| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250122-modules-error-injection-v1-1-910590a04fd5@samsung.com>
Date: Wed, 22 Jan 2025 14:11:13 +0100
From: Daniel Gomez <da.gomez@...sung.com>
To: Luis Chamberlain <mcgrof@...nel.org>, Petr Pavlu <petr.pavlu@...e.com>,
Sami Tolvanen <samitolvanen@...gle.com>, Alexei Starovoitov
<ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Andrii Nakryiko
<andrii@...nel.org>, Martin KaFai Lau <martin.lau@...ux.dev>, Eduard
Zingerman <eddyz87@...il.com>, Song Liu <song@...nel.org>, Yonghong Song
<yonghong.song@...ux.dev>, John Fastabend <john.fastabend@...il.com>, "KP
Singh" <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...ichev.me>, Hao Luo
<haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>, Nathan Chancellor
<nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, "Bill
Wendling" <morbo@...gle.com>, Justin Stitt <justinstitt@...gle.com>
CC: <linux-modules@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<bpf@...r.kernel.org>, <llvm@...ts.linux.dev>,
<iovisor-dev@...ts.iovisor.org>, <gost.dev@...sung.com>, Daniel Gomez
<da.gomez@...sung.com>
Subject: [PATCH 1/2] module: allow for module error injection
Allow to test kernel module initialization with eBPF error injection
by forcing errors when any of the below annotated functions with
ALLOW_ERROR_INJECTION() return.
Allow to debug and test module load error behaviour when:
complete_formation(): when module initialization switches from
MODULE_STATE_UNFORMED to MODULE_STATE_COMING stage.
do_init_module(): when an error occurs during module initialization and
before we switch from MODULE_STATE_COMING to MODULE_STATE_LIVE stage.
module_enable_rodata_ro_after_init(): when an error occurs while
setting memory to RO after module initialization. This is when module
initialization reaches MODULE_STATE_LIVE stage.
Signed-off-by: Daniel Gomez <da.gomez@...sung.com>
---
kernel/module/main.c | 3 +++
kernel/module/strict_rwx.c | 2 ++
2 files changed, 5 insertions(+)
diff --git a/kernel/module/main.c b/kernel/module/main.c
index 1fb9ad289a6f8f328fc37c6d93730882d0e6e613..54e6c4d0aab23ae5001a52c26417e7e7957ea3fd 100644
--- a/kernel/module/main.c
+++ b/kernel/module/main.c
@@ -59,6 +59,7 @@
#include <linux/codetag.h>
#include <linux/debugfs.h>
#include <linux/execmem.h>
+#include <linux/bpf.h>
#include <uapi/linux/module.h>
#include "internal.h"
@@ -3089,6 +3090,7 @@ static noinline int do_init_module(struct module *mod)
return ret;
}
+ALLOW_ERROR_INJECTION(do_init_module, ERRNO);
static int may_init_module(void)
{
@@ -3225,6 +3227,7 @@ static int complete_formation(struct module *mod, struct load_info *info)
mutex_unlock(&module_mutex);
return err;
}
+ALLOW_ERROR_INJECTION(complete_formation, ERRNO);
static int prepare_coming_module(struct module *mod)
{
diff --git a/kernel/module/strict_rwx.c b/kernel/module/strict_rwx.c
index 74834ba15615fa02d1fa72b913feedd7400af779..21936f5cc1e679e4de90331ef4920597d9093f35 100644
--- a/kernel/module/strict_rwx.c
+++ b/kernel/module/strict_rwx.c
@@ -9,6 +9,7 @@
#include <linux/mm.h>
#include <linux/vmalloc.h>
#include <linux/set_memory.h>
+#include <linux/bpf.h>
#include "internal.h"
static int module_set_memory(const struct module *mod, enum mod_mem_type type,
@@ -71,6 +72,7 @@ int module_enable_rodata_ro_after_init(const struct module *mod)
return module_set_memory(mod, MOD_RO_AFTER_INIT, set_memory_ro);
}
+ALLOW_ERROR_INJECTION(module_enable_rodata_ro_after_init, ERRNO);
int module_enable_data_nx(const struct module *mod)
{
--
2.39.5
Powered by blists - more mailing lists