* [PATCH] module: don't modify argument of module_kallsyms_lookup_name()
@ 2013-06-12 17:29 Mathias Krause
2013-06-13 11:50 ` Rusty Russell
0 siblings, 1 reply; 2+ messages in thread
From: Mathias Krause @ 2013-06-12 17:29 UTC (permalink / raw)
To: Rusty Russell; +Cc: Mathias Krause, linux-kernel
If we pass a pointer to a const string of the form "module:symbol"
module_kallsyms_lookup_name() will try to split the string at the colon,
i.e., will try to modify r/o data. That will, in fact, fail on a kernel
with enabled CONFIG_DEBUG_RODATA.
Avoid modifying the string passed as argument and operate on a copy
instead in case we need to split the string.
Signed-off-by: Mathias Krause <minipli@googlemail.com>
---
kernel/module.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/kernel/module.c b/kernel/module.c
index cab4bce..5ce0784 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -3557,16 +3557,17 @@ static unsigned long mod_find_symname(struct module *mod, const char *name)
unsigned long module_kallsyms_lookup_name(const char *name)
{
struct module *mod;
- char *colon;
+ char *colon, *mod_name;
unsigned long ret = 0;
/* Don't lock: we're in enough trouble already. */
preempt_disable();
if ((colon = strchr(name, ':')) != NULL) {
- *colon = '\0';
- if ((mod = find_module(name)) != NULL)
+ mod_name = kstrndup(name, colon - name, GFP_ATOMIC);
+ if (mod_name && (mod = find_module(mod_name)) != NULL) {
ret = mod_find_symname(mod, colon+1);
- *colon = ':';
+ kfree(mod_name);
+ }
} else {
list_for_each_entry_rcu(mod, &modules, list) {
if (mod->state == MODULE_STATE_UNFORMED)
--
1.7.10.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] module: don't modify argument of module_kallsyms_lookup_name()
2013-06-12 17:29 [PATCH] module: don't modify argument of module_kallsyms_lookup_name() Mathias Krause
@ 2013-06-13 11:50 ` Rusty Russell
0 siblings, 0 replies; 2+ messages in thread
From: Rusty Russell @ 2013-06-13 11:50 UTC (permalink / raw)
To: Mathias Krause; +Cc: Mathias Krause, linux-kernel
Mathias Krause <minipli@googlemail.com> writes:
> If we pass a pointer to a const string of the form "module:symbol"
> module_kallsyms_lookup_name() will try to split the string at the colon,
> i.e., will try to modify r/o data. That will, in fact, fail on a kernel
> with enabled CONFIG_DEBUG_RODATA.
>
> Avoid modifying the string passed as argument and operate on a copy
> instead in case we need to split the string.
Wow, this has been there forever.
If we've oopsed because we're OOM, this will fail, so I'd rather not do
that.
How about we add a len arg to find_module_all, like so:
/* Search for module by name: must hold module_mutex. */
static struct module *find_module_all(const char *name,
size_t len,
bool even_unformed)
{
struct module *mod;
list_for_each_entry(mod, &modules, list) {
if (!even_unformed && mod->state == MODULE_STATE_UNFORMED)
continue;
if (strlen(mod->name) == len && !memcmp(mod->name, name, len))
return mod;
}
return NULL;
}
Cheers,
Rusty.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-06-14 1:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-06-12 17:29 [PATCH] module: don't modify argument of module_kallsyms_lookup_name() Mathias Krause
2013-06-13 11:50 ` Rusty Russell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox