From: kbuild test robot <lkp@intel.com>
To: Eddie Kovsky <ewk@edkovsky.org>
Cc: kbuild-all@01.org, jeyu@redhat.com, rusty@rustcorp.com.au,
keescook@chromium.org, linux-kernel@vger.kernel.org,
kernel-hardening@lists.openwall.com
Subject: Re: [PATCH v5 2/2] extable: verify address is read-only
Date: Fri, 7 Apr 2017 01:20:19 +0800 [thread overview]
Message-ID: <201704070133.TVMZxWQ6%fengguang.wu@intel.com> (raw)
In-Reply-To: <20170406033550.32525-3-ewk@edkovsky.org>
[-- Attachment #1: Type: text/plain, Size: 7804 bytes --]
Hi Eddie,
[auto build test WARNING on next-20170330]
[cannot apply to linus/master linux/master jeyu/modules-next v4.9-rc8 v4.9-rc7 v4.9-rc6 v4.11-rc5]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Eddie-Kovsky/module-verify-address-is-read-only/20170407-004322
config: i386-randconfig-x014-201714 (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
All warnings (new ones prefixed by >>):
In file included from include/linux/trace_clock.h:12:0,
from include/linux/ftrace.h:9,
from kernel/extable.c:18:
kernel/extable.c: In function 'core_kernel_rodata':
kernel/extable.c:169:29: error: '__start_ro_after_init' undeclared (first use in this function)
if (addr >= (unsigned long)__start_ro_after_init &&
^
include/linux/compiler.h:160:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>> kernel/extable.c:169:2: note: in expansion of macro 'if'
if (addr >= (unsigned long)__start_ro_after_init &&
^~
kernel/extable.c:169:29: note: each undeclared identifier is reported only once for each function it appears in
if (addr >= (unsigned long)__start_ro_after_init &&
^
include/linux/compiler.h:160:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>> kernel/extable.c:169:2: note: in expansion of macro 'if'
if (addr >= (unsigned long)__start_ro_after_init &&
^~
kernel/extable.c:170:28: error: '__end_ro_after_init' undeclared (first use in this function)
addr < (unsigned long)__end_ro_after_init)
^
include/linux/compiler.h:160:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>> kernel/extable.c:169:2: note: in expansion of macro 'if'
if (addr >= (unsigned long)__start_ro_after_init &&
^~
vim +/if +169 kernel/extable.c
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 */
> 18 #include <linux/ftrace.h>
19 #include <linux/memory.h>
20 #include <linux/extable.h>
21 #include <linux/module.h>
22 #include <linux/mutex.h>
23 #include <linux/init.h>
24 #include <linux/kprobes.h>
25 #include <linux/filter.h>
26
27 #include <asm/sections.h>
28 #include <linux/uaccess.h>
29
30 /*
31 * mutex protecting text section modification (dynamic code patching).
32 * some users need to sleep (allocating memory...) while they hold this lock.
33 *
34 * NOT exported to modules - patching kernel text is a really delicate matter.
35 */
36 DEFINE_MUTEX(text_mutex);
37
38 extern struct exception_table_entry __start___ex_table[];
39 extern struct exception_table_entry __stop___ex_table[];
40
41 /* Cleared by build time tools if the table is already sorted. */
42 u32 __initdata __visible main_extable_sort_needed = 1;
43
44 /* Sort the kernel's built-in exception table */
45 void __init sort_main_extable(void)
46 {
47 if (main_extable_sort_needed && __stop___ex_table > __start___ex_table) {
48 pr_notice("Sorting __ex_table...\n");
49 sort_extable(__start___ex_table, __stop___ex_table);
50 }
51 }
52
53 /* Given an address, look for it in the exception tables. */
54 const struct exception_table_entry *search_exception_tables(unsigned long addr)
55 {
56 const struct exception_table_entry *e;
57
58 e = search_extable(__start___ex_table, __stop___ex_table-1, addr);
59 if (!e)
60 e = search_module_extables(addr);
61 return e;
62 }
63
64 static inline int init_kernel_text(unsigned long addr)
65 {
66 if (addr >= (unsigned long)_sinittext &&
67 addr < (unsigned long)_einittext)
68 return 1;
69 return 0;
70 }
71
72 int core_kernel_text(unsigned long addr)
73 {
74 if (addr >= (unsigned long)_stext &&
75 addr < (unsigned long)_etext)
76 return 1;
77
78 if (system_state == SYSTEM_BOOTING &&
79 init_kernel_text(addr))
80 return 1;
81 return 0;
82 }
83
84 /**
85 * core_kernel_data - tell if addr points to kernel data
86 * @addr: address to test
87 *
88 * Returns true if @addr passed in is from the core kernel data
89 * section.
