ANDROID: GKI: Handle no ABI symbol list for modules

ACKs with no ABI symbol lists like mainline, don't let any unsigned modules load as every access is being treated as violation as NO_OF_UNPROTECTED_SYMBOLS will be 0 in this case. Check NO_OF_UNPROTECTED_SYMBOLS and if it's 0, allow every symbol access by unsigned modules; so we can keep the feature enable and also not break any devices. It should never be 0 with kernel branches where KMI_SYMBOL_LISTS have been enabled. Bug: 257458145 Bug: 232430739 Test: TH Fixes: e9669eeb2f45 ("ANDROID: GKI: Add module load time symbol protection") Change-Id: Iab65e1425473e32baaad0d6c7f0d3eb007ae864f Signed-off-by: Ramji Jiyani <ramjiyani@google.com> (cherry picked from commit 8e00226a8fffa10b6383e448af785ce44451688e)
2022-11-04 20:16:30 +00:00
parent 23eff0b4a8
commit 706d642b1d
1 changed files with 11 additions and 2 deletions
--- a/kernel/gki_module.c
+++ b/kernel/gki_module.c
@@ -30,6 +30,15 @@ static int cmp_name(const void *sym, const void *protected_sym)
 */
 bool gki_is_module_unprotected_symbol(const char *name)
 {
-	return bsearch(name, gki_unprotected_symbols, NO_OF_UNPROTECTED_SYMBOLS,
-		       MAX_UNPROTECTED_NAME_LEN, cmp_name) != NULL;
+	if (NO_OF_UNPROTECTED_SYMBOLS) {
+		return bsearch(name, gki_unprotected_symbols, NO_OF_UNPROTECTED_SYMBOLS,
+				MAX_UNPROTECTED_NAME_LEN, cmp_name) != NULL;
+	} else {
+		/*
+		 * If there are no symbols in unprotected list;
+		 * there isn't a KMI enforcement for the kernel.
+		 * Treat evertything accessible in this case.
+		 */
+		return true;
+	}
 }