lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 1 May 2018 19:20:48 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Thomas Richter <tmricht@...ux.ibm.com>
Cc:     Jessica Yu <jeyu@...nel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Christian Borntraeger <borntraeger@...ibm.com>,
        Martin Schwidefsky <schwidefsky@...ibm.com>,
        brueckner@...ux.vnet.ibm.com,
        Heiko Carstens <heiko.carstens@...ibm.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Arnaldo Carvalho de Melo <acme@...nel.org>,
        "Tobin C. Harding" <me@...in.cc>,
        "# 3.4.x" <stable@...r.kernel.org>
Subject: Re: [PATCH v3] module: Fix display of wrong module .text address

On Wed, Apr 18, 2018 at 12:14 AM, Thomas Richter <tmricht@...ux.ibm.com> wrote:
> Reading file /proc/modules shows the correct address:
> [root@...lp76 ~]# cat /proc/modules | egrep '^qeth_l2'
> qeth_l2 94208 1 - Live 0x000003ff80401000
>
> and reading file /sys/module/qeth_l2/sections/.text
> [root@...lp76 ~]# cat /sys/module/qeth_l2/sections/.text
> 0x0000000018ea8363
> displays a random address.
>
> This breaks the perf tool which uses this address on s390
> to calculate start of .text section in memory.
>
> Fix this by printing the correct (unhashed) address.
>
> Thanks to Jessica Yu for helping on this.
>
> Fixes: ef0010a30935 ("vsprintf: don't use 'restricted_pointer()' when not restricting")
> Cc: <stable@...r.kernel.org> # v4.15+
> Suggested-by: Linus Torvalds <torvalds@...ux-foundation.org>
> Signed-off-by: Thomas Richter <tmricht@...ux.ibm.com>
> Cc: Jessica Yu <jeyu@...nel.org>
> ---
>  kernel/module.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/kernel/module.c b/kernel/module.c
> index a6e43a5806a1..40b42000bd80 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -1472,7 +1472,8 @@ static ssize_t module_sect_show(struct module_attribute *mattr,
>  {
>         struct module_sect_attr *sattr =
>                 container_of(mattr, struct module_sect_attr, mattr);
> -       return sprintf(buf, "0x%pK\n", (void *)sattr->address);
> +       return sprintf(buf, "0x%px\n", kptr_restrict < 2 ?
> +                      (void *)sattr->address : NULL);

Errr... this looks reversed to me.

I would expect: "kptr_restrict < 2 ? NULL : (void *)sattr->address"

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