Patch "Revert "[PATCH] uml: export symbols added by GCC hardened"" has been added to the 6.4-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    Revert "[PATCH] uml: export symbols added by GCC hardened"

to the 6.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     revert-patch-uml-export-symbols-added-by-gcc-hardene.patch
and it can be found in the queue-6.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 7b08a23d1f94e80f90fecea0dd7f1611b17113ca
Author: Masahiro Yamada <masahiroy@xxxxxxxxxx>
Date:   Sat Jun 10 18:13:10 2023 +0900

    Revert "[PATCH] uml: export symbols added by GCC hardened"
    
    [ Upstream commit 8635e8df477bc77837886da206f4915576f88fec ]
    
    This reverts commit cead61a6717a9873426b08d73a34a325e3546f5d.
    
    It exported __stack_smash_handler and __guard, while they may not be
    defined by anyone.
    
    The code *declares* __stack_smash_handler and __guard. It does not
    create weak symbols. If no external library is linked, they are left
    undefined, but yet exported.
    
    If a loadable module tries to access non-existing symbols, bad things
    (a page fault, NULL pointer dereference, etc.) will happen. So, the
    current code is wrong and dangerous.
    
    If the code were written as follows, it would *define* them as weak
    symbols so modules would be able to get access to them.
    
      void (*__stack_smash_handler)(void *) __attribute__((weak));
      EXPORT_SYMBOL(__stack_smash_handler);
    
      long __guard __attribute__((weak));
      EXPORT_SYMBOL(__guard);
    
    In fact, modpost forbids exporting undefined symbols. It shows an error
    message if it detects such a mistake.
    
      ERROR: modpost: "..." [...] was exported without definition
    
    Unfortunately, it is checked only when the code is built as modular.
    The problem described above has been unnoticed for a long time because
    arch/um/os-Linux/user_syms.c is always built-in.
    
    With a planned change in Kbuild, exporting undefined symbols will always
    result in a build error instead of a run-time error. It is a good thing,
    but we need to fix the breakage in advance.
    
    One fix is to define weak symbols as shown above. An alternative is to
    export them conditionally as follows:
    
      #ifdef CONFIG_STACKPROTECTOR
      extern void __stack_smash_handler(void *);
      EXPORT_SYMBOL(__stack_smash_handler);
    
      external long __guard;
      EXPORT_SYMBOL(__guard);
      #endif
    
    This is what other architectures do; EXPORT_SYMBOL(__stack_chk_guard)
    is guarded by #ifdef CONFIG_STACKPROTECTOR.
    
    However, adding the #ifdef guard is not sensible because UML cannot
    enable the stack-protector in the first place! (Please note UML does
    not select HAVE_STACKPROTECTOR in Kconfig.)
    
    So, the code is already broken (and unused) in multiple ways.
    
    Just remove.
    
    Signed-off-by: Masahiro Yamada <masahiroy@xxxxxxxxxx>
    Reviewed-by: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/arch/um/os-Linux/user_syms.c b/arch/um/os-Linux/user_syms.c
index 9b62a9d352b3a..a310ae27b479a 100644
--- a/arch/um/os-Linux/user_syms.c
+++ b/arch/um/os-Linux/user_syms.c
@@ -37,13 +37,6 @@ EXPORT_SYMBOL(vsyscall_ehdr);
 EXPORT_SYMBOL(vsyscall_end);
 #endif
 
-/* Export symbols used by GCC for the stack protector. */
-extern void __stack_smash_handler(void *) __attribute__((weak));
-EXPORT_SYMBOL(__stack_smash_handler);
-
-extern long __guard __attribute__((weak));
-EXPORT_SYMBOL(__guard);
-
 #ifdef _FORTIFY_SOURCE
 extern int __sprintf_chk(char *str, int flag, size_t len, const char *format);
 EXPORT_SYMBOL(__sprintf_chk);



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux