| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Jun 2024 21:37:08 +0800
From: Zheng Yejian <zhengyejian1@...wei.com>
To: <rostedt@...dmis.org>, <mhiramat@...nel.org>, <mark.rutland@....com>,
<mpe@...erman.id.au>, <npiggin@...il.com>, <christophe.leroy@...roup.eu>,
<naveen.n.rao@...ux.ibm.com>, <tglx@...utronix.de>, <mingo@...hat.com>,
<bp@...en8.de>, <dave.hansen@...ux.intel.com>, <x86@...nel.org>,
<hpa@...or.com>, <mcgrof@...nel.org>, <mathieu.desnoyers@...icios.com>,
<masahiroy@...nel.org>, <nathan@...nel.org>, <nicolas@...sle.eu>,
<kees@...nel.org>, <james.clark@....com>, <kent.overstreet@...ux.dev>,
<yhs@...com>, <jpoimboe@...nel.org>, <peterz@...radead.org>
CC: <zhengyejian1@...wei.com>, <linux-kernel@...r.kernel.org>,
<linux-trace-kernel@...r.kernel.org>, <linuxppc-dev@...ts.ozlabs.org>,
<linux-modules@...r.kernel.org>, <linux-kbuild@...r.kernel.org>,
<bpf@...r.kernel.org>
Subject: [PATCH 3/6] module: kallsyms: Determine exact function size
When a weak type function is overridden, its symbol will be removed
from the symbol table, but its code will not been removed. It will
cause find_kallsyms_symbol() to compute a larger function size than
it actually is, just because symbol of its following weak function is
removed.
To fix this issue, check that an given address is within the size of
the function found.
Signed-off-by: Zheng Yejian <zhengyejian1@...wei.com>
---
include/linux/module.h | 7 +++++++
kernel/module/kallsyms.c | 19 +++++++++++++++++--
2 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/include/linux/module.h b/include/linux/module.h
index ffa1c603163c..13518f464d3f 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -597,6 +597,13 @@ static inline unsigned long kallsyms_symbol_value(const Elf_Sym *sym)
}
#endif
+#ifndef HAVE_ARCH_KALLSYMS_SYMBOL_TYPE
+static inline unsigned int kallsyms_symbol_type(const Elf_Sym *sym)
+{
+ return ELF_ST_TYPE(sym->st_info);
+}
+#endif
+
/* FIXME: It'd be nice to isolate modules during init, too, so they
aren't used before they (may) fail. But presently too much code
(IDE & SCSI) require entry into the module during init.*/
diff --git a/kernel/module/kallsyms.c b/kernel/module/kallsyms.c
index 62fb57bb9f16..092ae6f43dad 100644
--- a/kernel/module/kallsyms.c
+++ b/kernel/module/kallsyms.c
@@ -262,6 +262,7 @@ static const char *find_kallsyms_symbol(struct module *mod,
unsigned long nextval, bestval;
struct mod_kallsyms *kallsyms = rcu_dereference_sched(mod->kallsyms);
struct module_memory *mod_mem;
+ const Elf_Sym *sym;
/* At worse, next value is at end of module */
if (within_module_init(addr, mod))
@@ -278,9 +279,10 @@ static const char *find_kallsyms_symbol(struct module *mod,
* starts real symbols at 1).
*/
for (i = 1; i < kallsyms->num_symtab; i++) {
- const Elf_Sym *sym = &kallsyms->symtab[i];
- unsigned long thisval = kallsyms_symbol_value(sym);
+ unsigned long thisval;
+ sym = &kallsyms->symtab[i];
+ thisval = kallsyms_symbol_value(sym);
if (sym->st_shndx == SHN_UNDEF)
continue;
@@ -292,6 +294,13 @@ static const char *find_kallsyms_symbol(struct module *mod,
is_mapping_symbol(kallsyms_symbol_name(kallsyms, i)))
continue;
+ if (kallsyms_symbol_type(sym) == STT_FUNC &&
+ addr >= thisval && addr < thisval + sym->st_size) {
+ best = i;
+ bestval = thisval;
+ nextval = thisval + sym->st_size;
+ goto find;
+ }
if (thisval <= addr && thisval > bestval) {
best = i;
bestval = thisval;
@@ -303,6 +312,12 @@ static const char *find_kallsyms_symbol(struct module *mod,
if (!best)
return NULL;
+ sym = &kallsyms->symtab[best];
+ if (kallsyms_symbol_type(sym) == STT_FUNC && sym->st_size &&
+ addr >= kallsyms_symbol_value(sym) + sym->st_size)
+ return NULL;
+
+find:
if (size)
*size = nextval - bestval;
if (offset)
--
2.25.1
Powered by blists - more mailing lists