90 *
91 * Note: On some archs it may return true for core RODATA, and false
92 * for others. But will always be true for core RW data.
93 */
94 int core_kernel_data(unsigned long addr)
95 {
96 if (addr >= (unsigned long)_sdata &&
97 addr < (unsigned long)_edata)
98 return 1;
99 return 0;
100 }
101
102 int __kernel_text_address(unsigned long addr)
103 {
104 if (core_kernel_text(addr))
105 return 1;
106 if (is_module_text_address(addr))
107 return 1;
108 if (is_ftrace_trampoline(addr))
109 return 1;
110 if (is_kprobe_optinsn_slot(addr) || is_kprobe_insn_slot(addr))
111 return 1;
112 if (is_bpf_text_address(addr))
113 return 1;
114 /*
115 * There might be init symbols in saved stacktraces.
116 * Give those symbols a chance to be printed in
117 * backtraces (such as lockdep traces).
118 *
119 * Since we are after the module-symbols check, there's
120 * no danger of address overlap:
121 */
122 if (init_kernel_text(addr))
123 return 1;
124 return 0;
125 }
126
127 int kernel_text_address(unsigned long addr)
128 {
129 if (core_kernel_text(addr))
130 return 1;
131 if (is_module_text_address(addr))
132 return 1;
133 if (is_ftrace_trampoline(addr))
134 return 1;
135 if (is_kprobe_optinsn_slot(addr) || is_kprobe_insn_slot(addr))
136 return 1;
137 if (is_bpf_text_address(addr))
138 return 1;
139 return 0;
140 }
141
142 /*
143 * On some architectures (PPC64, IA64) function pointers
144 * are actually only tokens to some data that then holds the
145 * real function address. As a result, to find if a function
146 * pointer is part of the kernel text, we need to do some
147 * special dereferencing first.
148 */
149 int func_ptr_is_kernel_text(void *ptr)
150 {
151 unsigned long addr;
152 addr = (unsigned long) dereference_function_descriptor(ptr);
153 if (core_kernel_text(addr))
154 return 1;
155 return is_module_text_address(addr);
156 }
157
158 /**
159 * core_kernel_rodata - Verify address points to read-only section
160 * @addr: address to test
161 *
162 */
163 int core_kernel_rodata(unsigned long addr)
164 {
165 if (addr >= (unsigned long)__start_rodata &&
166 addr < (unsigned long)__end_rodata)
167 return 1;
168
> 169 if (addr >= (unsigned long)__start_ro_after_init &&
170 addr < (unsigned long)__end_ro_after_init)
171 return 1;
172
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 25874 bytes --]
next prev parent reply other threads:[~2017-04-06 17:21 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-06 3:35 [PATCH v5 0/2] provide check for ro_after_init memory sections Eddie Kovsky
2017-04-06 3:35 ` [PATCH v5 1/2] module: verify address is read-only Eddie Kovsky
2017-04-07 1:58 ` Jessica Yu
2017-04-07 20:46 ` Kees Cook
2017-04-06 3:35 ` [PATCH v5 2/2] extable: " Eddie Kovsky
2017-04-06 17:20 ` kbuild test robot [this message]
2017-04-06 17:41 ` kbuild test robot
2017-04-07 19:29 ` Eddie Kovsky
2017-04-07 20:45 ` Kees Cook
2017-04-07 21:53 ` [PATCH v5 0/2] provide check for ro_after_init memory sections Kees Cook
2017-04-07 22:12 ` Andrew Morton
2017-04-07 22:15 ` Kees Cook
2017-04-07 22:23 ` Andrew Morton
2017-04-07 22:47 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201704070133.TVMZxWQ6%fengguang.wu@intel.com \
--to=lkp@intel.com \
--cc=ewk@edkovsky.org \
--cc=jeyu@redhat.com \
--cc=kbuild-all@01.org \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rusty@rustcorp.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).