From: Christophe Leroy <christophe.leroy@csgroup.eu>
To: Aaron Tomlin <atomlin@redhat.com>,
"mcgrof@kernel.org" <mcgrof@kernel.org>
Cc: "cl@linux.com" <cl@linux.com>,
"pmladek@suse.com" <pmladek@suse.com>,
"mbenes@suse.cz" <mbenes@suse.cz>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"jeyu@kernel.org" <jeyu@kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-modules@vger.kernel.org" <linux-modules@vger.kernel.org>,
"live-patching@vger.kernel.org" <live-patching@vger.kernel.org>,
"atomlin@atomlin.com" <atomlin@atomlin.com>,
"ghalat@redhat.com" <ghalat@redhat.com>,
"allen.lkml@gmail.com" <allen.lkml@gmail.com>,
"joe@perches.com" <joe@perches.com>,
"msuchanek@suse.de" <msuchanek@suse.de>,
"oleksandr@natalenko.name" <oleksandr@natalenko.name>
Subject: Re: [PATCH v6 06/13] module: Move strict rwx support to a separate file
Date: Mon, 21 Feb 2022 16:15:46 +0000 [thread overview]
Message-ID: <fdbe6e58-429f-d9f3-7ce0-577c732b0246@csgroup.eu> (raw)
In-Reply-To: <20220218212511.887059-7-atomlin@redhat.com>
Le 18/02/2022 à 22:25, Aaron Tomlin a écrit :
> No functional change.
>
> This patch migrates code that makes module text
> and rodata memory read-only and non-text memory
> non-executable from core module code into
> kernel/module/strict_rwx.c.
>
> Signed-off-by: Aaron Tomlin <atomlin@redhat.com>
> ---
> kernel/module/Makefile | 1 +
> kernel/module/internal.h | 38 +++++++++++++++
> kernel/module/main.c | 99 +-------------------------------------
> kernel/module/strict_rwx.c | 84 ++++++++++++++++++++++++++++++++
> 4 files changed, 125 insertions(+), 97 deletions(-)
> create mode 100644 kernel/module/strict_rwx.c
>
> diff --git a/kernel/module/Makefile b/kernel/module/Makefile
> index 6fb21ebe1aa3..3f48343636ff 100644
> --- a/kernel/module/Makefile
> +++ b/kernel/module/Makefile
> @@ -10,4 +10,5 @@ obj-$(CONFIG_MODULE_SIG_FORMAT) += signature.o
> obj-$(CONFIG_LIVEPATCH) += livepatch.o
> ifdef CONFIG_MODULES
> obj-$(CONFIG_MODULES_TREE_LOOKUP) += tree_lookup.o
> +obj-$(CONFIG_STRICT_MODULE_RWX) += strict_rwx.o
> endif
> diff --git a/kernel/module/internal.h b/kernel/module/internal.h
> index 57a715454c9e..f4b7e123d625 100644
> --- a/kernel/module/internal.h
> +++ b/kernel/module/internal.h
> @@ -20,6 +20,17 @@
> /* Maximum number of characters written by module_flags() */
> #define MODULE_FLAGS_BUF_SIZE (TAINT_FLAGS_COUNT + 4)
>
> +/*
> + * Modules' sections will be aligned on page boundaries
> + * to ensure complete separation of code and data, but
> + * only when CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y
> + */
> +#ifdef CONFIG_ARCH_HAS_STRICT_MODULE_RWX
> +# define debug_align(X) PAGE_ALIGN(X)
> +#else
> +# define debug_align(X) (X)
> +#endif
> +
> extern struct mutex module_mutex;
> extern struct list_head modules;
>
> @@ -126,3 +137,30 @@ static inline struct module *mod_find(unsigned long addr)
> return NULL;
> }
> #endif /* CONFIG_MODULES_TREE_LOOKUP */
> +
> +#ifdef CONFIG_ARCH_HAS_STRICT_MODULE_RWX
> +void frob_text(const struct module_layout *layout, int (*set_memory)(unsigned long start,
> + int num_pages));
> +#endif /* CONFIG_ARCH_HAS_STRICT_MODULE_RWX */
> +
> +#ifdef CONFIG_STRICT_MODULE_RWX
> +void frob_rodata(const struct module_layout *layout,
> + int (*set_memory)(unsigned long start, int num_pages));
> +void frob_ro_after_init(const struct module_layout *layout,
> + int (*set_memory)(unsigned long start, int num_pages));
