| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250829105418.3053274-10-sidnayyar@google.com>
Date: Fri, 29 Aug 2025 10:54:17 +0000
From: Siddharth Nayyar <sidnayyar@...gle.com>
To: Nathan Chancellor <nathan@...nel.org>, Luis Chamberlain <mcgrof@...nel.org>,
Sami Tolvanen <samitolvanen@...gle.com>
Cc: Nicolas Schier <nicolas.schier@...ux.dev>, Petr Pavlu <petr.pavlu@...e.com>,
Arnd Bergmann <arnd@...db.de>, linux-kbuild@...r.kernel.org, linux-arch@...r.kernel.org,
linux-modules@...r.kernel.org, linux-kernel@...r.kernel.org,
Siddharth Nayyar <sidnayyar@...gle.com>
Subject: [PATCH 09/10] modpost: add symbol import protection flag to kflagstab
When the unused exports whitelist is provided, the symbol protection bit
is set for symbols not present in the unused exports whitelist.
The flag will be used in the following commit to prevent unsigned
modules from the using symbols other than those explicitly declared by
the such modules ahead of time.
Signed-off-by: Siddharth Nayyar <sidnayyar@...gle.com>
---
include/linux/module_symbol.h | 3 ++-
scripts/mod/modpost.c | 13 +++++++++++--
2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/include/linux/module_symbol.h b/include/linux/module_symbol.h
index 574609aced99..96fe3f4d7424 100644
--- a/include/linux/module_symbol.h
+++ b/include/linux/module_symbol.h
@@ -3,8 +3,9 @@
#define _LINUX_MODULE_SYMBOL_H
/* Kernel symbol flags bitset. */
-enum ksym_flags {
+enum symbol_flags {
KSYM_FLAG_GPL_ONLY = 1 << 0,
+ KSYM_FLAG_PROTECTED = 1 << 1,
};
/* This ignores the intensely annoying "mapping symbols" found in ELF files. */
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
index 8936db84779b..8d360bab50d6 100644
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -61,6 +61,9 @@ static bool extra_warn;
bool target_is_big_endian;
bool host_is_big_endian;
+/* Are symbols protected against being used by unsigned modules? */
+static bool default_symbol_protected_status;
+
/*
* Cut off the warnings when there are too many. This typically occurs when
* vmlinux is missing. ('make modules' without building vmlinux.)
@@ -225,6 +228,7 @@ struct symbol {
bool is_func;
bool is_gpl_only; /* exported by EXPORT_SYMBOL_GPL */
bool used; /* there exists a user of this symbol */
+ bool protected; /* this symbol cannot be used by unsigned modules */
char name[];
};
@@ -246,7 +250,8 @@ static struct symbol *alloc_symbol(const char *name)
static uint8_t get_symbol_flags(const struct symbol *sym)
{
- return sym->is_gpl_only ? KSYM_FLAG_GPL_ONLY : 0;
+ return (sym->is_gpl_only ? KSYM_FLAG_GPL_ONLY : 0) |
+ (sym->protected ? KSYM_FLAG_PROTECTED : 0);
}
/* For the hash of exported symbols */
@@ -370,6 +375,7 @@ static struct symbol *sym_add_exported(const char *name, struct module *mod,
s->namespace = xstrdup(namespace);
list_add_tail(&s->list, &mod->exported_symbols);
hash_add_symbol(s);
+ s->protected = default_symbol_protected_status;
return s;
}
@@ -1785,8 +1791,10 @@ static void handle_white_list_exports(const char *white_list)
while ((name = strsep(&p, "\n"))) {
struct symbol *sym = find_symbol(name);
- if (sym)
+ if (sym) {
sym->used = true;
+ sym->protected = false;
+ }
}
free(buf);
@@ -2294,6 +2302,7 @@ int main(int argc, char **argv)
break;
case 'u':
unused_exports_white_list = optarg;
+ default_symbol_protected_status = true;
break;
case 'W':
extra_warn = true;
--
2.51.0.338.gd7d06c2dae-goog
Powered by blists - more mailing lists