Skip to content

Commit

Permalink
Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/li…
Browse files Browse the repository at this point in the history
…nux/kernel/git/rusty/linux

Pull module update from Rusty Russell:
 "Nothing all that exciting; a new module-from-fd syscall for those who
  want to verify the source of the module (ChromeOS) and/or use standard
  IMA on it or other security hooks."

* tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
  MODSIGN: Fix kbuild output when using default extra_certificates
  MODSIGN: Avoid using .incbin in C source
  modules: don't hand 0 to vmalloc.
  module: Remove a extra null character at the top of module->strtab.
  ASN.1: Use the ASN1_LONG_TAG and ASN1_INDEFINITE_LENGTH constants
  ASN.1: Define indefinite length marker constant
  moduleparam: use __UNIQUE_ID()
  __UNIQUE_ID()
  MODSIGN: Add modules_sign make target
  powerpc: add finit_module syscall.
  ima: support new kernel module syscall
  add finit_module syscall to asm-generic
  ARM: add finit_module syscall to ARM
  security: introduce kernel_module_from_file hook
  module: add flags arg to sys_finit_module()
  module: add syscall to load module from fd
  • Loading branch information
torvalds committed Dec 19, 2012
2 parents 7f2de81 + e10e177 commit 7a684c4
Show file tree
Hide file tree
Showing 36 changed files with 434 additions and 210 deletions.
3 changes: 2 additions & 1 deletion Documentation/ABI/testing/ima_policy
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ Description:
lsm: [[subj_user=] [subj_role=] [subj_type=]
[obj_user=] [obj_role=] [obj_type=]]

base: func:= [BPRM_CHECK][FILE_MMAP][FILE_CHECK]
base: func:= [BPRM_CHECK][FILE_MMAP][FILE_CHECK][MODULE_CHECK]
mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]
fsmagic:= hex value
uid:= decimal value
Expand Down Expand Up @@ -53,6 +53,7 @@ Description:
measure func=BPRM_CHECK
measure func=FILE_MMAP mask=MAY_EXEC
measure func=FILE_CHECK mask=MAY_READ uid=0
measure func=MODULE_CHECK uid=0
appraise fowner=0

The default policy measures all executables in bprm_check,
Expand Down
6 changes: 6 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -981,6 +981,12 @@ _modinst_post: _modinst_
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.fwinst obj=firmware __fw_modinst
$(call cmd,depmod)

ifeq ($(CONFIG_MODULE_SIG), y)
PHONY += modules_sign
modules_sign:
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modsign
endif

else # CONFIG_MODULES

# Modules not configured
Expand Down
1 change: 1 addition & 0 deletions arch/arm/include/uapi/asm/unistd.h
Original file line number Diff line number Diff line change
Expand Up @@ -405,6 +405,7 @@
#define __NR_process_vm_readv (__NR_SYSCALL_BASE+376)
#define __NR_process_vm_writev (__NR_SYSCALL_BASE+377)
/* 378 for kcmp */
#define __NR_finit_module (__NR_SYSCALL_BASE+379)

/*
* This may need to be greater than __NR_last_syscall+1 in order to
Expand Down
1 change: 1 addition & 0 deletions arch/arm/kernel/calls.S
Original file line number Diff line number Diff line change
Expand Up @@ -388,6 +388,7 @@
CALL(sys_process_vm_readv)
CALL(sys_process_vm_writev)
CALL(sys_ni_syscall) /* reserved for sys_kcmp */
CALL(sys_finit_module)
#ifndef syscalls_counted
.equ syscalls_padding, ((NR_syscalls + 3) & ~3) - NR_syscalls
#define syscalls_counted
Expand Down
2 changes: 0 additions & 2 deletions arch/cris/kernel/module.c
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,6 @@
#ifdef CONFIG_ETRAX_KMALLOCED_MODULES
void *module_alloc(unsigned long size)
{
if (size == 0)
return NULL;
return kmalloc(size, GFP_KERNEL);
}

