Star64_linux/kernel
Christoph Hellwig 5047e917e4 modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
commit 9011e49d54 upstream.

It has recently come to my attention that nvidia is circumventing the
protection added in 262e6ae708 ("modules: inherit
TAINT_PROPRIETARY_MODULE") by importing exports from their proprietary
modules into an allegedly GPL licensed module and then rexporting them.

Given that symbol_get was only ever intended for tightly cooperating
modules using very internal symbols it is logical to restrict it to
being used on EXPORT_SYMBOL_GPL and prevent nvidia from costly DMCA
Circumvention of Access Controls law suites.

All symbols except for four used through symbol_get were already exported
as EXPORT_SYMBOL_GPL, and the remaining four ones were switched over in
the preparation patches.

Fixes: 262e6ae708 ("modules: inherit TAINT_PROPRIETARY_MODULE")
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-09-19 13:37:15 +08:00
..
bpf bpf: aggressively forget precise markings during state checkpointing 2023-08-20 16:01:39 +08:00
cgroup cgroup/cpuset: Free DL BW in case can_attach() fails 2023-09-05 01:25:10 +08:00
configs drivers/char: remove /dev/kmem for good 2021-05-07 00:26:34 -07:00
debug lockdown: also lock down previous kgdb use 2023-04-19 17:49:02 +08:00
dma dma-remap: use kvmalloc_array/kvfree for larger dma memory remap 2023-08-28 23:26:55 +08:00
entry entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up 2023-04-19 18:01:03 +08:00
events perf: Fix function pointer case 2023-08-20 16:01:30 +08:00
futex futex: Resend potentially swallowed owner death notification 2023-04-19 17:57:16 +08:00
gcov gcov: add support for checksum field 2023-04-19 17:58:06 +08:00
irq irqdomain: Fix mapping-creation race 2023-04-19 18:00:44 +08:00
kcsan kcsan: Don't expect 64 bits atomic builtins from 32 bits architectures 2023-08-20 15:24:34 +08:00
livepatch livepatch: fix race between fork and KLP transition 2023-04-19 17:54:26 +08:00
locking locking/rtmutex: Fix task->pi_waiters integrity 2023-08-20 16:01:25 +08:00
power workqueue: Introduce show_one_worker_pool and show_one_workqueue. 2023-06-06 18:37:26 +08:00
printk kernel/printk/index.c: fix memory leak with using debugfs_lookup() 2023-04-19 18:00:32 +08:00
rcu rcu-tasks: Add trc_inspect_reader() checks for exiting critical section 2023-09-05 01:25:16 +08:00
sched cgroup/cpuset: Free DL BW in case can_attach() fails 2023-09-05 01:25:10 +08:00
time timers/nohz: Last resort update jiffies on nohz_full IRQ entry 2023-08-20 16:01:45 +08:00
trace tracing: Fix memleak due to race between current_tracer and trace 2023-09-05 01:25:05 +08:00
.gitignore .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
acct.c acct: fix potential integer overflow in encode_comp_t() 2023-04-19 17:57:58 +08:00
async.c Revert "module, async: async_synchronize_full() on module init iff async is used" 2023-04-19 17:45:26 +08:00
audit.c audit: improve audit queue handling when "audit=1" on cmdline 2023-04-19 17:45:01 +08:00
audit.h audit: log AUDIT_TIME_* records only from rules 2023-04-19 17:46:41 +08:00
audit_fsnotify.c audit: fix potential double free on error path from fsnotify_add_inode_mark 2023-04-19 17:53:17 +08:00
audit_tree.c audit: move put_tree() to avoid trim_trees refcount underflow and UAF 2021-08-24 18:52:36 -04:00
audit_watch.c fsnotify: generalize handle_inode_event() 2020-12-03 14:58:35 +01:00
auditfilter.c lsm: separate security_task_getsecid() into subjective and objective variants 2021-03-22 15:23:32 -04:00
auditsc.c audit: log AUDIT_TIME_* records only from rules 2023-04-19 17:46:41 +08:00
backtracetest.c treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD() 2020-07-30 11:15:58 -07:00
bounds.c kbuild: fix kernel/bounds.c 'W=1' warning 2018-10-31 08:54:14 -07:00
capability.c capability: handle idmapped mounts 2021-01-24 14:27:16 +01:00
cfi.c cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle 2023-04-19 17:50:36 +08:00
compat.c sched_getaffinity: don't assume 'cpumask_size()' is fully initialized 2023-04-19 18:01:10 +08:00
configs.c proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
context_tracking.c context_tracking: Ensure that the critical path cannot be instrumented 2020-06-11 15:14:36 +02:00
