Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp1978452ybh; Tue, 14 Jul 2020 12:08:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzH5ozxDh7bBGzEaodUpk7Zc5Cg++pfo/bzlo/IvTEPsF7VGt7cTMsQDhEFkF8QUieH7VTB X-Received: by 2002:a05:6402:1494:: with SMTP id e20mr5961677edv.2.1594753736708; Tue, 14 Jul 2020 12:08:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594753736; cv=none; d=google.com; s=arc-20160816; b=HSoNsF+5aRZHI1r3oVqUecmoCd9AkN8MTZ30G+0nD+c3VEJ3X77/ZTWPnPa/BOLA74 s7X1NNNMVcdHcm24wazoaICVt/aVq4Mvx0VbVv465IeLBsMXRPXvmJSjM/HHAyUISGh3 omFxTe9CwFeQFgD+SpY+WI9VmRaGF9UjyQw4x8NsIdZNLRmE8kbD12CnEwsxM7Eu+QRr EYeJQlmA1JeTHzxtknVz1SuiRlxzAphK/SlOnWTaC4jT7MEayF6QXmnr3Eck39DMxz18 ASB34YBLV3ddW62kHRdFHsPKugJ/4RVYWUYhfDO8DR3Gl31eJPCnZSbTILiIp5/Ptqyh /TgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=r8qRVj5YlR2aP6N512KI2X/ChrHiDMpstS9EJMfNNZU=; b=h+vMlaYLLjiAlGBqzFLgCFmQ7Qyb3fFhV0NArZ+hhv8us6QfyoMtQQ+tZ3LRlYc3K4 iYdE8LgWyQ6z6ZF7PGCzkXWfUIjRg9w4lpez6NkZdrgCRrf7PrJXnR7ywqj+SI3UNOgN Izez417aOn2RGmkjVtN13UhhBncHd4VPKv2+M11vX2vigYLAGPwZCM+3OKTm5cPvUIQU ymA5j/ABC/hP/pS4sIvtWHjDukqFtf1l5bCUZ3I7ik2cDaTr3MVAlPlegZs2WrxkHwzH 1pnFOPieuo2JHIENlOGd6+inLz4gNOS7Dh0uKpRxTI1yMf+j0fA7GxNIYf3+fR3Q/YdH WVeA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=SzL6TVBO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k8si10401676ejs.735.2020.07.14.12.08.33; Tue, 14 Jul 2020 12:08:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=SzL6TVBO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730060AbgGNSwP (ORCPT + 99 others); Tue, 14 Jul 2020 14:52:15 -0400 Received: from mail.kernel.org ([198.145.29.99]:48814 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730480AbgGNSwJ (ORCPT ); Tue, 14 Jul 2020 14:52:09 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 66FFF22B42; Tue, 14 Jul 2020 18:52:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1594752729; bh=3tzB6AKeDEjrsEjBIXQkHHynvnQ1xdrC3D6f0+nPplM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SzL6TVBOlHK6sZqRlyUMnBdADoY5yiByQzyKLRYiP0Pk1Sh6LzP7TjVYwEiDLpOXf mPIm/bH0qLETEl4maOuino1UFoYLOPxriQS5i5OkE1H3/k7caai0MxJ9znZRMmC30F TNEmT1r7hVFZonVRHq2dUmcl+6Hwf34Pys9N1X6E= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jessica Yu , Kees Cook Subject: [PATCH 5.4 088/109] module: Refactor section attr into bin attribute Date: Tue, 14 Jul 2020 20:44:31 +0200 Message-Id: <20200714184109.763764086@linuxfoundation.org> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200714184105.507384017@linuxfoundation.org> References: <20200714184105.507384017@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Kees Cook commit ed66f991bb19d94cae5d38f77de81f96aac7813f upstream. In order to gain access to the open file's f_cred for kallsym visibility permission checks, refactor the module section attributes to use the bin_attribute instead of attribute interface. Additionally removes the redundant "name" struct member. Cc: stable@vger.kernel.org Reviewed-by: Greg Kroah-Hartman Tested-by: Jessica Yu Acked-by: Jessica Yu Signed-off-by: Kees Cook Signed-off-by: Greg Kroah-Hartman --- kernel/module.c | 45 ++++++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 21 deletions(-) --- a/kernel/module.c +++ b/kernel/module.c @@ -1507,8 +1507,7 @@ static inline bool sect_empty(const