lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180604130131.slyhtgyywffusf67@d217.suse.de>
Date:   Mon, 4 Jun 2018 15:01:31 +0200
From:   Jessica Yu <jeyu@...nel.org>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
Cc:     linux-kernel@...r.kernel.org, live-patching@...r.kernel.org
Subject: [PATCH] module: exclude SHN_UNDEF symbols from kallsyms api

+++ Jessica Yu [04/06/18 11:54 +0200]:
>+++ Jessica Yu [04/06/18 10:05 +0200]:
>>+++ Josh Poimboeuf [02/06/18 12:32 -0500]:
>>>Hi Jessica,
>>>
>>>I found a bug:
>>>
>>>[root@f25 ~]# modprobe livepatch-sample
>>>[root@f25 ~]# grep ' u ' /proc/kallsyms
>>>ffffffff81161080 u klp_enable_patch	[livepatch_sample]
>>>ffffffff81a01800 u __fentry__	[livepatch_sample]
>>>ffffffff81161250 u klp_unregister_patch	[livepatch_sample]
>>>ffffffff81161870 u klp_register_patch	[livepatch_sample]
>>>ffffffff8131f0b0 u seq_printf	[livepatch_sample]
>>>
>>>Notice that livepatch modules' undefined symbols are showing up in
>>>/proc/kallsyms.  This can confuse klp_find_object_symbol() which can
>>>cause subtle bugs in livepatch.
>>>
>>>I stared at the module kallsyms code for a bit, but I don't see the bug.
>>>Maybe it has something to do with how we save the symbol table in
>>>copy_module_elf().  Any ideas?
>>
>>Hi Josh!
>>
>>This is because we preserve the entire symbol table for livepatch
>>modules, including the SHN_UNDEF symbols. IIRC, this is so that we can
>>still apply relocations properly with apply_relocate_add() after a
>>to-be-patched object is loaded. Normally we don't save these SHN_UNDEF
>>symbols for modules so they do not appear in /proc/kallsyms.
>
>Hm, if having the full symtab in kallsyms is causing trouble, one
>possibility would be to just have the module kallsyms code simply
>skip/ignore undef symbols. That's what we technically do for normal
>modules anyway (we normally cut undef syms out of the symtab). Haven't
>tested this idea but does that sound like it'd help?

See if the following patch (untested) helps. It does not fix the
/proc/kallsyms lookup, that requires a separate patch. But it should
exclude the undef symbols from module_kallsyms_on_each_symbol() and
thus also from klp_find_object_symbol().

>From 9cfd14675206adf55a85e5f5322b36ea89a523e4 Mon Sep 17 00:00:00 2001
From: Jessica Yu <jeyu@...nel.org>
Date: Mon, 4 Jun 2018 14:35:56 +0200
Subject: [PATCH] module: exclude SHN_UNDEF symbols from kallsyms api

---
 kernel/module.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/kernel/module.c b/kernel/module.c
index c9bea7f2b43e..dfa61490b37d 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -4070,7 +4070,7 @@ static unsigned long mod_find_symname(struct module *mod, const char *name)
 
 	for (i = 0; i < kallsyms->num_symtab; i++)
 		if (strcmp(name, symname(kallsyms, i)) == 0 &&
-		    kallsyms->symtab[i].st_info != 'U')
+		    kallsyms->symtab[i].st_shndx != SHN_UNDEF)
 			return kallsyms->symtab[i].st_value;
 	return 0;
 }
@@ -4116,6 +4116,10 @@ int module_kallsyms_on_each_symbol(int (*fn)(void *, const char *,
 		if (mod->state == MODULE_STATE_UNFORMED)
 			continue;
 		for (i = 0; i < kallsyms->num_symtab; i++) {
+
+			if (kallsyms->symtab[i].st_shndx == SHN_UNDEF)
+				continue;
+
 			ret = fn(data, symname(kallsyms, i),
 				 mod, kallsyms->symtab[i].st_value);
 			if (ret != 0)
-- 
2.12.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