lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 18 Apr 2018 15:21:38 +0200
From:   Jessica Yu <jeyu@...nel.org>
To:     Thomas Richter <tmricht@...ux.ibm.com>
Cc:     torvalds@...ux-foundation.org, linux-kernel@...r.kernel.org,
        borntraeger@...ibm.com, schwidefsky@...ibm.com,
        brueckner@...ux.vnet.ibm.com, heiko.carstens@...ibm.com,
        peterz@...radead.org, acme@...nel.org, me@...in.cc,
        keescook@...omium.org, stable@...r.kernel.org
Subject: Re: [PATCH v3] module: Fix display of wrong  module .text address

+++ Thomas Richter [18/04/18 09:14 +0200]:
>Reading file /proc/modules shows the correct address:
>[root@...lp76 ~]# cat /proc/modules | egrep '^qeth_l2'
>qeth_l2 94208 1 - Live 0x000003ff80401000
>
>and reading file /sys/module/qeth_l2/sections/.text
>[root@...lp76 ~]# cat /sys/module/qeth_l2/sections/.text
>0x0000000018ea8363
>displays a random address.
>
>This breaks the perf tool which uses this address on s390
>to calculate start of .text section in memory.
>
>Fix this by printing the correct (unhashed) address.
>
>Thanks to Jessica Yu for helping on this.
>
>Fixes: ef0010a30935 ("vsprintf: don't use 'restricted_pointer()' when not restricting")
>Cc: <stable@...r.kernel.org> # v4.15+
>Suggested-by: Linus Torvalds <torvalds@...ux-foundation.org>
>Signed-off-by: Thomas Richter <tmricht@...ux.ibm.com>
>Cc: Jessica Yu <jeyu@...nel.org>

Thanks for turning this into a real patch. Looks good to me, if Linus
wants to take it directly:

Acked-by: Jessica Yu <jeyu@...nel.org>

Otherwise I can take this up my tree.

As Linus mentioned, we should technically be checking the opening
task's credentials/capabilities, but converting everything to pass the
actual struct seq_file/file to the sysfs show handlers would be fairly
painful :/ At least those /sys/module/*/sections/ files are all set to
0400. I think this fix is sufficient for now.

>---
> kernel/module.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
>diff --git a/kernel/module.c b/kernel/module.c
>index a6e43a5806a1..40b42000bd80 100644
>--- a/kernel/module.c
>+++ b/kernel/module.c
>@@ -1472,7 +1472,8 @@ static ssize_t module_sect_show(struct module_attribute *mattr,
> {
> 	struct module_sect_attr *sattr =
> 		container_of(mattr, struct module_sect_attr, mattr);
>-	return sprintf(buf, "0x%pK\n", (void *)sattr->address);
>+	return sprintf(buf, "0x%px\n", kptr_restrict < 2 ?
>+		       (void *)sattr->address : NULL);
> }
>
> static void free_sect_attrs(struct module_sect_attrs *sect_attrs)
>-- 
>2.14.3
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