tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Don't load kernel modules from the current directory
modload looks for modules first in the current working directory, if not
found there the system module area is searched (/stand/...).
otoh, we don't look in '.' when we load libraries in userspace programs,
we even removed '.' from the Lua loader but when it comes to kernel code
we happily accept anything that sits there "by accident".
The proposed and attached patch changes this in two ways: The module
loader never looks in '.' by always constructing a path pointing to the
system module area and the function kobj_load_vfs() ensures the path
starts with a '/', thus it will only work with absolute paths.
The consequence is that kernel modules can only be loaded via the module
loader interface from /stand/<arch>/<name>/<name>.kmod and that
generally only objects with absolute paths can be loaded using
kobj_load_vfs().
Comments?
Index: sys/kern/kern_module_vfs.c
===================================================================
RCS file: /cvsroot/src/sys/kern/kern_module_vfs.c,v
retrieving revision 1.10
diff -u -r1.10 kern_module_vfs.c
--- sys/kern/kern_module_vfs.c 28 Nov 2010 00:26:38 -0000 1.10
+++ sys/kern/kern_module_vfs.c 3 Aug 2011 06:26:56 -0000
@@ -76,17 +76,9 @@
*filedictp = NULL;
path = PNBUF_GET();
- if (!autoload) {
- nochroot = false;
- snprintf(path, MAXPATHLEN, "%s", name);
- error = kobj_load_vfs(&mod->mod_kobj, path, nochroot);
- }
- if (autoload || (error == ENOENT)) {
- nochroot = true;
- snprintf(path, MAXPATHLEN, "%s/%s/%s.kmod",
- module_base, name, name);
- error = kobj_load_vfs(&mod->mod_kobj, path, nochroot);
- }
+ nochroot = true;
+ snprintf(path, MAXPATHLEN, "%s/%s/%s.kmod", module_base, name, name);
+ error = kobj_load_vfs(&mod->mod_kobj, path, nochroot);
if (error != 0) {
PNBUF_PUT(path);
if (autoload) {
Index: sys/kern/subr_kobj_vfs.c
===================================================================
RCS file: /cvsroot/src/sys/kern/subr_kobj_vfs.c,v
retrieving revision 1.4
diff -u -r1.4 subr_kobj_vfs.c
--- sys/kern/subr_kobj_vfs.c 19 Nov 2010 06:44:43 -0000 1.4
+++ sys/kern/subr_kobj_vfs.c 3 Aug 2011 06:26:56 -0000
@@ -139,6 +139,10 @@
int error;
kobj_t ko;
+ KASSERT(path != NULL);
+ if (*path != '/')
+ return ENOENT;
+
cred = kauth_cred_get();
ko = kmem_zalloc(sizeof(*ko), KM_SLEEP);
Index: sbin/modload/modload.8
===================================================================
RCS file: /cvsroot/src/sbin/modload/modload.8,v
retrieving revision 1.40
diff -u -r1.40 modload.8
--- sbin/modload/modload.8 14 Dec 2010 16:23:59 -0000 1.40
+++ sbin/modload/modload.8 3 Aug 2011 06:26:57 -0000
@@ -32,7 +32,7 @@
.\"
.\" <<Id: LICENSE,v 1.2 2000/06/14 15:57:33 cgd Exp>>
.\"
-.Dd December 14, 2010
+.Dd August 3, 2011
.Dt MODLOAD 8
.Os
.Sh NAME
@@ -59,8 +59,7 @@
.Ar module
paramamter into the running system.
.Pp
-The current working directory is first searched for the module object file.
-If not found there, the default system module areas are searched.
+Modules are loaded from the default system module areas.
.Pp
The options to
.Nm
Home |
Main Index |
Thread Index |
Old Index