From: Rusty Russell <rusty@ozlabs.org>
To: Quentin Casasnovas <quentin.casasnovas@oracle.com>,
lkml <linux-kernel@vger.kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>, Borislav Petkov <bp@alien8.de>,
Linus Torvalds <torvalds@linux-foundation.org>,
Quentin Casasnovas <quentin.casasnovas@oracle.com>
Subject: Re: [PATCH 1/7] modpost: add strict white-listing when referencing sections.
Date: Fri, 20 Mar 2015 11:59:41 +1030 [thread overview]
Message-ID: <87sid0jw1m.fsf@rustcorp.com.au> (raw)
In-Reply-To: <1426596002-26128-2-git-send-email-quentin.casasnovas@oracle.com>
Quentin Casasnovas <quentin.casasnovas@oracle.com> writes:
> Prints a warning when a section references a section outside a strict
> white-list. This will be useful to print a warning if __ex_table
> references a non-executable section.
Hi Quentin,
Really pleasant to read these patches; nice work!
> diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
> index d439856..7094a57 100644
> --- a/scripts/mod/modpost.c
> +++ b/scripts/mod/modpost.c
> @@ -925,7 +925,8 @@ enum mismatch {
>
> struct sectioncheck {
> const char *fromsec[20];
> - const char *tosec[20];
> + const char *bad_tosec[20];
> + const char *good_tosec[20];
> enum mismatch mismatch;
> const char *symbol_white_list[20];
My only gripe is that these fields are undocumented. You maintain
the status quo, but some comments indicating what the mean would be
nice. Perhaps as a separate patch.
In case you need it (for the whole series):
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
Thanks,
Rusty.
> };
> @@ -936,19 +937,19 @@ static const struct sectioncheck sectioncheck[] = {
> */
> {
> .fromsec = { TEXT_SECTIONS, NULL },
> - .tosec = { ALL_INIT_SECTIONS, NULL },
> + .bad_tosec = { ALL_INIT_SECTIONS, NULL },
> .mismatch = TEXT_TO_ANY_INIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> },
> {
> .fromsec = { DATA_SECTIONS, NULL },
> - .tosec = { ALL_XXXINIT_SECTIONS, NULL },
> + .bad_tosec = { ALL_XXXINIT_SECTIONS, NULL },
> .mismatch = DATA_TO_ANY_INIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> },
> {
> .fromsec = { DATA_SECTIONS, NULL },
> - .tosec = { INIT_SECTIONS, NULL },
> + .bad_tosec = { INIT_SECTIONS, NULL },
> .mismatch = DATA_TO_ANY_INIT,
> .symbol_white_list = {
> "*_template", "*_timer", "*_sht", "*_ops",
> @@ -957,54 +958,54 @@ static const struct sectioncheck sectioncheck[] = {
> },
> {
> .fromsec = { TEXT_SECTIONS, NULL },
> - .tosec = { ALL_EXIT_SECTIONS, NULL },
> + .bad_tosec = { ALL_EXIT_SECTIONS, NULL },
> .mismatch = TEXT_TO_ANY_EXIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> },
> {
> .fromsec = { DATA_SECTIONS, NULL },
> - .tosec = { ALL_EXIT_SECTIONS, NULL },
> + .bad_tosec = { ALL_EXIT_SECTIONS, NULL },
> .mismatch = DATA_TO_ANY_EXIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> },
> /* Do not reference init code/data from meminit code/data */
> {
> .fromsec = { ALL_XXXINIT_SECTIONS, NULL },
> - .tosec = { INIT_SECTIONS, NULL },
> + .bad_tosec = { INIT_SECTIONS, NULL },
> .mismatch = XXXINIT_TO_SOME_INIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> },
> /* Do not reference exit code/data from memexit code/data */
> {
> .fromsec = { ALL_XXXEXIT_SECTIONS, NULL },
> - .tosec = { EXIT_SECTIONS, NULL },
> + .bad_tosec = { EXIT_SECTIONS, NULL },
> .mismatch = XXXEXIT_TO_SOME_EXIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> },
> /* Do not use exit code/data from init code */
