123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179 |
- /*
- * kmod - the kernel module loader
- */
- #include <linux/module.h>
- #include <linux/sched.h>
- #include <linux/sched/task.h>
- #include <linux/binfmts.h>
- #include <linux/syscalls.h>
- #include <linux/unistd.h>
- #include <linux/kmod.h>
- #include <linux/slab.h>
- #include <linux/completion.h>
- #include <linux/cred.h>
- #include <linux/file.h>
- #include <linux/fdtable.h>
- #include <linux/workqueue.h>
- #include <linux/security.h>
- #include <linux/mount.h>
- #include <linux/kernel.h>
- #include <linux/init.h>
- #include <linux/resource.h>
- #include <linux/notifier.h>
- #include <linux/suspend.h>
- #include <linux/rwsem.h>
- #include <linux/ptrace.h>
- #include <linux/async.h>
- #include <linux/uaccess.h>
- #include <trace/events/module.h>
- /*
- * Assuming:
- *
- * threads = div64_u64((u64) totalram_pages * (u64) PAGE_SIZE,
- * (u64) THREAD_SIZE * 8UL);
- *
- * If you need less than 50 threads would mean we're dealing with systems
- * smaller than 3200 pages. This assuems you are capable of having ~13M memory,
- * and this would only be an be an upper limit, after which the OOM killer
- * would take effect. Systems like these are very unlikely if modules are
- * enabled.
- */
- #define MAX_KMOD_CONCURRENT 50
- static atomic_t kmod_concurrent_max = ATOMIC_INIT(MAX_KMOD_CONCURRENT);
- static DECLARE_WAIT_QUEUE_HEAD(kmod_wq);
- /*
- * This is a restriction on having *all* MAX_KMOD_CONCURRENT threads
- * running at the same time without returning. When this happens we
- * believe you've somehow ended up with a recursive module dependency
- * creating a loop.
- *
- * We have no option but to fail.
- *
- * Userspace should proactively try to detect and prevent these.
- */
- #define MAX_KMOD_ALL_BUSY_TIMEOUT 5
- /*
- modprobe_path is set via /proc/sys.
- */
- char modprobe_path[KMOD_PATH_LEN] = "/sbin/modprobe";
- static void free_modprobe_argv(struct subprocess_info *info)
- {
- kfree(info->argv[3]); /* check call_modprobe() */
- kfree(info->argv);
- }
- static int call_modprobe(char *module_name, int wait)
- {
- struct subprocess_info *info;
- static char *envp[] = {
- "HOME=/",
- "TERM=linux",
- "PATH=/sbin:/usr/sbin:/bin:/usr/bin",
- NULL
- };
- char **argv = kmalloc(sizeof(char *[5]), GFP_KERNEL);
- if (!argv)
- goto out;
- module_name = kstrdup(module_name, GFP_KERNEL);
- if (!module_name)
- goto free_argv;
- argv[0] = modprobe_path;
- argv[1] = "-q";
- argv[2] = "--";
- argv[3] = module_name; /* check free_modprobe_argv() */
- argv[4] = NULL;
- info = call_usermodehelper_setup(modprobe_path, argv, envp, GFP_KERNEL,
- NULL, free_modprobe_argv, NULL);
- if (!info)
- goto free_module_name;
- return call_usermodehelper_exec(info, wait | UMH_KILLABLE);
- free_module_name:
- kfree(module_name);
- free_argv:
- kfree(argv);
- out:
- return -ENOMEM;
- }
- /**
- * __request_module - try to load a kernel module
- * @wait: wait (or not) for the operation to complete
- * @fmt: printf style format string for the name of the module
- * @...: arguments as specified in the format string
- *
- * Load a module using the user mode module loader. The function returns
- * zero on success or a negative errno code or positive exit code from
- * "modprobe" on failure. Note that a successful module load does not mean
- * the module did not then unload and exit on an error of its own. Callers
- * must check that the service they requested is now available not blindly
- * invoke it.
- *
- * If module auto-loading support is disabled then this function
- * becomes a no-operation.
- */
- int __request_module(bool wait, const char *fmt, ...)
- {
- va_list args;
- char module_name[MODULE_NAME_LEN];
- int ret;
- /*
- * We don't allow synchronous module loading from async. Module
- * init may invoke async_synchronize_full() which will end up
- * waiting for this task which already is waiting for the module
- * loading to complete, leading to a deadlock.
- */
- WARN_ON_ONCE(wait && current_is_async());
- if (!modprobe_path[0])
- return 0;
- va_start(args, fmt);
- ret = vsnprintf(module_name, MODULE_NAME_LEN, fmt, args);
- va_end(args);
- if (ret >= MODULE_NAME_LEN)
- return -ENAMETOOLONG;
- ret = security_kernel_module_request(module_name);
- if (ret)
- return ret;
- if (atomic_dec_if_positive(&kmod_concurrent_max) < 0) {
- pr_warn_ratelimited("request_module: kmod_concurrent_max (%u) close to 0 (max_modprobes: %u), for module %s, throttling...",
- atomic_read(&kmod_concurrent_max),
- MAX_KMOD_CONCURRENT, module_name);
- ret = wait_event_killable_timeout(kmod_wq,
- atomic_dec_if_positive(&kmod_concurrent_max) >= 0,
- MAX_KMOD_ALL_BUSY_TIMEOUT * HZ);
- if (!ret) {
- pr_warn_ratelimited("request_module: modprobe %s cannot be processed, kmod busy with %d threads for more than %d seconds now",
- module_name, MAX_KMOD_CONCURRENT, MAX_KMOD_ALL_BUSY_TIMEOUT);
- return -ETIME;
- } else if (ret == -ERESTARTSYS) {
- pr_warn_ratelimited("request_module: sigkill sent for modprobe %s, giving up", module_name);
- return ret;
- }
- }
- trace_module_request(module_name, wait, _RET_IP_);
- ret = call_modprobe(module_name, wait ? UMH_WAIT_PROC : UMH_WAIT_EXEC);
- atomic_inc(&kmod_concurrent_max);
- wake_up(&kmod_wq);
- return ret;
- }
- EXPORT_SYMBOL(__request_module);
|