Skip to content

Commit ae83f3b

Browse files
keesdagomez137
kees
authored and
dagomez137
committed
module: Add compile-time check for embedded NUL characters
Long ago, the kernel module license checks were bypassed by embedding a NUL character in the MODULE_LICENSE() string[1]. By using a string like "GPL\0proprietary text", the kernel would only read "GPL" due to C string termination at the NUL byte, allowing proprietary modules to avoid kernel tainting and access GPL-only symbols. The MODULE_INFO() macro stores these strings in the .modinfo ELF section, and get_next_modinfo() uses strcmp()-family functions which stop at the first NUL. This split the embedded string into two separate .modinfo entries, with only the first part being processed by license_is_gpl_compatible(). Add a compile-time check using static_assert that compares the full string length (sizeof - 1) against __builtin_strlen(), which stops at the first NUL. If they differ, compilation fails with a clear error message. While this check can still be circumvented by modifying the ELF binary post-compilation, it prevents accidental embedded NULs and forces intentional abuse to require deliberate binary manipulation rather than simple source-level tricks. Build tested with test modules containing both valid and invalid license strings. The check correctly rejects: MODULE_LICENSE("GPL\0proprietary") while accepting normal declarations: MODULE_LICENSE("GPL") Link: https://lwn.net/Articles/82305/ [1] Suggested-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Kees Cook <kees@kernel.org> Reviewed-by: Daniel Gomez <da.gomez@samsung.com> Reviewed-by: Aaron Tomlin <atomlin@atomlin.com> Reviewed-by: Petr Pavlu <petr.pavlu@suse.com> Tested-by: Daniel Gomez <da.gomez@samsung.com> Signed-off-by: Daniel Gomez <da.gomez@samsung.com>
1 parent 57e9853 commit ae83f3b

1 file changed

Lines changed: 3 additions & 0 deletions

File tree

include/linux/moduleparam.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,9 @@
2626

2727
/* Generic info of form tag = "info" */
2828
#define MODULE_INFO(tag, info) \
29+
static_assert( \
30+
sizeof(info) - 1 == __builtin_strlen(info), \
31+
"MODULE_INFO(" #tag ", ...) contains embedded NUL byte"); \
2932
static const char __UNIQUE_ID(modinfo)[] \
3033
__used __section(".modinfo") __aligned(1) \
3134
= __MODULE_INFO_PREFIX __stringify(tag) "=" info

0 commit comments

Comments
 (0)