diff options
author | Quentin Casasnovas <quentin.casasnovas@oracle.com> | 2015-04-13 20:52:53 +0930 |
---|---|---|
committer | Rusty Russell <rusty@rustcorp.com.au> | 2015-04-13 21:03:03 +0930 |
commit | 52dc0595d540155436d91811f929bdc8afd6a2a1 (patch) | |
tree | 9e90d8e5753fb53747bc6767156750dc659cb0c4 /kernel/cgroup_freezer.c | |
parent | c31e4b832f124dccdb5d80ba3c1cd4f9081f7fb2 (diff) |
modpost: handle relocations mismatch in __ex_table.
__ex_table is a simple table section where each entry is a pair of
addresses - the first address is an address which can fault in kernel
space, and the second address points to where the kernel should jump to
when handling that fault. This is how copy_from_user() does not crash the
kernel if userspace gives a borked pointer for example.
If one of these addresses point to a non-executable section, something is
seriously wrong since it either means the kernel will never fault from
there or it will not be able to jump to there. As both cases are serious
enough, we simply error out in these cases so the build fails and the
developper has to fix the issue.
In case the section is executable, but it isn't referenced in our list of
authorized sections to point to from __ex_table, we just dump a warning
giving more information about it. We do this in case the new section is
executable but isn't supposed to be executed by the kernel. This happened
with .altinstr_replacement, which is executable but is only used to copy
instructions from - we should never have our instruction pointer pointing
in .altinstr_replacement. Admitedly, a proper fix in that case would be to
just set .altinstr_replacement NX, but we need to warn about future cases
like this.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (added long casts)
Diffstat (limited to 'kernel/cgroup_freezer.c')
0 files changed, 0 insertions, 0 deletions