Received: by 10.192.165.156 with SMTP id m28csp756671imm; Mon, 16 Apr 2018 08:14:46 -0700 (PDT) X-Google-Smtp-Source: AIpwx4/VX+9ttbb96OMSdU+4lhgel92iMn57y8N1xN1z8nYQUlg1tHyegnxT2H/MLq61NwZ0pfAC X-Received: by 2002:a17:902:444:: with SMTP id 62-v6mr15809975ple.127.1523891686417; Mon, 16 Apr 2018 08:14:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523891686; cv=none; d=google.com; s=arc-20160816; b=eBqVZ/cyAUaiROkUaMURfh+9lPBcsVLv5i7zDYH4ao6C9wIZs2U2QdlYUdU9oM+Cn7 pTAJvDEcKmFqo+hn7fuJQyhmxTZmBntT4zE44E9KYWz+uqychdYmHrtWJRDFPe+HBGE6 o0RPSXxhpyruOcWXXNQeoJbW0bbImGt4Vaz+r0Guz0lZq7mnJkDInoWx9zBE58arGYss lz3p/7ytxkDfIOvYzRRPheBP5KMT3AB6YA0efeD5Gg61h4UoPFeKWCjkKMDhtMYjYYWW xfIK8p6oei4iSWhqo6XMy9wvKC6eFUpG9iFS8QpnhFBBwW0YnyGz/jtOJToHLe3uCAky 0TAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=mZYy93wbmLoe/2NVNzRm5oRAm6Mur3LJxp8N3O3xaXQ=; b=eunQhnqFEshtAnVFldqcSG+/JgMxyQQzwFE0eu3SKUuRd1yf4B2tLMNFO2N7pzPCMY XIh45FlIZ8GUP7y11wiHYCiLxlYCE2igXP3Suu3QjRGkO7R4nfJetKuZQq/ofQlA1vqy 7ByxdBE8IXMQ3m4+lWVmvHVFk0hifA7TZWrvr3R/JSQsmhrTEShan621iae7QDgLXSim Z1+GVVGZczjMpOclAcBel4YpgvlmVDjbTEnE+wFVTI8zyKdeMaplfEJwrMzrMzHpYWJ1 QI+nnxVBpu9ZzoO4BTTuRmtAQC+T5EbcnXg+VdH8dQDnvs3J+Hvsdn6VEV+VdC78ly5k Jsnw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=bGLHkekM; dkim=fail header.i=@linux-foundation.org header.s=google header.b=GHUyGRvr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h12si10540527pfn.300.2018.04.16.08.14.31; Mon, 16 Apr 2018 08:14:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=bGLHkekM; dkim=fail header.i=@linux-foundation.org header.s=google header.b=GHUyGRvr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751151AbeDPPNT (ORCPT + 99 others); Mon, 16 Apr 2018 11:13:19 -0400 Received: from mail-io0-f169.google.com ([209.85.223.169]:44938 "EHLO mail-io0-f169.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750732AbeDPPNR (ORCPT ); Mon, 16 Apr 2018 11:13:17 -0400 Received: by mail-io0-f169.google.com with SMTP id y26so210352iob.11 for ; Mon, 16 Apr 2018 08:13:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=mZYy93wbmLoe/2NVNzRm5oRAm6Mur3LJxp8N3O3xaXQ=; b=bGLHkekMlo5YtlxENP1gvw8xFfvOb6SfwSTPAekltKLPZO6Q1DrYvJw6i4f06Z8sgx TyF2NpV1MOQr6lzGxZW5jDOZhNRo9CW857VbEZUSXQ7btGGANio7oq1YLMBep65YYpID Ro0Ae4QomJkMDh3FSkwSw6Gj+QaWIMZATbg1WsIOdwwxZiLL26VATC3tzPh3vNMB8m0u Lzeet1J3wSNHjy3aafnLayQvPAdmdqLaF5d40z8uVKRd04TYHQJzl5wErCa99mff8q0W LfKXlL66IOuYT3B6rucecOYUdtVaSsFS0DkaEOICSNJYV1Mon7Rtse+NZPG+pgZowLlW WZLw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=mZYy93wbmLoe/2NVNzRm5oRAm6Mur3LJxp8N3O3xaXQ=; b=GHUyGRvrEP4E/5l9UR0GJ0HGE2lZpropGdU5p5DAKUbIrbcTQu/hEjCCgGEoV3WYUz bEk4me7krGP4IZi8kZApVe83Y3C7TcchKpI/I1/9NWDyvyBNsJs6etJJnk3RyOnze+qL s9A1r/vMaZg0IEcoZ8djudrZzYcGSkdLqRIyw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=mZYy93wbmLoe/2NVNzRm5oRAm6Mur3LJxp8N3O3xaXQ=; b=ptvJXHp2zUIXpIV1hOuOOhBanpewJIJ5vHYRSqI7C5BzTSvTgA4whwQf9jxm8HwZP7 qjllX/x2+E3kBus9L+aTsv7OhgHJq50JClt86to33EJSHRBQPC/3xacwwhuiFXzjMDa/ 3KQsQoxbkvZ/3hvVOlU3SuEvWJhfMO0B5fJQ2wpaAqD0fqFyNwIUd7LGjEFmQDaL35xE DfM78fvYcR0YzaXEVny5gznxglJPYUmMe1tHIXYszp4Sxp9sYx+uDo3kTaZBKv+rxygb INswOTpSVhtvi1pPgTeNt/cs5vkgDQ/OFgepkmyjiigpPHzcj4fNjuWAfEj/eIg7Wgyx Tenw== X-Gm-Message-State: ALQs6tBUJF3y9f5tc9/WKkQ28Y5J8F3P0LwpLFqe2yPmDei+XbjpU6ao tVL0Je1PpGn80UmnJz21sgjkcHXjLBMXj0cSY1c= X-Received: by 10.107.164.96 with SMTP id