Re: [PATCH 1/4] module: Expose load_info to arch module loader code

From: Kees Cook
Date: Tue Apr 07 2020 - 12:52:05 EST


On Tue, Apr 07, 2020 at 01:02:37PM +0200, Peter Zijlstra wrote:
> From: Jessica Yu <jeyu@xxxxxxxxxx>
>
> The x86 module loader wants to check the value of a modinfo flag
> (sld_safe), before proceeding to scan the module text for VMX
> instructions. Unfortunately the arch module code currently does not have
> access to load_info, but we can easily expose that via moduleloader.h,
> which every arch module code must already include.
>
> Signed-off-by: Jessica Yu <jeyu@xxxxxxxxxx>

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

-Kees

> Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
> Link: https://lkml.kernel.org/r/20200406160420.14407-1-jeyu@xxxxxxxxxx
> ---
>
> include/linux/moduleloader.h | 20 ++++++++++++++++++++
> kernel/module-internal.h | 23 -----------------------
> kernel/module_signing.c | 2 +-
> 3 files changed, 21 insertions(+), 24 deletions(-)
>
> Index: linux-2.6/include/linux/moduleloader.h
> ===================================================================
> --- linux-2.6.orig/include/linux/moduleloader.h
> +++ linux-2.6/include/linux/moduleloader.h
> @@ -6,6 +6,26 @@
> #include <linux/module.h>
> #include <linux/elf.h>
>
> +struct load_info {
> + const char *name;
> + /* pointer to module in temporary copy, freed at end of load_module() */
> + struct module *mod;
> + Elf_Ehdr *hdr;
> + unsigned long len;
> + Elf_Shdr *sechdrs;
> + char *secstrings, *strtab;
> + unsigned long symoffs, stroffs, init_typeoffs, core_typeoffs;
> + struct _ddebug *debug;
> + unsigned int num_debug;
> + bool sig_ok;
> +#ifdef CONFIG_KALLSYMS
> + unsigned long mod_kallsyms_init_off;
> +#endif
> + struct {
> + unsigned int sym, str, mod, vers, info, pcpu;
> + } index;
> +};
> +
> /* These may be implemented by architectures that need to hook into the
> * module loader code. Architectures that don't need to do anything special
> * can just rely on the 'weak' default hooks defined in kernel/module.c.
> Index: linux-2.6/kernel/module-internal.h
> ===================================================================
> --- linux-2.6.orig/kernel/module-internal.h
> +++ linux-2.6/kernel/module-internal.h
> @@ -5,27 +5,4 @@
> * Written by David Howells (dhowells@xxxxxxxxxx)
> */
>
> -#include <linux/elf.h>
> -#include <asm/module.h>
> -
> -struct load_info {
> - const char *name;
> - /* pointer to module in temporary copy, freed at end of load_module() */
> - struct module *mod;
> - Elf_Ehdr *hdr;
> - unsigned long len;
> - Elf_Shdr *sechdrs;
> - char *secstrings, *strtab;
> - unsigned long symoffs, stroffs, init_typeoffs, core_typeoffs;
> - struct _ddebug *debug;
> - unsigned int num_debug;
> - bool sig_ok;
> -#ifdef CONFIG_KALLSYMS
> - unsigned long mod_kallsyms_init_off;
> -#endif
> - struct {
> - unsigned int sym, str, mod, vers, info, pcpu;
> - } index;
> -};
> -
> extern int mod_verify_sig(const void *mod, struct load_info *info);
> Index: linux-2.6/kernel/module_signing.c
> ===================================================================
> --- linux-2.6.orig/kernel/module_signing.c
> +++ linux-2.6/kernel/module_signing.c
> @@ -8,11 +8,11 @@
> #include <linux/kernel.h>
> #include <linux/errno.h>
> #include <linux/module.h>
> +#include <linux/moduleloader.h>
> #include <linux/module_signature.h>
> #include <linux/string.h>
> #include <linux/verification.h>
> #include <crypto/public_key.h>
> -#include "module-internal.h"
>
> /*
> * Verify the signature on a module.
>
>

--
Kees Cook