Received: by 10.192.165.148 with SMTP id m20csp695035imm; Wed, 2 May 2018 07:22:14 -0700 (PDT) X-Google-Smtp-Source: AB8JxZppyuRuhXa3aBBlmevSoCJboQPELRLLaXS6opEeTQksl+acK2QAPFrfA7Xlxe6EQ91VbT8X X-Received: by 2002:a63:2647:: with SMTP id m68-v6mr16414615pgm.56.1525270934722; Wed, 02 May 2018 07:22:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525270934; cv=none; d=google.com; s=arc-20160816; b=cbRddKoU8Nm0K5KZLEK/xCfh7qLCATfYIA6935+pt7eAs0Mixt9Sfgf3+azHabEFy0 kK25KJcEICOCXl5QQsgMXVMW+mTXvaFsbN3FPRZWm6ZpfC6KOhzi1W0ma2yO+ZeKjn4a BTSP6pzlAD0zRuWzI9Sm1h4pspaLJOPuU3yoMNwmsnlQe4pCZMocRytPqkMBoEp9GiwN brJIFTVLkzeUN4DP/C6HJlsxeZ0kd61znxAZznOS3gGoX4BB1ELy+zecxI7Dsh440ym4 B7C1SA5L9f310nHhcY5BWijHzbO+qI14/5eTa6yE+T5UkH9OMJQQPl4ipGV8c64eo2xu 3h2Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=bE6+lGi/HIXYQgySdTdwyOvSghLI8iYPOmCAsdB/MsU=; b=qXOu8IwWtr/gId7Rtt0CA/1zpmin+rOEj92YBlnY10j8aiNZN/Mm6n0lZPVy7f4Itl 2w4gG1V/517uklsFKJIqQT0yoKx5DtIiElKPv0Nl8i3FivtGoe1pJCUnEMf0q0sb5fk0 ipverPm7jwiVTUikowNBCbMmrCCUiCD3wn9E+HaSPboHWtcoURp2PLk80/dX6Zi0Pqgh sFrkpbtotjp0Y+xxVcZbuQEIhuc170ky41+2AwTTuG28zhRQjCt+Yi8miSCg1Tjj/bAp Hovdl6VnmCWT79ahNrLfb5o+We4GghJhW/0SHsrrc/lIU61ABnIUNpt6p7R7kma4tmkM uPRA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=wHm3kz0E; dkim=fail header.i=@chromium.org header.s=google header.b=LHBNL27O; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t3-v6si9495121pgp.375.2018.05.02.07.22.00; Wed, 02 May 2018 07:22:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=wHm3kz0E; dkim=fail header.i=@chromium.org header.s=google header.b=LHBNL27O; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751812AbeEBOUV (ORCPT + 99 others); Wed, 2 May 2018 10:20:21 -0400 Received: from mail-ua0-f193.google.com ([209.85.217.193]:36892 "EHLO mail-ua0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751785AbeEBOUQ (ORCPT ); Wed, 2 May 2018 10:20:16 -0400 Received: by mail-ua0-f193.google.com with SMTP id i3so9547217uad.4 for ; Wed, 02 May 2018 07:20:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=bE6+lGi/HIXYQgySdTdwyOvSghLI8iYPOmCAsdB/MsU=; b=wHm3kz0E8gnu4htRaQ0FTTBqOUXihdtGW7QEIUMFX2r65YuU5hgt0MwXritYBz1ZCu eSzTBeO+JsWijKhSqZ6kGcuu6hJZWwTdo3VVuUzYemmupmLLTUjky+fYtw248sbr7l/t lgSZjXd/cWSa8xhQiWJulmIA6UE69uD2ufpZmt2+/omxXpwVeQNzXHKWTOpoEaU2ntOh wkoweCOH5BfC0Vr7cN/h637r+Es6p4wVyoo/PFX34EdO+zIR1NGqc+zoiygQtv/xRBHW ySAAopfdhhMEiZLi/bqbmiW30DPEzijqtNYB7xCO53WtqLfPc3hruSqMdYR6RXsoqmiI ePvg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=bE6+lGi/HIXYQgySdTdwyOvSghLI8iYPOmCAsdB/MsU=; b=LHBNL27Ov4Zumt9/U2bFoOcNrzWQg6Vd0a65oArqHZgGy43umReMC+onixD9Y67lh8 gDj4dLhXbzHnau1lL/loeVreJifNVl+rnLJHYRI0kHK+ch4xekbyzClty9Rp3h28S4wG +v+R/tL1DiRQHXurtJUqcNUe3h/7YUYV/PhxE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=bE6+lGi/HIXYQgySdTdwyOvSghLI8iYPOmCAsdB/MsU=; b=DRXHsbjsmpbxHtPCXuZIPG/XEDWqqHob3OsRNAZbqbr6J74Zq1CDl+e9p5a8gb9ziV bjeS2A53B0B3dkxUuwISnTuBqE6p9LIESzcb4odsFMzH4NIYQHsJ/EJIAMogWj8Jpv8n sV6i+lCzDJByOjtZDDyweu5e7mgfomzDyBg6ZbDcdZleKRqPEuvi+RmXpb6zekuBHQxF 7GGhqe3pRBuYhxFvhk+cJhAmJlfm1g7zaFuku9j8DEFqaDJ29pOC2NibnwPx+kv2SI3b 41KgG1h1H6DsEfeyEbW88s73ultxQEd+QyhMMZLoGWBDOrlaD/vgBXHXTjdBVhJz3u38 4ZAw== X-Gm-Message-State: ALQs6tBWgtTDu6CpALNM/w/3LQW8kgFvztc3LsCcDut0EXRF3zi44HW1 iFgRHI4T5hum4A5L4Gdb6/wmiqsdo2wLwoAjYdI8fg== X-Received: by 10.159.59.213 with SMTP id y21mr18105373uah.167.1525270815242; Wed, 02 May 2018 07:20:15 -0700 (PDT) MIME-Version: 1.0 Received: by 10.31.11.209 with HTTP; Wed, 2 May 2018 07:20:14 -0700 (PDT) In-Reply-To: <024d902c-54d7-f91e-4d71-57da4b15b3f9@linux.ibm.com> References: <20180418071436.21392-1-tmricht@linux.ibm.com> <024d902c-54d7-f91e-4d71-57da4b15b3f9@linux.ibm.com> From: Kees Cook Date: Wed, 2 May 2018 07:20:14 -0700 X-Google-Sender-Auth: MQG5Z6P65VpOubteaDuUOqIyyKw Message-ID: Subject: Re: [PATCH v3] module: Fix display of wrong module .text address To: Thomas-Mich Richter Cc: Jessica Yu , Linus Torvalds , LKML , Christian Borntraeger , Martin Schwidefsky , brueckner@linux.vnet.ibm.com, Heiko Carstens , Peter Zijlstra , Arnaldo Carvalho de Melo , "Tobin C. Harding" , "# 3.4.x" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 2, 2018 at 1:13 AM, Thomas-Mich Richter wrote: > On 05/02/2018 04:20 AM, Kees Cook wrote: >> On Wed, Apr 18, 2018 at 12:14 AM, Thomas Richter wrote: >>> Reading file /proc/modules shows the correct address: >>> [root@s35lp76 ~]# cat /proc/modules | egrep '^qeth_l2' >>> qeth_l2 94208 1 - Live 0x000003ff80401000 >>> >>> and reading file /sys/module/qeth_l2/sections/.text >>> [root@s35lp76 ~]# cat /sys/module/qeth_l2/sections/.text >>> 0x0000000018ea8363 >>> displays a random address. >>> >>> This breaks the perf tool which uses this address on s390 >>> to calculate start of .text section in memory. >>> >>> Fix this by printing the correct (unhashed) address. >>> >>> Thanks to Jessica Yu for helping on this. >>> >>> Fixes: ef0010a30935 ("vsprintf: don't use 'restricted_pointer()' when not restricting") >>> Cc: # v4.15+ >>> Suggested-by: Linus Torvalds >>> Signed-off-by: Thomas Richter >>> Cc: Jessica Yu >>> --- >>> kernel/module.c | 3 ++- >>> 1 file changed, 2 insertions(+), 1 deletion(-) >>> >>> diff --git a/kernel/module.c b/kernel/module.c >>> index a6e43a5806a1..40b42000bd80 100644 >>> --- a/kernel/module.c >>> +++ b/kernel/module.c >>> @@ -1472,7 +1472,8 @@ static ssize_t module_sect_show(struct module_attribute *mattr, >>> { >>> struct module_sect_attr *sattr = >>> container_of(mattr, struct module_sect_attr, mattr); >>> - return sprintf(buf, "0x%pK\n", (void *)sattr->address); >>> + return sprintf(buf, "0x%px\n", kptr_restrict < 2 ? >>> + (void *)sattr->address : NULL); >> >> Errr... this looks reversed to me. >> >> I would expect: "kptr_restrict < 2 ? NULL : (void *)sattr->address" >> >> -Kees >> > > I am confused: > In my patch, if kptr_restrict == 2 it prints NULL, which kptr_restrict > being 0 or 1 it prints the address. > > In your comment if kptr_restrict == 2 it prints the address, which > kptr_restrict being 0 or 1 it prints NULL. > > Looking into Documentation/sysctl/kernel.txt: > When kptr_restrict is set to (2), kernel pointers printed using > %pK will be replaced with 0's regardless of privileges. > > With my patch, setting kptr_restrict to 0 or 1 > prints the real kernel address (format %px, unmodified address > according to Documentation/printk-formats.txt). > > I have tested this on s390 (which is the only arch using file > /sys/module//sections/.text) in the perf tool. > > root@s8360047 ~]# sysctl kernel.kptr_restrict > kernel.kptr_restrict = 0 > [root@s8360047 ~]# cat /proc/modules | egrep '^qeth_l2' > qeth_l2 102400 1 - Live 0x000003ff8034d000 > [root@s8360047 ~]# cat /sys/module/qeth_l2/sections/.text > 0x000003ff8034da68 > [root@s8360047 ~]# sysctl -w kernel.kptr_restrict=2 > kernel.kptr_restrict = 2 > [root@s8360047 ~]# cat /proc/modules | egrep '^qeth_l2' > qeth_l2 102400 1 - Live 0x0000000000000000 > [root@s8360047 ~]# cat /sys/module/qeth_l2/sections/.text > 0x0000000000000000 > [root@s8360047 ~]# uname -a > Linux s8360047 4.17.0-rc3m-perf+ #6 SMP PREEMPT Wed May 2 10:02:38 CEST 2018 s390x s390x s390x GNU/Linux > [root@s8360047 ~]# > > Hope this helps. Thanks! Yes, I was looking at too many of the %px commits in a row and confused myself. Sorry for the noise! -Kees -- Kees Cook Pixel Security