Re: [PATCH 2/5] module: Refactor section attr into bin attribute

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Kees Cook <keescook@chromium.org>
Cc: Dominik Czarnota <dominik.czarnota@trailofbits.com>,
	stable@vger.kernel.org, Jessica Yu <jeyu@kernel.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
	Yonghong Song <yhs@fb.com>, Andrii Nakryiko <andriin@fb.com>,
	KP Singh <kpsingh@chromium.org>,
	"Naveen N. Rao" <naveen.n.rao@linux.ibm.com>,
	Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>,
	"David S. Miller" <davem@davemloft.net>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	Jakub Kicinski <kuba@kernel.org>,
	"Steven Rostedt (VMware)" <rostedt@goodmis.org>,
	Dmitry Safonov <0x7f454c46@gmail.com>,
	Will Deacon <will@kernel.org>,
	Alexey Dobriyan <adobriyan@gmail.com>,
	Marc Zyngier <maz@kernel.org>,
	Masahiro Yamada <masahiroy@kernel.org>,
	Al Viro <viro@zeniv.linux.org.uk>,
	Matteo Croce <mcroce@redhat.com>,
	Edward Cree <ecree@solarflare.com>,
	Nicolas Dichtel <nicolas.dichtel@6wind.com>,
	Alexander Lobakin <alobakin@dlink.ru>,
	Thomas Richter <tmricht@linux.ibm.com>,
	Ingo Molnar <mingo@kernel.org>,
	netdev@vger.kernel.org, bpf@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/5] module: Refactor section attr into bin attribute
Date: Fri, 3 Jul 2020 08:02:07 +0200	[thread overview]
Message-ID: <20200703060207.GA6344@kroah.com> (raw)
In-Reply-To: <20200702232638.2946421-3-keescook@chromium.org>

On Thu, Jul 02, 2020 at 04:26:35PM -0700, Kees Cook wrote:
> In order to gain access to the open file's f_cred for kallsym visibility
> permission checks, refactor the module section attributes to use the
> bin_attribute instead of attribute interface. Additionally removes the
> redundant "name" struct member.
> 
> Cc: stable@vger.kernel.org
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
>  kernel/module.c | 45 ++++++++++++++++++++++++---------------------
>  1 file changed, 24 insertions(+), 21 deletions(-)
> 
> diff --git a/kernel/module.c b/kernel/module.c
> index a5022ae84e50..9e2954519259 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -1510,8 +1510,7 @@ static inline bool sect_empty(const Elf_Shdr *sect)
>  }
>  
>  struct module_sect_attr {
> -	struct module_attribute mattr;
> -	char *name;
> +	struct bin_attribute battr;
>  	unsigned long address;
>  };
>  
> @@ -1521,11 +1520,16 @@ struct module_sect_attrs {
>  	struct module_sect_attr attrs[];
>  };
>  
> -static ssize_t module_sect_show(struct module_attribute *mattr,
> -				struct module_kobject *mk, char *buf)
> +static ssize_t module_sect_read(struct file *file, struct kobject *kobj,
> +				struct bin_attribute *battr,
> +				char *buf, loff_t pos, size_t count)
>  {
>  	struct module_sect_attr *sattr =
> -		container_of(mattr, struct module_sect_attr, mattr);
> +		container_of(battr, struct module_sect_attr, battr);
> +
> +	if (pos != 0)
> +		return -EINVAL;
> +
>  	return sprintf(buf, "0x%px\n", kptr_restrict < 2 ?
>  		       (void *)sattr->address : NULL);
>  }
> @@ -1535,7 +1539,7 @@ static void free_sect_attrs(struct module_sect_attrs *sect_attrs)
>  	unsigned int section;
>  
>  	for (section = 0; section < sect_attrs->nsections; section++)
> -		kfree(sect_attrs->attrs[section].name);
> +		kfree(sect_attrs->attrs[section].battr.attr.name);
>  	kfree(sect_attrs);
>  }
>  
> @@ -1544,42 +1548,41 @@ static void add_sect_attrs(struct module *mod, const struct load_info *info)
>  	unsigned int nloaded = 0, i, size[2];
>  	struct module_sect_attrs *sect_attrs;
>  	struct module_sect_attr *sattr;
> -	struct attribute **gattr;
> +	struct bin_attribute **gattr;
>  
>  	/* Count loaded sections and allocate structures */
>  	for (i = 0; i < info->hdr->e_shnum; i++)
>  		if (!sect_empty(&info->sechdrs[i]))
>  			nloaded++;
>  	size[0] = ALIGN(struct_size(sect_attrs, attrs, nloaded),
> -			sizeof(sect_attrs->grp.attrs[0]));
> -	size[1] = (nloaded + 1) * sizeof(sect_attrs->grp.attrs[0]);
> +			sizeof(sect_attrs->grp.bin_attrs[0]));
> +	size[1] = (nloaded + 1) * sizeof(sect_attrs->grp.bin_attrs[0]);
>  	sect_attrs = kzalloc(size[0] + size[1], GFP_KERNEL);
>  	if (sect_attrs == NULL)
>  		return;
>  
>  	/* Setup section attributes. */
>  	sect_attrs->grp.name = "sections";
> -	sect_attrs->grp.attrs = (void *)sect_attrs + size[0];
> +	sect_attrs->grp.bin_attrs = (void *)sect_attrs + size[0];
>  
>  	sect_attrs->nsections = 0;
>  	sattr = &sect_attrs->attrs[0];
> -	gattr = &sect_attrs->grp.attrs[0];
> +	gattr = &sect_attrs->grp.bin_attrs[0];
>  	for (i = 0; i < info->hdr->e_shnum; i++) {
>  		Elf_Shdr *sec = &info->sechdrs[i];
>  		if (sect_empty(sec))
>  			continue;
> +		sysfs_bin_attr_init(&sattr->battr);
>  		sattr->address = sec->sh_addr;
> -		sattr->name = kstrdup(info->secstrings + sec->sh_name,
> -					GFP_KERNEL);
> -		if (sattr->name == NULL)
> +		sattr->battr.attr.name =
> +			kstrdup(info->secstrings + sec->sh_name, GFP_KERNEL);
> +		if (sattr->battr.attr.name == NULL)
>  			goto out;
>  		sect_attrs->nsections++;
> -		sysfs_attr_init(&sattr->mattr.attr);
> -		sattr->mattr.show = module_sect_show;
> -		sattr->mattr.store = NULL;
> -		sattr->mattr.attr.name = sattr->name;
> -		sattr->mattr.attr.mode = S_IRUSR;
> -		*(gattr++) = &(sattr++)->mattr.attr;
> +		sattr->battr.read = module_sect_read;
> +		sattr->battr.size = 3 /* "0x", "\n" */ + (BITS_PER_LONG / 4);
> +		sattr->battr.attr.mode = 0400;
> +		*(gattr++) = &(sattr++)->battr;
>  	}
>  	*gattr = NULL;
>  
> @@ -1669,7 +1672,7 @@ static void add_notes_attrs(struct module *mod, const struct load_info *info)
>  			continue;
>  		if (info->sechdrs[i].sh_type == SHT_NOTE) {
>  			sysfs_bin_attr_init(nattr);
> -			nattr->attr.name = mod->sect_attrs->attrs[loaded].name;
> +			nattr->attr.name = mod->sect_attrs->attrs[loaded].battr.attr.name;
>  			nattr->attr.mode = S_IRUGO;
>  			nattr->size = info->sechdrs[i].sh_size;
>  			nattr->private = (void *) info->sechdrs[i].sh_addr;
> -- 
> 2.25.1
> 