cpu.c cpu/hotplug: Do not bail-out in DYING/STARTING sections 2023-04-19 17:57:16 +08:00
cpu_pm.c PM: cpu: Make notifier chain use a raw_spinlock_t 2021-08-16 18:55:32 +02:00
crash_core.c kernel/crash_core: suppress unknown crashkernel parameter warning 2023-04-19 17:43:23 +08:00
crash_dump.c crash_dump: Remove no longer used saved_max_pfn 2020-04-15 11:21:54 +02:00
cred.c ucounts: Base set_cred_ucounts changes on the real user 2023-04-19 17:45:35 +08:00
delayacct.c delayacct: Add sysctl to enable at runtime 2021-05-12 11:43:25 +02:00
dma.c proc: introduce proc_create_single{,_data} 2018-05-16 07:23:35 +02:00
exec_domain.c proc: introduce proc_create_single{,_data} 2018-05-16 07:23:35 +02:00
exit.c exit: Use READ_ONCE() for all oops/warn limit reads 2023-04-19 17:59:01 +08:00
extable.c kernel/extable.c: use address-of operator on section symbols 2020-04-07 10:43:42 -07:00
fail_function.c kernel/fail_function: fix memory leak with using debugfs_lookup() 2023-04-19 18:00:35 +08:00
fork.c mm: Move mm_cachep initialization to mm_init() 2023-08-20 16:01:29 +08:00
freezer.c sched: Add get_current_state() 2021-06-18 11:43:08 +02:00
gen_kheaders.sh kbuild: clean up ${quiet} checks in shell scripts 2021-05-27 04:01:50 +09:00
groups.c groups: simplify struct group_info allocation 2021-02-26 09:41:03 -08:00
hung_task.c Merge branch 'akpm' (patches from Andrew) 2021-07-02 12:08:10 -07:00
iomem.c mm/nvdimm: add is_ioremap_addr and use that to check ioremap address 2019-07-12 11:05:40 -07:00
irq_work.c irq_work: Make irq_work_queue() NMI-safe again 2021-06-10 10:00:08 +02:00
jump_label.c jump_label: Fix jump_label_text_reserved() vs __init 2021-07-05 10:46:20 +02:00
kallsyms.c module: add printk formats to add module build ID to stacktraces 2021-07-08 11:48:22 -07:00
kcmp.c Merge branch 'exec-update-lock-for-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2020-12-15 19:36:48 -08:00
Kconfig.freezer treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Kconfig.hz treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Kconfig.locks locking/rwlock: Provide RT variant 2021-08-17 17:50:51 +02:00
Kconfig.preempt sched/core: Disable CONFIG_SCHED_CORE by default 2021-06-28 22:43:05 +02:00
kcov.c kernel: make kcov_common_handle consider the current context 2020-11-02 18:00:20 -08:00
kexec.c panic, kexec: make __crash_kexec() NMI safe 2023-06-06 18:05:32 +08:00
kexec_core.c kexec: fix a memory leak in crash_shrink_memory() 2023-08-20 15:24:20 +08:00
kexec_elf.c kexec_elf: support 32 bit ELF files 2019-09-06 23:58:44 +02:00
kexec_file.c kexec: support purgatories with .text.hot sections 2023-08-20 15:23:41 +08:00
kexec_internal.h panic, kexec: make __crash_kexec() NMI safe 2023-06-06 18:05:32 +08:00
kheaders.c kheaders: Use array declaration instead of char 2023-06-06 18:34:51 +08:00
kmod.c modules: add CONFIG_MODPROBE_PATH 2021-05-07 00:26:33 -07:00
kprobes.c x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range 2023-04-19 18:00:18 +08:00
ksysfs.c kexec: turn all kexec_mutex acquisitions into trylocks 2023-06-06 18:05:31 +08:00
kthread.c kthread: add the helper function kthread_run_on_cpu() 2023-04-19 18:00:58 +08:00
latencytop.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
Makefile futex: Move to kernel/futex/ 2023-04-19 17:57:16 +08:00
module-internal.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
module.c modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules 2023-09-19 13:37:15 +08:00
module_signature.c module: harden ELF info handling 2021-01-19 10:24:45 +01:00
module_signing.c module: harden ELF info handling 2021-01-19 10:24:45 +01:00
notifier.c notifier: Remove atomic_notifier_call_chain_robust() 2021-08-16 18:55:32 +02:00
nsproxy.c memcg: enable accounting for new namesapces and struct nsproxy 2021-09-03 09:58:12 -07:00
padata.c padata: Fix list iterator in padata_do_serial() 2023-04-19 17:57:39 +08:00
panic.c exit: Use READ_ONCE() for all oops/warn limit reads 2023-04-19 17:59:01 +08:00
params.c params: lift param_set_uint_minmax to common code 2021-08-16 14:42:22 +02:00
pid.c kernel/pid.c: implement additional checks upon pidfd_create() parameters 2021-08-10 12:53:07 +02:00
pid_namespace.c rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes() 2023-04-19 17:59:43 +08:00
profile.c profiling: fix shift too large makes kernel panic 2023-04-19 17:52:42 +08:00
ptrace.c ptrace: Reimplement PTRACE_KILL by always sending SIGKILL 2023-04-19 17:49:21 +08:00
range.c kernel.h: split out min()/max() et al. helpers 2020-10-16 11:11:19 -07:00
reboot.c reboot: Add hardware protection power-off 2021-06-21 13:08:36 +01:00
regset.c regset: kill ->get() 2020-07-27 14:31:12 -04:00
relay.c relayfs: fix out-of-bounds access in relay_file_read 2023-06-06 18:34:53 +08:00
resource.c dax/kmem: Fix leak of memory-hotplug resources 2023-04-19 18:00:22 +08:00
resource_kunit.c resource: provide meaningful MODULE_LICENSE() in test suite 2020-11-25 18:52:35 +01:00
rseq.c rseq: Remove broken uapi field layout on 32-bit little endian 2023-04-19 17:46:44 +08:00
scftorture.c scftorture: Fix distribution of short handler delays 2023-04-19 17:49:34 +08:00
scs.c scs: Release kasan vmalloc poison in scs_free process 2023-04-19 16:57:20 +08:00
seccomp.c seccomp: Invalidate seccomp mode to catch death failures 2023-04-19 17:45:21 +08:00
signal.c signal handling: don't use BUG_ON() for debugging 2023-04-19 17:51:27 +08:00
smp.c locking/csd_lock: Change csdlock_debug from early_param to __setup 2023-04-19 17:52:53 +08:00
smpboot.c smpboot: Replace deprecated CPU-hotplug functions. 2021-08-10 14:57:42 +02:00
smpboot.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
softirq.c timers/nohz: Last resort update jiffies on nohz_full IRQ entry 2023-08-20 16:01:45 +08:00
stackleak.c gcc-plugins/stackleak: Use noinstr in favor of notrace 2023-04-19 17:45:26 +08:00
stacktrace.c stacktrace: move filter_irq_stacks() to kernel/stacktrace.c 2023-04-19 17:47:53 +08:00
static_call.c static_call: Don't make __static_call_return0 static 2023-04-19 17:47:53 +08:00
static_call_inline.c static_call: Don't make __static_call_return0 static 2023-04-19 17:47:53 +08:00
stop_machine.c stop_machine: Add caller debug info to queue_stop_cpus_work 2021-03-23 16:01:58 +01:00
sys.c kernel/sys.c: fix and improve control flow in __sys_setres[ug]id() 2023-06-06 18:06:44 +08:00
sys_ni.c kernel/sys_ni: add compat entry for fadvise64_64 2023-04-19 17:53:17 +08:00
sysctl-test.c kernel/sysctl-test: Remove some casts which are no-longer required 2021-06-23 16:41:24 -06:00
sysctl.c kernel/panic: move panic sysctls to its own file 2023-04-19 17:58:59 +08:00
task_work.c kasan: record task_work_add() call stack 2021-04-30 11:20:42 -07:00
taskstats.c treewide: rename nla_strlcpy to nla_strscpy. 2020-11-16 08:08:54 -08:00
test_kprobes.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 25 2019-05-21 11:52:39 +02:00
torture.c torture: Fix hang during kthread shutdown phase 2023-09-05 01:25:10 +08:00
tracepoint.c tracepoint: Fix kerneldoc comments 2021-08-16 11:39:51 -04:00
tsacct.c taskstats: Cleanup the use of task->exit_code 2023-04-19 17:44:42 +08:00
ucount.c ucounts: Handle wrapping in is_ucounts_overlimit 2023-04-19 17:45:35 +08:00
uid16.c fs: add do_fchownat(), ksys_fchown() helpers and ksys_{,l}chown() wrappers 2018-04-02 20:15:59 +02:00
uid16.h kernel: provide ksys_*() wrappers for syscalls called by kernel/uid16.c 2018-04-02 20:15:30 +02:00
umh.c kernel/umh.c: fix some spelling mistakes 2021-05-07 00:26:34 -07:00
up.c A set of locking related fixes and updates: 2021-05-09 13:07:03 -07:00
user-return-notifier.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
user.c fs/epoll: use a per-cpu counter for user's watches count 2021-09-08 11:50:27 -07:00
user_namespace.c ucounts: Fix systemd LimitNPROC with private users regression 2023-04-19 17:45:56 +08:00
usermode_driver.c Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2021-07-03 11:41:14 -07:00
utsname.c uts: Use generic ns_common::count 2020-08-19 14:13:20 +02:00
utsname_sysctl.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
watch_queue.c watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths 2023-04-19 18:00:44 +08:00
watchdog.c watchdog: export lockup_detector_reconfigure 2023-04-19 17:53:14 +08:00
watchdog_hld.c watchdog/perf: more properly prevent false positives with turbo modes 2023-08-20 15:24:20 +08:00
workqueue.c workqueue: clean up WORK_* constant types, clarify masking 2023-08-20 15:24:52 +08:00
workqueue_internal.h workqueue: Assign a color to barrier work items 2021-08-17 07:49:10 -10:00