lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <201702181457.b6v1mgmI%fengguang.wu@intel.com>
Date:   Sat, 18 Feb 2017 14:49:49 +0800
From:   kbuild test robot <lkp@...el.com>
To:     Eddie Kovsky <ewk@...ovsky.org>
Cc:     kbuild-all@...org, jeyu@...hat.com, rusty@...tcorp.com.au,
        keescook@...omium.org, kys@...rosoft.com, haiyangz@...rosoft.com,
        sthemmin@...rosoft.com, linux-kernel@...r.kernel.org,
        kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH v2 2/3] extable: verify address is read-only

Hi Eddie,

[auto build test WARNING on linus/master]
[also build test WARNING on v4.10-rc8 next-20170217]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]

url:    https://github.com/0day-ci/linux/commits/Eddie-Kovsky/provide-check-for-ro_after_init-memory-sections/20170218-141040
config: x86_64-randconfig-x008-201707 (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
        # save the attached .config to linux build tree
        make ARCH=x86_64 

All warnings (new ones prefixed by >>):

   In file included from include/linux/trace_clock.h:12:0,
                    from include/linux/ftrace.h:9,
                    from kernel/extable.c:18:
   kernel/extable.c: In function 'kernel_ro_address':
   kernel/extable.c:168:6: error: implicit declaration of function 'is_module_ro_address' [-Werror=implicit-function-declaration]
     if (is_module_ro_address(addr))
         ^
   include/linux/compiler.h:149:30: note: in definition of macro '__trace_if'
     if (__builtin_constant_p(!!(cond)) ? !!(cond) :   \
                                 ^~~~
>> kernel/extable.c:168:2: note: in expansion of macro 'if'
     if (is_module_ro_address(addr))
     ^~
   cc1: some warnings being treated as errors

vim +/if +168 kernel/extable.c

    12	    GNU General Public License for more details.
    13	
    14	    You should have received a copy of the GNU General Public License
    15	    along with this program; if not, write to the Free Software
    16	    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    17	*/
  > 18	#include <linux/ftrace.h>
    19	#include <linux/memory.h>
    20	#include <linux/module.h>
    21	#include <linux/mutex.h>
    22	#include <linux/init.h>
    23	
    24	#include <asm/sections.h>
    25	#include <linux/uaccess.h>
    26	
    27	/*
    28	 * mutex protecting text section modification (dynamic code patching).
    29	 * some users need to sleep (allocating memory...) while they hold this lock.
    30	 *
    31	 * NOT exported to modules - patching kernel text is a really delicate matter.
    32	 */
    33	DEFINE_MUTEX(text_mutex);
    34	
    35	extern struct exception_table_entry __start___ex_table[];
    36	extern struct exception_table_entry __stop___ex_table[];
    37	
    38	/* Cleared by build time tools if the table is already sorted. */
    39	u32 __initdata __visible main_extable_sort_needed = 1;
    40	
    41	/* Sort the kernel's built-in exception table */
    42	void __init sort_main_extable(void)
    43	{
    44		if (main_extable_sort_needed && __stop___ex_table > __start___ex_table) {
    45			pr_notice("Sorting __ex_table...\n");
    46			sort_extable(__start___ex_table, __stop___ex_table);
    47		}
    48	}
    49	
    50	/* Given an address, look for it in the exception tables. */
    51	const struct exception_table_entry *search_exception_tables(unsigned long addr)
    52	{
    53		const struct exception_table_entry *e;
    54	
    55		e = search_extable(__start___ex_table, __stop___ex_table-1, addr);
    56		if (!e)
    57			e = search_module_extables(addr);
    58		return e;
    59	}
    60	
    61	static inline int init_kernel_text(unsigned long addr)
    62	{
    63		if (addr >= (unsigned long)_sinittext &&
    64		    addr < (unsigned long)_einittext)
    65			return 1;
    66		return 0;
    67	}
    68	
    69	int core_kernel_text(unsigned long addr)
    70	{
    71		if (addr >= (unsigned long)_stext &&
    72		    addr < (unsigned long)_etext)
    73			return 1;
    74	
    75		if (system_state == SYSTEM_BOOTING &&
    76		    init_kernel_text(addr))
    77			return 1;
    78		return 0;
    79	}
    80	
    81	/**
    82	 * core_kernel_data - tell if addr points to kernel data
    83	 * @addr: address to test
    84	 *
    85	 * Returns true if @addr passed in is from the core kernel data
    86	 * section.
    87	 *
    88	 * Note: On some archs it may return true for core RODATA, and false
    89	 *  for others. But will always be true for core RW data.
    90	 */
    91	int core_kernel_data(unsigned long addr)
    92	{
    93		if (addr >= (unsigned long)_sdata &&
    94		    addr < (unsigned long)_edata)
    95			return 1;
    96		return 0;
    97	}
    98	
    99	int __kernel_text_address(unsigned long addr)
   100	{
   101		if (core_kernel_text(addr))
   102			return 1;
   103		if (is_module_text_address(addr))
   104			return 1;
   105		if (is_ftrace_trampoline(addr))
   106			return 1;
   107		/*
   108		 * There might be init symbols in saved stacktraces.
   109		 * Give those symbols a chance to be printed in
   110		 * backtraces (such as lockdep traces).
   111		 *
   112		 * Since we are after the module-symbols check, there's
   113		 * no danger of address overlap:
   114		 */
   115		if (init_kernel_text(addr))
   116			return 1;
   117		return 0;
   118	}
   119	
   120	int kernel_text_address(unsigned long addr)
   121	{
   122		if (core_kernel_text(addr))
   123			return 1;
   124		if (is_module_text_address(addr))
   125			return 1;
   126		return is_ftrace_trampoline(addr);
   127	}
   128	
   129	/*
   130	 * On some architectures (PPC64, IA64) function pointers
   131	 * are actually only tokens to some data that then holds the
   132	 * real function address. As a result, to find if a function
   133	 * pointer is part of the kernel text, we need to do some
   134	 * special dereferencing first.
   135	 */
   136	int func_ptr_is_kernel_text(void *ptr)
   137	{
   138		unsigned long addr;
   139		addr = (unsigned long) dereference_function_descriptor(ptr);
   140		if (core_kernel_text(addr))
   141			return 1;
   142		return is_module_text_address(addr);
   143	}
   144	
   145	/**
   146	 * core_kernel_ro_data - Verify address points to read-only section
   147	 * @addr: address to test
   148	 *
   149	 */
   150	int core_kernel_ro_data(unsigned long addr)
   151	{
   152		if (addr >= (unsigned long)__start_rodata &&
   153		    addr < (unsigned long)__end_rodata)
   154			return 1;
   155	
   156		if (addr >= (unsigned long)__start_data_ro_after_init &&
   157		    addr < (unsigned long)__end_data_ro_after_init)
   158			return 1;
   159	
   160		return 0;
   161	}
   162	
   163	/* Verify that address is const or ro_after_init. */
   164	int kernel_ro_address(unsigned long addr)
   165	{
   166		if (core_kernel_ro_data(addr))
   167			return 1;
 > 168		if (is_module_ro_address(addr))
   169			return 1;
   170	
   171		return 0;

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

Download attachment ".config.gz" of type "application/gzip" (31238 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