This finally applies the stricter sysfs perms checking we pulled out
before last merge window. A few stragglers are fixed (thanks linux-next!) Cheers, Rusty. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJT6CrEAAoJENkgDmzRrbjx3GoQAI1rt8XbTE8zVGf1PKp0SL10 gWWL9BnnHtUFriwgIbT4mBa1p0wnavIzJIeUBH0rJb2BNAbf7mBT7CFPrMuS+iV2 WlRoy/chIFnX5A7m6ddaHnzL8lPhMFvUi8dpvxO6FwpyhhNcUHqmb+uCZeLjTX/m Gj5mlOlilvH2NSugKyiTapCgcQMQqaaxcwKxyg1z3FRo12gwKvTBdjzdA3Fg7k4T TAEbTG4Fq6Q7DkQYDpJK2KWDkPmJ7hxExHFW/M0m1r7DpxY1oHI95TsugU3Mr2mM 90S15vA6Sn0l1+bRiv5qHF26VjOpdhC8uQhydjnX+lqzBGBRNoMUE/ubmxd43G4m /VlVJ9ZD40HLEmRFdtJI6UZSHYwDh7eruVH7Sjj8KFiqGps/F6nDOhV7fVLOdI+0 J9pLBbj1mA38pIK/XC3r2k8Z/u9GB/7tJFirzmk5rIVzNb/4GBrn/Cgf+GDX7djz r8c2QnLeUIht5fm34qKNnSQ/o+ZBKmG6f2bLuBesntZMsAD2cC5TUEP15NERuF3a Wa7Wn1Y9WuonH7O3j+PoUOys/bGLXZeFXfKYS8A8SGroE99xo/QhkRm/sNU0+wEz JTN4Sra03imE/YSniFnRyRiAShR3KAVen/yfOx6XPs/r5XrFG14Q7cqCKjp1EjHj TX5scRWFM5qntTSloGJt =9mjn -----END PGP SIGNATURE----- Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux Pull module updates from Rusty Russell: "This finally applies the stricter sysfs perms checking we pulled out before last merge window. A few stragglers are fixed (thanks linux-next!)" * tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: arch/powerpc/platforms/powernv/opal-dump.c: fix world-writable sysfs files arch/powerpc/platforms/powernv/opal-elog.c: fix world-writable sysfs files drivers/video/fbdev/s3c2410fb.c: don't make debug world-writable. ARM: avoid ARM binutils leaking ELF local symbols scripts: modpost: Remove numeric suffix pattern matching scripts: modpost: fix compilation warning sysfs: disallow world-writable files. module: return bool from within_module*() module: add within_module() function modules: Fix build error in moduleloader.h
This commit is contained in:
commit
c8d6637d04
|
@ -102,9 +102,9 @@ static ssize_t dump_ack_store(struct dump_obj *dump_obj,
|
|||
* due to the dynamic size of the dump
|
||||
*/
|
||||
static struct dump_attribute id_attribute =
|
||||
__ATTR(id, 0666, dump_id_show, NULL);
|
||||
__ATTR(id, S_IRUGO, dump_id_show, NULL);
|
||||
static struct dump_attribute type_attribute =
|
||||
__ATTR(type, 0666, dump_type_show, NULL);
|
||||
__ATTR(type, S_IRUGO, dump_type_show, NULL);
|
||||
static struct dump_attribute ack_attribute =
|
||||
__ATTR(acknowledge, 0660, dump_ack_show, dump_ack_store);
|
||||
|
||||
|
|
|
@ -82,9 +82,9 @@ static ssize_t elog_ack_store(struct elog_obj *elog_obj,
|
|||
}
|
||||
|
||||
static struct elog_attribute id_attribute =
|
||||
__ATTR(id, 0666, elog_id_show, NULL);
|
||||
__ATTR(id, S_IRUGO, elog_id_show, NULL);
|
||||
static struct elog_attribute type_attribute =
|
||||
__ATTR(type, 0666, elog_type_show, NULL);
|
||||
__ATTR(type, S_IRUGO, elog_type_show, NULL);
|
||||
static struct elog_attribute ack_attribute =
|
||||
__ATTR(acknowledge, 0660, elog_ack_show, elog_ack_store);
|
||||
|
||||
|
|
|
@ -616,7 +616,7 @@ static int s3c2410fb_debug_store(struct device *dev,
|
|||
return len;
|
||||
}
|
||||
|
||||
static DEVICE_ATTR(debug, 0666, s3c2410fb_debug_show, s3c2410fb_debug_store);
|
||||
static DEVICE_ATTR(debug, 0664, s3c2410fb_debug_show, s3c2410fb_debug_store);
|
||||
|
||||
static struct fb_ops s3c2410fb_ops = {
|
||||
.owner = THIS_MODULE,
|
||||
|
|
|
@ -845,5 +845,7 @@ static inline void ftrace_dump(enum ftrace_dump_mode oops_dump_mode) { }
|
|||
/* User perms >= group perms >= other perms */ \
|
||||
BUILD_BUG_ON_ZERO(((perms) >> 6) < (((perms) >> 3) & 7)) + \
|
||||
BUILD_BUG_ON_ZERO((((perms) >> 3) & 7) < ((perms) & 7)) + \
|
||||
/* Other writable? Generally considered a bad idea. */ \
|
||||
BUILD_BUG_ON_ZERO((perms) & 2) + \
|
||||
(perms))
|
||||
#endif
|
||||
|
|
|
@ -396,18 +396,25 @@ bool is_module_address(unsigned long addr);
|
|||
bool is_module_percpu_address(unsigned long addr);
|
||||
bool is_module_text_address(unsigned long addr);
|
||||
|
||||
static inline int within_module_core(unsigned long addr, const struct module *mod)
|
||||
static inline bool within_module_core(unsigned long addr,
|
||||
const struct module *mod)
|
||||
{
|
||||
return (unsigned long)mod->module_core <= addr &&
|
||||
addr < (unsigned long)mod->module_core + mod->core_size;
|
||||
}
|
||||
|
||||
static inline int within_module_init(unsigned long addr, const struct module *mod)
|
||||
static inline bool within_module_init(unsigned long addr,
|
||||
const struct module *mod)
|
||||
{
|
||||
return (unsigned long)mod->module_init <= addr &&
|
||||
addr < (unsigned long)mod->module_init + mod->init_size;
|
||||
}
|
||||
|
||||
static inline bool within_module(unsigned long addr, const struct module *mod)
|
||||
{
|
||||
return within_module_init(addr, mod) || within_module_core(addr, mod);
|
||||
}
|
||||
|
||||
/* Search for module by name: must hold module_mutex. */
|
||||
struct module *find_module(const char *name);
|
||||
|
||||
|
|
|
@ -45,7 +45,8 @@ static inline int apply_relocate(Elf_Shdr *sechdrs,
|
|||
unsigned int relsec,
|
||||
struct module *me)
|
||||
{
|
||||
printk(KERN_ERR "module %s: REL relocation unsupported\n", me->name);
|
||||
printk(KERN_ERR "module %s: REL relocation unsupported\n",
|
||||
module_name(me));
|
||||
return -ENOEXEC;
|
||||
}
|
||||
#endif
|
||||
|
@ -67,7 +68,8 @@ static inline int apply_relocate_add(Elf_Shdr *sechdrs,
|
|||
unsigned int relsec,
|
||||
struct module *me)
|
||||
{
|
||||
printk(KERN_ERR "module %s: REL relocation unsupported\n", me->name);
|
||||
printk(KERN_ERR "module %s: REL relocation unsupported\n",
|
||||
module_name(me));
|
||||
return -ENOEXEC;
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -3381,6 +3381,8 @@ static inline int within(unsigned long addr, void *start, unsigned long size)
|
|||
*/
|
||||
static inline int is_arm_mapping_symbol(const char *str)
