Revert "ANDROID: GKI: Add module load time protected symbol lookup"

This reverts commit f8bd6cf70d.

Reason for revert: Part of old protected/unprotected module implemenation.
It is being replaced by a new design listed as option 2A at
go/gki-modules-build-integration

Bug: 232430739
Test: TH
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I0fbb4e4aede5f94c3454ea4be1735c837cae5118

kernel/module.c

@@ -271,7 +271,7 @@ static void module_assert_mutex_or_preempt(void)
 #endif
 }
 
-#if defined(CONFIG_MODULE_SIG) && !defined(CONFIG_MODULE_SIG_PROTECT)
+#ifdef CONFIG_MODULE_SIG
 static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
 module_param(sig_enforce, bool_enable_only, 0644);
 
@@ -2267,14 +2267,6 @@ static int verify_exported_symbols(struct module *mod)
 				.name	= kernel_symbol_name(s),
 				.gplok	= true,
 			};
-
-			if (!mod->sig_ok && gki_is_module_exported_symbol(
-						    kernel_symbol_name(s))) {
-				pr_err("%s: exporting protected symbol(%s)\n",
-				       mod->name, kernel_symbol_name(s));
-				return -EACCES;
-			}
-
 			if (find_symbol(&fsa)) {
 				pr_err("%s: exports duplicate symbol %s"
 				       " (owned by %s)\n",
@@ -2342,13 +2334,6 @@ static int simplify_symbols(struct module *mod, const struct load_info *info)
 			break;
 
 		case SHN_UNDEF:
-			if (!mod->sig_ok &&
-			    gki_is_module_protected_symbol(name)) {
-				pr_err("%s: is not an Android GKI signed module. It can not access protected symbol: %s\n",
-				       mod->name, name);
-				return -EACCES;
-			}
-
 			ksym = resolve_symbol_wait(mod, info, name);
 			/* Ok if resolved.  */
 			if (ksym && !IS_ERR(ksym)) {
@@ -4060,8 +4045,6 @@ static int load_module(struct load_info *info, const char __user *uargs,
 			       "kernel\n", mod->name);
 		add_taint_module(mod, TAINT_UNSIGNED_MODULE, LOCKDEP_STILL_OK);
 	}
-#else
-	mod->sig_ok = 0;
 #endif
 
 	/* To avoid stressing percpu allocator, do this once we're unique. */