diff options
| author | Marco Elver <elver@google.com> | 2020-12-15 06:09:24 +0300 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2020-12-15 23:13:42 +0300 |
| commit | 6d5a88cd0c1506115d71a4d3a26b60645c89df6c (patch) | |
| tree | 7cd83ff57ac5b24aa1e1ef0a4291c7049dadcae6 /arch | |
| parent | 4784be284adaa516df4144fc919f9bde8200443a (diff) | |
| download | linux-6d5a88cd0c1506115d71a4d3a26b60645c89df6c.tar.xz | |
lkdtm: disable KASAN for rodata.o
Building lkdtm with KASAN and Clang 11 or later results in the following
error when attempting to load the module:
kernel tried to execute NX-protected page - exploit attempt? (uid: 0)
BUG: unable to handle page fault for address: ffffffffc019cd70
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0011) - permissions violation
...
RIP: 0010:asan.module_ctor+0x0/0xffffffffffffa290 [lkdtm]
...
Call Trace:
do_init_module+0x17c/0x570
load_module+0xadee/0xd0b0
__x64_sys_finit_module+0x16c/0x1a0
do_syscall_64+0x34/0x50
entry_SYSCALL_64_after_hwframe+0x44/0xa9
The reason is that rodata.o generates a dummy function that lives in
.rodata to validate that .rodata can't be executed; however, Clang 11 adds
KASAN globals support by generating module constructors to initialize
globals redzones. When Clang 11 adds a module constructor to rodata.o, it
is also added to .rodata: any attempt to call it on initialization results
in the above error.
Therefore, disable KASAN instrumentation for rodata.o.
Link: https://lkml.kernel.org/r/20201214191413.3164796-1-elver@google.com
Signed-off-by: Marco Elver <elver@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'arch')
0 files changed, 0 insertions, 0 deletions