MIRRORS/linux-imx
1
0
Fork 0
mirror of https://github.com/nxp-imx/linux-imx.git synced 2025-07-06 01:15:20 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
d1df3e94ee
linux-imx/kernel/module-internal.h
Ramji Jiyani f8bd6cf70d ANDROID: GKI: Add module load time protected symbol lookup 
Add CONFIG_MODULE_SIG_PROTECT to enable lookup for the protected
symbols and exports from the build time generated list of symbols
and exports.

Module loading behavior will change as follows:
- Allows Android GKI Modules signed using MODULE_SIG_ALL during build.
- Allows other modules to load if they don't violate the access to
  Android GKI protected symbols and do not export the symbols already
  exported by the Android GKI modules. Loading will fail and return
  -EACCES (Permission denied) if symbol access contidions are not met.

Bug: 200082547
Test: Treehugger
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: Iedb99d8434db82a9c7f18ffd363d84f4b2316c5b
(cherry picked from commit 9ab6a242258a9ac17506b74c6ed7332703d536f4)
2022-01-05 18:38:02 +00:00

46 lines
1.1 KiB
C
Raw Blame History

/* SPDX-License-Identifier: GPL-2.0-or-later */
/* Module internals
*
* Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
* Written by David Howells (dhowells@redhat.com)
*/
#include <linux/elf.h>
#include <asm/module.h>
struct load_info {
const char *name;
/* pointer to module in temporary copy, freed at end of load_module() */
struct module *mod;
Elf_Ehdr *hdr;
unsigned long len;
Elf_Shdr *sechdrs;
char *secstrings, *strtab;
unsigned long symoffs, stroffs, init_typeoffs, core_typeoffs;
struct _ddebug *debug;
unsigned int num_debug;
bool sig_ok;
#ifdef CONFIG_KALLSYMS
unsigned long mod_kallsyms_init_off;
#endif
struct {
unsigned int sym, str, mod, vers, info, pcpu;
} index;
};
extern int mod_verify_sig(const void *mod, struct load_info *info);
#ifdef CONFIG_MODULE_SIG_PROTECT
extern bool gki_is_module_exported_symbol(const char *name);
extern bool gki_is_module_protected_symbol(const char *name);
#else
static inline bool gki_is_module_exported_symbol(const char *name)
{
return 0;
}
static inline bool gki_is_module_protected_symbol(const char *name)
{
return 0;
}
#endif /* CONFIG_MODULE_SIG_PROTECT */
Reference in New Issue View Git Blame Copy Permalink