lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 26 Jun 2007 12:06:46 +1000
From:	Michael Ellerman <michael@...erman.id.au>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org, linuxppc-dev@...abs.org,
	linux-ia64@...r.kernel.org, linux-arch@...r.kernel.org,
	Christoph Hellwig <hch@....de>, anil.s.keshavamurthy@...el.com,
	ananth@...ibm.com
Subject: Re: [PATCH 3/3] Make jprobes a little safer for users

On Mon, 2007-06-25 at 19:00 -0700, Andrew Morton wrote:
> On Tue, 26 Jun 2007 11:48:51 +1000 (EST) Michael Ellerman <michael@...erman.id.au> wrote:
> 
> > I realise jprobes are a razor-blades-included type of interface, but
> > that doesn't mean we can't try and make them safer to use. This guy I
> > know once wrote code like this:
> > 
> > struct jprobe jp = { .kp.symbol_name = "foo", .entry = "jprobe_foo" };
> > 
> > And then his kernel exploded. Oops.
> > 
> > This patch adds an arch hook, arch_deref_entry_point() (I don't like it either)
> > which takes the void * in a struct jprobe, and gives back the text address
> > that it represents.
> > 
> > We can then use that in register_jprobe() to check that the entry point
> > we're passed is actually in the kernel text, rather than just some random
> > value.
> > 
> > Signed-off-by: Michael Ellerman <michael@...erman.id.au>
> > ---
> >  arch/ia64/kernel/kprobes.c    |    7 ++++++-
> >  arch/powerpc/kernel/kprobes.c |   11 ++++++++---
> >  kernel/kprobes.c              |    9 +++++++++
> 
> We're missing a declaration of arch_deref_entry_point() in some header file?

Yeah I guess. It's declared weak in kernel/kprobes.c, but there should
be a definition somewhere to make sure the three versions don't get out
of sync. I'll send a patch.

cheers

-- 
Michael Ellerman
OzLabs, IBM Australia Development Lab

wwweb: http://michael.ellerman.id.au
phone: +61 2 6212 1183 (tie line 70 21183)

We do not inherit the earth from our ancestors,
we borrow it from our children. - S.M.A.R.T Person

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