kmod/0003-libkmod-Implement-filtering-of-unsupported-modules-o.patch
Jan Engelhardt 81cdb97d27 Accepting request 674337 from home:michals
- Enable PKCS#7 signature parsing again - requires openssl
- Fix testsuite build - requires kernel-default-devel
- Rediff the SUSE patches and rename starting with 0001.

- Update to new upstream release 26
  * depmod now handles parallel invocations better by protecting
    the temporary files being used.
  * modprobe has a new --show-exports option. Under the hood,
    this reads the .symtab and .strtab sections rather than
    __versions so it shows useful data even if kernel is
    configured without modversions (CONFIG_MODVERSIONS).
  * modinfo supports PKCS#7 parsing by using openssl.
- Replaced the asn1c-based parser by an openssl-based PKCS
  parser.
- Remove libkmod-signature-Fix-crash-when-module-signature-is.patch,
  libkmod-signature-pkcs-7-fix-crash-when-signer-info-.patch,
  libkmod-signature-implement-pkcs7-parsing-with-asn1c.patch
  (not accepted upstream)
- Remove enum.patch,
  depmod-Prevent-module-dependency-files-corruption-du.patch,
  depmod-Prevent-module-dependency-files-missing-durin.patch,
  depmod-shut-up-gcc-insufficinet-buffer-warning.patch
  (accepted upstream)

- Enable PKCS#7 signature parsing again - requires openssl
- Rediff the SUSE patches and rename starting with 0001.

OBS-URL: https://build.opensuse.org/request/show/674337
OBS-URL: https://build.opensuse.org/package/show/Base:System/kmod?expand=0&rev=158
2019-02-12 23:23:22 +00:00

109 lines
3.3 KiB
Diff

From 4a36f4a8b16c7fd345f6aec973d926d4e429328a Mon Sep 17 00:00:00 2001
From: Michal Marek <mmarek@suse.cz>
Date: Wed, 5 Mar 2014 14:40:14 +0100
Subject: [PATCH 3/6] libkmod: Implement filtering of unsupported modules (off
by default)
References: fate#316971
Patch-mainline: never
---
libkmod/libkmod-config.c | 12 ++++++++++--
libkmod/libkmod-internal.h | 1 +
libkmod/libkmod-module.c | 31 +++++++++++++++++++++++++++++++
3 files changed, 42 insertions(+), 2 deletions(-)
diff --git a/libkmod/libkmod-config.c b/libkmod/libkmod-config.c
index 1b24536..07d6a9e 100644
--- a/libkmod/libkmod-config.c
+++ b/libkmod/libkmod-config.c
@@ -651,8 +651,16 @@ static int kmod_config_parse(struct kmod_config *config, int fd,
ERR(ctx, "%s: command %s is deprecated and not parsed anymore\n",
filename, cmd);
} else if (streq(cmd, "allow_unsupported_modules")) {
- /* dummy option for now */
- ;
+ char *param = strtok_r(NULL, "\t ", &saveptr);
+
+ if (param == NULL)
+ goto syntax_error;
+ if (streq(param, "yes") || streq(param, "1"))
+ config->block_unsupported = 0;
+ else if (streq(param, "no") || streq(param, "0"))
+ config->block_unsupported = 1;
+ else
+ goto syntax_error;
} else {
syntax_error:
ERR(ctx, "%s line %u: ignoring bad line starting with '%s'\n",
diff --git a/libkmod/libkmod-internal.h b/libkmod/libkmod-internal.h
index a65ddd1..2ad74c7 100644
--- a/libkmod/libkmod-internal.h
+++ b/libkmod/libkmod-internal.h
@@ -119,6 +119,7 @@ struct kmod_config {
struct kmod_list *softdeps;
struct kmod_list *paths;
+ int block_unsupported;
};
int kmod_config_new(struct kmod_ctx *ctx, struct kmod_config **config, const char * const *config_paths) __attribute__((nonnull(1, 2,3)));
diff --git a/libkmod/libkmod-module.c b/libkmod/libkmod-module.c
index bffe715..9a3a35a 100644
--- a/libkmod/libkmod-module.c
+++ b/libkmod/libkmod-module.c
@@ -798,6 +798,24 @@ KMOD_EXPORT int kmod_module_remove_module(struct kmod_module *mod,
extern long init_module(const void *mem, unsigned long len, const char *args);
+static int check_module_supported(struct kmod_module *mod)
+{
+ char **strings;
+ int i, count;
+ struct kmod_elf *elf;
+
+ elf = kmod_file_get_elf(mod->file);
+ count = kmod_elf_get_strings(elf, ".modinfo", &strings);
+ if (count < 0)
+ return count;
+ for (i = 0; i < count; i++)
+ if (streq(strings[i], "supported=yes") ||
+ streq(strings[i], "supported=external")) {
+ return 1;
+ }
+ return 0;
+}
+
/**
* kmod_module_insert_module:
* @mod: kmod module
@@ -823,6 +841,7 @@ KMOD_EXPORT int kmod_module_insert_module(struct kmod_module *mod,
struct kmod_elf *elf;
const char *path;
const char *args = options ? options : "";
+ const struct kmod_config *config = kmod_get_config(mod->ctx);
if (mod == NULL)
return -ENOENT;
@@ -841,6 +860,18 @@ KMOD_EXPORT int kmod_module_insert_module(struct kmod_module *mod,
}
}
+ if (config->block_unsupported) {
+ err = check_module_supported(mod);
+ if (err < 0)
+ return err;
+ else if (err == 0) {
+ ERR(mod->ctx, "module '%s' is unsupported\n", mod->name);
+ ERR(mod->ctx, "Use --allow-unsupported or set allow_unsupported_modules 1 in\n");
+ ERR(mod->ctx, "/etc/modprobe.d/10-unsupported-modules.conf\n");
+ return -EPERM;
+ }
+ }
+
if (kmod_file_get_direct(mod->file)) {
unsigned int kernel_flags = 0;
--
2.20.1