Eric Lee / smarc-fsl-linux-kernel

Blame view

kernel/kcmp.c 5.7 KB

b24413180 Greg Kroah-Hartman License cleanup: ...	1	// SPDX-License-Identifier: GPL-2.0
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	2 3 4 5 6 7	#include <linux/kernel.h> #include <linux/syscalls.h> #include <linux/fdtable.h> #include <linux/string.h> #include <linux/random.h> #include <linux/module.h>
44fd07e98 Cyrill Gorcunov kcmp: include lin...	8	#include <linux/ptrace.h>
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	9 10 11 12 13 14	#include <linux/init.h> #include <linux/errno.h> #include <linux/cache.h> #include <linux/bug.h> #include <linux/err.h> #include <linux/kcmp.h>
0791e3644 Cyrill Gorcunov kcmp: add KCMP_EP...	15 16 17 18	#include <linux/capability.h> #include <linux/list.h> #include <linux/eventpoll.h> #include <linux/file.h>
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51	#include <asm/unistd.h> /* * We don't expose the real in-memory order of objects for security reasons. * But still the comparison results should be suitable for sorting. So we * obfuscate kernel pointers values and compare the production instead. * * The obfuscation is done in two steps. First we xor the kernel pointer with * a random value, which puts pointer into a new position in a reordered space. * Secondly we multiply the xor production with a large odd random number to * permute its bits even more (the odd multiplier guarantees that the product * is unique ever after the high bits are truncated, since any odd number is * relative prime to 2^n). * * Note also that the obfuscation itself is invisible to userspace and if needed * it can be changed to an alternate scheme. / static unsigned long cookies[KCMP_TYPES][2] __read_mostly; static long kptr_obfuscate(long v, int type) { return (v ^ cookies[type][0]) cookies[type][1]; } /* * 0 - equal, i.e. v1 = v2 * 1 - less than, i.e. v1 < v2 * 2 - greater than, i.e. v1 > v2 * 3 - not equal but ordering unavailable (reserved for future) / static int kcmp_ptr(void v1, void *v2, enum kcmp_type type) {
acbbe6fbb Rasmus Villemoes kcmp: fix standar...	52	long t1, t2;
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	53
acbbe6fbb Rasmus Villemoes kcmp: fix standar...	54 55	t1 = kptr_obfuscate((long)v1, type); t2 = kptr_obfuscate((long)v2, type);
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	56
acbbe6fbb Rasmus Villemoes kcmp: fix standar...	57	return (t1 < t2) \| ((t1 > t2) << 1);
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76	} /* The caller must have pinned the task / static struct file get_file_raw_ptr(struct task_struct task, unsigned int idx) { struct file file = NULL; task_lock(task); rcu_read_lock(); if (task->files) file = fcheck_files(task->files, idx); rcu_read_unlock(); task_unlock(task); return file; }
ab7709b55 Eric W. Biederman exec: Transform e...	77	static void kcmp_unlock(struct rw_semaphore l1, struct rw_semaphore l2)
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	78	{
ab7709b55 Eric W. Biederman exec: Transform e...	79 80 81	if (likely(l2 != l1)) up_read(l2); up_read(l1);
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	82	}
ab7709b55 Eric W. Biederman exec: Transform e...	83	static int kcmp_lock(struct rw_semaphore l1, struct rw_semaphore l2)
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	84 85	{ int err;
ab7709b55 Eric W. Biederman exec: Transform e...	86 87	if (l2 > l1) swap(l1, l2);
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	88
ab7709b55 Eric W. Biederman exec: Transform e...	89 90 91	err = down_read_killable(l1); if (!err && likely(l1 != l2)) { err = down_read_killable_nested(l2, SINGLE_DEPTH_NESTING);
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	92	if (err)
ab7709b55 Eric W. Biederman exec: Transform e...	93	up_read(l1);
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	94 95 96 97	} return err; }
