| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Jan 2019 16:54:22 +0900
From: Masami Hiramatsu <mhiramat@...nel.org>
To: Rick Edgecombe <rick.p.edgecombe@...el.com>
Cc: Andy Lutomirski <luto@...nel.org>, Ingo Molnar <mingo@...hat.com>,
linux-kernel@...r.kernel.org, x86@...nel.org, hpa@...or.com,
Thomas Gleixner <tglx@...utronix.de>,
Borislav Petkov <bp@...en8.de>,
Nadav Amit <nadav.amit@...il.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>, linux_dti@...oud.com,
linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org, akpm@...ux-foundation.org,
kernel-hardening@...ts.openwall.com, linux-mm@...ck.org,
will.deacon@....com, ard.biesheuvel@...aro.org,
kristen@...ux.intel.com, deneen.t.dock@...el.com,
Nadav Amit <namit@...are.com>
Subject: Re: [PATCH 17/17] module: Prevent module removal racing with
text_poke()
On Wed, 16 Jan 2019 16:32:59 -0800
Rick Edgecombe <rick.p.edgecombe@...el.com> wrote:
> From: Nadav Amit <namit@...are.com>
>
> It seems dangerous to allow code modifications to take place
> concurrently with module unloading. So take the text_mutex while the
> memory of the module is freed.
At that point, since the module itself is removed from module list,
it seems no actual harm. Or would you have any concern?
Thank you,
>
> Signed-off-by: Nadav Amit <namit@...are.com>
> Signed-off-by: Rick Edgecombe <rick.p.edgecombe@...el.com>
> ---
> kernel/module.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/kernel/module.c b/kernel/module.c
> index 1af5c8e19086..90cfc4988d98 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -64,6 +64,7 @@
> #include <linux/bsearch.h>
> #include <linux/dynamic_debug.h>
> #include <linux/audit.h>
> +#include <linux/memory.h>
> #include <uapi/linux/module.h>
> #include "module-internal.h"
>
> @@ -2157,6 +2158,9 @@ static void free_module(struct module *mod)
> synchronize_rcu();
> mutex_unlock(&module_mutex);
>
> + /* Protect against patching of the module while it is being removed */
> + mutex_lock(&text_mutex);
> +
> /* This may be empty, but that's OK */
> module_arch_freeing_init(mod);
> module_memfree(mod->init_layout.base);
> @@ -2168,6 +2172,7 @@ static void free_module(struct module *mod)
>
> /* Finally, free the core (containing the module structure) */
> module_memfree(mod->core_layout.base);
> + mutex_unlock(&text_mutex);
> }
>
> void *__symbol_get(const char *symbol)
> --
> 2.17.1
>
--
Masami Hiramatsu <mhiramat@...nel.org>
Powered by blists - more mailing lists