gki_module.c 1.9 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * Copyright 2022 Google LLC
  4. * Author: [email protected] (Ramji Jiyani)
  5. */
  6. #include <linux/bsearch.h>
  7. #include <linux/errno.h>
  8. #include <linux/kernel.h>
  9. #include <linux/printk.h>
  10. #include <linux/string.h>
  11. /*
  12. * Build time generated header files
  13. *
  14. * gki_module_protected_exports.h -- Symbols protected from _export_ by unsigned modules
  15. * gki_module_unprotected.h -- Symbols allowed to _access_ by unsigned modules
  16. */
  17. #include <generated/gki_module_protected_exports.h>
  18. #include <generated/gki_module_unprotected.h>
  19. #define MAX_STRCMP_LEN (max(MAX_UNPROTECTED_NAME_LEN, MAX_PROTECTED_EXPORTS_NAME_LEN))
  20. /* bsearch() comparision callback */
  21. static int cmp_name(const void *sym, const void *protected_sym)
  22. {
  23. return strncmp(sym, protected_sym, MAX_STRCMP_LEN);
  24. }
  25. /**
  26. * gki_is_module_protected_export - Is a symbol exported from a protected GKI module?
  27. *
  28. * @name: Symbol being checked against exported symbols from protected GKI modules
  29. */
  30. bool gki_is_module_protected_export(const char *name)
  31. {
  32. if (NR_UNPROTECTED_SYMBOLS) {
  33. return bsearch(name, gki_protected_exports_symbols, NR_PROTECTED_EXPORTS_SYMBOLS,
  34. MAX_PROTECTED_EXPORTS_NAME_LEN, cmp_name) != NULL;
  35. } else {
  36. /*
  37. * If there are no symbols in unprotected list; We don't need to
  38. * protect exports as there is no KMI enforcement.
  39. * Treat everything exportable in this case.
  40. */
  41. return false;
  42. }
  43. }
  44. /**
  45. * gki_is_module_unprotected_symbol - Is a symbol unprotected for unsigned module?
  46. *
  47. * @name: Symbol being checked in list of unprotected symbols
  48. */
  49. bool gki_is_module_unprotected_symbol(const char *name)
  50. {
  51. if (NR_UNPROTECTED_SYMBOLS) {
  52. return bsearch(name, gki_unprotected_symbols, NR_UNPROTECTED_SYMBOLS,
  53. MAX_UNPROTECTED_NAME_LEN, cmp_name) != NULL;
  54. } else {
  55. /*
  56. * If there are no symbols in unprotected list;
  57. * there isn't a KMI enforcement for the kernel.
  58. * Treat everything accessible in this case.
  59. */
  60. return true;
  61. }
  62. }