They get a correct "size" value now, nice!

Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

next prev parent reply	other threads:[~2020-07-03  6:02 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-02 23:26 [PATCH 0/5] Refactor kallsyms_show_value() users for correct cred Kees Cook
2020-07-02 23:26 ` [PATCH 1/5] kallsyms: Refactor kallsyms_show_value() to take cred Kees Cook
2020-07-10 14:03   ` Sasha Levin
2020-07-10 15:57     ` Kees Cook
2020-07-11 16:07       ` Sasha Levin
2020-07-02 23:26 ` [PATCH 2/5] module: Refactor section attr into bin attribute Kees Cook
2020-07-03  6:02   ` Greg Kroah-Hartman [this message]
2020-07-03 15:29     ` Kees Cook
2020-07-08 16:10   ` Jessica Yu
2020-07-02 23:26 ` [PATCH 3/5] module: Do not expose section addresses to non-CAP_SYSLOG Kees Cook
2020-07-08 16:12   ` Jessica Yu
2020-07-02 23:26 ` [PATCH 4/5] kprobes: Do not expose probe " Kees Cook
2020-07-03  1:00   ` Linus Torvalds
2020-07-03 15:13     ` Kees Cook
2020-07-03 15:50     ` Kees Cook
2020-07-05 20:10       ` Linus Torvalds
2020-07-05 20:19         ` Kees Cook
2020-07-10 14:09   ` Masami Hiramatsu
2020-07-02 23:26 ` [PATCH 5/5] bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() Kees Cook

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200703060207.GA6344@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=0x7f454c46@gmail.com \
    --cc=adobriyan@gmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=alobakin@dlink.ru \
    --cc=andriin@fb.com \
    --cc=anil.s.keshavamurthy@intel.com \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=davem@davemloft.net \
    --cc=dominik.czarnota@trailofbits.com \
    --cc=ecree@solarflare.com \
    --cc=jeyu@kernel.org \
    --cc=kafai@fb.com \
    --cc=keescook@chromium.org \
    --cc=kpsingh@chromium.org \
    --cc=kuba@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=masahiroy@kernel.org \
    --cc=maz@kernel.org \
    --cc=mcroce@redhat.com \
    --cc=mhiramat@kernel.org \
    --cc=mingo@kernel.org \
    --cc=naveen.n.rao@linux.ibm.com \
    --cc=netdev@vger.kernel.org \
    --cc=nicolas.dichtel@6wind.com \
    --cc=rostedt@goodmis.org \
    --cc=songliubraving@fb.com \
    --cc=stable@vger.kernel.org \
    --cc=tmricht@linux.ibm.com \
    --cc=torvalds@linux-foundation.org \
    --cc=viro@zeniv.linux.org.uk \
    --cc=will@kernel.org \
    --cc=yhs@fb.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.