> +void frob_writable_data(const struct module_layout *layout,
> + int (*set_memory)(unsigned long start, int num_pages));
Those three frob_() functions are only used in strict_rwx.c, they should
not appear in internal.h and should be static in strict_rwx.c
> +void module_enable_ro(const struct module *mod, bool after_init);
> +void module_enable_nx(const struct module *mod);
> +int module_enforce_rwx_sections(Elf_Ehdr *hdr, Elf_Shdr *sechdrs,
> + char *secstrings, struct module *mod);
> +
> +#else /* !CONFIG_STRICT_MODULE_RWX */
> +static void module_enable_nx(const struct module *mod) { }
> +static void module_enable_ro(const struct module *mod, bool after_init) {}
> +static int module_enforce_rwx_sections(Elf_Ehdr *hdr, Elf_Shdr *sechdrs,
> + char *secstrings, struct module *mod)
Those three must be static inline
> +{
> + return 0;
> +}
> +#endif /* CONFIG_STRICT_MODULE_RWX */
Christophe
next prev parent reply other threads:[~2022-02-21 16:16 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-18 21:24 [PATCH v6 00/13] module: core code clean up Aaron Tomlin
2022-02-18 21:24 ` [PATCH v6 01/13] module: Move all into module/ Aaron Tomlin
2022-02-21 12:21 ` Christophe Leroy
2022-02-22 10:48 ` Aaron Tomlin
2022-02-23 1:16 ` Luis Chamberlain
2022-02-23 16:57 ` Aaron Tomlin
2022-02-21 13:13 ` Christophe Leroy
2022-02-18 21:25 ` [PATCH v6 02/13] module: Simple refactor in preparation for split Aaron Tomlin
2022-02-18 21:25 ` [PATCH v6 03/13] module: Make internal.h and decompress.c more compliant Aaron Tomlin
2022-02-18 21:25 ` [PATCH v6 04/13] module: Move livepatch support to a separate file Aaron Tomlin
2022-02-18 21:25 ` [PATCH v6 05/13] module: Move latched RB-tree " Aaron Tomlin
2022-02-21 10:57 ` Christophe Leroy
2022-02-18 21:25 ` [PATCH v6 06/13] module: Move strict rwx " Aaron Tomlin
2022-02-21 6:31 ` Christophe Leroy
2022-02-21 9:35 ` Aaron Tomlin
2022-02-21 11:27 ` Christophe Leroy
2022-02-21 16:15 ` Christophe Leroy [this message]
2022-02-18 21:25 ` [PATCH v6 07/13] module: Move extra signature support out of core code Aaron Tomlin
2022-02-18 21:25 ` [PATCH v6 08/13] module: Move kmemleak support to a separate file Aaron Tomlin
2022-02-18 21:25 ` [PATCH v6 09/13] module: Move kallsyms support into " Aaron Tomlin
2022-02-21 8:15 ` Christophe Leroy
2022-02-21 8:35 ` Christophe Leroy
2022-02-21 9:22 ` Aaron Tomlin
2022-02-22 9:58 ` Miroslav Benes
2022-02-21 9:21 ` Aaron Tomlin
2022-02-21 10:49 ` Christophe Leroy
2022-02-21 12:02 ` Aaron Tomlin
2022-02-18 21:25 ` [PATCH v6 10/13] module: Move procfs " Aaron Tomlin
2022-02-19 2:12 ` [PATCH v6 00/13] module: core code clean up Luis Chamberlain
2022-02-21 12:47 ` Miroslav Benes
2022-02-22 10:58 ` Christophe Leroy
2022-02-22 11:18 ` Aaron Tomlin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fdbe6e58-429f-d9f3-7ce0-577c732b0246@csgroup.eu \
--to=christophe.leroy@csgroup.eu \
--cc=akpm@linux-foundation.org \
--cc=allen.lkml@gmail.com \
--cc=atomlin@atomlin.com \
--cc=atomlin@redhat.com \
--cc=cl@linux.com \
--cc=ghalat@redhat.com \
--cc=jeyu@kernel.org \
--cc=joe@perches.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-modules@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=mbenes@suse.cz \
--cc=mcgrof@kernel.org \
--cc=msuchanek@suse.de \
--cc=oleksandr@natalenko.name \
--cc=pmladek@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).