diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-08-11 06:31:58 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-08-11 06:31:58 +0200 |
commit | c8d6637d0497d62093dbba0694c7b3a80b79bfe1 (patch) | |
tree | 4ef432511fa6fa959429e1fc961fb186f1745e54 | |
parent | Merge tag 'virtio-next-for-linus' of git://git.kernel.org/pub/scm/linux/kerne... (diff) | |
parent | arch/powerpc/platforms/powernv/opal-dump.c: fix world-writable sysfs files (diff) | |
download | linux-c8d6637d0497d62093dbba0694c7b3a80b79bfe1.tar.xz linux-c8d6637d0497d62093dbba0694c7b3a80b79bfe1.zip |
Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module updates from Rusty Russell:
"This finally applies the stricter sysfs perms checking we pulled out
before last merge window. A few stragglers are fixed (thanks
linux-next!)"
* tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
arch/powerpc/platforms/powernv/opal-dump.c: fix world-writable sysfs files
arch/powerpc/platforms/powernv/opal-elog.c: fix world-writable sysfs files
drivers/video/fbdev/s3c2410fb.c: don't make debug world-writable.
ARM: avoid ARM binutils leaking ELF local symbols
scripts: modpost: Remove numeric suffix pattern matching
scripts: modpost: fix compilation warning
sysfs: disallow world-writable files.
module: return bool from within_module*()
module: add within_module() function
modules: Fix build error in moduleloader.h
-rw-r--r-- | arch/powerpc/platforms/powernv/opal-dump.c | 4 | ||||
-rw-r--r-- | arch/powerpc/platforms/powernv/opal-elog.c | 4 | ||||
-rw-r--r-- | drivers/video/fbdev/s3c2410fb.c | 2 | ||||
-rw-r--r-- | include/linux/kernel.h | 2 | ||||
-rw-r--r-- | include/linux/module.h | 11 | ||||
-rw-r--r-- | include/linux/moduleloader.h | 6 | ||||
-rw-r--r-- | kernel/module.c | 14 | ||||
-rw-r--r-- | scripts/mod/modpost.c | 58 |
8 files changed, 40 insertions, 61 deletions
diff --git a/arch/powerpc/platforms/powernv/opal-dump.c b/arch/powerpc/platforms/powernv/opal-dump.c index 788a1977b9a5..85bb8fff7947 100644 --- a/arch/powerpc/platforms/powernv/opal-dump.c +++ b/arch/powerpc/platforms/powernv/opal-dump.c @@ -102,9 +102,9 @@ static ssize_t dump_ack_store(struct dump_obj *dump_obj, * due to the dynamic size of the dump */ static struct dump_attribute id_attribute = - __ATTR(id, 0666, dump_id_show, NULL); + __ATTR(id, S_IRUGO, dump_id_show, NULL); static struct dump_attribute type_attribute = - __ATTR(type, 0666, dump_type_show, NULL); + __ATTR(type, S_IRUGO, dump_type_show, NULL); static struct dump_attribute ack_attribute = __ATTR(acknowledge, 0660, dump_ack_show, dump_ack_store); diff --git a/arch/powerpc/platforms/powernv/opal-elog.c b/arch/powerpc/platforms/powernv/opal-elog.c index 0ad533b617f7..bbdb3ffaab98 100644 --- a/arch/powerpc/platforms/powernv/opal-elog.c +++ b/arch/powerpc/platforms/powernv/opal-elog.c @@ -82,9 +82,9 @@ static ssize_t elog_ack_store(struct elog_obj *elog_obj, } static struct elog_attribute id_attribute = - __ATTR(id, 0666, elog_id_show, NULL); + __ATTR(id, S_IRUGO, elog_id_show, NULL); static struct elog_attribute type_attribute = - __ATTR(type, 0666, elog_type_show, NULL); + __ATTR(type, S_IRUGO, elog_type_show, NULL); static struct elog_attribute ack_attribute = __ATTR(acknowledge, 0660, elog_ack_show, elog_ack_store); diff --git a/drivers/video/fbdev/s3c2410fb.c b/drivers/video/fbdev/s3c2410fb.c index d68595dcc5fd..43c63a4f3178 100644 --- a/drivers/video/fbdev/s3c2410fb.c +++ b/drivers/video/fbdev/s3c2410fb.c @@ -616,7 +616,7 @@ static int s3c2410fb_debug_store(struct device *dev, return len; } -static DEVICE_ATTR(debug, 0666, s3c2410fb_debug_show, s3c2410fb_debug_store); +static DEVICE_ATTR(debug, 0664, s3c2410fb_debug_show, s3c2410fb_debug_store); static struct fb_ops s3c2410fb_ops = { .owner = THIS_MODULE, diff --git a/include/linux/kernel.h