From patchwork Wed Apr 10 19:08:23 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Joel Fernandes <joel@joelfernandes.org>
X-Patchwork-Id: 10894541
Return-Path: 
 <kernel-hardening-return-15605-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E039017E0
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:09:06 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C9CC728B8E
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:09:06 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id BDC4A28B92; Wed, 10 Apr 2019 19:09:06 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham
	version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id D848628B8E
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:09:05 +0000 (UTC)
Received: (qmail 30183 invoked by uid 550); 10 Apr 2019 19:08:55 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 30061 invoked from network); 10 Apr 2019 19:08:54 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=joelfernandes.org; s=google;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=+zEMNc7324kqJ6udI8dxNG1UczLiZYFItO/G9LMbCUw=;
        b=qTG4GW66i99y0JN8DLJIq2jNVfkuBzXgqFI0rmEU3GAPdkdJkateK3pWGh2YF+dLCI
         dmCEvn8CTEoJR/E1Rvlb42hCcIqCFcAeT1dyTbRv8THAR3vjr3E3jzeOKTkMic8zxMwQ
         oPm5VzkaHGwgPje6vpMhHBkngYlRQKLcSonyA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=+zEMNc7324kqJ6udI8dxNG1UczLiZYFItO/G9LMbCUw=;
        b=Jwla5aKYCG+zri7heud+B2RMh4AcRMdYtiakgnS2HMJQLK+QlkA9x39OBWqJZJA0mt
         EXiK5ivkKtNtkTLqVz5QFWtLdzlfbjlKcc8M+e1CHYMgeIhpYciKjG4SCHP3SBbLDWW+
         x4zpMVVcbOY1cjI3uiYbT/6zzSZL0TiG5oco5LUV+/cVFAqf9h/PB4a1FLykXCC6/kk1
         sEfjztIxHQmPuaQWILPr5blxuTXPzXz2h73oZAjUs4b54Aakc9p5JhABC3GdNBEkD7Hj
         phL6witKaLUpkHd7SMXsEoL4YUS06qIacFYKlpENQ7iJamJqfMa9Yrv39kf4JUY8s9IF
         5u6Q==
X-Gm-Message-State: APjAAAU4isPJCPM/flXBSUfLL7dvXutvHXvnbVHif/vE3OAATIlbgioz
	cXKbiNWEKbr8wdaRWSEpygjtdg==
X-Google-Smtp-Source: 
 APXvYqx2g6ttnni7llCeY5WLmqUlBGENhUrlnraL8MwbYXYx9R51uq9J7J1caYKZxyWZNNqdgPHTzQ==
X-Received: by 2002:a17:902:b706:: with SMTP id
 d6mr45474278pls.250.1554923322871;
        Wed, 10 Apr 2019 12:08:42 -0700 (PDT)
From: "Joel Fernandes (Google)" <joel@joelfernandes.org>
To: linux-kernel@vger.kernel.org
Cc: "Joel Fernandes (Google)" <joel@joelfernandes.org>,
	paulmck@linux.vnet.ibm.com,
	keescook@chromium.org,
	mathieu.desnoyers@efficios.com,
	rostedt@goodmis.org,
	Jessica Yu <jeyu@kernel.org>,
	kernel-hardening@lists.openwall.com,
	kernel-team@android.com,
	rcu@vger.kernel.org
Subject: [PATCH v2 3/3] module: Make __tracepoints_ptrs as read-only
Date: Wed, 10 Apr 2019 15:08:23 -0400
Message-Id: <20190410190823.109172-3-joel@joelfernandes.org>
X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog
In-Reply-To: <20190410190823.109172-1-joel@joelfernandes.org>
References: <20190410190823.109172-1-joel@joelfernandes.org>
MIME-Version: 1.0
X-Virus-Scanned: ClamAV using ClamSMTP

This series hardens the tracepoints in modules by making the array of
pointers referring to the tracepoints as read-only. This array is needed
during module unloading to verify that the tracepoint is quiescent.
There is no reason for the array to be to be writable after init, and
can cause security or other hidden bugs. Mark these as ro_after_init.

Suggested-by: paulmck@linux.vnet.ibm.com
Suggested-by: keescook@chromium.org
Suggested-by: mathieu.desnoyers@efficios.com
Cc: rostedt@goodmis.org
Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
---
 kernel/module.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/kernel/module.c b/kernel/module.c
index 8b9631e789f0..be980aaa8804 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -3320,6 +3320,12 @@ static const char * const ro_after_init_sections[] = {
 	 * by the SRCU notifiers
 	 */
 	"___srcu_struct_ptrs",
+
+	/*
+	 * Array of tracepoint pointers used for checking if tracepoints are
+	 * quiescent during unloading.
+	 */
+	"__tracepoints_ptrs",
 };
 
 static struct module *layout_and_allocate(struct load_info *info, int flags)