748c6eeb48 100644 > --- a/kernel/module.c > +++ b/kernel/module.c > @@ -2096,8 +2096,12 @@ static int module_enforce_rwx_sections(Elf_Ehdr *hdr, Elf_Shdr *sechdrs, > int i; > > for (i = 0; i < hdr->e_shnum; i++) { > - if ((sechdrs[i].sh_flags & shf_wx) == shf_wx) > + if ((sechdrs[i].sh_flags & shf_wx) == shf_wx) { > + pr_err( > + "Module %s section %d has invalid WRITE|EXEC flags\n", > + mod->name, i); > return -ENOEXEC; > + } > } > > return 0; > @@ -3825,8 +3829,10 @@ static int load_module(struct load_info *info, const char __user *uargs, > char *after_dashes; > > err = elf_header_check(info); > - if (err) > + if (err) { > + pr_err("Module has invalid ELF header\n"); > goto free_copy; > + } > > err = setup_load_info(info, flags); > if (err) > @@ -3834,6 +3840,7 @@ static int load_module(struct load_info *info, const char __user *uargs, > > if (blacklisted(info->name)) { > err = -EPERM; > + pr_err("Module %s is blacklisted\n", info->name); I wonder why would anyone actually add the blacklist to the command line like this and have no way to revert that back. This was introduced in be7de5f91fdc modules: Add kernel parameter to blacklist modules as a way to overcome broken initrd generation afaics. Either kernel command line (using modprobe.blacklist) or /etc/modprobe.d options are honoured by libkmod and allow a sufficiently privileged user to bypass it. +Rusty, +Prarit: is there anything this module parameter is covering that I'm missing? For the changes here, Reviewed-by: Lucas De Marchi thanks Lucas De Marchi > goto free_copy; > } > > -- > 2.27.0 >