Expand Down
2 changes: 0 additions & 2 deletions arch/parisc/kernel/module.c
Original file line number Diff line number Diff line change
Expand Up @@ -214,8 +214,6 @@ static inline int reassemble_22(int as22)

void *module_alloc(unsigned long size)
{
if (size == 0)
return NULL;
/* using RWX means less protection for modules, but it's
* easier than trying to map the text, data, init_text and
* init_data correctly */
Expand Down
1 change: 1 addition & 0 deletions arch/powerpc/include/asm/systbl.h
Original file line number Diff line number Diff line change
Expand Up @@ -356,3 +356,4 @@ COMPAT_SYS_SPU(sendmmsg)
SYSCALL_SPU(setns)
COMPAT_SYS(process_vm_readv)
COMPAT_SYS(process_vm_writev)
SYSCALL(finit_module)
2 changes: 1 addition & 1 deletion arch/powerpc/include/asm/unistd.h
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
#include <uapi/asm/unistd.h>


#define __NR_syscalls 353
#define __NR_syscalls 354

#define __NR__exit __NR_exit
#define NR_syscalls __NR_syscalls
Expand Down
1 change: 1 addition & 0 deletions arch/powerpc/include/uapi/asm/unistd.h
Original file line number Diff line number Diff line change
Expand Up @@ -375,6 +375,7 @@
#define __NR_setns 350
#define __NR_process_vm_readv 351
#define __NR_process_vm_writev 352
#define __NR_finit_module 353


#endif /* _UAPI_ASM_POWERPC_UNISTD_H_ */
4 changes: 0 additions & 4 deletions arch/sparc/kernel/module.c
Original file line number Diff line number Diff line change
Expand Up @@ -43,10 +43,6 @@ void *module_alloc(unsigned long size)
{
void *ret;

/* We handle the zero case fine, unlike vmalloc */
if (size == 0)
return NULL;

ret = module_map(size);
if (ret)
memset(ret, 0, size);
Expand Down
2 changes: 0 additions & 2 deletions arch/tile/kernel/module.c
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,6 @@ void *module_alloc(unsigned long size)
int i = 0;
int npages;

if (size == 0)
return NULL;
npages = (size + PAGE_SIZE - 1) / PAGE_SIZE;
pages = kmalloc(npages * sizeof(struct page *), GFP_KERNEL);
if (pages == NULL)
Expand Down
3 changes: 0 additions & 3 deletions arch/unicore32/kernel/module.c
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,6 @@ void *module_alloc(unsigned long size)
struct vm_struct *area;

size = PAGE_ALIGN(size);
if (!size)
return NULL;

area = __get_vm_area(size, VM_ALLOC, MODULES_VADDR, MODULES_END);
if (!area)
return NULL;
Expand Down
1 change: 1 addition & 0 deletions arch/x86/syscalls/syscall_32.tbl
Original file line number Diff line number Diff line change
Expand Up @@ -356,3 +356,4 @@
347 i386 process_vm_readv sys_process_vm_readv compat_sys_process_vm_readv
348 i386 process_vm_writev sys_process_vm_writev compat_sys_process_vm_writev
349 i386 kcmp sys_kcmp
350 i386 finit_module sys_finit_module
1 change: 1 addition & 0 deletions arch/x86/syscalls/syscall_64.tbl
Original file line number Diff line number Diff line change
Expand Up @@ -319,6 +319,7 @@
310 64 process_vm_readv sys_process_vm_readv
311 64 process_vm_writev sys_process_vm_writev
312 common kcmp sys_kcmp
313 common finit_module sys_finit_module

#
# x32-specific system call numbers start at 512 to avoid cache impact
Expand Down
2 changes: 2 additions & 0 deletions include/linux/asn1.h
Original file line number Diff line number Diff line change
Expand Up @@ -64,4 +64,6 @@ enum asn1_tag {
ASN1_LONG_TAG = 31 /* Long form tag */
};

#define ASN1_INDEFINITE_LENGTH 0x80

#endif /* _LINUX_ASN1_H */
2 changes: 2 additions & 0 deletions include/linux/compiler-gcc4.h
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@

#define __linktime_error(message) __attribute__((__error__(message)))

#define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __COUNTER__)

#if __GNUC_MINOR__ >= 5
/*
* Mark a position in code as unreachable. This can be used to
Expand Down
9 changes: 9 additions & 0 deletions include/linux/compiler.h
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,10 @@ extern void __chk_io_ptr(const volatile void __iomem *);
# define __rcu
#endif

