On 7/8/2025 12:58 PM, Vlastimil Babka wrote:
> The module namespace support has been introduced to allow restricting
> exports to specific modules only, and intended for in-tree modules such
> as kvm. Make this intention explicit by disallowing out of tree modules
> both for the module loader and modpost.
>
> Signed-off-by: Vlastimil Babka <vbabka@xxxxxxx>
> ---
> Documentation/core-api/symbol-namespaces.rst | 5 +++--
> kernel/module/main.c | 3 ++-
> scripts/mod/modpost.c | 6 +++++-
> 3 files changed, 10 insertions(+), 4 deletions(-)
>
> diff --git a/Documentation/core-api/symbol-namespaces.rst b/Documentation/core-api/symbol-namespaces.rst
> index 32fc73dc5529e8844c2ce2580987155bcd13cd09..dc228ac738a5cdc49cc736c29170ca96df6a28dc 100644
> --- a/Documentation/core-api/symbol-namespaces.rst
> +++ b/Documentation/core-api/symbol-namespaces.rst
> @@ -83,13 +83,14 @@ Symbols exported using this macro are put into a module namespace. This
> namespace cannot be imported.
>
> The macro takes a comma separated list of module names, allowing only those
> -modules to access this symbol. Simple tail-globs are supported.
> +modules to access this symbol. The access is restricted to in-tree modules.
> +Simple tail-globs are supported.
>
> For example::
>
> EXPORT_SYMBOL_GPL_FOR_MODULES(preempt_notifier_inc, "kvm,kvm-*")
>
> -will limit usage of this symbol to modules whoes name matches the given
> +will limit usage of this symbol to in-tree modules whoes name matches the given
> patterns.
>
> How to use Symbols exported in Namespaces
> diff --git a/kernel/module/main.c b/kernel/module/main.c
> index 413ac6ea37021bc8ae260f624ca2745ed85333fc..ec7d8daa0347e3b65713396d6b6d14c2cb0270d3 100644
> --- a/kernel/module/main.c
> +++ b/kernel/module/main.c
> @@ -1157,7 +1157,8 @@ static int verify_namespace_is_imported(const struct load_info *info,
> namespace = kernel_symbol_namespace(sym);
> if (namespace && namespace[0]) {
>
> - if (verify_module_namespace(namespace, mod->name))
> + if (get_modinfo(info, "intree") &&
> + verify_module_namespace(namespace, mod->name))
> return 0;
>
> for_each_modinfo_entry(imported_namespace, info, "import_ns") {
> diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
> index 5ca7c268294ebb65acb0ba52a671eddca9279c61..d78be9834ed75f4b6ddb9af02a300a9bcc9234cc 100644
> --- a/scripts/mod/modpost.c
> +++ b/scripts/mod/modpost.c
> @@ -1695,7 +1695,8 @@ void buf_write(struct buffer *buf, const char *s, int len)
> * @modname: module name
> *
> * If @namespace is prefixed with "module:" to indicate it is a module namespace
> - * then test if @modname matches any of the comma separated patterns.
> + * then test if @modname matches any of the comma separated patterns. Access to
> + * module namespaces is restricted to in-tree modules only.
> *
> * The patterns only support tail-glob.
> */
> @@ -1706,6 +1707,9 @@ static bool verify_module_namespace(const char *namespace, const char *modname)
> const char *sep;
> bool glob;
>
> + if (external_module)
> + return false;
> +
> if (!strstarts(namespace, prefix))
> return false;
>
>
Reviewed-by: Shivank Garg <shivankg@xxxxxxx>
Thanks,
Shivank