|
||||
{
|
||||
if (str[0] == '.' && str[1] == 'L')
|
||||
return true;
|
||||
return str[0] == '$' && strchr("atd", str[1])
|
||||
&& (str[2] == '\0' || str[2] == '.');
|
||||
}
|
||||
|
@ -3444,8 +3446,7 @@ const char *module_address_lookup(unsigned long addr,
|
|||
list_for_each_entry_rcu(mod, &modules, list) {
|
||||
if (mod->state == MODULE_STATE_UNFORMED)
|
||||
continue;
|
||||
if (within_module_init(addr, mod) ||
|
||||
within_module_core(addr, mod)) {
|
||||
if (within_module(addr, mod)) {
|
||||
if (modname)
|
||||
*modname = mod->name;
|
||||
ret = get_ksymbol(mod, addr, size, offset);
|
||||
|
@ -3469,8 +3470,7 @@ int lookup_module_symbol_name(unsigned long addr, char *symname)
|
|||
list_for_each_entry_rcu(mod, &modules, list) {
|
||||
if (mod->state == MODULE_STATE_UNFORMED)
|
||||
continue;
|
||||
if (within_module_init(addr, mod) ||
|
||||
within_module_core(addr, mod)) {
|
||||
if (within_module(addr, mod)) {
|
||||
const char *sym;
|
||||
|
||||
sym = get_ksymbol(mod, addr, NULL, NULL);
|
||||
|
@ -3495,8 +3495,7 @@ int lookup_module_symbol_attrs(unsigned long addr, unsigned long *size,
|
|||
list_for_each_entry_rcu(mod, &modules, list) {
|
||||
if (mod->state == MODULE_STATE_UNFORMED)
|
||||
continue;
|
||||
if (within_module_init(addr, mod) ||
|
||||
within_module_core(addr, mod)) {
|
||||
if (within_module(addr, mod)) {
|
||||
const char *sym;
|
||||
|
||||
sym = get_ksymbol(mod, addr, size, offset);
|
||||
|
@ -3760,8 +3759,7 @@ struct module *__module_address(unsigned long addr)
|
|||
list_for_each_entry_rcu(mod, &modules, list) {
|
||||
if (mod->state == MODULE_STATE_UNFORMED)
|
||||
continue;
|
||||
if (within_module_core(addr, mod)
|
||||
|| within_module_init(addr, mod))
|
||||
if (within_module(addr, mod))
|
||||
return mod;
|
||||
}
|
||||
return NULL;
|
||||
|
|
|
@ -772,32 +772,10 @@ static const char *sech_name(struct elf_info *elf, Elf_Shdr *sechdr)
|
|||
sechdr->sh_name;
|
||||
}
|
||||
|
||||
/* if sym is empty or point to a string
|
||||
* like ".[0-9]+" then return 1.
|
||||
* This is the optional prefix added by ld to some sections
|
||||
*/
|
||||
static int number_prefix(const char *sym)
|
||||
{
|
||||
if (*sym++ == '\0')
|
||||
return 1;
|
||||
if (*sym != '.')
|
||||
return 0;
|
||||
do {
|
||||
char c = *sym++;
|
||||
if (c < '0' || c > '9')
|
||||
return 0;
|
||||
} while (*sym);
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* The pattern is an array of simple patterns.
|
||||
* "foo" will match an exact string equal to "foo"
|
||||
* "*foo" will match a string that ends with "foo"
|
||||
* "foo*" will match a string that begins with "foo"
|
||||
* "foo$" will match a string equal to "foo" or "foo.1"
|
||||
* where the '1' can be any number including several digits.
|
||||
* The $ syntax is for sections where ld append a dot number
|
||||
* to make section name unique.