/* Indirect macros required for expanded argument pasting, eg. __LINE__. */
#define ___PASTE(a,b) a##b
#define __PASTE(a,b) ___PASTE(a,b)

#ifdef __KERNEL__

#ifdef __GNUC__
Expand Down Expand Up @@ -166,6 +170,11 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect);
(typeof(ptr)) (__ptr + (off)); })
#endif

/* Not-quite-unique ID. */
#ifndef __UNIQUE_ID
# define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __LINE__)
#endif

#endif /* __KERNEL__ */

#endif /* __ASSEMBLY__ */
Expand Down
6 changes: 6 additions & 0 deletions include/linux/ima.h
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ extern int ima_bprm_check(struct linux_binprm *bprm);
extern int ima_file_check(struct file *file, int mask);
extern void ima_file_free(struct file *file);
extern int ima_file_mmap(struct file *file, unsigned long prot);
extern int ima_module_check(struct file *file);

#else
static inline int ima_bprm_check(struct linux_binprm *bprm)
Expand All @@ -40,6 +41,11 @@ static inline int ima_file_mmap(struct file *file, unsigned long prot)
return 0;
}

static inline int ima_module_check(struct file *file)
{
return 0;
}

#endif /* CONFIG_IMA_H */

#ifdef CONFIG_IMA_APPRAISE
Expand Down
6 changes: 2 additions & 4 deletions include/linux/moduleparam.h
Original file line number Diff line number Diff line change
Expand Up @@ -16,17 +16,15 @@
/* Chosen so that structs with an unsigned long line up. */
#define MAX_PARAM_PREFIX_LEN (64 - sizeof(unsigned long))

#define ___module_cat(a,b) __mod_ ## a ## b
#define __module_cat(a,b) ___module_cat(a,b)
#ifdef MODULE
#define __MODULE_INFO(tag, name, info) \
static const char __module_cat(name,__LINE__)[] \
static const char __UNIQUE_ID(name)[] \
__used __attribute__((section(".modinfo"), unused, aligned(1))) \
= __stringify(tag) "=" info
#else /* !MODULE */
/* This struct is here for syntactic coherency, it is not used */
#define __MODULE_INFO(tag, name, info) \
struct __module_cat(name,__LINE__) {}
struct __UNIQUE_ID(name) {}
#endif
#define __MODULE_PARM_TYPE(name, _type) \
__MODULE_INFO(parmtype, name##type, #name ":" _type)
Expand Down
13 changes: 13 additions & 0 deletions include/linux/security.h
Original file line number Diff line number Diff line change
Expand Up @@ -694,6 +694,12 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
* userspace to load a kernel module with the given name.
* @kmod_name name of the module requested by the kernel
* Return 0 if successful.
* @kernel_module_from_file:
* Load a kernel module from userspace.
* @file contains the file structure pointing to the file containing
* the kernel module to load. If the module is being loaded from a blob,
* this argument will be NULL.
* Return 0 if permission is granted.
* @task_fix_setuid:
* Update the module's state after setting one or more of the user
* identity attributes of the current process. The @flags parameter
Expand Down Expand Up @@ -1508,6 +1514,7 @@ struct security_operations {
int (*kernel_act_as)(struct cred *new, u32 secid);
int (*kernel_create_files_as)(struct cred *new, struct inode *inode);
int (*kernel_module_request)(char *kmod_name);
int (*kernel_module_from_file)(struct file *file);
int (*task_fix_setuid) (struct cred *new, const struct cred *old,
int flags);
int (*task_setpgid) (struct task_struct *p, pid_t pgid);
Expand Down Expand Up @@ -1765,6 +1772,7 @@ void security_transfer_creds(struct cred *new, const struct cred *old);
int security_kernel_act_as(struct cred *new, u32 secid);
int security_kernel_create_files_as(struct cred *new, struct inode *inode);
int security_kernel_module_request(char *kmod_name);
int security_kernel_module_from_file(struct file *file);
int security_task_fix_setuid(struct cred *new, const struct cred *old,
int flags);
int security_task_setpgid(struct task_struct *p, pid_t pgid);
Expand Down Expand Up @@ -2278,6 +2286,11 @@ static inline int security_kernel_module_request(char *kmod_name)
return 0;
}

static inline int security_kernel_module_from_file(struct file *file)
{
return 0;
}

