Re: [PATCH 6.5 11/34] modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Cc: stable@vger.kernel.org, patches@lists.linux.dev,
	Christoph Hellwig <hch@lst.de>,
	Luis Chamberlain <mcgrof@kernel.org>,
	Mauro Carvalho Chehab <mchehab@kernel.org>,
	linux-media@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 6.5 11/34] modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
Date: Thu, 7 Sep 2023 10:30:50 +0100	[thread overview]
Message-ID: <2023090719-virtuous-snowflake-d015@gregkh> (raw)
In-Reply-To: <20230907084135.02d97441@mir>

On Thu, Sep 07, 2023 at 08:41:35AM +0200, Stefan Lippers-Hollmann wrote:
> Hi
> 
> On 2023-09-04, Greg Kroah-Hartman wrote:
> > 6.5-stable review patch.  If anyone has any objections, please let me know.
> >
> > ------------------
> >
> > From: Christoph Hellwig <hch@lst.de>
> >
> > commit 9011e49d54dcc7653ebb8a1e05b5badb5ecfa9f9 upstream.
> >
> > It has recently come to my attention that nvidia is circumventing the
> > protection added in 262e6ae7081d ("modules: inherit
> > TAINT_PROPRIETARY_MODULE") by importing exports from their proprietary
> > modules into an allegedly GPL licensed module and then rexporting them.
> >
> > Given that symbol_get was only ever intended for tightly cooperating
> > modules using very internal symbols it is logical to restrict it to
> > being used on EXPORT_SYMBOL_GPL and prevent nvidia from costly DMCA
> > Circumvention of Access Controls law suites.
> >
> > All symbols except for four used through symbol_get were already exported
> > as EXPORT_SYMBOL_GPL, and the remaining four ones were switched over in
> > the preparation patches.
> 
> This patch, as part of v6.5.2, breaks the in-kernel ds3000 module
> (for a TeVii s480 v2 DVB-S2 card, which is a PCIe card attaching two
> onboard TeVii s660 cards via an onboard USB2 controller (MCS9990),
> https://www.linuxtv.org/wiki/index.php/TeVii_S480) from loading.

This is also broken in Linus's tree, right?

> [    2.896589] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
> [    2.901085] failing symbol_get of non-GPLONLY symbol ds3000_attach.
> [    2.901089] DVB: Unable to find symbol ds3000_attach()

This is odd, where is that call coming from?  I don't see any call to
symbol_get in the dvb code, where is this happening?

Anyway, does the patch below fix this?

thanks,

greg k-h

----------------

diff --git a/drivers/media/dvb-frontends/ds3000.c b/drivers/media/dvb-frontends/ds3000.c
index 20fcf31af165..515aa7c7baf2 100644
--- a/drivers/media/dvb-frontends/ds3000.c
+++ b/drivers/media/dvb-frontends/ds3000.c
@@ -859,7 +859,7 @@ struct dvb_frontend *ds3000_attach(const struct ds3000_config *config,
 	ds3000_set_voltage(&state->frontend, SEC_VOLTAGE_OFF);
 	return &state->frontend;
 }
-EXPORT_SYMBOL(ds3000_attach);
+EXPORT_SYMBOL_GPL(ds3000_attach);
 
 static int ds3000_set_carrier_offset(struct dvb_frontend *fe,
 					s32 carrier_offset_khz)

next prev parent reply	other threads:[~2023-09-07  9:30 UTC|newest]

Thread overview: 54+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-09-04 18:29 [PATCH 6.5 00/34] 6.5.2-rc1 review Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 01/34] drm/amdgpu: correct vmhub index in GMC v10/11 Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 02/34] erofs: ensure that the post-EOF tails are all zeroed Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 03/34] ksmbd: fix wrong DataOffset validation of create context Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 04/34] ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 05/34] ksmbd: replace one-element array with flex-array member in struct smb2_ea_info Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 06/34] ksmbd: reduce descriptor size if remaining bytes is less than request size Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 07/34] ARM: pxa: remove use of symbol_get() Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 08/34] mmc: au1xmmc: force non-modular build and remove symbol_get usage Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 09/34] net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 10/34] rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 11/34] modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules Greg Kroah-Hartman
2023-09-07  6:41   ` Stefan Lippers-Hollmann
2023-09-07  9:30     ` Greg Kroah-Hartman [this message]
2023-09-07 20:17       ` Stefan Lippers-Hollmann
2023-09-08  6:46         ` Greg Kroah-Hartman
2023-09-08  7:07           ` Greg Kroah-Hartman
2023-09-08  8:31             ` Christoph Hellwig
2023-09-08  8:35               ` Christoph Hellwig
2023-09-08  8:47                 ` Greg Kroah-Hartman
2023-09-04 18:29 ` [PATCH 6.5 12/34] USB: serial: option: add Quectel EM05G variant (0x030e) Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 13/34] USB: serial: option: add FOXCONN T99W368/T99W373 product Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 14/34] ALSA: usb-audio: Fix init call orders for UAC1 Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 15/34] usb: dwc3: meson-g12a: do post init to fix broken usb after resumption Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 16/34] usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0 Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 17/34] HID: wacom: remove the battery when the EKR is off Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 18/34] staging: rtl8712: fix race condition Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 19/34] wifi: mt76: mt7921: do not support one stream on secondary antenna only Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 20/34] wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 21/34] wifi: rtw88: usb: kill and free rx urbs on probe failure Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 22/34] wifi: ath11k: Dont drop tx_status when peer cannot be found Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 23/34] wifi: ath11k: Cleanup mac80211 references on failure during tx_complete Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 24/34] serial: qcom-geni: fix opp vote on shutdown Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 25/34] serial: sc16is7xx: fix broken port 0 uart init Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 26/34] serial: sc16is7xx: fix bug when first setting GPIO direction Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 27/34] firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 28/34] fsi: master-ast-cf: Add MODULE_FIRMWARE macro Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 29/34] tcpm: Avoid soft reset when partner does not support get_status Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 30/34] dt-bindings: sc16is7xx: Add property to change GPIO function Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 31/34] tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 32/34] nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 33/34] usb: typec: tcpci: clear the fault status bit Greg Kroah-Hartman
2023-09-04 18:30 ` [PATCH 6.5 34/34] pinctrl: amd: Dont show `Invalid config param` errors Greg Kroah-Hartman
2023-09-05  0:09 ` [PATCH 6.5 00/34] 6.5.2-rc1 review Joel Fernandes
2023-09-05  4:43 ` Bagas Sanjaya
2023-09-05  8:15 ` Naresh Kamboju
2023-09-05  9:44 ` Sudip Mukherjee (Codethink)
2023-09-05 11:08 ` Jon Hunter
2023-09-05 17:11 ` Justin Forbes
2023-09-05 20:52 ` Shuah Khan
2023-09-05 22:52 ` Ron Economos
2023-09-06  5:31 ` SeongJae Park
2023-09-06 10:52 ` Rudi Heitbaum
2023-09-06 17:25 ` Guenter Roeck

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:20fcf31af16 dfblob:515aa7c7baf )
 OR (
bs:"Re: [PATCH 6.5 11/34] modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2023090719-virtuous-snowflake-d015@gregkh \
    --to=gregkh@linuxfoundation.org \
    --cc=hch@lst.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-media@vger.kernel.org \
    --cc=mcgrof@kernel.org \
    --cc=mchehab@kernel.org \
    --cc=patches@lists.linux.dev \
    --cc=s.l-h@gmx.de \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.