[PATCH] init_module.2: Document MODULE_INIT_COMPRESS_FILE flag

[PATCH] init_module.2: Document MODULE_INIT_COMPRESS_FILE flag

[Michael Weiß]

finit_module() supports the MODULE_INIT_COMPRESS_FILE flag since
Linux 5.17. See commit b1ae6dc41eaaa ("module: add in-kernel support
for decompressing")

During implementation of a secure module loader in GyroidOS, we
wanted to filter unsafe module parameters. To verify that only the
two documented flags which are disabling sanity checks are unsafe,
we had a look in the current kernel implementation.

We discovered that this new flag MODULE_INIT_COMPRESS_FILE was added.
Having a deeper look at the code, we also discovered that a new error
code EOPNOTSUPP is possible within newer kernels.

The inital commit only supported gzip and xz compression algorithms.
Support for zstd was added in Linux 6.2 by commit 169a58ad824d8
("module/decompress: Support zstd in-kernel decompression")

Signed-off-by: Michael Weiß <michael.weiss@aisec.fraunhofer.de>
---
 man2/init_module.2 | 48 +++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 47 insertions(+), 1 deletion(-)

diff --git a/man2/init_module.2 b/man2/init_module.2
index 95917a079..8197b0df6 100644
--- a/man2/init_module.2
+++ b/man2/init_module.2
@@ -107,6 +107,10 @@ Ignore symbol version hashes.
 .TP
 .B MODULE_INIT_IGNORE_VERMAGIC
 Ignore kernel version magic.
+.TP
+.BR MODULE_INIT_COMPRESSED_FILE " (since Linux 5.17)"
+.\" commit b1ae6dc41eaaa98bb75671e0f3665bfda248c3e7
+Use in-kernel module decompression.
 .P
 There are some safety checks built into a module to ensure that
 it matches the kernel against which it is loaded.
@@ -136,6 +140,41 @@ If the kernel is built to permit forced loading (i.e., configured with
 then loading continues, otherwise it fails with the error
 .B ENOEXEC
 as expected for malformed modules.
+.P
+If the kernel was build with
+.BR CONFIG_MODULE_DECOMPRESS ,
+the in-kernel decompression feature can be used.
+Userspace code can check if the kernel supports decompression by
+reading the
+.I /sys/module/compression
+attribute.
+If the kernel supports decompression, the compressed file can directly
+be passed to
+.BR finit_module ()
+using the
+.B MODULE_INIT_COMPRESSED_FILE
+flag.
+The in-kernel module decompressor supports the following compression
+algorithms:
+.P
+.RS 4
+.PD 0
+.IP \[bu] 3
+.I gzip
+(since Linux 5.17)
+.IP \[bu]
+.I xz
+(since Linux 5.17)
+.IP \[bu]
+.I zstd
+.\" commit 169a58ad824d896b9e291a27193342616e651b82
+(since Linux 6.2)
+.PD
+.RE
+.P
+The kernel only implements a single decompression method which is
+selected during module generation accordingly to the compression
+method selected in the kernel configuration.
 .SH RETURN VALUE
 On success, these system calls return 0.
 On error, \-1 is returned and
@@ -221,12 +260,19 @@ is too large.
 .TP
 .B EINVAL
 .I flags
-is invalid.
+is invalid or the decompressor sanity checks failed while loading
+a compressed module with flag
+.BR CONFIG_MODULE_DECOMPRESS
+set.
 .TP
 .B ENOEXEC
 .I fd
 does not refer to an open file.
 .TP
+.BR EOPNOTSUPP " (since Linux 5.17)"
+This error is return if the kernel was configured without
+.BR CONFIG_MODULE_DECOMPRESS
+.TP
 .BR ETXTBSY " (since Linux 4.7)"
 .\" commit 39d637af5aa7577f655c58b9e55587566c63a0af
 The file referred to by
-- 
2.39.2

Re: [PATCH] init_module.2: Document MODULE_INIT_COMPRESS_FILE flag

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 4666 bytes --]