> {
> .fromsec = { ALL_INIT_SECTIONS, NULL },
> - .tosec = { ALL_EXIT_SECTIONS, NULL },
> + .bad_tosec = { ALL_EXIT_SECTIONS, NULL },
> .mismatch = ANY_INIT_TO_ANY_EXIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> },
> /* Do not use init code/data from exit code */
> {
> .fromsec = { ALL_EXIT_SECTIONS, NULL },
> - .tosec = { ALL_INIT_SECTIONS, NULL },
> + .bad_tosec = { ALL_INIT_SECTIONS, NULL },
> .mismatch = ANY_EXIT_TO_ANY_INIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> },
> {
> .fromsec = { ALL_PCI_INIT_SECTIONS, NULL },
> - .tosec = { INIT_SECTIONS, NULL },
> + .bad_tosec = { INIT_SECTIONS, NULL },
> .mismatch = ANY_INIT_TO_ANY_EXIT,
> .symbol_white_list = { NULL },
> },
> /* Do not export init/exit functions or data */
> {
> .fromsec = { "__ksymtab*", NULL },
> - .tosec = { INIT_SECTIONS, EXIT_SECTIONS, NULL },
> + .bad_tosec = { INIT_SECTIONS, EXIT_SECTIONS, NULL },
> .mismatch = EXPORT_TO_INIT_EXIT,
> .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL },
> }
> @@ -1018,9 +1019,12 @@ static const struct sectioncheck *section_mismatch(
> const struct sectioncheck *check = §ioncheck[0];
>
> for (i = 0; i < elems; i++) {
> - if (match(fromsec, check->fromsec) &&
> - match(tosec, check->tosec))
> - return check;
> + if (match(fromsec, check->fromsec)) {
> + if (check->bad_tosec[0] && match(tosec, check->bad_tosec))
> + return check;
> + if (check->good_tosec[0] && !match(tosec, check->good_tosec))
> + return check;
> + }
> check++;
> }
> return NULL;
> --
> 2.0.5
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
next prev parent reply other threads:[~2015-03-20 1:44 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-17 12:39 [PATCH 0/7] Detect future mis-uses of __ex_table section Quentin Casasnovas
2015-03-17 12:39 ` [PATCH 1/7] modpost: add strict white-listing when referencing sections Quentin Casasnovas
2015-03-17 16:25 ` Linus Torvalds
2015-03-18 9:14 ` Quentin Casasnovas
2015-03-20 1:29 ` Rusty Russell [this message]
2015-04-13 9:04 ` Quentin Casasnovas
2015-04-13 11:19 ` Rusty Russell
2015-04-13 11:24 ` Rusty Russell
2015-03-17 12:39 ` [PATCH 2/7] modpost: add .sched.text and .kprobes.text to the TEXT_SECTIONS list Quentin Casasnovas
2015-03-18 9:08 ` Quentin Casasnovas
2015-03-17 12:39 ` [PATCH 3/7] modpost: add handler function pointer to sectioncheck Quentin Casasnovas
2015-03-18 9:08 ` Quentin Casasnovas
2015-03-17 12:39 ` [PATCH 4/7] modpost: factorize symbol pretty print in get_pretty_name() Quentin Casasnovas
2015-03-18 9:08 ` Quentin Casasnovas
2015-03-17 12:40 ` [PATCH 5/7] modpost: mismatch_handler: retrieve tosym information only when needed Quentin Casasnovas
2015-03-18 9:09 ` Quentin Casasnovas
2015-03-17 12:40 ` [PATCH 6/7] scripts: add check_extable.sh script Quentin Casasnovas
2015-03-18 9:09 ` Quentin Casasnovas
2015-03-17 12:40 ` [PATCH 7/7] modpost: handle relocations mismatch in __ex_table Quentin Casasnovas
2015-03-18 9:09 ` Quentin Casasnovas
2015-04-13 11:18 ` Rusty Russell
2015-04-13 13:33 ` Quentin Casasnovas
2015-04-14 12:14 ` Thierry Reding
2015-04-14 12:35 ` Quentin Casasnovas
2015-04-15 3:27 ` Rusty Russell
2015-04-15 8:35 ` Quentin Casasnovas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87sid0jw1m.fsf@rustcorp.com.au \
--to=rusty@ozlabs.org \
--cc=bp@alien8.de \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=quentin.casasnovas@oracle.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.