lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20171208001540.23696-2-mcgrof@kernel.org>
Date:   Thu,  7 Dec 2017 16:15:38 -0800
From:   "Luis R. Rodriguez" <mcgrof@...nel.org>
To:     jeyu@...nel.org, rusty@...tcorp.com.au
Cc:     keescook@...omium.org, tixxdz@...il.com, mbenes@...e.cz,
        atomlin@...hat.com, pmladek@...e.com, hare@...e.com,
        james.l.morris@...cle.com, ebiederm@...ssion.com,
        davem@...emloft.net, akpm@...ux-foundation.org,
        torvalds@...ux-foundation.org, linux-kernel@...r.kernel.org,
        "Luis R. Rodriguez" <mcgrof@...nel.org>
Subject: [PATCH 1/3] module: add an early early_mod_check()

We technically do a bit of sanity check with a local
struct module with pointers set to passed user data first.
Only after we do these checks do we embark on allocating
a struct module based on the passed information.

There's a small set of early checks which help us bail
out from processing and avoiding memory allocation, we
currently have these small checks tangled with the allocation
routine. Split this out so that we can expand on the early
checks with a local copy first.

This leaves setup_load_info() in an odd place given its
the one that originally sets up the local struct module
with pointing to the user data. Just move this out into the
laod_module() routine to make the early_mod_check() routine
much simpler.

This change just shuffles code around a bit to make the
next change easier to read, it technically has no functional
changes.

Signed-off-by: Luis R. Rodriguez <mcgrof@...nel.org>
---
 kernel/module.c | 38 ++++++++++++++++++++++++++------------
 1 file changed, 26 insertions(+), 12 deletions(-)

diff --git a/kernel/module.c b/kernel/module.c
index 8042b8fcbf14..195ef37e242a 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -3287,23 +3287,28 @@ static bool blacklisted(const char *module_name)
 }
 core_param(module_blacklist, module_blacklist, charp, 0400);
 
-static struct module *layout_and_allocate(struct load_info *info, int flags)
+/* Module within temporary copy, this doesn't do any allocation  */
+static int early_mod_check(struct load_info *info, int flags,
+			   struct module *mod)
 {
-	/* Module within temporary copy. */
-	struct module *mod;
-	unsigned int ndx;
 	int err;
 
-	mod = setup_load_info(info, flags);
-	if (IS_ERR(mod))
-		return mod;
-
 	if (blacklisted(info->name))
-		return ERR_PTR(-EPERM);
+		return -EPERM;
 
 	err = check_modinfo(mod, info, flags);
 	if (err)
-		return ERR_PTR(err);
+		return err;
+
+	return 0;
+}
+
+/* This starts to process the module and finally allocates a copy */
+static struct module *layout_and_allocate(struct load_info *info,
+					  struct module *mod)
+{
+	unsigned int ndx;
+	int err;
 
 	/* Allow arches to frob section contents and sizes.  */
 	err = module_frob_arch_sections(info->hdr, info->sechdrs,
@@ -3654,8 +3659,17 @@ static int load_module(struct load_info *info, const char __user *uargs,
 	if (err)
 		goto free_copy;
 
-	/* Figure out module layout, and allocate all the memory. */
-	mod = layout_and_allocate(info, flags);
+	mod = setup_load_info(info, flags);
+	if (IS_ERR(mod))
+		return -EINVAL;
+
+	/* layout and check */
+	err = early_mod_check(info, flags, mod);
+	if (err)
+		goto free_copy;
+
+	/* Layout and allocate all the memory. */
+	mod = layout_and_allocate(info, mod);
 	if (IS_ERR(mod)) {
 		err = PTR_ERR(mod);
 		goto free_copy;
-- 
2.15.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