From patchwork Wed Apr 10 19:57:07 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Joel Fernandes <joel@joelfernandes.org>
X-Patchwork-Id: 10894625
Return-Path: 
 <kernel-hardening-return-15608-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BBAF4139A
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:57:48 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A794D289EA
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:57:48 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 9B33F28AF2; Wed, 10 Apr 2019 19:57:48 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham
	version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id D2F7B289EA
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Wed, 10 Apr 2019 19:57:47 +0000 (UTC)
Received: (qmail 5732 invoked by uid 550); 10 Apr 2019 19:57:41 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 5598 invoked from network); 10 Apr 2019 19:57:40 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=joelfernandes.org; s=google;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=s1KvMENHKJ+ARGp1Ak4XYk6a1UqyuJod6EXXmWFSMt8=;
        b=gCuYSH03rd2bfZfsXnJ+sf8RlAg6S8HoJ5JjqU+Zl/5+O0UlykXyfQCOeNcTUCaSR7
         6KNEjmqFrBVBBTO/0d485a41D1MP58vlbCrmYQincc9PoLW9MTuRfAdx7OyNyTQEbmh0
         smzNx1G68PwHw5YZpbUN3UtxvRAc4eRBOPJFI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=s1KvMENHKJ+ARGp1Ak4XYk6a1UqyuJod6EXXmWFSMt8=;
        b=si4RTRirO+craE2Zx9nuD23IlniQujGgfYLiP2cQusIJ1uq/89yQ66HKa4odFV8Kcg
         /huPEL4hRJLsn/EuQ0pREXUHFtu7IZynw02XqXd/8pCRzY7+YFejrLbEvuwARJ1nFNhU
         YHe9C2Z0ALn+1+izpNd3lZjgdMxx/CtCeXux8ORKBUViW0j56A8w6gdNGzfGVgKz31yz
         mjPTx5WFf3AOPzK/AWa5hSUXH+HDiD/CPogmiOLhxh/ogYzIbzyyY5girUZt9olSg2x9
         wS2LNmB0YcyRVwRQxSEzGBMjXpYx67OK4lI8EwJY1u1zJaa67covzHfJGfzNB7b9HkRF
         JN3A==
X-Gm-Message-State: APjAAAUwgjELpeS3LLkxMwy6KlGycCtCNctut8sJc5lmwFZEBa4B3TQy
	mjgBCDB6CpgNiLKTi0YZn74Fxg==
X-Google-Smtp-Source: 
 APXvYqx4UxF9E1rsmi7wYsghu/PXp1ymRPB3Mm4BYcwhDNZS9gsM2QmW9kWzaEw/StarCjaCmGV6RA==
X-Received: by 2002:a17:902:32b:: with SMTP id
 40mr23706308pld.204.1554926248212;
        Wed, 10 Apr 2019 12:57:28 -0700 (PDT)
From: "Joel Fernandes (Google)" <joel@joelfernandes.org>
To: linux-kernel@vger.kernel.org
Cc: "Joel Fernandes (Google)" <joel@joelfernandes.org>,
	paulmck@linux.vnet.ibm.com,
	keescook@chromium.org,
	Jessica Yu <jeyu@kernel.org>,
	kernel-hardening@lists.openwall.com,
	kernel-team@android.com,
	mathieu.desnoyers@efficios.com,
	rcu@vger.kernel.org,
	rostedt@goodmis.org
Subject: [PATCH v3 2/3] module: Make srcu_struct ptr array as read-only post
 init
Date: Wed, 10 Apr 2019 15:57:07 -0400
Message-Id: <20190410195708.162185-2-joel@joelfernandes.org>
X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog
In-Reply-To: <20190410195708.162185-1-joel@joelfernandes.org>
References: <20190410195708.162185-1-joel@joelfernandes.org>
MIME-Version: 1.0
X-Virus-Scanned: ClamAV using ClamSMTP

Since commit title ("srcu: Allocate per-CPU data for DEFINE_SRCU() in
modules"), modules that call DEFINE_{STATIC,}SRCU will have a new array
of srcu_struct pointers which is used by srcu code to initialize and
clean up these structures.

There is no reason for this array of pointers to be writable, and can
cause security or other hidden bugs. Mark these are read-only after the
module init has completed.

Suggested-by: paulmck@linux.vnet.ibm.com
Suggested-by: keescook@chromium.org
Acked-by: keescook@chromium.org
Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
---
 kernel/module.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/kernel/module.c b/kernel/module.c
index 42e4e289d6c7..8b9631e789f0 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -3314,6 +3314,12 @@ static const char * const ro_after_init_sections[] = {
 	 * annotated as such at module load time.
 	 */
 	"__jump_table",
+
+	/*
+	 * Used for SRCU structures which need to be initialized/cleaned up
+	 * by the SRCU notifiers
+	 */
+	"___srcu_struct_ptrs",
 };
 
 static struct module *layout_and_allocate(struct load_info *info, int flags)