| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241015231651.3851138-3-mmaurer@google.com>
Date: Tue, 15 Oct 2024 23:16:36 +0000
From: Matthew Maurer <mmaurer@...gle.com>
To: mcgrof@...nel.org
Cc: linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org,
samitolvanen@...gle.com, Matthew Maurer <mmaurer@...gle.com>,
Petr Pavlu <petr.pavlu@...e.com>, Daniel Gomez <da.gomez@...sung.com>
Subject: [PATCH 02/12] module: Factor out elf_validity_ehdr
Factor out verification of the ELF header and document what is checked.
Signed-off-by: Matthew Maurer <mmaurer@...gle.com>
---
kernel/module/main.c | 70 +++++++++++++++++++++++++++++---------------
1 file changed, 47 insertions(+), 23 deletions(-)
diff --git a/kernel/module/main.c b/kernel/module/main.c
index 1ed1d1bf1416..c836354928f0 100644
--- a/kernel/module/main.c
+++ b/kernel/module/main.c
@@ -1697,6 +1697,50 @@ static int validate_section_offset(const struct load_info *info, Elf_Shdr *shdr)
return 0;
}
+/**
+ * elf_validity_ehdr() - Checks an ELF header for module validity
+ * @info: Load info containing the ELF header to check
+ *
+ * Checks whether an ELF header could belong to a valid module. Checks:
+ *
+ * * ELF header is within the data the user provided
+ * * ELF magic is present
+ * * It is relocatable (not final linked, not core file, etc.)
+ * * The header's machine type matches what the architecture expects.
+ * * Optional arch-specific hook for other properties
+ * - module_elf_check_arch() is currently only used by PPC to check
+ * ELF ABI version, but may be used by others in the future.
+ *
+ * Return: %0 if valid, %-ENOEXEC on failure.
+ */
+static int elf_validity_ehdr(const struct load_info *info)
+{
+ if (info->len < sizeof(*(info->hdr))) {
+ pr_err("Invalid ELF header len %lu\n", info->len);
+ return -ENOEXEC;
+ }
+ if (memcmp(info->hdr->e_ident, ELFMAG, SELFMAG) != 0) {
+ pr_err("Invalid ELF header magic: != %s\n", ELFMAG);
+ return -ENOEXEC;
+ }
+ if (info->hdr->e_type != ET_REL) {
+ pr_err("Invalid ELF header type: %u != %u\n",
+ info->hdr->e_type, ET_REL);
+ return -ENOEXEC;
+ }
+ if (!elf_check_arch(info->hdr)) {
+ pr_err("Invalid architecture in ELF header: %u\n",
+ info->hdr->e_machine);
+ return -ENOEXEC;
+ }
+ if (!module_elf_check_arch(info->hdr)) {
+ pr_err("Invalid module architecture in ELF header: %u\n",
+ info->hdr->e_machine);
+ return -ENOEXEC;
+ }
+ return 0;
+}
+
/*
* Check userspace passed ELF module against our expectations, and cache
* useful variables for further processing as we go.
@@ -1726,30 +1770,10 @@ static int elf_validity_cache_copy(struct load_info *info, int flags)
unsigned int num_info_secs = 0, info_idx;
unsigned int num_sym_secs = 0, sym_idx;
- if (info->len < sizeof(*(info->hdr))) {
- pr_err("Invalid ELF header len %lu\n", info->len);
- goto no_exec;
- }
+ err = elf_validity_ehdr(info);
+ if (err < 0)
+ return err;
- if (memcmp(info->hdr->e_ident, ELFMAG, SELFMAG) != 0) {
- pr_err("Invalid ELF header magic: != %s\n", ELFMAG);
- goto no_exec;
- }
- if (info->hdr->e_type != ET_REL) {
- pr_err("Invalid ELF header type: %u != %u\n",
- info->hdr->e_type, ET_REL);
- goto no_exec;
- }
- if (!elf_check_arch(info->hdr)) {
- pr_err("Invalid architecture in ELF header: %u\n",
- info->hdr->e_machine);
- goto no_exec;
- }
- if (!module_elf_check_arch(info->hdr)) {
- pr_err("Invalid module architecture in ELF header: %u\n",
- info->hdr->e_machine);
- goto no_exec;
- }
if (info->hdr->e_shentsize != sizeof(Elf_Shdr)) {
pr_err("Invalid ELF section header size\n");
goto no_exec;
--
2.47.0.rc1.288.g06298d1525-goog
Powered by blists - more mailing lists