From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D11D1C433F5 for ; Wed, 5 Jan 2022 18:46:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243176AbiAESqH (ORCPT ); Wed, 5 Jan 2022 13:46:07 -0500 Received: from mail.skyhub.de ([5.9.137.197]:37122 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238501AbiAESqG (ORCPT ); Wed, 5 Jan 2022 13:46:06 -0500 Received: from zn.tnic (dslb-088-067-202-008.088.067.pools.vodafone-ip.de [88.67.202.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id AA3301EC0409; Wed, 5 Jan 2022 19:45:59 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1641408359; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=fEZIiIW8f9y+YhRxy3dl8vhei2PQdN236Vujn7RBTdY=; b=pSCYqwvRR+jUpjU5YwAa8zN64Y5dn0sO3OHpyZf1+yxRZ18xu5tPEhOKWwUz+wGg1ynCeV srFP8tI2NsIn+W3JysHUBTIqtFvLXC3aA5kU9TejCQRlI7MqcHt/QI0jlXIK7G6/i2VYZj H3B6FMt0oByYncE3nPCCef6orbqe1Vo= Date: Wed, 5 Jan 2022 19:46:01 +0100 From: Borislav Petkov To: Alexander Lobakin Cc: linux-hardening@vger.kernel.org, x86@kernel.org, Jesse Brandeburg , Kristen Carlson Accardi , Kees Cook , Miklos Szeredi , Ard Biesheuvel , Tony Luck , Bruce Schlobohm , Jessica Yu , kernel test robot , Miroslav Benes , Evgenii Shatokhin , Jonathan Corbet , Masahiro Yamada , Michal Marek , Nick Desaulniers , Herbert Xu , "David S. Miller" , Thomas Gleixner , Will Deacon , Ingo Molnar , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Arnd Bergmann , Josh Poimboeuf , Nathan Chancellor , Masami Hiramatsu , Marios Pomonis , Sami Tolvanen , "H.J. Lu" , Nicolas Pitre , linux-kernel@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-arch@vger.kernel.org, live-patching@vger.kernel.org, llvm@lists.linux.dev Subject: Re: [PATCH v9 03/15] kallsyms: Hide layout Message-ID: References: <20211223002209.1092165-1-alexandr.lobakin@intel.com> <20211223002209.1092165-4-alexandr.lobakin@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20211223002209.1092165-4-alexandr.lobakin@intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Dec 23, 2021 at 01:21:57AM +0100, Alexander Lobakin wrote: > @@ -687,11 +697,12 @@ static void reset_iter(struct kallsym_iter *iter, loff_t new_pos) > iter->name[0] = '\0'; > iter->nameoff = get_symbol_offset(new_pos); > iter->pos = new_pos; > - if (new_pos == 0) { if (!iter->show_layout) return; > + if (iter->show_layout && new_pos == 0) { > iter->pos_arch_end = 0; > iter->pos_mod_end = 0; > iter->pos_ftrace_mod_end = 0; > iter->pos_bpf_end = 0; > + iter->pos_end = 0; > } > } ... > @@ -838,16 +860,54 @@ static int kallsyms_open(struct inode *inode, struct file *file) > * using get_symbol_offset for every symbol. > */ > struct kallsym_iter *iter; > - iter = __seq_open_private(file, &kallsyms_op, sizeof(*iter)); > - if (!iter) > - return -ENOMEM; > - reset_iter(iter, 0); > + /* > + * This fake iter is needed for the cases with unprivileged > + * access. We need to know the exact number of symbols to > + * randomize the display layout. > + */ > + struct kallsym_iter fake; > + size_t size = sizeof(*iter); > + loff_t pos; > + > + fake.show_layout = true; > + reset_iter(&fake, 0); > > /* > * Instead of checking this on every s_show() call, cache > * the result here at open time. > */ > - iter->show_value = kallsyms_show_value(file->f_cred); > + fake.show_layout = kallsyms_show_value(file->f_cred); > + if (fake.show_layout) > + goto open; There are those silly labels again: if (!fake.show_layout) { for (... ) ; size = ... } iter = __seq_open_private(... > + > + for (pos = kallsyms_num_syms; update_iter_mod(&fake, pos); pos++) > + ; > + > + size = struct_size(iter, shuffled_pos, fake.pos_end + 1); > + > +open: > + iter = __seq_open_private(file, &kallsyms_op, size); > + if (!iter) > + return -ENOMEM; > + > + iter->show_layout = fake.show_layout; > + reset_iter(iter, 0); > + > + if (iter->show_layout) > + return 0; > + > + /* Copy the bounds since they were already discovered above */ > + iter->pos_arch_end = fake.pos_arch_end; > + iter->pos_mod_end = fake.pos_mod_end; > + iter->pos_ftrace_mod_end = fake.pos_ftrace_mod_end; > + iter->pos_bpf_end = fake.pos_bpf_end; > + iter->pos_end = fake.pos_end; > + > + for (pos = 0; pos <= iter->pos_end; pos++) > + iter->shuffled_pos[pos] = pos; > + > + shuffle_array(iter->shuffled_pos, iter->pos_end + 1); > + > return 0; > } Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette