euleros inclusion
category: feature
feature: etmem
bugzilla: https://gitee.com/openeuler/kernel/issues/I4OODH?from=project-issue
CVE: NA

-------------------------------------------------

Module scan/swap and etmem access export file operations without
protection.
Kernel crash can be triggered by following:
1.insert scan/swap module.
2.etmem check if exported file operations are set.
3.remove scan/swap module.
4.etmem call checked file operation.
5.kernel crash happens.

Fix this as following:
Module scan/swap set and clear operations with lock held.
Etmem in kernel calls try_module_get to with lock held.
Etmem call read/open/release/ioctl callback without lock held with module
get.

Another concurrent access situaction is that open for idles_pages and
swap_pages will success without scan/swap module inserted. If scan/swap
module is inserteds after open, subsequent call of open/read/close will
call exported file operations set by scan/swap. This also may trigger
kernel crash as following:
1.open idle_pages or swap_pages
2.modprobe scan/swap module
3.close idle_pages or swap_pages(module_put is called without
try_module_get)
4.modprobe -r scan/swap module found invalid module reference count in
trace delete_module syscall->try_stop_module->try_release_module_ref
and report a BUG_ON for ret < 0.

Fix this by only return file successfully with scan/swap module inserted.
Signed-off-by: NKemeng Shi <shikemeng@huawei.com>
Reviewed-by: Nlouhongxiang <louhongxiang@huawei.com>
Reviewed-by: NChen Wandun <chenwandun@huawei.com>
Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>