b/include/linux/kernel.h index 31ae66f34235..95624bed87ef 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h @@ -845,5 +845,7 @@ static inline void ftrace_dump(enum ftrace_dump_mode oops_dump_mode) { } /* User perms >= group perms >= other perms */ \ BUILD_BUG_ON_ZERO(((perms) >> 6) < (((perms) >> 3) & 7)) + \ BUILD_BUG_ON_ZERO((((perms) >> 3) & 7) < ((perms) & 7)) + \ + /* Other writable? Generally considered a bad idea. */ \ + BUILD_BUG_ON_ZERO((perms) & 2) + \ (perms)) #endif diff --git a/include/linux/module.h b/include/linux/module.h index f520a767c86c..71f282a4e307 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -396,18 +396,25 @@ bool is_module_address(unsigned long addr); bool is_module_percpu_address(unsigned long addr); bool is_module_text_address(unsigned long addr); -static inline int within_module_core(unsigned long addr, const struct module *mod) +static inline bool within_module_core(unsigned long addr, + const struct module *mod) { return (unsigned long)mod->module_core <= addr && addr < (unsigned long)mod->module_core + mod->core_size; } -static inline int within_module_init(unsigned long addr, const struct module *mod) +static inline bool within_module_init(unsigned long addr, + const struct module *mod) { return (unsigned long)mod->module_init <= addr && addr < (unsigned long)mod->module_init + mod->init_size; } +static inline bool within_module(unsigned long addr, const struct module *mod) +{ + return within_module_init(addr, mod) || within_module_core(addr, mod); +} + /* Search for module by name: must hold module_mutex. */ struct module *find_module(const char *name); diff --git a/include/linux/moduleloader.h b/include/linux/moduleloader.h index 560ca53a75fa..7eeb9bbfb816 100644 --- a/include/linux/moduleloader.h +++ b/include/linux/moduleloader.h @@ -45,7 +45,8 @@ static inline int apply_relocate(Elf_Shdr *sechdrs, unsigned int relsec, struct module *me) { - printk(KERN_ERR "module %s: REL relocation unsupported\n", me->name); + printk(KERN_ERR "module %s: REL relocation unsupported\n", + module_name(me)); return -ENOEXEC; } #endif @@ -67,7 +68,8 @@ static inline int apply_relocate_add(Elf_Shdr *sechdrs, unsigned int relsec, struct module *me) { - printk(KERN_ERR "module %s: REL relocation unsupported\n", me->name); + printk(KERN_ERR "module %s: REL relocation unsupported\n", + module_name(me)); return -ENOEXEC; } #endif diff --git a/kernel/module.c b/kernel/module.c index ae79ce615cb9..6f69463f0066 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -3381,6 +3381,8 @@ static inline int within(unsigned long addr, void *start, unsigned long size) */ static inline int is_arm_mapping_symbol(const char *str) { + if (str[0] == '.' && str[1] == 'L') + return true; return str[0] == '$' && strchr("atd", str[1]) && (str[2] == '\0' || str[2] == '.'); } @@ -3444,8 +3446,7 @@ const char *module_address_lookup(unsigned long addr, list_for_each_entry_rcu(mod, &modules, list) { if (mod->state == MODULE_STATE_UNFORMED) continue; - if (within_module_init(addr, mod) || - within_module_core(addr, mod)) { + if (within_module(addr, mod)) { if (modname) *modname = mod->name; ret = get_ksymbol(mod, addr, size, offset); @@ -3469,8 +3470,7 @@ int lookup_module_symbol_name(unsigned long addr, char *symname) list_for_each_entry_rcu(mod, &modules, list) { if (mod->state == MODULE_STATE_UNFORMED) continue; - if (within_module_init(addr, mod) || - within_module_core(addr, mod)) { + if (within_module(addr, mod)) { const char *sym; sym = get_ksymbol(mod, addr, NULL, NULL); @@ -3495,8 +3495,7 @@ int lookup_module_symbol_attrs(unsigned long addr, unsigned long *size, list_for_each_entry_rcu(mod, &modules, list) { if (mod->state == MODULE_STATE_UNFORMED) continue; - if (within_module_init(addr, mod) || - within_module_core(addr, mod)) { + if (within_module(addr, mod)) { const char *sym; sym = get_ksymbol(mod, addr, size, offset); @@ -3760,8 +3759,7 @@ struct module *__module_address(unsigned long addr) list_for_each_entry_rcu(mod, &modules, list) { if (mod->state == MODULE_STATE_UNFORMED) continue; - if (within_module_core(addr, mod) - || within_module_init(addr, mod)) + if (within_module(addr, mod)) return mod; } return NULL; diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index 9d9c5b905b35..091d90573b63 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -772,32 +772,10 @@ static const char *sech_name(struct elf_info *elf, Elf_Shdr *sechdr) sechdr->sh_name; } -/* if sym is empty or point to a string - * like ".[0-9]+" then return 1. - * This is the optional prefix added by ld to some sections - */ -static int number_prefix(const char *sym) -{ - if (*sym++ == '\0') - return 1; - if (*sym != '.') - return 0; - do { - char c = *sym++; - if (c < '0' || c > '9') - return 0; - } while (*sym); - return 1; -} - /* The pattern is an array of simple patterns. * "foo" will match an exact string equal to "foo" * "*foo" will match a string that ends with "foo" * "foo*" will match a string that begins with "foo" - * "foo$" will match a string equal to "foo" or "foo.1" - * where the '1' can be any number including several digits. - * The $ syntax is for sections where ld append a dot number - * to make section name unique. */ static int match(const char *sym, const char * const pat[]) { @@ -816,13 +794,6 @@ static int match(const char *sym, const char * const pat[]) if (strncmp(sym, p, strlen(p) - 1) == 0) return 1; } - /* "foo$" */ - else if (*endp == '$') { - if (strncmp(sym, p, strlen(p) - 1) == 0) { - if (number_prefix(sym + strlen(p) - 1)) - return 1; - } - } /* no wildcards */ else { if (strcmp(p, sym) == 0) @@ -880,20 +851,20 @@ static void check_section(const char *modname, struct elf_info *elf, #define ALL_INIT_DATA_SECTIONS \ - ".init.setup$", ".init.rodata$", ".meminit.rodata$", \ - ".init.data$", ".meminit.data$" + ".init.setup", ".init.rodata", ".meminit.rodata", \ + ".init.data", ".meminit.data" #define ALL_EXIT_DATA_SECTIONS \ - ".exit.data$", ".memexit.data$" + ".exit.data", ".memexit.data" #define ALL_INIT_TEXT_SECTIONS \ - ".init.text$", ".meminit.text$" + ".init.text", ".meminit.text" #define ALL_EXIT_TEXT_SECTIONS \ - ".exit.text$", ".memexit.text$" + ".exit.text", ".memexit.text" #define ALL_PCI_INIT_SECTIONS \ - ".pci_fixup_early$", ".pci_fixup_header$", ".pci_fixup_final$", \ - ".pci_fixup_enable$", ".pci_fixup_resume$", \ - ".pci_fixup_resume_early$", ".pci_fixup_suspend$" + ".pci_fixup_early", ".pci_fixup_header", ".pci_fixup_final", \ + ".pci_fixup_enable", ".pci_fixup_resume", \ + ".pci_fixup_resume_early", ".pci_fixup_suspend" #define ALL_XXXINIT_SECTIONS MEM_INIT_SECTIONS #define ALL_XXXEXIT_SECTIONS MEM_EXIT_SECTIONS @@ -901,8 +872,8 @@ static void check_section(const char *modname, struct elf_info *elf, #define ALL_INIT_SECTIONS INIT_SECTIONS, ALL_XXXINIT_SECTIONS #define ALL_EXIT_SECTIONS EXIT_SECTIONS, ALL_XXXEXIT_SECTIONS -#define DATA_SECTIONS ".data$", ".data.rel$" -#define TEXT_SECTIONS ".text$", ".text.unlikely$" +#define DATA_SECTIONS ".data", ".data.rel" +#define TEXT_SECTIONS ".text", ".text.unlikely" #define INIT_SECTIONS ".init.*" #define MEM_INIT_SECTIONS ".meminit.*" @@ -1703,12 +1674,11 @@ static void check_sec_ref(struct module *mod, const char *modname, static char *remove_dot(char *s) { - char *end; - int n = strcspn(s, "."); + size_t n = strcspn(s, "."); - if (n > 0 && s[n] != 0) { - strtoul(s + n + 1, &end, 10); - if (end > s + n + 1 && (*end == '.' || *end == 0)) + if (n && s[n]) { + size_t m = strspn(s + n + 1, "0123456789"); + if (m && (s[n + m] == '.' || s[n + m] == 0)) s[n] = 0; } return s; |