livepatch: Disallow vmlinux.ko
authorJosh Poimboeuf <jpoimboe@redhat.com>
Wed, 29 Apr 2020 15:24:43 +0000 (10:24 -0500)
committerJiri Kosina <jkosina@suse.cz>
Thu, 7 May 2020 22:12:42 +0000 (00:12 +0200)
This is purely a theoretical issue, but if there were a module named
vmlinux.ko, the livepatch relocation code wouldn't be able to
distinguish between vmlinux-specific and vmlinux.o-specific KLP
relocations.

If CONFIG_LIVEPATCH is enabled, don't allow a module named vmlinux.ko.

Suggested-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Miroslav Benes <mbenes@suse.cz>
Acked-by: Joe Lawrence <joe.lawrence@redhat.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
kernel/livepatch/core.c

index c3512e7e0801253d4ab03a450f3cd91090fa3ea4..40cfac8156fd353e6756ffde081841cde49ef683 100644 (file)
@@ -1139,6 +1139,11 @@ int klp_module_coming(struct module *mod)
        if (WARN_ON(mod->state != MODULE_STATE_COMING))
                return -EINVAL;
 
+       if (!strcmp(mod->name, "vmlinux")) {
+               pr_err("vmlinux.ko: invalid module name");
+               return -EINVAL;
+       }
+
        mutex_lock(&klp_mutex);
        /*
         * Each module has to know that klp_module_coming()