From patchwork Wed Apr 10 01:14:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Fernandes X-Patchwork-Id: 10892907 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6A64B1708 for ; Wed, 10 Apr 2019 01:14:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 557C62850D for ; Wed, 10 Apr 2019 01:14:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 490EB28571; Wed, 10 Apr 2019 01:14:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 809FC2850D for ; Wed, 10 Apr 2019 01:14:46 +0000 (UTC) Received: (qmail 13852 invoked by uid 550); 10 Apr 2019 01:14:44 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 13737 invoked from network); 10 Apr 2019 01:14:43 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelfernandes.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=5twU0SQ7qeKqh0+CQCpWioa1s9Zf+6xNLzQqic9rlw4=; b=FHQSlTRZrxwWRPEy09RfK1EbzDl1zZ/P9DaKFB3KmUIfEkgu6OM3YJlfaFBN4rkxkl zSvWO+0TCb29HihZcJN1LzoQ7zSzMn+0Qq163kSLfVi8pivg9gruZWze/PBLZiriUT1/ ISRaHB5ujKTs+R24ynJfXQsOp3PURKr+7ESkY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5twU0SQ7qeKqh0+CQCpWioa1s9Zf+6xNLzQqic9rlw4=; b=Ge5SUto87jxL3km7fAblmQY5wxDoBeYDYcbwLqEAR9farfe+s4s5J0/swDizgRFK3x 8NssRnMnu+CoWhsEcXbeAtz+3dVKyijC7YLjl9t8OdL3PvWNm8NWIUm+nLfXa9GaPYpy XoRR1fQTtmwB7VjiGqGgRa71Zv26fmEBo3sk0zYJgow8JH/97aiHHK0OxZ34Bi6PjzIJ 9vhhuaySLjE41llRnWUq5vdtcEwIPX0bk0nN1eT4s8/c+Q7ghD2W9Ni2PezuYkk85wv4 8o1OcpLk8Qz/nuU5BattGmajRefAKY5HmZx1l48uGIQ0tTsANa5kjI+v1oQYo8Dmkj6z CdAQ== X-Gm-Message-State: APjAAAUM3w0od8zVEb44ZH9DhjoG6JNR2MzrdwnkSg8WdnPCFGri1QM7 vrxVrq6G/921x6lSKurXRezZvQ== X-Google-Smtp-Source: APXvYqzWxp9Z/Hj7HaokzBOYz+F4nLfRw5ZzJJ2S8R4un2zhiLFXnFe1Jd45s4Oi3qlLbH7oSko44Q== X-Received: by 2002:a17:902:e391:: with SMTP id ch17mr41547333plb.196.1554858871788; Tue, 09 Apr 2019 18:14:31 -0700 (PDT) From: "Joel Fernandes (Google)" To: linux-kernel@vger.kernel.org Cc: "Joel Fernandes (Google)" , paulmck@linux.vnet.ibm.com, keescook@chromium.org, Jessica Yu , kernel-hardening@lists.openwall.com, kernel-team@android.com, mathieu.desnoyers@efficios.com, rcu@vger.kernel.org, rostedt@goodmis.org Subject: [PATCH 2/2] module: Make srcu_struct ptr array as read-only post init Date: Tue, 9 Apr 2019 21:14:18 -0400 Message-Id: <20190410011418.76408-2-joel@joelfernandes.org> X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog In-Reply-To: <20190410011418.76408-1-joel@joelfernandes.org> References: <20190410011418.76408-1-joel@joelfernandes.org> MIME-Version: 1.0 X-Virus-Scanned: ClamAV using ClamSMTP Since commit title ("srcu: Allocate per-CPU data for DEFINE_SRCU() in modules"), modules that call DEFINE_{STATIC,}SRCU will have a new array of srcu_struct pointers which is used by srcu code to initialize and clean up these structures. There is no reason for this array of pointers to be writable, and can cause security or other hidden bugs. Mark these are read-only after the module init has completed. Suggested-by: paulmck@linux.vnet.ibm.com Suggested-by: keescook@chromium.org Signed-off-by: Joel Fernandes (Google) Acked-by: Steven Rostedt (VMware) --- kernel/module.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/kernel/module.c b/kernel/module.c index f9221381d076..ed1f2612aebc 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -3301,7 +3301,7 @@ static bool blacklisted(const char *module_name) core_param(module_blacklist, module_blacklist, charp, 0400); /* - * Mark ro_after_init section with SHF_RO_AFTER_INIT so that + * These are section names marked with SHF_RO_AFTER_INIT so that * layout_sections() can put it in the right place. * Note: ro_after_init sections also have SHF_{WRITE,ALLOC} set. */ @@ -3314,6 +3314,13 @@ static char *ro_after_init_sections[] = { * annotated as such at module load time. */ "__jump_table", + + /* + * Used for SRCU structures which need to be initialized/cleaned up + * by the SRCU notifiers + */ + "___srcu_struct_ptrs", + NULL };