lkdtm: use function_nocfi · tjh.dev/kernel@6c4df54

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

lkdtm: use function_nocfi

To ensure we take the actual address of a function in kernel text,
use function_nocfi. Otherwise, with CONFIG_CFI_CLANG, the compiler
replaces the address with a pointer to the CFI jump table, which is
actually in the module when compiled with CONFIG_LKDTM=m.

Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Acked-by: Kees Cook <keescook@chromium.org>
Tested-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20210408182843.1754385-11-samitolvanen@google.com

authored by

Sami Tolvanen and committed by

Kees Cook 5 years ago 6c4df54e 4f0f586b

+1 -1

1 changed file

expand all

drivers

misc

lkdtm

usercopy.c

+1 -1

drivers/misc/lkdtm/usercopy.c

··· 314 314 315 315 pr_info("attempting bad copy_to_user from kernel text: %px\n", 316 316 vm_mmap); 317 - if (copy_to_user((void __user *)user_addr, vm_mmap, 317 + if (copy_to_user((void __user *)user_addr, function_nocfi(vm_mmap), 318 318 unconst + PAGE_SIZE)) { 319 319 pr_warn("copy_to_user failed, but lacked Oops\n"); 320 320 goto free_user;