[kernel-hardening] [PATCH 1/4] kmod: make usermodehelper path a const string

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg KH <gregkh@linuxfoundation.org>
To: kernel-hardening@lists.openwall.com
Cc: linux-kernel@vger.kernel.org
Subject: [kernel-hardening] [PATCH 1/4] kmod: make usermodehelper path a const string
Date: Wed, 14 Dec 2016 10:50:28 -0800	[thread overview]
Message-ID: <20161214185028.GA4939@kroah.com> (raw)
In-Reply-To: <20161214185000.GA3930@kroah.com>

This is in preparation for making it so that usermode helper programs
can't be changed, if desired, by userspace.  We will tackle the mess of
cleaning up the write-ability of argv and env later, that's going to
take more work, for much less gain...

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 include/linux/kmod.h | 7 ++++---
 kernel/kmod.c        | 4 ++--
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/include/linux/kmod.h b/include/linux/kmod.h
index fcfd2bf14d3f..c4e441e00db5 100644
--- a/include/linux/kmod.h
+++ b/include/linux/kmod.h
@@ -56,7 +56,7 @@ struct file;
 struct subprocess_info {
 	struct work_struct work;
 	struct completion *complete;
-	char *path;
+	const char *path;
 	char **argv;
 	char **envp;
 	int wait;
@@ -67,10 +67,11 @@ struct subprocess_info {
 };
 
 extern int
-call_usermodehelper(char *path, char **argv, char **envp, int wait);
+call_usermodehelper(const char *path, char **argv, char **envp, int wait);
 
 extern struct subprocess_info *
-call_usermodehelper_setup(char *path, char **argv, char **envp, gfp_t gfp_mask,
+call_usermodehelper_setup(const char *path, char **argv, char **envp,
+			  gfp_t gfp_mask,
 			  int (*init)(struct subprocess_info *info, struct cred *new),
 			  void (*cleanup)(struct subprocess_info *), void *data);
 
diff --git a/kernel/kmod.c b/kernel/kmod.c
index 0277d1216f80..0c216b76afca 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -516,7 +516,7 @@ static void helper_unlock(void)
  * Function must be runnable in either a process context or the
  * context in which call_usermodehelper_exec is called.
  */
-struct subprocess_info *call_usermodehelper_setup(char *path, char **argv,
+struct subprocess_info *call_usermodehelper_setup(const char *path, char **argv,
 		char **envp, gfp_t gfp_mask,
 		int (*init)(struct subprocess_info *info, struct cred *new),
 		void (*cleanup)(struct subprocess_info *info),
@@ -613,7 +613,7 @@ EXPORT_SYMBOL(call_usermodehelper_exec);
  * This function is the equivalent to use call_usermodehelper_setup() and
  * call_usermodehelper_exec().
  */
-int call_usermodehelper(char *path, char **argv, char **envp, int wait)
+int call_usermodehelper(const char *path, char **argv, char **envp, int wait)
 {
 	struct subprocess_info *info;
 	gfp_t gfp_mask = (wait == UMH_NO_WAIT) ? GFP_ATOMIC : GFP_KERNEL;
-- 
2.10.2

WARNING: multiple messages have this Message-ID (diff)

From: Greg KH <gregkh@linuxfoundation.org>
To: kernel-hardening@lists.openwall.com
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH 1/4] kmod: make usermodehelper path a const string
Date: Wed, 14 Dec 2016 10:50:28 -0800	[thread overview]
Message-ID: <20161214185028.GA4939@kroah.com> (raw)
In-Reply-To: <20161214185000.GA3930@kroah.com>

This is in preparation for making it so that usermode helper programs
can't be changed, if desired, by userspace.  We will tackle the mess of
cleaning up the write-ability of argv and env later, that's going to
take more work, for much less gain...

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 include/linux/kmod.h | 7 ++++---
 kernel/kmod.c        | 4 ++--
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/include/linux/kmod.h b/include/linux/kmod.h
index fcfd2bf14d3f..c4e441e00db5 100644
--- a/include/linux/kmod.h
+++ b/include/linux/kmod.h
@@ -56,7 +56,7 @@ struct file;
 struct subprocess_info {
 	struct work_struct work;
 	struct completion *complete;
-	char *path;
+	const char *path;
 	char **argv;
 	char **envp;
 	int wait;
@@ -67,10 +67,11 @@ struct subprocess_info {
 };
 
 extern int
-call_usermodehelper(char *path, char **argv, char **envp, int wait);
+call_usermodehelper(const char *path, char **argv, char **envp, int wait);
 
