Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp592833pxk; Wed, 23 Sep 2020 10:44:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxxTQMcCzgx+Q43u3DpGyWaYIEYRXbZHOO+J80IlMplpAc8kZ6kN1yHmgV9MHDaR6UbiuLN X-Received: by 2002:aa7:d585:: with SMTP id r5mr500986edq.278.1600883083584; Wed, 23 Sep 2020 10:44:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600883083; cv=none; d=google.com; s=arc-20160816; b=LLXK/iYmjvY4GcUBdQyhDFkjDRzcfs3fajWqXYZkdP/iEwV6O4yjn5YsalDFk2JIzg qMf9k3gL/Mkj/tA/opXOqKGUVMBVPNaxRpM6UzUGlY0SW7V2+kQ16+myxUxXqqjD7JRA ZpKDb+hYPJUgaCuksgSDwBz9C4/T7aR/CljTnOAgxfLTi+Hldg+NLFSBun+elUNWg1+R qkUJ1WkPnTVQJcpAQ0e0+x6cnYqevdz1yUZ+x6X9/GgNL7v1bZ0io56Q8Z1e64kRvA4A eIbiCLrfFNWu/Wy5HaZqzf6P6njQrYKrDXpxt9eCUplILlrlNRz2ggVCJQfqvSfyTUiO M/Zw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=661Nzm5+41oIoxH/QucPFydIZEudUreFeaLaPobspA4=; b=uB+cxkXUp61K51RxZomzRW3gVU8av+u2FVd1g5Q5OaNyLtJyj4+aAy+iBy6c7mPPUF u+CXeIufFlQczMuMtOm/KA6UOS8rwCcqXRWUR4/Ev4FTy6yS1jseJIsjeRVFLpNkyzbh BHusbrPjbCLM0GNZebBQRdxUXdBuLddy0FgRMTZMp5LxS0zEpkqfaY6ZSMr+iV0IfoBs MYNqQD3sDugbRG6cIPIj4YqO/SbWNr/cMKdlCwc3F2of0JsmK6k1kogPjq0TN1OJdKT+ Xl7dI25OHwNVjzzMxsW5Ea2/8Uxzu144vIoRBfO+u9A2i7RyuoUER8l26t43unNSidAE 3ElA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f2si343694ejc.542.2020.09.23.10.44.19; Wed, 23 Sep 2020 10:44:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726670AbgIWRlV (ORCPT + 99 others); Wed, 23 Sep 2020 13:41:21 -0400 Received: from mga02.intel.com ([134.134.136.20]:14096 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726581AbgIWRlV (ORCPT ); Wed, 23 Sep 2020 13:41:21 -0400 IronPort-SDR: qowO+FkTDejT+9Ubivziaf2Jmx6aEAMfgUNkzWAUA7FWjEi/68qbBWm/tqFXIEhC0hgb/qnPGC 5Fs9QhgsnKJg== X-IronPort-AV: E=McAfee;i="6000,8403,9753"; a="148629805" X-IronPort-AV: E=Sophos;i="5.77,293,1596524400"; d="scan'208";a="148629805" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Sep 2020 10:41:20 -0700 IronPort-SDR: GZk1FRtVMnmSVB61ksssWSFNFU+xjc7kddUpaUMFeMzOTmuJTaNnLCO4Kbb4lhQ2TY/3WZNv/0 FyFrdXKqoIKw== X-IronPort-AV: E=Sophos;i="5.77,293,1596524400"; d="scan'208";a="309993326" Received: from kcaccard-mobl.amr.corp.intel.com (HELO kcaccard-mobl1.jf.intel.com) ([10.212.14.213]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Sep 2020 10:41:15 -0700 From: Kristen Carlson Accardi To: keescook@chromium.org, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, Josh Poimboeuf , Jiri Kosina , Miroslav Benes , Petr Mladek , Joe Lawrence Cc: arjan@linux.intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, rick.p.edgecombe@intel.com, Kristen Carlson Accardi , live-patching@vger.kernel.org Subject: [PATCH v5 10/10] livepatch: only match unique symbols when using fgkaslr Date: Wed, 23 Sep 2020 10:39:04 -0700 Message-Id: <20200923173905.11219-11-kristen@linux.intel.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200923173905.11219-1-kristen@linux.intel.com> References: <20200923173905.11219-1-kristen@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If any type of function granular randomization is enabled, the sympos algorithm will fail, as it will be impossible to resolve symbols when there are duplicates using the previous symbol position. Override the value of sympos to always be zero if fgkaslr is enabled for either the core kernel or modules, forcing the algorithm to require that only unique symbols are allowed to be patched. Signed-off-by: Kristen Carlson Accardi --- kernel/livepatch/core.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c index f76fdb925532..da08e40f2da2 100644 --- a/kernel/livepatch/core.c +++ b/kernel/livepatch/core.c @@ -170,6 +170,17 @@ static int klp_find_object_symbol(const char *objname, const char *name, kallsyms_on_each_symbol(klp_find_callback, &args); mutex_unlock(&module_mutex); + /* + * If any type of function granular randomization is enabled, it + * will be impossible to resolve symbols when there are duplicates + * using the previous symbol position (i.e. sympos != 0). Override + * the value of sympos to always be zero in this case. This will + * force the algorithm to require that only unique symbols are + * allowed to be patched. + */ + if (IS_ENABLED(CONFIG_FG_KASLR) || IS_ENABLED(CONFIG_MODULE_FG_KASLR)) + sympos = 0; + /* * Ensure an address was found. If sympos is 0, ensure symbol is unique; * otherwise ensure the symbol position count matches sympos. -- 2.20.1