Re: [RFC][PATCH] Prevent overriding of Symbols in the Kernel, avoiding Undefined behaviour

From: Ashutosh Naik
Date: Tue Dec 13 2005 - 23:09:34 EST

Next message: Nathan Lynch: "Re: [PATCH 1/2] Export cpu info by sysfs"
Previous message: Paul Jackson: "Re: [PATCH] Cpuset: rcu optimization of page alloc hook"
In reply to: Rusty Russell: "Re: [RFC][PATCH] Prevent overriding of Symbols in the Kernel,avoiding Undefined behaviour"
Next in thread: Ashutosh Naik: "Re: [RFC][PATCH] Prevent overriding of Symbols in the Kernel, avoiding Undefined behaviour"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/14/05, Rusty Russell <rusty@xxxxxxxxxxxxxxx> wrote:

> Patch looks good! A few nits still:

Have resolved all the nits ( hopefully :) )

> We already do this to resolve (more) symbols, so I don't see it as a
> problem. However, I believe that lock is redundant here: we need both
> locks to write the list, but either is sufficient for reading, and we
> already hold the sem.

Ya, the lock is redundant here, as we are already inside a semaphore.

Signed-off-by: Ashutosh Naik <ashutosh.naik@xxxxxxxxx>
Signed-off-by: Anand Krishnan <anandhkrishnan@xxxxxxxxxxx>

--- linux-2.6.15-rc5/kernel/module.c.orig 2005-12-14
09:27:53.000000000 +0530
+++ linux-2.6.15-rc5/kernel/module.c 2005-12-14 09:18:31.000000000 +0530
@@ -1204,6 +1204,39 @@ void *__symbol_get(const char *symbol)
}
EXPORT_SYMBOL_GPL(__symbol_get);

+/*
+ * Ensure that an exported symbol [global namespace] does not already exist
+ * in the Kernel or in some other modules exported symbol table.
+ */
+static int verify_export_symbols(struct module *mod)
+{
+ const char *name = NULL;
+ unsigned long i, ret = 0;
+ struct module *owner;
+ const unsigned long *crc;
+
+ for (i = 0; i < mod->num_syms; i++)
+ if (!__find_symbol(mod->syms[i].name, &owner, &crc, 1)) {
+ name = mod->syms[i].name;
+ ret = -ENOEXEC;
+ goto dup;
+ }
+
+ for (i = 0; i < mod->num_gpl_syms; i++)
+ if (!__find_symbol(mod->gpl_syms[i].name, &owner, &crc, 1)) {
+ name = mod->gpl_syms[i].name;
+ ret = -ENOEXEC;
+ goto dup;
+ }
+
+dup:
+ if (ret)
+ printk(KERN_ERR "%s: exports duplicate symbol %s
(owned by %s)\n",
+ mod->name, name, module_name(owner));
+
+ return ret;
+}
+
/* Change all symbols so that sh_value encodes the pointer directly. */
static int simplify_symbols(Elf_Shdr *sechdrs,
unsigned int symindex,
@@ -1767,6 +1800,12 @@ static struct module *load_module(void _
goto cleanup;
}

+ /* Find duplicate symbols */
+ err = verify_export_symbols(mod);
+
+ if (err < 0)
+ goto cleanup;
+
/* Set up and sort exception table */
mod->num_exentries = sechdrs[exindex].sh_size / sizeof(*mod->extable);
mod->extable = extable = (void *)sechdrs[exindex].sh_addr;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nathan Lynch: "Re: [PATCH 1/2] Export cpu info by sysfs"
Previous message: Paul Jackson: "Re: [PATCH] Cpuset: rcu optimization of page alloc hook"
In reply to: Rusty Russell: "Re: [RFC][PATCH] Prevent overriding of Symbols in the Kernel,avoiding Undefined behaviour"
Next in thread: Ashutosh Naik: "Re: [RFC][PATCH] Prevent overriding of Symbols in the Kernel, avoiding Undefined behaviour"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]