lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 20 Nov 2020 12:24:20 -0800
From:   Rick Edgecombe <rick.p.edgecombe@...el.com>
To:     akpm@...ux-foundation.org, jeyu@...nel.org, bpf@...r.kernel.org,
        ast@...nel.org, daniel@...earbox.net, luto@...nel.org,
        dave.hansen@...ux.intel.com, peterz@...radead.org, x86@...nel.org,
        rppt@...nel.org, linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        dan.j.williams@...el.com
Cc:     elena.reshetova@...el.com, ira.weiny@...el.com,
        Rick Edgecombe <rick.p.edgecombe@...el.com>
Subject: [PATCH RFC 04/10] module: Support separate writable allocation

The perm_alloc interface supports architectures to direct writes
intended for an allocation to a separate writable staging area before a
mapping is made live. In order to support this, change modules to write
to the address provided by perm_writable_addr(). Currently this is the
same address of the final allocation, so this patch should not create
any functional change yet.

To facilitate re-direction to separate writable staging areas, create a
helper module_adjust_writable_addr(). This function will return an
allocation's writable address if the parameter address is from a module
that is in the process of being loaded. If the address does not meet that
criteria, simply return the address passed in. This helper, while a
little heavy weight, will allow callers in upcoming patches to simply
retrieve the writable address without context of what module is being
loaded.

Signed-off-by: Rick Edgecombe <rick.p.edgecombe@...el.com>
---
 include/linux/module.h | 22 ++++++++++++++++++++++
 kernel/module.c        | 14 +++++++++-----
 2 files changed, 31 insertions(+), 5 deletions(-)

diff --git a/include/linux/module.h b/include/linux/module.h
index 9964f909d879..32dd22b2a38a 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -576,6 +576,23 @@ struct perm_allocation *module_get_allocation(struct module *mod, unsigned long
 bool module_perm_alloc(struct module_layout *layout);
 void module_perm_free(struct module_layout *layout);
 
+static inline void *module_adjust_writable_addr(void *addr)
+{
+	unsigned long laddr = (unsigned long)addr;
+	struct module *mod;
+
+	mutex_lock(&module_mutex);
+	mod = __module_address(laddr);
+	if (!mod) {
+		mutex_unlock(&module_mutex);
+		return addr;
+	}
+	mutex_unlock(&module_mutex);
+	/* The module shouldn't be going away if someone is trying to write to it */
+
+	return (void *)perm_writable_addr(module_get_allocation(mod, laddr), laddr);
+}
+
 static inline bool within_module_core(unsigned long addr,
 				      const struct module *mod)
 {
@@ -853,6 +870,11 @@ void *dereference_module_function_descriptor(struct module *mod, void *ptr)
 	return ptr;
 }
 
+static inline void *module_adjust_writable_addr(void *addr)
+{
+	return addr;
+}
+
 #endif /* CONFIG_MODULES */
 
 #ifdef CONFIG_SYSFS
diff --git a/kernel/module.c b/kernel/module.c
index 0b31c44798e2..d0afedd36cea 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -3457,7 +3457,7 @@ static int move_module(struct module *mod, struct load_info *info)
 	/* Transfer each section which specifies SHF_ALLOC */
 	pr_debug("final section addresses:\n");
 	for (i = 0; i < info->hdr->e_shnum; i++) {
-		void *dest;
+		void *dest, *wdest;
 		struct perm_allocation *alloc;
 
 		Elf_Shdr *shdr = &info->sechdrs[i];
@@ -3470,9 +3470,10 @@ static int move_module(struct module *mod, struct load_info *info)
 		else
 			alloc = get_alloc_from_layout(&mod->core_layout, shdr->sh_entsize);
 		dest = (void *)perm_alloc_address(alloc) + (shdr->sh_entsize & ~ALL_OFFSET_MASK);
+		wdest = (void *)perm_writable_addr(alloc, (unsigned long)dest);
 
 		if (shdr->sh_type != SHT_NOBITS)
-			memcpy(dest, (void *)shdr->sh_addr, shdr->sh_size);
+			memcpy(wdest, (void *)shdr->sh_addr, shdr->sh_size);
 		/* Update sh_addr to point to copy in image. */
 		shdr->sh_addr = (unsigned long)dest;
 		pr_debug("\t0x%lx %s\n",
@@ -3645,12 +3646,15 @@ int __weak module_finalize(const Elf_Ehdr *hdr,
 
 static int post_relocation(struct module *mod, const struct load_info *info)
 {
+	struct exception_table_entry *extable_writ = module_adjust_writable_addr(mod->extable);
+	void *pcpu = (void *)info->sechdrs[info->index.pcpu].sh_addr;
+	void *percpu_writ = module_adjust_writable_addr(pcpu);
+
 	/* Sort exception table now relocations are done. */
-	sort_extable(mod->extable, mod->extable + mod->num_exentries);
+	sort_extable(extable_writ, mod->extable + mod->num_exentries);
 
 	/* Copy relocated percpu area over. */
-	percpu_modcopy(mod, (void *)info->sechdrs[info->index.pcpu].sh_addr,
-		       info->sechdrs[info->index.pcpu].sh_size);
+	percpu_modcopy(mod, percpu_writ, info->sechdrs[info->index.pcpu].sh_size);
 
 	/* Setup kallsyms-specific fields. */
 	add_kallsyms(mod, info);
-- 
2.20.1

Powered by blists - more mailing lists