 extern struct subprocess_info *
-call_usermodehelper_setup(char *path, char **argv, char **envp, gfp_t gfp_mask,
+call_usermodehelper_setup(const char *path, char **argv, char **envp,
+			  gfp_t gfp_mask,
 			  int (*init)(struct subprocess_info *info, struct cred *new),
 			  void (*cleanup)(struct subprocess_info *), void *data);
 
diff --git a/kernel/kmod.c b/kernel/kmod.c
index 0277d1216f80..0c216b76afca 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -516,7 +516,7 @@ static void helper_unlock(void)
  * Function must be runnable in either a process context or the
  * context in which call_usermodehelper_exec is called.
  */
-struct subprocess_info *call_usermodehelper_setup(char *path, char **argv,
+struct subprocess_info *call_usermodehelper_setup(const char *path, char **argv,
 		char **envp, gfp_t gfp_mask,
 		int (*init)(struct subprocess_info *info, struct cred *new),
 		void (*cleanup)(struct subprocess_info *info),
@@ -613,7 +613,7 @@ EXPORT_SYMBOL(call_usermodehelper_exec);
  * This function is the equivalent to use call_usermodehelper_setup() and
  * call_usermodehelper_exec().
  */
-int call_usermodehelper(char *path, char **argv, char **envp, int wait)
+int call_usermodehelper(const char *path, char **argv, char **envp, int wait)
 {
 	struct subprocess_info *info;
 	gfp_t gfp_mask = (wait == UMH_NO_WAIT) ? GFP_ATOMIC : GFP_KERNEL;
-- 
2.10.2

next prev parent reply	other threads:[~2016-12-14 18:50 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-12-14 18:50 [kernel-hardening] [RFC 0/4] make call_usermodehelper a bit more "safe" Greg KH
2016-12-14 18:50 ` Greg KH
2016-12-14 18:50 ` Greg KH [this message]
2016-12-14 18:50   ` [PATCH 1/4] kmod: make usermodehelper path a const string Greg KH
2016-12-14 18:50 ` [kernel-hardening] [PATCH 2/4] drbd: rename "usermode_helper" to "drbd_usermode_helper" Greg KH
2016-12-14 18:50   ` Greg KH
2016-12-14 18:50 ` [kernel-hardening] [PATCH 3/4] Make static usermode helper binaries constant Greg KH
2016-12-14 18:50   ` Greg KH
2016-12-14 19:11   ` [kernel-hardening] " Greg KH
2016-12-14 20:29   ` Rich Felker
2016-12-14 20:54     ` Greg KH
2016-12-15 17:54       ` Greg KH
2016-12-15 20:51         ` Daniel Micay
2016-12-15 21:18           ` Greg KH
2016-12-16  0:05             ` Daniel Micay
2016-12-16  0:14               ` Daniel Micay
2016-12-14 18:51 ` [kernel-hardening] [RFC 4/4] Introduce CONFIG_READONLY_USERMODEHELPER Greg KH
2016-12-14 18:51   ` Greg KH
2016-12-14 20:31   ` [kernel-hardening] " Kees Cook
2016-12-14 20:31     ` Kees Cook
2016-12-14 20:57     ` [kernel-hardening] " Greg KH
2016-12-14 20:57       ` Greg KH
2016-12-14 19:25 ` [kernel-hardening] [RFC 0/4] make call_usermodehelper a bit more "safe" Mark Rutland
2016-12-14 20:16   ` Kees Cook
2016-12-14 21:28 ` Jason A. Donenfeld
2016-12-14 23:16   ` Greg Kroah-Hartman
2016-12-16  1:02 ` [kernel-hardening] " NeilBrown
2016-12-16  1:02   ` NeilBrown
2016-12-16 12:49   ` [kernel-hardening] " Greg KH
2016-12-16 12:49     ` Greg KH
2016-12-19 13:34     ` [kernel-hardening] " Jiri Kosina
2016-12-19 13:34       ` Jiri Kosina
2016-12-20  9:27       ` [kernel-hardening] " Greg KH
2016-12-20  9:27         ` Greg KH
2016-12-20 10:27         ` [kernel-hardening] " Jiri Kosina
2016-12-20 10:27           ` Jiri Kosina
2016-12-20 10:31           ` [kernel-hardening] " Jiri Kosina
2016-12-20 10:31             ` Jiri Kosina
2016-12-20 10:48             ` [kernel-hardening] " Greg KH
2016-12-20 10:48               ` Greg KH

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:fcfd2bf14d3 dfblob:c4e441e00db dfblob:0277d1216f8
dfblob:0c216b76afc dfblob:fcfd2bf14d3 dfblob:c4e441e00db
dfblob:0277d1216f8 dfblob:0c216b76afc )
 OR (
bs:"[PATCH 1/4] kmod: make usermodehelper path a const string" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161214185028.GA4939@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.