0791e3644 Cyrill Gorcunov kcmp: add KCMP_EP...	98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130	#ifdef CONFIG_EPOLL static int kcmp_epoll_target(struct task_struct task1, struct task_struct task2, unsigned long idx1, struct kcmp_epoll_slot __user uslot) { struct file filp, filp_epoll, filp_tgt; struct kcmp_epoll_slot slot; struct files_struct *files; if (copy_from_user(&slot, uslot, sizeof(slot))) return -EFAULT; filp = get_file_raw_ptr(task1, idx1); if (!filp) return -EBADF; files = get_files_struct(task2); if (!files) return -EBADF; spin_lock(&files->file_lock); filp_epoll = fcheck_files(files, slot.efd); if (filp_epoll) get_file(filp_epoll); else filp_tgt = ERR_PTR(-EBADF); spin_unlock(&files->file_lock); put_files_struct(files); if (filp_epoll) { filp_tgt = get_epoll_tfile_raw_ptr(filp_epoll, slot.tfd, slot.toff); fput(filp_epoll);
c9653850c Cyrill Gorcunov kernel/kcmp.c: dr...	131	}
0791e3644 Cyrill Gorcunov kcmp: add KCMP_EP...	132 133 134 135 136 137 138 139 140 141 142 143 144 145 146	if (IS_ERR(filp_tgt)) return PTR_ERR(filp_tgt); return kcmp_ptr(filp, filp_tgt, KCMP_FILE); } #else static int kcmp_epoll_target(struct task_struct task1, struct task_struct task2, unsigned long idx1, struct kcmp_epoll_slot __user *uslot) { return -EOPNOTSUPP; } #endif
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170	SYSCALL_DEFINE5(kcmp, pid_t, pid1, pid_t, pid2, int, type, unsigned long, idx1, unsigned long, idx2) { struct task_struct task1, task2; int ret; rcu_read_lock(); /* * Tasks are looked up in caller's PID namespace only. / task1 = find_task_by_vpid(pid1); task2 = find_task_by_vpid(pid2); if (!task1 \|\| !task2) goto err_no_task; get_task_struct(task1); get_task_struct(task2); rcu_read_unlock(); / * One should have enough rights to inspect task details. */
ab7709b55 Eric W. Biederman exec: Transform e...	171 172	ret = kcmp_lock(&task1->signal->exec_update_lock, &task2->signal->exec_update_lock);
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	173 174	if (ret) goto err;
caaee6234 Jann Horn ptrace: use fsuid...	175 176	if (!ptrace_may_access(task1, PTRACE_MODE_READ_REALCREDS) \|\| !ptrace_may_access(task2, PTRACE_MODE_READ_REALCREDS)) {
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217	ret = -EPERM; goto err_unlock; } switch (type) { case KCMP_FILE: { struct file filp1, filp2; filp1 = get_file_raw_ptr(task1, idx1); filp2 = get_file_raw_ptr(task2, idx2); if (filp1 && filp2) ret = kcmp_ptr(filp1, filp2, KCMP_FILE); else ret = -EBADF; break; } case KCMP_VM: ret = kcmp_ptr(task1->mm, task2->mm, KCMP_VM); break; case KCMP_FILES: ret = kcmp_ptr(task1->files, task2->files, KCMP_FILES); break; case KCMP_FS: ret = kcmp_ptr(task1->fs, task2->fs, KCMP_FS); break; case KCMP_SIGHAND: ret = kcmp_ptr(task1->sighand, task2->sighand, KCMP_SIGHAND); break; case KCMP_IO: ret = kcmp_ptr(task1->io_context, task2->io_context, KCMP_IO); break; case KCMP_SYSVSEM: #ifdef CONFIG_SYSVIPC ret = kcmp_ptr(task1->sysvsem.undo_list, task2->sysvsem.undo_list, KCMP_SYSVSEM); #else ret = -EOPNOTSUPP; #endif break;
0791e3644 Cyrill Gorcunov kcmp: add KCMP_EP...	218 219 220	case KCMP_EPOLL_TFD: ret = kcmp_epoll_target(task1, task2, idx1, (void *)idx2); break;
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	221 222 223 224 225 226	default: ret = -EINVAL; break; } err_unlock:
ab7709b55 Eric W. Biederman exec: Transform e...	227 228	kcmp_unlock(&task1->signal->exec_update_lock, &task2->signal->exec_update_lock);
d97b46a64 Cyrill Gorcunov syscalls, x86: ad...	229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251	err: put_task_struct(task1); put_task_struct(task2); return ret; err_no_task: rcu_read_unlock(); return -ESRCH; } static __init int kcmp_cookies_init(void) { int i; get_random_bytes(cookies, sizeof(cookies)); for (i = 0; i < KCMP_TYPES; i++) cookies[i][1] \|= (~(~0UL >> 1) \| 1); return 0; } arch_initcall(kcmp_cookies_init);