Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp1963894ybv; Fri, 21 Feb 2020 06:28:30 -0800 (PST) X-Google-Smtp-Source: APXvYqwoKyIraShyPLrjk5wB7klJoxEvIMrZC/GR4g1m8GqmhGkGSPuZFctLuuNhH2leACl2iS0D X-Received: by 2002:a05:6808:64d:: with SMTP id z13mr2214021oih.104.1582295310572; Fri, 21 Feb 2020 06:28:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582295310; cv=none; d=google.com; s=arc-20160816; b=aiXGkvQHyJYP+xp8BFPzR4Qsjuo1G9B6nlb9YFQnIqlHCAibAUXRMpp9IJnIbg3guI 4FdiND2RGSeqvROYl4txiU+/i6MpHYRMpimWxSiq6o+Xql/eXhWGnHvGsrbbZti3fjVV a/yx0UFF7cXFHIi9jJ5RkmViXvg18tEOrfWGbc3CwB/yo44vg2qV5/0n9UMefWkI6u44 wuMRUV8ZXlrnVI0iOdLZBCbptoKo15JThfHqLnCfV2tOfyyqZ6OjbpnyJEGeGc4o8mkM Ikii2utNL3kvA/KGiReQM7fUBKdB1E6KSX6WYvhf2Tnc+yxQzJUDr+8Aj0bZqnv70Xsx E6RA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=lY+2qG5ydjVCVYXW97C2EFpaj4QfGaCwKg2U3vnt9Po=; b=toWslQPGahxuJRSJTJOg0ee79qtTYIOJL8JtWIyiRTrpQLJjoYgwnHTLIf5WwI0Z99 d8NmpIM9H3EgsNsvAWAF/Q2gEV0oBMLVzjAd7XYKTqgRbNvaQVD8jP9ZS/imG5em2eCF 1sW6rt4KLMs/30I39+BgVghtF/HsizCG7FfG0abmiXH0gPEITQyreO4xLevb3tAgSwWZ 6oNfOslkNWi1XjBFJCzghDCOnxG0ZsWks9BFYUvuRO6CVbKfgb6V2ZDk/EQ1jqcVgIET 5uIu+fVSnWNndwjd/fKlnJpqNgdzFYOGPmngab0R0JJMNbmwWAWP3h+5KP3ys5ZEagof guhw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=UQtMMLuK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p186si799567oih.172.2020.02.21.06.28.17; Fri, 21 Feb 2020 06:28:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=UQtMMLuK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728392AbgBUO1x (ORCPT + 99 others); Fri, 21 Feb 2020 09:27:53 -0500 Received: from mail.kernel.org ([198.145.29.99]:45474 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727096AbgBUO1w (ORCPT ); Fri, 21 Feb 2020 09:27:52 -0500 Received: from devnote2 (NE2965lan1.rev.em-net.ne.jp [210.141.244.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 31F8E208C4; Fri, 21 Feb 2020 14:27:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1582295272; bh=OHkc41Ewzlq6yQkTtkKDt/JRxgXyYlL7UsaHQsVwVwQ=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=UQtMMLuKKo/t/cAEesylrkbofSEiztAfZDQSeuzIJtqjrd5UXpwFb2XXYwu7m2c6b xfp7biZEpr9LuxDDBXehsh77kDdTYzzEmURcY/KIubmS42ZJ8l12c0nb0mTdzwihif yWpt/F81vGUF0pkCJ6nKrwHagNj14JUWEYHIg6hU= Date: Fri, 21 Feb 2020 23:27:46 +0900 From: Masami Hiramatsu To: Will Deacon Cc: linux-kernel@vger.kernel.org, kernel-team@android.com, akpm@linux-foundation.org, "K . Prasad" , Thomas Gleixner , Greg Kroah-Hartman , Frederic Weisbecker , Christoph Hellwig , Quentin Perret , Alexei Starovoitov , Masami Hiramatsu Subject: Re: [PATCH 0/3] Unexport kallsyms_lookup_name() and kallsyms_on_each_symbol() Message-Id: <20200221232746.6eb84111a0d385bed71613ff@kernel.org> In-Reply-To: <20200221114404.14641-1-will@kernel.org> References: <20200221114404.14641-1-will@kernel.org> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.32; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Will, On Fri, 21 Feb 2020 11:44:01 +0000 Will Deacon wrote: > Hi folks, > > Despite having just a single modular in-tree user that I could spot, > kallsyms_lookup_name() is exported to modules and provides a mechanism > for out-of-tree modules to access and invoke arbitrary, non-exported > kernel symbols when kallsyms is enabled. > > This patch series fixes up that one user and unexports the symbol along > with kallsyms_on_each_symbol(), since that could also be abused in a > similar manner. What kind of issue would you like to fix with this? There are many ways to find (estimate) symbol address, especially, if the programmer already has the symbol map, it is *very* easy to find the target symbol address even from one exported symbol (the distance of 2 symbols doesn't change.) If not, they can use kprobes to find their required symbol address. If they have a time, they can use snprintf("%pF") to search symbol. So, for me, this series just make it hard for casual developers (but maybe they will find the answer on any technical Q&A site soon). Hmm, are there other good way to detect such bad-manner out-of-tree module and reject them? What about decoding them and monitor their all call instructions? Thank you, -- Masami Hiramatsu