tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

module: trim exception table on init free.

It's theoretically possible that there are exception table entries
which point into the (freed) init text of modules. These could cause
future problems if other modules get loaded into that memory and cause
an exception as we'd see the wrong fixup. The only case I know of is
kvm-intel.ko (when CONFIG_CC_OPTIMIZE_FOR_SIZE=n).

Amerigo fixed this long-standing FIXME in the x86 version, but this
patch is more general.

This implements trim_init_extable(); most archs are simple since they
use the standard lib/extable.c sort code. Alpha and IA64 use relative
addresses in their fixups, so thier trimming is a slight variation.

Sparc32 is unique; it doesn't seem to define ARCH_HAS_SORT_EXTABLE,
yet it defines its own sort_extable() which overrides the one in lib.
It doesn't sort, so we have to mark deleted entries instead of
actually trimming them.

Inspired-by: Amerigo Wang <amwang@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: linux-alpha@vger.kernel.org
Cc: sparclinux@vger.kernel.org
Cc: linux-ia64@vger.kernel.org

Rusty Russell ad6561df c398df30

+101 -1
+21
arch/alpha/mm/extable.c
··· 48 48 cmp_ex, swap_ex); 49 49 } 50 50 51 + #ifdef CONFIG_MODULES 52 + /* 53 + * Any entry referring to the module init will be at the beginning or 54 + * the end. 55 + */ 56 + void trim_init_extable(struct module *m) 57 + { 58 + /*trim the beginning*/ 59 + while (m->num_exentries && 60 + within_module_init(ex_to_addr(&m->extable[0]), m)) { 61 + m->extable++; 62 + m->num_exentries--; 63 + } 64 + /*trim the end*/ 65 + while (m->num_exentries && 66 + within_module_init(ex_to_addr(&m->extable[m->num_exentries-1]), 67 + m)) 68 + m->num_exentries--; 69 + } 70 + #endif /* CONFIG_MODULES */ 71 + 51 72 const struct exception_table_entry * 52 73 search_extable(const struct exception_table_entry *first, 53 74 const struct exception_table_entry *last,
+26
arch/ia64/mm/extable.c
··· 53 53 cmp_ex, swap_ex); 54 54 } 55 55 56 + static inline unsigned long ex_to_addr(const struct exception_table_entry *x) 57 + { 58 + return (unsigned long)&x->insn + x->insn; 59 + } 60 + 61 + #ifdef CONFIG_MODULES 62 + /* 63 + * Any entry referring to the module init will be at the beginning or 64 + * the end. 65 + */ 66 + void trim_init_extable(struct module *m) 67 + { 68 + /*trim the beginning*/ 69 + while (m->num_exentries && 70 + within_module_init(ex_to_addr(&m->extable[0]), m)) { 71 + m->extable++; 72 + m->num_exentries--; 73 + } 74 + /*trim the end*/ 75 + while (m->num_exentries && 76 + within_module_init(ex_to_addr(&m->extable[m->num_exentries-1]), 77 + m)) 78 + m->num_exentries--; 79 + } 80 + #endif /* CONFIG_MODULES */ 81 + 56 82 const struct exception_table_entry * 57 83 search_extable (const struct exception_table_entry *first, 58 84 const struct exception_table_entry *last,
+3
arch/sparc/include/asm/uaccess_32.h
··· 17 17 18 18 #ifndef __ASSEMBLY__ 19 19 20 + #define ARCH_HAS_SORT_EXTABLE 21 + #define ARCH_HAS_SEARCH_EXTABLE 22 + 20 23 /* Sparc is not segmented, however we need to be able to fool access_ok() 21 24 * when doing system calls from kernel mode legitimately. 22 25 *
+29
arch/sparc/mm/extable.c
··· 28 28 * word 3: last insn address + 4 bytes 29 29 * word 4: fixup code address 30 30 * 31 + * Deleted entries are encoded as: 32 + * word 1: unused 33 + * word 2: -1 34 + * 31 35 * See asm/uaccess.h for more details. 32 36 */ 33 37 ··· 42 38 walk++; 43 39 continue; 44 40 } 41 + 42 + /* A deleted entry; see trim_init_extable */ 43 + if (walk->fixup == -1) 44 + continue; 45 45 46 46 if (walk->insn == value) 47 47 return walk; ··· 64 56 65 57 return NULL; 66 58 } 59 + 60 + #ifdef CONFIG_MODULES 61 + /* We could memmove them around; easier to mark the trimmed ones. */ 62 + void trim_init_extable(struct module *m) 63 + { 64 + unsigned int i; 65 + bool range; 66 + 67 + for (i = 0; i < m->num_exentries; i += range ? 2 : 1) { 68 + range = m->extable[i].fixup == 0; 69 + 70 + if (within_module_init(m->extable[i].insn, m)) { 71 + m->extable[i].fixup = -1; 72 + if (range) 73 + m->extable[i+1].fixup = -1; 74 + } 75 + if (range) 76 + i++; 77 + } 78 + } 79 + #endif /* CONFIG_MODULES */ 67 80 68 81 /* Special extable search, which handles ranges. Returns fixup */ 69 82 unsigned long search_extables_range(unsigned long addr, unsigned long *g2)
+1
include/linux/module.h
··· 77 77 void sort_extable(struct exception_table_entry *start, 78 78 struct exception_table_entry *finish); 79 79 void sort_main_extable(void); 80 + void trim_init_extable(struct module *m); 80 81 81 82 #ifdef MODULE 82 83 #define MODULE_GENERIC_TABLE(gtype,name) \
+1
kernel/module.c
··· 2455 2455 mutex_lock(&module_mutex); 2456 2456 /* Drop initial reference. */ 2457 2457 module_put(mod); 2458 + trim_init_extable(mod); 2458 2459 module_free(mod, mod->module_init); 2459 2460 mod->module_init = NULL; 2460 2461 mod->init_size = 0;
+20 -1
lib/extable.c
··· 39 39 sort(start, finish - start, sizeof(struct exception_table_entry), 40 40 cmp_ex, NULL); 41 41 } 42 - #endif 42 + 43 + #ifdef CONFIG_MODULES 44 + /* 45 + * If the exception table is sorted, any referring to the module init 46 + * will be at the beginning or the end. 47 + */ 48 + void trim_init_extable(struct module *m) 49 + { 50 + /*trim the beginning*/ 51 + while (m->num_exentries && within_module_init(m->extable[0].insn, m)) { 52 + m->extable++; 53 + m->num_exentries--; 54 + } 55 + /*trim the end*/ 56 + while (m->num_exentries && 57 + within_module_init(m->extable[m->num_exentries-1].insn, m)) 58 + m->num_exentries--; 59 + } 60 + #endif /* CONFIG_MODULES */ 61 + #endif /* !ARCH_HAS_SORT_EXTABLE */ 43 62 44 63 #ifndef ARCH_HAS_SEARCH_EXTABLE 45 64 /*