lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20170704214518.e6twi5gmo4qwxpna@redbean>
Date:   Tue, 4 Jul 2017 23:45:19 +0200
From:   Jessica Yu <jeyu@...hat.com>
To:     Wanlong Gao <wanlong.gao@...il.com>
Cc:     linux-kernel@...r.kernel.org, gaowanlong@...wei.com,
        john.wanghui@...wei.com, wencongyang2@...wei.com,
        guijianfeng@...wei.com, xiexiuqi@...wei.com
Subject: Re: [PATCH v2] modpost: abort if module name is too long

+++ Wanlong Gao [30/06/17 22:07 +0800]:
>Module name has a limited length, but currently the build system
>allows the build finishing even if the module name is too long.
>
>  CC      /root/kprobe_example/abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz.mod.o
> /root/kprobe_example/abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz.mod.c:9:2:
> warning: initializer-string for array of chars is too long [enabled by default]
>  .name = KBUILD_MODNAME,
>  ^
>
>but it's merely a warning.
>
>This patch adds the check of the module name length in modpost and stops
>the build properly.
>
>Signed-off-by: Wanlong Gao <wanlong.gao@...il.com>

I have this patch queued up to be applied right after the current
merge window. Thanks!

Jessica

> scripts/mod/modpost.c | 29 ++++++++++++++++++++++++-----
> 1 file changed, 24 insertions(+), 5 deletions(-)
>
>diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
>index 30d752a..cb16985 100644
>--- a/scripts/mod/modpost.c
>+++ b/scripts/mod/modpost.c
>@@ -47,6 +47,12 @@ enum export {
> 	export_unused_gpl, export_gpl_future, export_unknown
> };
>
>+/* In kernel, this size is defined in linux/module.h;
>+ * here we use Elf_Addr instead of long for covering cross-compile
>+ */
>+
>+#define MODULE_NAME_LEN (64 - sizeof(Elf_Addr))
>+
> #define PRINTF __attribute__ ((format (printf, 1, 2)))
>
> PRINTF void fatal(const char *fmt, ...)
>@@ -2116,6 +2122,23 @@ static void check_exports(struct module *mod)
> 	}
> }
>
>+static int check_modname_len(struct module *mod)
>+{
>+	const char *mod_name;
>+
>+	mod_name = strrchr(mod->name, '/');
>+	if (mod_name == NULL)
>+		mod_name = mod->name;
>+	else
>+		mod_name++;
>+	if (strlen(mod_name) >= MODULE_NAME_LEN) {
>+		merror("module name is too long [%s.ko]\n", mod->name);
>+		return 1;
>+	}
>+
>+	return 0;
>+}
>+
> /**
>  * Header for the generated file
>  **/
>@@ -2154,11 +2177,6 @@ static void add_staging_flag(struct buffer *b, const char *name)
> 		buf_printf(b, "\nMODULE_INFO(staging, \"Y\");\n");
> }
>
>-/* In kernel, this size is defined in linux/module.h;
>- * here we use Elf_Addr instead of long for covering cross-compile
>- */
>-#define MODULE_NAME_LEN (64 - sizeof(Elf_Addr))
>-
> /**
>  * Record CRCs for unresolved symbols
>  **/
>@@ -2489,6 +2507,7 @@ int main(int argc, char **argv)
>
> 		buf.pos = 0;
>
>+		err |= check_modname_len(mod);
> 		add_header(&buf, mod);
> 		add_intree_flag(&buf, !external_module);
> 		add_staging_flag(&buf, mod->name);
>-- 
>2.9.4
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