32a08c17d8
Move module_enable_x() together with module_enable_nx() and module_enable_ro(). Those three functions are going together, they are all used to set up the correct page flags on the different sections. As module_enable_x() is used independently of CONFIG_STRICT_MODULE_RWX, build strict_rwx.c all the time and use IS_ENABLED(CONFIG_STRICT_MODULE_RWX) when relevant. Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu> Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
134 lines
4.0 KiB
C
134 lines
4.0 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/*
|
|
* Module strict rwx
|
|
*
|
|
* Copyright (C) 2015 Rusty Russell
|
|
*/
|
|
|
|
#include <linux/module.h>
|
|
#include <linux/mm.h>
|
|
#include <linux/vmalloc.h>
|
|
#include <linux/set_memory.h>
|
|
#include "internal.h"
|
|
|
|
/*
|
|
* LKM RO/NX protection: protect module's text/ro-data
|
|
* from modification and any data from execution.
|
|
*
|
|
* General layout of module is:
|
|
* [text] [read-only-data] [ro-after-init] [writable data]
|
|
* text_size -----^ ^ ^ ^
|
|
* ro_size ------------------------| | |
|
|
* ro_after_init_size -----------------------------| |
|
|
* size -----------------------------------------------------------|
|
|
*
|
|
* These values are always page-aligned (as is base) when
|
|
* CONFIG_STRICT_MODULE_RWX is set.
|
|
*/
|
|
|
|
/*
|
|
* Since some arches are moving towards PAGE_KERNEL module allocations instead
|
|
* of PAGE_KERNEL_EXEC, keep frob_text() and module_enable_x() independent of
|
|
* CONFIG_STRICT_MODULE_RWX because they are needed regardless of whether we
|
|
* are strict.
|
|
*/
|
|
static void frob_text(const struct module_layout *layout,
|
|
int (*set_memory)(unsigned long start, int num_pages))
|
|
{
|
|
set_memory((unsigned long)layout->base,
|
|
PAGE_ALIGN(layout->text_size) >> PAGE_SHIFT);
|
|
}
|
|
|
|
static void frob_rodata(const struct module_layout *layout,
|
|
int (*set_memory)(unsigned long start, int num_pages))
|
|
{
|
|
BUG_ON(!PAGE_ALIGNED(layout->base));
|
|
BUG_ON(!PAGE_ALIGNED(layout->text_size));
|
|
BUG_ON(!PAGE_ALIGNED(layout->ro_size));
|
|
set_memory((unsigned long)layout->base + layout->text_size,
|
|
(layout->ro_size - layout->text_size) >> PAGE_SHIFT);
|
|
}
|
|
|
|
static void frob_ro_after_init(const struct module_layout *layout,
|
|
int (*set_memory)(unsigned long start, int num_pages))
|
|
{
|
|
BUG_ON(!PAGE_ALIGNED(layout->base));
|
|
BUG_ON(!PAGE_ALIGNED(layout->ro_size));
|
|
BUG_ON(!PAGE_ALIGNED(layout->ro_after_init_size));
|
|
set_memory((unsigned long)layout->base + layout->ro_size,
|
|
(layout->ro_after_init_size - layout->ro_size) >> PAGE_SHIFT);
|
|
}
|
|
|
|
static void frob_writable_data(const struct module_layout *layout,
|
|
int (*set_memory)(unsigned long start, int num_pages))
|
|
{
|
|
BUG_ON(!PAGE_ALIGNED(layout->base));
|
|
BUG_ON(!PAGE_ALIGNED(layout->ro_after_init_size));
|
|
BUG_ON(!PAGE_ALIGNED(layout->size));
|
|
set_memory((unsigned long)layout->base + layout->ro_after_init_size,
|
|
(layout->size - layout->ro_after_init_size) >> PAGE_SHIFT);
|
|
}
|
|
|
|
void module_enable_x(const struct module *mod)
|
|
{
|
|
if (!PAGE_ALIGNED(mod->core_layout.base) ||
|
|
!PAGE_ALIGNED(mod->init_layout.base))
|
|
return;
|
|
|
|
frob_text(&mod->core_layout, set_memory_x);
|
|
frob_text(&mod->init_layout, set_memory_x);
|
|
}
|
|
|
|
void module_enable_ro(const struct module *mod, bool after_init)
|
|
{
|
|
if (!IS_ENABLED(CONFIG_STRICT_MODULE_RWX))
|
|
return;
|
|
#ifdef CONFIG_STRICT_MODULE_RWX
|
|
if (!rodata_enabled)
|
|
return;
|
|
#endif
|
|
|
|
set_vm_flush_reset_perms(mod->core_layout.base);
|
|
set_vm_flush_reset_perms(mod->init_layout.base);
|
|
frob_text(&mod->core_layout, set_memory_ro);
|
|
|
|
frob_rodata(&mod->core_layout, set_memory_ro);
|
|
frob_text(&mod->init_layout, set_memory_ro);
|
|
frob_rodata(&mod->init_layout, set_memory_ro);
|
|
|
|
if (after_init)
|
|
frob_ro_after_init(&mod->core_layout, set_memory_ro);
|
|
}
|
|
|
|
void module_enable_nx(const struct module *mod)
|
|
{
|
|
if (!IS_ENABLED(CONFIG_STRICT_MODULE_RWX))
|
|
return;
|
|
|
|
frob_rodata(&mod->core_layout, set_memory_nx);
|
|
frob_ro_after_init(&mod->core_layout, set_memory_nx);
|
|
frob_writable_data(&mod->core_layout, set_memory_nx);
|
|
frob_rodata(&mod->init_layout, set_memory_nx);
|
|
frob_writable_data(&mod->init_layout, set_memory_nx);
|
|
}
|
|
|
|
int module_enforce_rwx_sections(Elf_Ehdr *hdr, Elf_Shdr *sechdrs,
|
|
char *secstrings, struct module *mod)
|
|
{
|
|
const unsigned long shf_wx = SHF_WRITE | SHF_EXECINSTR;
|
|
int i;
|
|
|
|
if (!IS_ENABLED(CONFIG_STRICT_MODULE_RWX))
|
|
return 0;
|
|
|
|
for (i = 0; i < hdr->e_shnum; i++) {
|
|
if ((sechdrs[i].sh_flags & shf_wx) == shf_wx) {
|
|
pr_err("%s: section %s (index %d) has invalid WRITE|EXEC flags\n",
|
|
mod->name, secstrings + sechdrs[i].sh_name, i);
|
|
return -ENOEXEC;
|
|
}
|
|
}
|
|
|
|
return 0;
|
|
}
|