n93mr14351533ioe.238.1523891596745; Mon, 16 Apr 2018 08:13:16 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.95.15 with HTTP; Mon, 16 Apr 2018 08:13:16 -0700 (PDT) In-Reply-To: <20180416134309.lt7mrxe5khcuhozl@redbean> References: <7e17e3b1-25c3-cb61-ae94-dcbb1bf3473e@linux.ibm.com> <3836add7-8691-77c1-33d2-0fbee7051795@de.ibm.com> <2dc648ad-0a6b-ba79-5d6a-fb3e3029994f@de.ibm.com> <20180416134309.lt7mrxe5khcuhozl@redbean> From: Linus Torvalds Date: Mon, 16 Apr 2018 08:13:16 -0700 X-Google-Sender-Auth: 9WJ4akl4UYvDbIXhmC3VRNKRCgY Message-ID: Subject: Re: Wrong module .text address in 4.16.0 To: Jessica Yu Cc: Christian Borntraeger , Thomas-Mich Richter , Linux Kernel Mailing List , Martin Schwidefsky , Hendrik Brueckner , Heiko Carstens , Peter Zijlstra , Arnaldo Carvalho de Melo , "Tobin C . Harding" , Kees Cook Content-Type: multipart/mixed; boundary="001a1141bc444cfc970569f8a9d6" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --001a1141bc444cfc970569f8a9d6 Content-Type: text/plain; charset="UTF-8" On Mon, Apr 16, 2018 at 6:43 AM, Jessica Yu wrote: > > So for users of /sys/module/*/sections, we will need to work around > this and possibly use %px for the real address. But perhaps we should > base the usage of %px on kptr_restrict? Maybe. I was hoping we would be able to get rid of it eventually. The real problem is that those darn module_attribute things don't have proper IO routines. They *only* have the show routine, and that doesn't even get the 'struct file' pointer passed to it, just the buffer to fill in (not even a _size_ of a buffer - we're talking the bad bad old days of nasty /proc interfaces). Why is that a problem? Without a 'struct file' we can't even do permission checking right. %pK worked by doing disgusting wrong things. Now, in this case, at least the files are root-owned, and legible only to root, so I guess we can say that permissions have been properly checked at open time (not really true: the CAP_SYSLOG bit wasn't!, but I doubt anybody really cares), and so we could just check kptr_restrict. Oh well. Something like the attached, perhaps? Completely untested, and I don't even want credit for this if it is used. Linus --001a1141bc444cfc970569f8a9d6 Content-Type: text/x-patch; charset="US-ASCII"; name="patch.diff" Content-Disposition: attachment; filename="patch.diff" Content-Transfer-Encoding: base64 X-Attachment-Id: f_jg2dol3o0 IGtlcm5lbC9tb2R1bGUuYyB8IDYgKysrKystCiAxIGZpbGUgY2hhbmdlZCwgNSBpbnNlcnRpb25z KCspLCAxIGRlbGV0aW9uKC0pCgpkaWZmIC0tZ2l0IGEva2VybmVsL21vZHVsZS5jIGIva2VybmVs L21vZHVsZS5jCmluZGV4IGE2ZTQzYTU4MDZhMS4uZjhjZjBiYjM1YWI2IDEwMDY0NAotLS0gYS9r ZXJuZWwvbW9kdWxlLmMKKysrIGIva2VybmVsL21vZHVsZS5jCkBAIC0xNDcyLDcgKzE0NzIsMTEg QEAgc3RhdGljIHNzaXplX3QgbW9kdWxlX3NlY3Rfc2hvdyhzdHJ1Y3QgbW9kdWxlX2F0dHJpYnV0 ZSAqbWF0dHIsCiB7CiAJc3RydWN0IG1vZHVsZV9zZWN0X2F0dHIgKnNhdHRyID0KIAkJY29udGFp bmVyX29mKG1hdHRyLCBzdHJ1Y3QgbW9kdWxlX3NlY3RfYXR0ciwgbWF0dHIpOwotCXJldHVybiBz cHJpbnRmKGJ1ZiwgIjB4JXBLXG4iLCAodm9pZCAqKXNhdHRyLT5hZGRyZXNzKTsKKwl1bnNpZ25l ZCBsb25nIGFkZHIgPSAwOworCisJLyogUGVybWlzc2lvbnMgd2VyZSBjaGVja2VkIGF0IG9wZW4g Ki8KKwlhZGRyID0ga3B0cl9yZXN0cmljdCA8IDIgP3NhdHRyLT5hZGRyZXNzIDogMDsKKwlyZXR1 cm4gc3ByaW50ZihidWYsICIlI2x4XG4iLCBhZGRyKTsKIH0KIAogc3RhdGljIHZvaWQgZnJlZV9z ZWN0X2F0dHJzKHN0cnVjdCBtb2R1bGVfc2VjdF9hdHRycyAqc2VjdF9hdHRycykK --001a1141bc444cfc970569f8a9d6--