ANDROID: Improve module loader checks for GKI symbol protection

* Deny loading of unsigned modules which use protected vmlinux
  symbols.
* Optimize symbols resolution for unsigned modules by avoiding
  searching for symbols exported by other unsigned modules in the list
  of unprotected symbols.

Bug: 343540599
Change-Id: I64bc03ad9e37ec7e85be2099d0132966ffe1b35b
Signed-off-by: Sid Nayyar <sidnayyar@google.com>
(cherry picked from commit 8faec9ddf1)

kernel/module/main.c

@@ -1113,6 +1113,8 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
 						  const char *name,
 						  char ownername[])
 {
+	bool is_vendor_module;
+	bool is_vendor_exported_symbol;
 	struct find_symbol_arg fsa = {
 		.name	= name,
 		.gplok	= !(mod->taints & (1 << TAINT_PROPRIETARY_MODULE)),
@@ -1150,16 +1152,19 @@ static const struct kernel_symbol *resolve_symbol(struct module *mod,
 	}
 
 	/*
-	 * ANDROID: GKI:
+	 * ANDROID GKI
-	 * In case of an unsigned module symbol resolves only if:
+	 *
-	 * 1. Symbol is in the list of unprotected symbol list OR
+	 * Vendor (i.e., unsigned) modules are only permitted to use:
-	 * 2. If symbol owner is not NULL i.e. owner is another module;
+	 *
-	 *    it has to be an unsigned module and not signed GKI module
+	 * 1. symbols exported by other vendor (unsigned) modules
-	 *    to protect symbols exported by signed GKI modules.
+	 * 2. unprotected symbols
 	 */
-	if (!mod->sig_ok &&
+	is_vendor_module = !mod->sig_ok;
-	    !gki_is_module_unprotected_symbol(name) &&
+	is_vendor_exported_symbol = fsa.owner && !fsa.owner->sig_ok;
-	    fsa.owner && fsa.owner->sig_ok) {
+
+	if (is_vendor_module &&
+	    !is_vendor_exported_symbol &&
+	    !gki_is_module_unprotected_symbol(name)) {
 		fsa.sym = ERR_PTR(-EACCES);
 		goto getname;
 	}