Hi Michael,

On Fri, Mar 29, 2024 at 01:41:37PM +0100, Michael Weiß wrote:
> finit_module() supports the MODULE_INIT_COMPRESS_FILE flag since
> Linux 5.17. See commit b1ae6dc41eaaa ("module: add in-kernel support
> for decompressing")
> 
> During implementation of a secure module loader in GyroidOS, we
> wanted to filter unsafe module parameters. To verify that only the
> two documented flags which are disabling sanity checks are unsafe,
> we had a look in the current kernel implementation.
> 
> We discovered that this new flag MODULE_INIT_COMPRESS_FILE was added.
> Having a deeper look at the code, we also discovered that a new error
> code EOPNOTSUPP is possible within newer kernels.
> 
> The inital commit only supported gzip and xz compression algorithms.
> Support for zstd was added in Linux 6.2 by commit 169a58ad824d8
> ("module/decompress: Support zstd in-kernel decompression")
> 
> Signed-off-by: Michael Weiß <michael.weiss@aisec.fraunhofer.de>
> ---
>  man2/init_module.2 | 48 +++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 47 insertions(+), 1 deletion(-)
> 
> diff --git a/man2/init_module.2 b/man2/init_module.2
> index 95917a079..8197b0df6 100644
> --- a/man2/init_module.2
> +++ b/man2/init_module.2
> @@ -107,6 +107,10 @@ Ignore symbol version hashes.
>  .TP
>  .B MODULE_INIT_IGNORE_VERMAGIC
>  Ignore kernel version magic.
> +.TP
> +.BR MODULE_INIT_COMPRESSED_FILE " (since Linux 5.17)"
> +.\" commit b1ae6dc41eaaa98bb75671e0f3665bfda248c3e7
> +Use in-kernel module decompression.
>  .P
>  There are some safety checks built into a module to ensure that
>  it matches the kernel against which it is loaded.
> @@ -136,6 +140,41 @@ If the kernel is built to permit forced loading (i.e., configured with
>  then loading continues, otherwise it fails with the error
>  .B ENOEXEC
>  as expected for malformed modules.
> +.P
> +If the kernel was build with
> +.BR CONFIG_MODULE_DECOMPRESS ,
> +the in-kernel decompression feature can be used.
> +Userspace code can check if the kernel supports decompression by
> +reading the
> +.I /sys/module/compression
> +attribute.
> +If the kernel supports decompression, the compressed file can directly

Please use semantic newlines.  See man-pages(7):

$ MANWIDTH=72 man man-pages | sed -n '/Use semantic newlines/,/^$/p';
   Use semantic newlines
     In  the  source of a manual page, new sentences should be started
     on new lines, long sentences should be split into lines at clause
     breaks (commas, semicolons, colons, and so on), and long  clauses
     should be split at phrase boundaries.  This convention, sometimes
     known  as  "semantic newlines", makes it easier to see the effect
     of patches, which often operate at the level of  individual  sen‐
     tences, clauses, or phrases.

> +be passed to
> +.BR finit_module ()
> +using the
> +.B MODULE_INIT_COMPRESSED_FILE
> +flag.
> +The in-kernel module decompressor supports the following compression
> +algorithms:
> +.P
> +.RS 4
> +.PD 0
> +.IP \[bu] 3
> +.I gzip
> +(since Linux 5.17)
> +.IP \[bu]
> +.I xz
> +(since Linux 5.17)
> +.IP \[bu]
> +.I zstd
> +.\" commit 169a58ad824d896b9e291a27193342616e651b82
> +(since Linux 6.2)
> +.PD
> +.RE
> +.P
> +The kernel only implements a single decompression method which is
> +selected during module generation accordingly to the compression
> +method selected in the kernel configuration.
>  .SH RETURN VALUE
>  On success, these system calls return 0.
>  On error, \-1 is returned and
> @@ -221,12 +260,19 @@ is too large.
>  .TP
>  .B EINVAL
>  .I flags
> -is invalid.
> +is invalid or the decompressor sanity checks failed while loading
> +a compressed module with flag
> +.BR CONFIG_MODULE_DECOMPRESS

This should use B, not BR.  (It uses Bold, not Bold/Roman alternating.)

> +set.
>  .TP
>  .B ENOEXEC
>  .I fd
>  does not refer to an open file.
>  .TP
> +.BR EOPNOTSUPP " (since Linux 5.17)"
> +This error is return if the kernel was configured without

The first words seems redundant.  I'd use:

	The kernel was configured without CONFIG_MODULE_DECOMPRESS.

Which seems incomplete.  I guess if the module is not compressed, then
it won't report this error.

	The module is compressed, and the kernel was built without ...

> +.BR CONFIG_MODULE_DECOMPRESS

This was missing a terminating '.'.

