modsign: log module name in the event of an error

Now that we have the load_info struct all initialized (including
info->name, which contains the name of the module) before
module_sig_check(), make the load_info struct and hence module name
available to mod_verify_sig() so that we can log the module name in the
event of an error.

Signed-off-by: Jessica Yu <jeyu@kernel.org>

diff --git a/kernel/module-internal.h b/kernel/module-internal.h
index 915e123a430fbb0cb6ea9197b90ab6ec3684a191..79c9be2dbbe987a95e53be8c64d9e540db7bec4b 100644 (file)
--- a/kernel/module-internal.h
+++ b/kernel/module-internal.h
@@ -9,4 +9,27 @@
  * 2 of the Licence, or (at your option) any later version.
  */
 
-extern int mod_verify_sig(const void *mod, unsigned long *_modlen);
+#include <linux/elf.h>
+#include <asm/module.h>
+
+struct load_info {
+       const char *name;
+       /* pointer to module in temporary copy, freed at end of load_module() */
+       struct module *mod;
+       Elf_Ehdr *hdr;
+       unsigned long len;
+       Elf_Shdr *sechdrs;
+       char *secstrings, *strtab;
+       unsigned long symoffs, stroffs;
+       struct _ddebug *debug;
+       unsigned int num_debug;
+       bool sig_ok;
+#ifdef CONFIG_KALLSYMS
+       unsigned long mod_kallsyms_init_off;
+#endif
+       struct {
+               unsigned int sym, str, mod, vers, info, pcpu;
+       } index;
+};
+
+extern int mod_verify_sig(const void *mod, struct load_info *info);

diff --git a/kernel/module.c b/kernel/module.c
index ba45a84e428703ced449952e61be8140d155fab2..8a45986fd7289ce4943559f9b37574e0ed753f5d 100644 (file)
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -307,26 +307,6 @@ int unregister_module_notifier(struct notifier_block *nb)
 }
 EXPORT_SYMBOL(unregister_module_notifier);
 
-struct load_info {
-       const char *name;
-       /* pointer to module in temporary copy, freed at end of load_module() */
-       struct module *mod;
-       Elf_Ehdr *hdr;
-       unsigned long len;
-       Elf_Shdr *sechdrs;
-       char *secstrings, *strtab;
-       unsigned long symoffs, stroffs;
-       struct _ddebug *debug;
-       unsigned int num_debug;
-       bool sig_ok;
-#ifdef CONFIG_KALLSYMS
-       unsigned long mod_kallsyms_init_off;
-#endif
-       struct {
-               unsigned int sym, str, mod, vers, info, pcpu;
-       } index;
-};
-
 /*
  * We require a truly strong try_module_get(): 0 means success.
  * Otherwise an error is returned due to ongoing or failed
@@ -2778,7 +2758,7 @@ static int module_sig_check(struct load_info *info, int flags)
            memcmp(mod + info->len - markerlen, MODULE_SIG_STRING, markerlen) == 0) {
                /* We truncate the module to discard the signature */
                info->len -= markerlen;
-               err = mod_verify_sig(mod, &info->len);
+               err = mod_verify_sig(mod, info);
        }
 
        if (!err) {

diff --git a/kernel/module_signing.c b/kernel/module_signing.c
index 937c844bee4af8b17d2780bf69203ce381a434cd..f2075ce8e4b369c8e056a81ab18ccab271bbe192 100644 (file)
--- a/kernel/module_signing.c
+++ b/kernel/module_signing.c
@@ -45,10 +45,10 @@ struct module_signature {
 /*
  * Verify the signature on a module.
  */
-int mod_verify_sig(const void *mod, unsigned long *_modlen)
+int mod_verify_sig(const void *mod, struct load_info *info)
 {
        struct module_signature ms;
-       size_t modlen = *_modlen, sig_len;
+       size_t sig_len, modlen = info->len;
 
        pr_devel("==>%s(,%zu)\n", __func__, modlen);
 
@@ -62,10 +62,11 @@ int mod_verify_sig(const void *mod, unsigned long *_modlen)
        if (sig_len >= modlen)
                return -EBADMSG;
        modlen -= sig_len;
-       *_modlen = modlen;
+       info->len = modlen;
 
        if (ms.id_type != PKEY_ID_PKCS7) {
-               pr_err("Module is not signed with expected PKCS#7 message\n");
+               pr_err("%s: Module is not signed with expected PKCS#7 message\n",
+                      info->name);
                return -ENOPKG;
        }
 
@@ -76,7 +77,8 @@ int mod_verify_sig(const void *mod, unsigned long *_modlen)
            ms.__pad[0] != 0 ||
            ms.__pad[1] != 0 ||
            ms.__pad[2] != 0) {
-               pr_err("PKCS#7 signature info has unexpected non-zero params\n");
+               pr_err("%s: PKCS#7 signature info has unexpected non-zero params\n",
+                      info->name);
                return -EBADMSG;
        }