static inline int security_task_fix_setuid(struct cred *new,
const struct cred *old,
int flags)
Expand Down
1 change: 1 addition & 0 deletions include/linux/syscalls.h
Original file line number Diff line number Diff line change
Expand Up @@ -880,4 +880,5 @@ asmlinkage long sys_process_vm_writev(pid_t pid,

asmlinkage long sys_kcmp(pid_t pid1, pid_t pid2, int type,
unsigned long idx1, unsigned long idx2);
asmlinkage long sys_finit_module(int fd, const char __user *uargs, int flags);
#endif
4 changes: 3 additions & 1 deletion include/uapi/asm-generic/unistd.h
Original file line number Diff line number Diff line change
Expand Up @@ -690,9 +690,11 @@ __SC_COMP(__NR_process_vm_writev, sys_process_vm_writev, \
compat_sys_process_vm_writev)
#define __NR_kcmp 272
__SYSCALL(__NR_kcmp, sys_kcmp)
#define __NR_finit_module 273
__SYSCALL(__NR_finit_module, sys_finit_module)

#undef __NR_syscalls
#define __NR_syscalls 273
#define __NR_syscalls 274

/*
* All syscalls below here should go away really,
Expand Down
8 changes: 8 additions & 0 deletions include/uapi/linux/module.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#ifndef _UAPI_LINUX_MODULE_H
#define _UAPI_LINUX_MODULE_H

/* Flags for sys_finit_module: */
#define MODULE_INIT_IGNORE_MODVERSIONS 1
#define MODULE_INIT_IGNORE_VERMAGIC 2

#endif /* _UAPI_LINUX_MODULE_H */
10 changes: 7 additions & 3 deletions kernel/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o
obj-$(CONFIG_PROVE_LOCKING) += spinlock.o
obj-$(CONFIG_UID16) += uid16.o
obj-$(CONFIG_MODULES) += module.o
obj-$(CONFIG_MODULE_SIG) += module_signing.o modsign_pubkey.o
obj-$(CONFIG_MODULE_SIG) += module_signing.o modsign_pubkey.o modsign_certificate.o
obj-$(CONFIG_KALLSYMS) += kallsyms.o
obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o
obj-$(CONFIG_KEXEC) += kexec.o
Expand Down Expand Up @@ -137,10 +137,14 @@ ifeq ($(CONFIG_MODULE_SIG),y)
#
# Pull the signing certificate and any extra certificates into the kernel
#

quiet_cmd_touch = TOUCH $@
cmd_touch = touch $@

extra_certificates:
touch $@
$(call cmd,touch)

kernel/modsign_pubkey.o: signing_key.x509 extra_certificates
kernel/modsign_certificate.o: signing_key.x509 extra_certificates

###############################################################################
#
Expand Down
19 changes: 19 additions & 0 deletions kernel/modsign_certificate.S
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
/* SYMBOL_PREFIX defined on commandline from CONFIG_SYMBOL_PREFIX */
#ifndef SYMBOL_PREFIX
#define ASM_SYMBOL(sym) sym
#else
#define PASTE2(x,y) x##y
#define PASTE(x,y) PASTE2(x,y)
#define ASM_SYMBOL(sym) PASTE(SYMBOL_PREFIX, sym)
#endif

#define GLOBAL(name) \
.globl ASM_SYMBOL(name); \
ASM_SYMBOL(name):

.section ".init.data","aw"

GLOBAL(modsign_certificate_list)
.incbin "signing_key.x509"
.incbin "extra_certificates"
GLOBAL(modsign_certificate_list_end)
6 changes: 0 additions & 6 deletions kernel/modsign_pubkey.c
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,6 @@ struct key *modsign_keyring;

extern __initdata const u8 modsign_certificate_list[];
extern __initdata const u8 modsign_certificate_list_end[];
asm(".section .init.data,\"aw\"\n"
SYMBOL_PREFIX "modsign_certificate_list:\n"
".incbin \"signing_key.x509\"\n"
".incbin \"extra_certificates\"\n"
SYMBOL_PREFIX "modsign_certificate_list_end:"
);

/*
* We need to make sure ccache doesn't cache the .o file as it doesn't notice
Expand Down
Loading

0 comments on commit 7a684c4

Please sign in to comment.