> +.TP
>  .BR ETXTBSY " (since Linux 4.7)"
>  .\" commit 39d637af5aa7577f655c58b9e55587566c63a0af
>  The file referred to by
> -- 
> 2.39.2
> 

Have a lovely night!
Alex

-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH] init_module.2: Document MODULE_INIT_COMPRESS_FILE flag

[Michael Weiß]

Hi Alex,

On 3/31/24 00:05, Alejandro Colomar wrote:
> Hi Michael,
> 
> On Fri, Mar 29, 2024 at 01:41:37PM +0100, Michael Weiß wrote:
>> finit_module() supports the MODULE_INIT_COMPRESS_FILE flag since
>> Linux 5.17. See commit b1ae6dc41eaaa ("module: add in-kernel support
>> for decompressing")
>>
>> During implementation of a secure module loader in GyroidOS, we
>> wanted to filter unsafe module parameters. To verify that only the
>> two documented flags which are disabling sanity checks are unsafe,
>> we had a look in the current kernel implementation.
>>
>> We discovered that this new flag MODULE_INIT_COMPRESS_FILE was added.
>> Having a deeper look at the code, we also discovered that a new error
>> code EOPNOTSUPP is possible within newer kernels.
>>
>> The inital commit only supported gzip and xz compression algorithms.
>> Support for zstd was added in Linux 6.2 by commit 169a58ad824d8
>> ("module/decompress: Support zstd in-kernel decompression")
>>
>> Signed-off-by: Michael Weiß <michael.weiss@aisec.fraunhofer.de>
>> ---
>>  man2/init_module.2 | 48 +++++++++++++++++++++++++++++++++++++++++++++-
>>  1 file changed, 47 insertions(+), 1 deletion(-)
>>
>> diff --git a/man2/init_module.2 b/man2/init_module.2
>> index 95917a079..8197b0df6 100644
>> --- a/man2/init_module.2
>> +++ b/man2/init_module.2
>> @@ -107,6 +107,10 @@ Ignore symbol version hashes.
>>  .TP
>>  .B MODULE_INIT_IGNORE_VERMAGIC
>>  Ignore kernel version magic.
>> +.TP
>> +.BR MODULE_INIT_COMPRESSED_FILE " (since Linux 5.17)"
>> +.\" commit b1ae6dc41eaaa98bb75671e0f3665bfda248c3e7
>> +Use in-kernel module decompression.
>>  .P
>>  There are some safety checks built into a module to ensure that
>>  it matches the kernel against which it is loaded.
>> @@ -136,6 +140,41 @@ If the kernel is built to permit forced loading (i.e., configured with
>>  then loading continues, otherwise it fails with the error
>>  .B ENOEXEC
>>  as expected for malformed modules.
>> +.P
>> +If the kernel was build with
>> +.BR CONFIG_MODULE_DECOMPRESS ,
>> +the in-kernel decompression feature can be used.
>> +Userspace code can check if the kernel supports decompression by
>> +reading the
>> +.I /sys/module/compression
>> +attribute.
>> +If the kernel supports decompression, the compressed file can directly
> 
> Please use semantic newlines.  See man-pages(7):
> 
> $ MANWIDTH=72 man man-pages | sed -n '/Use semantic newlines/,/^$/p';
>    Use semantic newlines
>      In  the  source of a manual page, new sentences should be started
>      on new lines, long sentences should be split into lines at clause
>      breaks (commas, semicolons, colons, and so on), and long  clauses
>      should be split at phrase boundaries.  This convention, sometimes
>      known  as  "semantic newlines", makes it easier to see the effect
>      of patches, which often operate at the level of  individual  sen‐
>      tences, clauses, or phrases.
>
Thanks for the hint. I'll fix that.
 
