The goal for finit_module is to make sure we're getting what's on the
filesystem, not an arbitrary blob, so we can reason about it for
security policy.
was confused about the functioning of the *current* init_module() system
call.
Given that, I have to say I now seriously question the value of
finit_module(). The kernel can trivially discover if the pointed-to memory
area is a MAP_SHARED mmap() of a file descriptor and if so which file
descriptor... why can't we handle this behind the scenes?
This makes me very nervous. I worry that it adds needless complexity
(it'd be many more checks besides "is it MAP_SHARED?", like "does the
memory region show the whole file?" "is the offset zero?" etc). Also
are we sure the memory area would be truly be unmodifiable in the case
where the filesystem is read-only?