|
||||
*/
|
||||
static int match(const char *sym, const char * const pat[])
|
||||
{
|
||||
|
@ -816,13 +794,6 @@ static int match(const char *sym, const char * const pat[])
|
|||
if (strncmp(sym, p, strlen(p) - 1) == 0)
|
||||
return 1;
|
||||
}
|
||||
/* "foo$" */
|
||||
else if (*endp == '$') {
|
||||
if (strncmp(sym, p, strlen(p) - 1) == 0) {
|
||||
if (number_prefix(sym + strlen(p) - 1))
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
/* no wildcards */
|
||||
else {
|
||||
if (strcmp(p, sym) == 0)
|
||||
|
@ -880,20 +851,20 @@ static void check_section(const char *modname, struct elf_info *elf,
|
|||
|
||||
|
||||
#define ALL_INIT_DATA_SECTIONS \
|
||||
".init.setup$", ".init.rodata$", ".meminit.rodata$", \
|
||||
".init.data$", ".meminit.data$"
|
||||
".init.setup", ".init.rodata", ".meminit.rodata", \
|
||||
".init.data", ".meminit.data"
|
||||
#define ALL_EXIT_DATA_SECTIONS \
|
||||
".exit.data$", ".memexit.data$"
|
||||
".exit.data", ".memexit.data"
|
||||
|
||||
#define ALL_INIT_TEXT_SECTIONS \
|
||||
".init.text$", ".meminit.text$"
|
||||
".init.text", ".meminit.text"
|
||||
#define ALL_EXIT_TEXT_SECTIONS \
|
||||
".exit.text$", ".memexit.text$"
|
||||
".exit.text", ".memexit.text"
|
||||
|
||||
#define ALL_PCI_INIT_SECTIONS \
|
||||
".pci_fixup_early$", ".pci_fixup_header$", ".pci_fixup_final$", \
|
||||
".pci_fixup_enable$", ".pci_fixup_resume$", \
|
||||
".pci_fixup_resume_early$", ".pci_fixup_suspend$"
|
||||
".pci_fixup_early", ".pci_fixup_header", ".pci_fixup_final", \
|
||||
".pci_fixup_enable", ".pci_fixup_resume", \
|
||||
".pci_fixup_resume_early", ".pci_fixup_suspend"
|
||||
|
||||
#define ALL_XXXINIT_SECTIONS MEM_INIT_SECTIONS
|
||||
#define ALL_XXXEXIT_SECTIONS MEM_EXIT_SECTIONS
|
||||
|
@ -901,8 +872,8 @@ static void check_section(const char *modname, struct elf_info *elf,
|
|||
#define ALL_INIT_SECTIONS INIT_SECTIONS, ALL_XXXINIT_SECTIONS
|
||||
#define ALL_EXIT_SECTIONS EXIT_SECTIONS, ALL_XXXEXIT_SECTIONS
|
||||
|
||||
#define DATA_SECTIONS ".data$", ".data.rel$"
|
||||
#define TEXT_SECTIONS ".text$", ".text.unlikely$"
|
||||
#define DATA_SECTIONS ".data", ".data.rel"
|
||||
#define TEXT_SECTIONS ".text", ".text.unlikely"
|
||||
|
||||
#define INIT_SECTIONS ".init.*"
|
||||
#define MEM_INIT_SECTIONS ".meminit.*"
|
||||
|
@ -1703,12 +1674,11 @@ static void check_sec_ref(struct module *mod, const char *modname,
|
|||
|
||||
static char *remove_dot(char *s)
|
||||
{
|
||||
char *end;
|
||||
int n = strcspn(s, ".");
|
||||
size_t n = strcspn(s, ".");
|
||||
|
||||
if (n > 0 && s[n] != 0) {
|
||||
strtoul(s + n + 1, &end, 10);
|
||||
if (end > s + n + 1 && (*end == '.' || *end == 0))
|
||||
if (n && s[n]) {
|
||||
size_t m = strspn(s + n + 1, "0123456789");
|
||||
if (m && (s[n + m] == '.' || s[n + m] == 0))
|
||||
s[n] = 0;
|
||||
}
|
||||
return s;
|
||||
|
|
Loading…
Reference in New Issue