>> +be passed to
>> +.BR finit_module ()
>> +using the
>> +.B MODULE_INIT_COMPRESSED_FILE
>> +flag.
>> +The in-kernel module decompressor supports the following compression
>> +algorithms:
>> +.P
>> +.RS 4
>> +.PD 0
>> +.IP \[bu] 3
>> +.I gzip
>> +(since Linux 5.17)
>> +.IP \[bu]
>> +.I xz
>> +(since Linux 5.17)
>> +.IP \[bu]
>> +.I zstd
>> +.\" commit 169a58ad824d896b9e291a27193342616e651b82
>> +(since Linux 6.2)
>> +.PD
>> +.RE
>> +.P
>> +The kernel only implements a single decompression method which is
>> +selected during module generation accordingly to the compression
>> +method selected in the kernel configuration.
>>  .SH RETURN VALUE
>>  On success, these system calls return 0.
>>  On error, \-1 is returned and
>> @@ -221,12 +260,19 @@ is too large.
>>  .TP
>>  .B EINVAL
>>  .I flags
>> -is invalid.
>> +is invalid or the decompressor sanity checks failed while loading
>> +a compressed module with flag
>> +.BR CONFIG_MODULE_DECOMPRESS
> 
> This should use B, not BR.  (It uses Bold, not Bold/Roman alternating.)
>
I spotted another error here, too. Should be: 

	.B MODULE_INIT_COMPRESSED_FILE

I'll fix that in v2.
 
>> +set.
>>  .TP
>>  .B ENOEXEC
>>  .I fd
>>  does not refer to an open file.
>>  .TP
>> +.BR EOPNOTSUPP " (since Linux 5.17)"
>> +This error is return if the kernel was configured without
> 
> The first words seems redundant.  I'd use:
> 
> 	The kernel was configured without CONFIG_MODULE_DECOMPRESS.
> 
> Which seems incomplete.  I guess if the module is not compressed, then
> it won't report this error.
> 
> 	The module is compressed, and the kernel was built without ...

True. But I would write:

	The flag
	.B MODULE_INIT_COMPRESSED_FILE
	is set to load a compressed module,
	and the kernel was built without
	.BR CONFIG_MODULE_DECOMPRESS .

Since the error directly dependents on a check of the flag.

> 
>> +.BR CONFIG_MODULE_DECOMPRESS
> 
> This was missing a terminating '.'.
> 
>> +.TP
>>  .BR ETXTBSY " (since Linux 4.7)"
>>  .\" commit 39d637af5aa7577f655c58b9e55587566c63a0af
>>  The file referred to by
>> -- 
>> 2.39.2
>>
> 
> Have a lovely night!
> Alex
> 

Regards,
Michael

Re: [PATCH] init_module.2: Document MODULE_INIT_COMPRESS_FILE flag

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 1476 bytes --]

Hi Michael,

On Tue, Apr 02, 2024 at 01:07:12PM +0200, Michael Weiß wrote:
> >>  .TP
> >>  .B EINVAL
> >>  .I flags
> >> -is invalid.
> >> +is invalid or the decompressor sanity checks failed while loading
> >> +a compressed module with flag
> >> +.BR CONFIG_MODULE_DECOMPRESS
> > 
> > This should use B, not BR.  (It uses Bold, not Bold/Roman alternating.)
> >
> I spotted another error here, too. Should be: 
> 
> 	.B MODULE_INIT_COMPRESSED_FILE
> 
> I'll fix that in v2.

Also, the two conditions seem different enough that I would split them
into two EINVAL entries.

>  
> >> +set.
> >>  .TP
> >>  .B ENOEXEC
> >>  .I fd
> >>  does not refer to an open file.
> >>  .TP
> >> +.BR EOPNOTSUPP " (since Linux 5.17)"
> >> +This error is return if the kernel was configured without
> > 
> > The first words seems redundant.  I'd use:
> > 
> > 	The kernel was configured without CONFIG_MODULE_DECOMPRESS.
> > 
> > Which seems incomplete.  I guess if the module is not compressed, then
> > it won't report this error.
> > 
> > 	The module is compressed, and the kernel was built without ...
> 
> True. But I would write:
> 
> 	The flag
> 	.B MODULE_INIT_COMPRESSED_FILE
> 	is set to load a compressed module,
> 	and the kernel was built without
> 	.BR CONFIG_MODULE_DECOMPRESS .
> 
> Since the error directly dependents on a check of the flag.

Agree.

Have a lovely day!
Alex


-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[PATCH] init_module.2: Document MODULE_INIT_COMPRESS_FILE flag

[Michael Weiß]

finit_module() supports the MODULE_INIT_COMPRESS_FILE flag since
Linux 5.17. See commit b1ae6dc41eaaa ("module: add in-kernel support
for decompressing")

During implementation of a secure module loader in GyroidOS, we
wanted to filter unsafe module parameters. To verify that only the
two documented flags which are disabling sanity checks are unsafe,
we had a look in the current kernel implementation.

