From patchwork Wed Apr 10 19:57:08 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Joel Fernandes <joel@joelfernandes.org>
X-Patchwork-Id: 10894627
Return-Path: 
 <kernel-hardening-return-15609-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 665DD139A
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:57:57 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 55440289EA
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:57:57 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 45EBF28AF2; Wed, 10 Apr 2019 19:57:57 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham
	version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id B9C0C289EA
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:57:55 +0000 (UTC)
Received: (qmail 5928 invoked by uid 550); 10 Apr 2019 19:57:43 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 5839 invoked from network); 10 Apr 2019 19:57:42 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=joelfernandes.org; s=google;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=+zEMNc7324kqJ6udI8dxNG1UczLiZYFItO/G9LMbCUw=;
        b=j912k9RYViXXynkk1wOlbiUqGi5gVmM5St7S1BlBPu6+q2P3DgjDl+YznzwZDpy/hl
         gWY+3dwgbt6IfhjgUbx9m6jOM/d7OOe5psxO/7GbxrHFz+xE7v4Tf7xvwqhp0mhKs5VV
         MpzN1h19egcEapYxtfT1as9eY9rguCD4TJaF4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=+zEMNc7324kqJ6udI8dxNG1UczLiZYFItO/G9LMbCUw=;
        b=BipDybouQ/amG88zCPKi0Homc+A9SciFWYteq4IYGF42BInTNdpWlqK+7eCJirIex6
         Qi96UW/MyRIg55M9cJjz1TZXaWOS8Ut5ln+mW/6KPG04ar1i/0H5BImqLL6P0My5khOV
         pM6NubLUCdwuXQEVzo4xSPdskRfQnmaXK3Rx6apdWDBf54NiDnz+x2NOMl5G9blWen29
         W5UVKScODlzUguxnHUKzeM4e1gp1XAv6VoqNDc1pV00R80oqd4bpwH3RkPSVLbi2fyva
         4mso8gTrxZK9GJT8DwPSUW9aSSlil7cnCWs5X6Fb/68qy0o5LAc24P8d9KMPAY8mF5qK
         vCig==
X-Gm-Message-State: APjAAAV1m3ViSdeXvj8nW0IbQsbL0yFk4iZ7J+u7VtGTv9uzhIh+xOj0
	FlSQeSTkBOI2YVy1WLfd0grkBA==
X-Google-Smtp-Source: 
 APXvYqxQvO0IbvL2miFcuCBLyOB0UE4xHrZeT7OhWqKm2iqMVPmm+uND50fcJC2SGWrV9EYsD8MM5Q==
X-Received: by 2002:a62:ee17:: with SMTP id e23mr45292744pfi.80.1554926250235;
        Wed, 10 Apr 2019 12:57:30 -0700 (PDT)
From: "Joel Fernandes (Google)" <joel@joelfernandes.org>
To: linux-kernel@vger.kernel.org
Cc: "Joel Fernandes (Google)" <joel@joelfernandes.org>,
	paulmck@linux.vnet.ibm.com,
	keescook@chromium.org,
	mathieu.desnoyers@efficios.com,
	rostedt@goodmis.org,
	Jessica Yu <jeyu@kernel.org>,
	kernel-hardening@lists.openwall.com,
	kernel-team@android.com,
	rcu@vger.kernel.org
Subject: [PATCH v3 3/3] module: Make __tracepoints_ptrs as read-only
Date: Wed, 10 Apr 2019 15:57:08 -0400
Message-Id: <20190410195708.162185-3-joel@joelfernandes.org>
X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog
In-Reply-To: <20190410195708.162185-1-joel@joelfernandes.org>
References: <20190410195708.162185-1-joel@joelfernandes.org>
MIME-Version: 1.0
X-Virus-Scanned: ClamAV using ClamSMTP

This series hardens the tracepoints in modules by making the array of
pointers referring to the tracepoints as read-only. This array is needed
during module unloading to verify that the tracepoint is quiescent.
There is no reason for the array to be to be writable after init, and
can cause security or other hidden bugs. Mark these as ro_after_init.

Suggested-by: paulmck@linux.vnet.ibm.com
Suggested-by: keescook@chromium.org
Suggested-by: mathieu.desnoyers@efficios.com
Cc: rostedt@goodmis.org
Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
---
 kernel/module.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/kernel/module.c b/kernel/module.c
index 8b9631e789f0..be980aaa8804 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -3320,6 +3320,12 @@ static const char * const ro_after_init_sections[] = {
 	 * by the SRCU notifiers
 	 */
 	"___srcu_struct_ptrs",
+
+	/*
+	 * Array of tracepoint pointers used for checking if tracepoints are
+	 * quiescent during unloading.
+	 */
+	"__tracepoints_ptrs",
 };
 
 static struct module *layout_and_allocate(struct load_info *info, int flags)