Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

module: Factor out elf_validity_ehdr

Factor out verification of the ELF header and document what is checked.

Signed-off-by: Matthew Maurer <mmaurer@google.com>
Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>

authored by

Matthew Maurer and committed by
Luis Chamberlain
90f8f312 f4392216

+47 -23
+47 -23
kernel/module/main.c
··· 1664 1664 return 0; 1665 1665 } 1666 1666 1667 + /** 1668 + * elf_validity_ehdr() - Checks an ELF header for module validity 1669 + * @info: Load info containing the ELF header to check 1670 + * 1671 + * Checks whether an ELF header could belong to a valid module. Checks: 1672 + * 1673 + * * ELF header is within the data the user provided 1674 + * * ELF magic is present 1675 + * * It is relocatable (not final linked, not core file, etc.) 1676 + * * The header's machine type matches what the architecture expects. 1677 + * * Optional arch-specific hook for other properties 1678 + * - module_elf_check_arch() is currently only used by PPC to check 1679 + * ELF ABI version, but may be used by others in the future. 1680 + * 1681 + * Return: %0 if valid, %-ENOEXEC on failure. 1682 + */ 1683 + static int elf_validity_ehdr(const struct load_info *info) 1684 + { 1685 + if (info->len < sizeof(*(info->hdr))) { 1686 + pr_err("Invalid ELF header len %lu\n", info->len); 1687 + return -ENOEXEC; 1688 + } 1689 + if (memcmp(info->hdr->e_ident, ELFMAG, SELFMAG) != 0) { 1690 + pr_err("Invalid ELF header magic: != %s\n", ELFMAG); 1691 + return -ENOEXEC; 1692 + } 1693 + if (info->hdr->e_type != ET_REL) { 1694 + pr_err("Invalid ELF header type: %u != %u\n", 1695 + info->hdr->e_type, ET_REL); 1696 + return -ENOEXEC; 1697 + } 1698 + if (!elf_check_arch(info->hdr)) { 1699 + pr_err("Invalid architecture in ELF header: %u\n", 1700 + info->hdr->e_machine); 1701 + return -ENOEXEC; 1702 + } 1703 + if (!module_elf_check_arch(info->hdr)) { 1704 + pr_err("Invalid module architecture in ELF header: %u\n", 1705 + info->hdr->e_machine); 1706 + return -ENOEXEC; 1707 + } 1708 + return 0; 1709 + } 1710 + 1667 1711 /* 1668 1712 * Check userspace passed ELF module against our expectations, and cache 1669 1713 * useful variables for further processing as we go. ··· 1737 1693 unsigned int num_info_secs = 0, info_idx; 1738 1694 unsigned int num_sym_secs = 0, sym_idx; 1739 1695 1740 - if (info->len < sizeof(*(info->hdr))) { 1741 - pr_err("Invalid ELF header len %lu\n", info->len); 1742 - goto no_exec; 1743 - } 1696 + err = elf_validity_ehdr(info); 1697 + if (err < 0) 1698 + return err; 1744 1699 1745 - if (memcmp(info->hdr->e_ident, ELFMAG, SELFMAG) != 0) { 1746 - pr_err("Invalid ELF header magic: != %s\n", ELFMAG); 1747 - goto no_exec; 1748 - } 1749 - if (info->hdr->e_type != ET_REL) { 1750 - pr_err("Invalid ELF header type: %u != %u\n", 1751 - info->hdr->e_type, ET_REL); 1752 - goto no_exec; 1753 - } 1754 - if (!elf_check_arch(info->hdr)) { 1755 - pr_err("Invalid architecture in ELF header: %u\n", 1756 - info->hdr->e_machine); 1757 - goto no_exec; 1758 - } 1759 - if (!module_elf_check_arch(info->hdr)) { 1760 - pr_err("Invalid module architecture in ELF header: %u\n", 1761 - info->hdr->e_machine); 1762 - goto no_exec; 1763 - } 1764 1700 if (info->hdr->e_shentsize != sizeof(Elf_Shdr)) { 1765 1701 pr_err("Invalid ELF section header size\n"); 1766 1702 goto no_exec;