We discovered that this new flag MODULE_INIT_COMPRESS_FILE was added.
Having a deeper look at the code, we also discovered that a new error
code EOPNOTSUPP is possible within newer kernels.

The inital commit only supported gzip and xz compression algorithms.
Support for zstd was added in Linux 6.2 by commit 169a58ad824d8
("module/decompress: Support zstd in-kernel decompression")

Signed-off-by: Michael Weiß <michael.weiss@aisec.fraunhofer.de>
---

Changes in v2:
- Update formatting (Alejandro)
- Split EINVAL into two entries (Alejandro)
- Fixed error in EINVAL, s/CONFIG_MODULE_DECOMPRESS/MODULE_INIT_COMPRESSED_FILE/
- Fixed incomplete description for EOPNOTSUPP (Alejandro)
- Link to v1: https://lore.kernel.org/r/20240329124137.630521-1-michael.weiss@aisec.fraunhofer.de/

---
 man2/init_module.2 | 50 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/man2/init_module.2 b/man2/init_module.2
index 95917a079..133d82b53 100644
--- a/man2/init_module.2
+++ b/man2/init_module.2
@@ -107,6 +107,10 @@ Ignore symbol version hashes.
 .TP
 .B MODULE_INIT_IGNORE_VERMAGIC
 Ignore kernel version magic.
+.TP
+.BR MODULE_INIT_COMPRESSED_FILE " (since Linux 5.17)"
+.\" commit b1ae6dc41eaaa98bb75671e0f3665bfda248c3e7
+Use in-kernel module decompression.
 .P
 There are some safety checks built into a module to ensure that
 it matches the kernel against which it is loaded.
@@ -136,6 +140,39 @@ If the kernel is built to permit forced loading (i.e., configured with
 then loading continues, otherwise it fails with the error
 .B ENOEXEC
 as expected for malformed modules.
+.P
+If the kernel was build with
+.BR CONFIG_MODULE_DECOMPRESS ,
+the in-kernel decompression feature can be used.
+Userspace code can check if the kernel supports decompression by reading the
+.I /sys/module/compression
+attribute.
+If the kernel supports decompression,
+the compressed file can directly be passed to
+.BR finit_module ()
+using the
+.B MODULE_INIT_COMPRESSED_FILE
+flag.
+The in-kernel module decompressor supports the following compression algorithms:
+.P
+.RS 4
+.PD 0
+.IP \[bu] 3
+.I gzip
+(since Linux 5.17)
+.IP \[bu]
+.I xz
+(since Linux 5.17)
+.IP \[bu]
+.I zstd
+.\" commit 169a58ad824d896b9e291a27193342616e651b82
+(since Linux 6.2)
+.PD
+.RE
+.P
+The kernel only implements a single decompression method.
+This is selected during module generation accordingly to the compression method
+chosen in the kernel configuration.
 .SH RETURN VALUE
 On success, these system calls return 0.
 On error, \-1 is returned and
@@ -223,10 +260,23 @@ is too large.
 .I flags
 is invalid.
 .TP
+.B EINVAL
+The decompressor sanity checks failed,
+while loading a compressed module with flag
+.B MODULE_INIT_COMPRESSED_FILE
+set.
+.TP
 .B ENOEXEC
 .I fd
 does not refer to an open file.
 .TP
+.BR EOPNOTSUPP " (since Linux 5.17)"
+The flag
+.B MODULE_INIT_COMPRESSED_FILE
+is set to load a compressed module,
+and the kernel was built without
+.BR CONFIG_MODULE_DECOMPRESS .
+.TP
 .BR ETXTBSY " (since Linux 4.7)"
 .\" commit 39d637af5aa7577f655c58b9e55587566c63a0af
 The file referred to by
-- 
2.39.2

Re: [PATCH] init_module.2: Document MODULE_INIT_COMPRESS_FILE flag

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 4234 bytes --]

Hi Michael,

On Wed, Apr 03, 2024 at 01:42:23PM GMT, Michael Weiß wrote:
> finit_module() supports the MODULE_INIT_COMPRESS_FILE flag since
> Linux 5.17. See commit b1ae6dc41eaaa ("module: add in-kernel support
> for decompressing")
> 
> During implementation of a secure module loader in GyroidOS, we
> wanted to filter unsafe module parameters. To verify that only the
> two documented flags which are disabling sanity checks are unsafe,
> we had a look in the current kernel implementation.
> 
> We discovered that this new flag MODULE_INIT_COMPRESS_FILE was added.
> Having a deeper look at the code, we also discovered that a new error
> code EOPNOTSUPP is possible within newer kernels.
> 
> The inital commit only supported gzip and xz compression algorithms.
> Support for zstd was added in Linux 6.2 by commit 169a58ad824d8
> ("module/decompress: Support zstd in-kernel decompression")
> 
> Signed-off-by: Michael Weiß <michael.weiss@aisec.fraunhofer.de>

