Re: [PATCH v2 11/13] lkdtm: Fix lkdtm_EXEC_RODATA()

[PATCH v2 00/13] Fix LKDTM for PPC64/IA64/PARISC · Christophe Leroy <hidden> · 2021-10-14
[PATCH v2 09/13] lkdtm: Force do_nothing() out of line · Christophe Leroy <hidden> · 2021-10-14
[PATCH v2 11/13] lkdtm: Fix lkdtm_EXEC_RODATA() · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 11/13] lkdtm: Fix lkdtm_EXEC_RODATA() · Kees Cook <hidden> · 2021-10-15
Re: [PATCH v2 11/13] lkdtm: Fix lkdtm_EXEC_RODATA() · Christophe Leroy <hidden> · 2021-10-16
Re: [PATCH v2 11/13] lkdtm: Fix lkdtm_EXEC_RODATA() · Christophe Leroy <hidden> · 2021-10-17
[PATCH v2 10/13] lkdtm: Really write into kernel text in WRITE_KERN · Christophe Leroy <hidden> · 2021-10-14
[PATCH v2 01/13] powerpc: Move 'struct ppc64_opd_entry' back into asm/elf.h · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 01/13] powerpc: Move 'struct ppc64_opd_entry' back into asm/elf.h · Daniel Axtens <hidden> · 2021-10-14
Re: [PATCH v2 01/13] powerpc: Move 'struct ppc64_opd_entry' back into asm/elf.h · Nicholas Piggin <npiggin@gmail.com> · 2021-10-15
[PATCH v2 04/13] powerpc: Prepare func_desc_t for refactorisation · Christophe Leroy <hidden> · 2021-10-14
[PATCH v2 05/13] ia64: Rename 'ip' to 'addr' in 'struct fdesc' · Christophe Leroy <hidden> · 2021-10-14
[PATCH v2 03/13] powerpc: Remove func_descr_t · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 03/13] powerpc: Remove func_descr_t · Daniel Axtens <hidden> · 2021-10-14
Re: [PATCH v2 03/13] powerpc: Remove func_descr_t · Christophe Leroy <hidden> · 2021-10-15
Re: [PATCH v2 03/13] powerpc: Remove func_descr_t · Nicholas Piggin <npiggin@gmail.com> · 2021-10-15
[PATCH v2 02/13] powerpc: Rename 'funcaddr' to 'addr' in 'struct ppc64_opd_entry' · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 02/13] powerpc: Rename 'funcaddr' to 'addr' in 'struct ppc64_opd_entry' · Daniel Axtens <hidden> · 2021-10-14
Re: [PATCH v2 02/13] powerpc: Rename 'funcaddr' to 'addr' in 'struct ppc64_opd_entry' · Christophe Leroy <hidden> · 2021-10-15
Re: [PATCH v2 02/13] powerpc: Rename 'funcaddr' to 'addr' in 'struct ppc64_opd_entry' · Nicholas Piggin <npiggin@gmail.com> · 2021-10-15
[PATCH v2 13/13] lkdtm: Add a test for function descriptors protection · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 13/13] lkdtm: Add a test for function descriptors protection · Kees Cook <hidden> · 2021-10-15
Re: [PATCH v2 13/13] lkdtm: Add a test for function descriptors protection · Christophe Leroy <hidden> · 2021-10-16
[PATCH v2 07/13] asm-generic: Define 'func_desc_t' to commonly describe function descriptors · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 07/13] asm-generic: Define 'func_desc_t' to commonly describe function descriptors · Arnd Bergmann <arnd@arndb.de> · 2021-10-14
[PATCH v2 12/13] lkdtm: Fix execute_[user]_location() · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 12/13] lkdtm: Fix execute_[user]_location() · Kees Cook <hidden> · 2021-10-15
Re: [PATCH v2 12/13] lkdtm: Fix execute_[user]_location() · Christophe Leroy <hidden> · 2021-10-16
Re: [PATCH v2 12/13] lkdtm: Fix execute_[user]_location() · Christophe Leroy <hidden> · 2021-11-16
[PATCH v2 06/13] asm-generic: Use HAVE_FUNCTION_DESCRIPTORS to define associated stubs · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 06/13] asm-generic: Use HAVE_FUNCTION_DESCRIPTORS to define associated stubs · Nicholas Piggin <npiggin@gmail.com> · 2021-10-15
Re: [PATCH v2 06/13] asm-generic: Use HAVE_FUNCTION_DESCRIPTORS to define associated stubs · Christophe Leroy <hidden> · 2021-10-15
Re: [PATCH v2 06/13] asm-generic: Use HAVE_FUNCTION_DESCRIPTORS to define associated stubs · Nicholas Piggin <npiggin@gmail.com> · 2021-10-15
Re: [PATCH v2 06/13] asm-generic: Use HAVE_FUNCTION_DESCRIPTORS to define associated stubs · Nicholas Piggin <npiggin@gmail.com> · 2021-10-15
[PATCH v2 08/13] asm-generic: Refactor dereference_[kernel]_function_descriptor() · Christophe Leroy <hidden> · 2021-10-14
Re: [PATCH v2 08/13] asm-generic: Refactor dereference_[kernel]_function_descriptor() · Nicholas Piggin <npiggin@gmail.com> · 2021-10-15
Re: [PATCH v2 00/13] Fix LKDTM for PPC64/IA64/PARISC · Daniel Axtens <hidden> · 2021-10-14

From: Kees Cook <hidden>
Date: 2021-10-15 21:33:03
Also in: linux-mm, linuxppc-dev, lkml

On Thu, Oct 14, 2021 at 07:50:00AM +0200, Christophe Leroy wrote:

Behind its location, lkdtm_EXEC_RODATA() executes
lkdtm_rodata_do_nothing() which is a real function,
not a copy of do_nothing().

So executes it directly instead of using execute_location().

This is necessary because following patch will fix execute_location()
to use a copy of the function descriptor of do_nothing() and
function descriptor of lkdtm_rodata_do_nothing() might be different.

And fix displayed addresses by dereferencing the function descriptors.

Signed-off-by: Christophe Leroy <redacted>

I still don't understand this -- it doesn't look needed at all given the
changes in patch 12. (i.e. everything is using
dereference_function_descriptor() now)

Can't this patch be dropped?

-Kees

quoted hunk ↗ jump to hunk

---
 drivers/misc/lkdtm/perms.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/drivers/misc/lkdtm/perms.c b/drivers/misc/lkdtm/perms.c
index 035fcca441f0..5266dc28df6e 100644
--- a/drivers/misc/lkdtm/perms.c
+++ b/drivers/misc/lkdtm/perms.c

@@ -153,7 +153,14 @@ void lkdtm_EXEC_VMALLOC(void)
 
 void lkdtm_EXEC_RODATA(void)
 {
-	execute_location(lkdtm_rodata_do_nothing, CODE_AS_IS);
+	pr_info("attempting ok execution at %px\n",
+		dereference_function_descriptor(do_nothing));
+	do_nothing();
+
+	pr_info("attempting bad execution at %px\n",
+		dereference_function_descriptor(lkdtm_rodata_do_nothing));
+	lkdtm_rodata_do_nothing();
+	pr_err("FAIL: func returned\n");
 }
 
 void lkdtm_EXEC_USERSPACE(void)

-- 
2.31.1

-- 
Kees Cook

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help