1. Patchew
  2. linux
  3. View series

[PATCH v2 0/2] arm64: modules: Reject loading of malformed modules

Adrian Barnaś posted 2 patches 1 week, 2 days ago 
arch/arm64/include/asm/alternative.h |  7 +++++--
arch/arm64/include/asm/scs.h         |  2 +-
arch/arm64/kernel/alternative.c      | 19 ++++++++++++-------
arch/arm64/kernel/module.c           | 21 +++++++++++++++++----
arch/arm64/kernel/pi/map_kernel.c    |  2 +-
arch/arm64/kernel/pi/patch-scs.c     | 10 ++++++----
arch/arm64/kernel/pi/pi.h            |  2 +-
7 files changed, 43 insertions(+), 20 deletions(-)
[PATCH v2 0/2] arm64: modules: Reject loading of malformed modules
Posted by Adrian Barnaś 1 week, 2 days ago 
Hi all,

Here is version two of the patches I previously posted here:

  v1: https://lore.kernel.org/all/20250919122321.946462-1-abarnas@google.com/

Changes:
  * Renamed the parameter `is_module` to `skip_dry_run` in scs_patch()
  * Moved comments to module_finalize() and improve justification
  * Instead of rejecting all modules with callback, reject those with cb
    pointing outside core kernel text
  * Replace -EPERM to -ENOEXEC when rejecting modules with incorrect cb
  * Fix missing return in apply_alternatives_module() placeholder

Best regards
Adrian

Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: Dylan Hatch <dylanbhatch@google.com>
Cc: Mark Rutland <mark.rutland@arm.com>

Adrian Barnaś (2):
  arch: arm64: Fail module loading if dynamic SCS patching fails
  arch: arm64: Reject modules with internal alternative callbacks

 arch/arm64/include/asm/alternative.h |  7 +++++--
 arch/arm64/include/asm/scs.h         |  2 +-
 arch/arm64/kernel/alternative.c      | 19 ++++++++++++-------
 arch/arm64/kernel/module.c           | 21 +++++++++++++++++----
 arch/arm64/kernel/pi/map_kernel.c    |  2 +-
 arch/arm64/kernel/pi/patch-scs.c     | 10 ++++++----
 arch/arm64/kernel/pi/pi.h            |  2 +-
 7 files changed, 43 insertions(+), 20 deletions(-)

-- 
2.51.0.534.gc79095c0ca-goog
Re: [PATCH v2 0/2] arm64: modules: Reject loading of malformed modules
Posted by Ard Biesheuvel 2 days, 11 hours ago 
On Mon, 22 Sept 2025 at 15:04, Adrian Barnaś <abarnas@google.com> wrote:
>
> Hi all,
>
> Here is version two of the patches I previously posted here:
>
>   v1: https://lore.kernel.org/all/20250919122321.946462-1-abarnas@google.com/
>
> Changes:
>   * Renamed the parameter `is_module` to `skip_dry_run` in scs_patch()
>   * Moved comments to module_finalize() and improve justification
>   * Instead of rejecting all modules with callback, reject those with cb
>     pointing outside core kernel text
>   * Replace -EPERM to -ENOEXEC when rejecting modules with incorrect cb
>   * Fix missing return in apply_alternatives_module() placeholder
>
> Best regards
> Adrian
>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Will Deacon <will@kernel.org>
> Cc: Ard Biesheuvel <ardb@kernel.org>
> Cc: Dylan Hatch <dylanbhatch@google.com>
> Cc: Mark Rutland <mark.rutland@arm.com>
>
> Adrian Barnaś (2):
>   arch: arm64: Fail module loading if dynamic SCS patching fails
>   arch: arm64: Reject modules with internal alternative callbacks
>

Reviewed-by: Ard Biesheuvel <ardb@kernel.org>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.