I've applied the patch, with some minor cosmetic changes:
<https://www.alejandro-colomar.es/src/alx/linux/man-pages/man-pages.git/commit/?h=contrib&id=852f6874f5c1f57e70fcdc6e68411435acea2369>

Have a lovely day!
Alex

> ---
> 
> Changes in v2:
> - Update formatting (Alejandro)
> - Split EINVAL into two entries (Alejandro)
> - Fixed error in EINVAL, s/CONFIG_MODULE_DECOMPRESS/MODULE_INIT_COMPRESSED_FILE/
> - Fixed incomplete description for EOPNOTSUPP (Alejandro)
> - Link to v1: https://lore.kernel.org/r/20240329124137.630521-1-michael.weiss@aisec.fraunhofer.de/
> 
> ---
>  man2/init_module.2 | 50 ++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 50 insertions(+)
> 
> diff --git a/man2/init_module.2 b/man2/init_module.2
> index 95917a079..133d82b53 100644
> --- a/man2/init_module.2
> +++ b/man2/init_module.2
> @@ -107,6 +107,10 @@ Ignore symbol version hashes.
>  .TP
>  .B MODULE_INIT_IGNORE_VERMAGIC
>  Ignore kernel version magic.
> +.TP
> +.BR MODULE_INIT_COMPRESSED_FILE " (since Linux 5.17)"
> +.\" commit b1ae6dc41eaaa98bb75671e0f3665bfda248c3e7
> +Use in-kernel module decompression.
>  .P
>  There are some safety checks built into a module to ensure that
>  it matches the kernel against which it is loaded.
> @@ -136,6 +140,39 @@ If the kernel is built to permit forced loading (i.e., configured with
>  then loading continues, otherwise it fails with the error
>  .B ENOEXEC
>  as expected for malformed modules.
> +.P
> +If the kernel was build with
> +.BR CONFIG_MODULE_DECOMPRESS ,
> +the in-kernel decompression feature can be used.
> +Userspace code can check if the kernel supports decompression by reading the
> +.I /sys/module/compression
> +attribute.
> +If the kernel supports decompression,
> +the compressed file can directly be passed to
> +.BR finit_module ()
> +using the
> +.B MODULE_INIT_COMPRESSED_FILE
> +flag.
> +The in-kernel module decompressor supports the following compression algorithms:
> +.P
> +.RS 4
> +.PD 0
> +.IP \[bu] 3
> +.I gzip
> +(since Linux 5.17)
> +.IP \[bu]
> +.I xz
> +(since Linux 5.17)
> +.IP \[bu]
> +.I zstd
> +.\" commit 169a58ad824d896b9e291a27193342616e651b82
> +(since Linux 6.2)
> +.PD
> +.RE
> +.P
> +The kernel only implements a single decompression method.
> +This is selected during module generation accordingly to the compression method
> +chosen in the kernel configuration.
>  .SH RETURN VALUE
>  On success, these system calls return 0.
>  On error, \-1 is returned and
> @@ -223,10 +260,23 @@ is too large.
>  .I flags
>  is invalid.
>  .TP
> +.B EINVAL
> +The decompressor sanity checks failed,
> +while loading a compressed module with flag
> +.B MODULE_INIT_COMPRESSED_FILE
> +set.
> +.TP
>  .B ENOEXEC
>  .I fd
>  does not refer to an open file.
>  .TP
> +.BR EOPNOTSUPP " (since Linux 5.17)"
> +The flag
> +.B MODULE_INIT_COMPRESSED_FILE
> +is set to load a compressed module,
> +and the kernel was built without
> +.BR CONFIG_MODULE_DECOMPRESS .
> +.TP
>  .BR ETXTBSY " (since Linux 4.7)"
>  .\" commit 39d637af5aa7577f655c58b9e55587566c63a0af
>  The file referred to by
> -- 
> 2.39.2
> 
> 

-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]