Elf_ } struct module_sect_attr { - struct module_attribute mattr; - char *name; + struct bin_attribute battr; unsigned long address; }; @@ -1518,11 +1517,16 @@ struct module_sect_attrs { struct module_sect_attr attrs[0]; }; -static ssize_t module_sect_show(struct module_attribute *mattr, - struct module_kobject *mk, char *buf) +static ssize_t module_sect_read(struct file *file, struct kobject *kobj, + struct bin_attribute *battr, + char *buf, loff_t pos, size_t count) { struct module_sect_attr *sattr = - container_of(mattr, struct module_sect_attr, mattr); + container_of(battr, struct module_sect_attr, battr); + + if (pos != 0) + return -EINVAL; + return sprintf(buf, "0x%px\n", kptr_restrict < 2 ? (void *)sattr->address : NULL); } @@ -1532,7 +1536,7 @@ static void free_sect_attrs(struct modul unsigned int section; for (section = 0; section < sect_attrs->nsections; section++) - kfree(sect_attrs->attrs[section].name); + kfree(sect_attrs->attrs[section].battr.attr.name); kfree(sect_attrs); } @@ -1541,42 +1545,41 @@ static void add_sect_attrs(struct module unsigned int nloaded = 0, i, size[2]; struct module_sect_attrs *sect_attrs; struct module_sect_attr *sattr; - struct attribute **gattr; + struct bin_attribute **gattr; /* Count loaded sections and allocate structures */ for (i = 0; i < info->hdr->e_shnum; i++) if (!sect_empty(&info->sechdrs[i])) nloaded++; size[0] = ALIGN(struct_size(sect_attrs, attrs, nloaded), - sizeof(sect_attrs->grp.attrs[0])); - size[1] = (nloaded + 1) * sizeof(sect_attrs->grp.attrs[0]); + sizeof(sect_attrs->grp.bin_attrs[0])); + size[1] = (nloaded + 1) * sizeof(sect_attrs->grp.bin_attrs[0]); sect_attrs = kzalloc(size[0] + size[1], GFP_KERNEL); if (sect_attrs == NULL) return; /* Setup section attributes. */ sect_attrs->grp.name = "sections"; - sect_attrs->grp.attrs = (void *)sect_attrs + size[0]; + sect_attrs->grp.bin_attrs = (void *)sect_attrs + size[0]; sect_attrs->nsections = 0; sattr = §_attrs->attrs[0]; - gattr = §_attrs->grp.attrs[0]; + gattr = §_attrs->grp.bin_attrs[0]; for (i = 0; i < info->hdr->e_shnum; i++) { Elf_Shdr *sec = &info->sechdrs[i]; if (sect_empty(sec)) continue; + sysfs_bin_attr_init(&sattr->battr); sattr->address = sec->sh_addr; - sattr->name = kstrdup(info->secstrings + sec->sh_name, - GFP_KERNEL); - if (sattr->name == NULL) + sattr->battr.attr.name = + kstrdup(info->secstrings + sec->sh_name, GFP_KERNEL); + if (sattr->battr.attr.name == NULL) goto out; sect_attrs->nsections++; - sysfs_attr_init(&sattr->mattr.attr); - sattr->mattr.show = module_sect_show; - sattr->mattr.store = NULL; - sattr->mattr.attr.name = sattr->name; - sattr->mattr.attr.mode = S_IRUSR; - *(gattr++) = &(sattr++)->mattr.attr; + sattr->battr.read = module_sect_read; + sattr->battr.size = 3 /* "0x", "\n" */ + (BITS_PER_LONG / 4); + sattr->battr.attr.mode = 0400; + *(gattr++) = &(sattr++)->battr; } *gattr = NULL; @@ -1666,7 +1669,7 @@ static void add_notes_attrs(struct modul continue; if (info->sechdrs[i].sh_type == SHT_NOTE) { sysfs_bin_attr_init(nattr); - nattr->attr.name = mod->sect_attrs->attrs[loaded].name; + nattr->attr.name = mod->sect_attrs->attrs[loaded].battr.attr.name; nattr->attr.mode = S_IRUGO; nattr->size = info->sechdrs[i].sh_size; nattr->private = (void *) info->sechdrs[i].sh_addr;