linux-stable/rust
Benno Lossin 398248fc45 rust: macros: fix soundness issue in module! macro
commit 7044dcff83 upstream.

The `module!` macro creates glue code that are called by C to initialize
the Rust modules using the `Module::init` function. Part of this glue
code are the local functions `__init` and `__exit` that are used to
initialize/destroy the Rust module.

These functions are safe and also visible to the Rust mod in which the
`module!` macro is invoked. This means that they can be called by other
safe Rust code. But since they contain `unsafe` blocks that rely on only
being called at the right time, this is a soundness issue.

Wrap these generated functions inside of two private modules, this
guarantees that the public functions cannot be called from the outside.
Make the safe functions `unsafe` and add SAFETY comments.

Cc: stable@vger.kernel.org
Reported-by: Björn Roy Baron <bjorn3_gh@protonmail.com>
Closes: https://github.com/Rust-for-Linux/linux/issues/629
Fixes: 1fbde52bde ("rust: add `macros` crate")
Signed-off-by: Benno Lossin <benno.lossin@proton.me>
Reviewed-by: Wedson Almeida Filho <walmeida@microsoft.com>
Link: https://lore.kernel.org/r/20240401185222.12015-1-benno.lossin@proton.me
[ Moved `THIS_MODULE` out of the private-in-private modules since it
  should remain public, as Dirk Behme noticed [1]. Capitalized comments,
  avoided newline in non-list SAFETY comments and reworded to add
  Reported-by and newline. ]
Link: https://rust-for-linux.zulipchat.com/#narrow/stream/291565-Help/topic/x/near/433512583 [1]
Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-05-17 11:56:17 +02:00
..
alloc rust: adapt alloc crate to the kernel 2022-09-28 08:57:01 +02:00
bindings rust: allocator: Prevent mis-aligned allocation 2023-08-11 12:08:18 +02:00
kernel rust: error: Rename to_kernel_errno() -> to_errno() 2024-05-17 11:56:16 +02:00
macros rust: macros: fix soundness issue in module! macro 2024-05-17 11:56:17 +02:00
.gitignore Kbuild: add Rust support 2022-09-28 09:02:20 +02:00
bindgen_parameters Kbuild: add Rust support 2022-09-28 09:02:20 +02:00
compiler_builtins.rs rust: add compiler_builtins crate 2022-09-28 08:58:00 +02:00
exports.c rust: export generated symbols 2022-09-28 08:59:52 +02:00
helpers.c rust: add C helpers 2022-09-28 08:56:43 +02:00
Makefile kbuild: specify output names separately for each emission type from rustc 2024-05-17 11:55:53 +02:00