Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5169670yba; Wed, 10 Apr 2019 12:58:24 -0700 (PDT) X-Google-Smtp-Source: APXvYqyBYdki9pHmoAKveppUHRLd6HbqsL0QZJiI2siVkyTsh1cj1oo4BAOMqmVVAlZERTISjOBc X-Received: by 2002:a63:2c4c:: with SMTP id s73mr37508183pgs.42.1554926304159; Wed, 10 Apr 2019 12:58:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554926304; cv=none; d=google.com; s=arc-20160816; b=eD1Rmpt47auprYVGSbA4i3E/Wbdk9n/fck+2WqlQDrP9+aBAIuGcZQzElnuC8lB052 +HQLSLNfSt9J04tnH7W3OR2aGfGK1EFSi9BdCiw4vq2AXu9qF8SIgf+4lbIaA+isYfoL omEQgcfAJ4bHjOE3MHR5hJbHlTh/bSQnQwFU3Fk330njTAdmmDZZqJ04u8krVBgVBm7n o0sj784ETgNHjQmN2vSCKoLIiU9RrNvDMLIOhKYRa0hInnK2jAA6hmoMdv4I8KVOwriv DAKY3kmewyQnWJ3E9YBww5MczIqeaPjVtMb5XS8+b3WZzb7YR9sgtJKtwPUaqhHlnLp5 sh0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=+zEMNc7324kqJ6udI8dxNG1UczLiZYFItO/G9LMbCUw=; b=nN0YMBbSlZcxz6N2yzJcJNFHxUcp3oWxqttHTVYf9hlgYaad18TzhrdT3+fWQ1+2u4 6xMowcGw0daB8eSAnqLPLwpq+/sjXyWBzGDJ/4vENwDKw60qqHXFIXcZs3nS/TF1BRhi XUdUgGSvOHoAXwLkS9uLYnUnYj++PsIM1hL/rAbp67XjGiQpx9nsvNvNrO7sUxCnwIu3 FgcQCNw6a+aGJjb9VPdo177PONco/pNZ5xQwpSHS32m78KczZZVYkK/1tNqECO8eR9Kp ilQLTUuoLcu5sYW0rASiyFJfUrVTzf5nKfbEJ3QtIZQ021KlxiTUIMJaeShEXdAzCGxz 7pyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@joelfernandes.org header.s=google header.b=j912k9RY; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v7si21534581pgn.193.2019.04.10.12.58.08; Wed, 10 Apr 2019 12:58:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@joelfernandes.org header.s=google header.b=j912k9RY; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726828AbfDJT5c (ORCPT + 99 others); Wed, 10 Apr 2019 15:57:32 -0400 Received: from mail-pf1-f195.google.com ([209.85.210.195]:40441 "EHLO mail-pf1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726757AbfDJT5b (ORCPT ); Wed, 10 Apr 2019 15:57:31 -0400 Received: by mail-pf1-f195.google.com with SMTP id c207so2101874pfc.7 for ; Wed, 10 Apr 2019 12:57:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelfernandes.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=+zEMNc7324kqJ6udI8dxNG1UczLiZYFItO/G9LMbCUw=; b=j912k9RYViXXynkk1wOlbiUqGi5gVmM5St7S1BlBPu6+q2P3DgjDl+YznzwZDpy/hl gWY+3dwgbt6IfhjgUbx9m6jOM/d7OOe5psxO/7GbxrHFz+xE7v4Tf7xvwqhp0mhKs5VV MpzN1h19egcEapYxtfT1as9eY9rguCD4TJaF4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+zEMNc7324kqJ6udI8dxNG1UczLiZYFItO/G9LMbCUw=; b=M9Klmldp566Ylws2jVA1FpeDE0QPoTm8tKS3GkT2dAk00VqcS1bS/VZ26nNapp3mqH vIeIqc+NDA647J4/FDnLsEAWlIKdao+F+pifskGXaLMIb8DOJ3gkR3jAZO2uUtihOXIp XLcih95IEXBlw+BCcllgl0cNufuFKemkKdWeSC/08Sk5WfjhsK8jPINWxX17akGI2P8N VYjGp5+aK9TvuWc4fNmQDNVSaqxmD6XeaMoXViJPDMuAZBs7+64zkXUwINiVfr7EOPIo c/Apu8QUXc5UZUPQ+ERacuSRLziSmCnEB7ZVFNbIoi1K9SpmOoKkn04iJ9Nv0iOPAciM TsKg== X-Gm-Message-State: APjAAAXnNymkUhlEHO0qxhpp+X+/Fza6eFhDAvkuEw8dY7CAeAj1n/AK sXJK5l/K12i79FO76v+mKSYhZoFdP78= X-Received: by 2002:a62:ee17:: with SMTP id e23mr45292744pfi.80.1554926250235; Wed, 10 Apr 2019 12:57:30 -0700 (PDT) Received: from joelaf.cam.corp.google.com ([2620:15c:6:12:9c46:e0da:efbf:69cc]) by smtp.gmail.com with ESMTPSA id v12sm48703375pfe.148.2019.04.10.12.57.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Apr 2019 12:57:29 -0700 (PDT) From: "Joel Fernandes (Google)" To: linux-kernel@vger.kernel.org Cc: "Joel Fernandes (Google)" , paulmck@linux.vnet.ibm.com, keescook@chromium.org, mathieu.desnoyers@efficios.com, rostedt@goodmis.org, Jessica Yu , kernel-hardening@lists.openwall.com, kernel-team@android.com, rcu@vger.kernel.org Subject: [PATCH v3 3/3] module: Make __tracepoints_ptrs as read-only Date: Wed, 10 Apr 2019 15:57:08 -0400 Message-Id: <20190410195708.162185-3-joel@joelfernandes.org> X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog In-Reply-To: <20190410195708.162185-1-joel@joelfernandes.org> References: <20190410195708.162185-1-joel@joelfernandes.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This series hardens the tracepoints in modules by making the array of pointers referring to the tracepoints as read-only. This array is needed during module unloading to verify that the tracepoint is quiescent. There is no reason for the array to be to be writable after init, and can cause security or other hidden bugs. Mark these as ro_after_init. Suggested-by: paulmck@linux.vnet.ibm.com Suggested-by: keescook@chromium.org Suggested-by: mathieu.desnoyers@efficios.com Cc: rostedt@goodmis.org Signed-off-by: Joel Fernandes (Google) --- kernel/module.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/kernel/module.c b/kernel/module.c index 8b9631e789f0..be980aaa8804 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -3320,6 +3320,12 @@ static const char * const ro_after_init_sections[] = { * by the SRCU notifiers */ "___srcu_struct_ptrs", + + /* + * Array of tracepoint pointers used for checking if tracepoints are + * quiescent during unloading. + */ + "__tracepoints_ptrs", }; static struct module *layout_and_allocate(struct load_info *info, int flags) -- 2.21.0.392.gf8f6787159e-goog