diff options
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/extable.c | 16 | ||||
| -rw-r--r-- | kernel/notifier.c | 10 |
2 files changed, 17 insertions, 9 deletions
diff --git a/kernel/extable.c b/kernel/extable.c index a26cb2e17023..adf0cc9c02d6 100644 --- a/kernel/extable.c +++ b/kernel/extable.c | |||
| @@ -66,3 +66,19 @@ int kernel_text_address(unsigned long addr) | |||
| 66 | return 1; | 66 | return 1; |
| 67 | return module_text_address(addr) != NULL; | 67 | return module_text_address(addr) != NULL; |
| 68 | } | 68 | } |
| 69 | |||
| 70 | /* | ||
| 71 | * On some architectures (PPC64, IA64) function pointers | ||
| 72 | * are actually only tokens to some data that then holds the | ||
| 73 | * real function address. As a result, to find if a function | ||
| 74 | * pointer is part of the kernel text, we need to do some | ||
| 75 | * special dereferencing first. | ||
| 76 | */ | ||
| 77 | int func_ptr_is_kernel_text(void *ptr) | ||
| 78 | { | ||
| 79 | unsigned long addr; | ||
| 80 | addr = (unsigned long) dereference_function_descriptor(ptr); | ||
| 81 | if (core_kernel_text(addr)) | ||
| 82 | return 1; | ||
| 83 | return module_text_address(addr) != NULL; | ||
| 84 | } | ||
diff --git a/kernel/notifier.c b/kernel/notifier.c index 143fdd77dbf7..0f39e398ef60 100644 --- a/kernel/notifier.c +++ b/kernel/notifier.c | |||
| @@ -21,10 +21,6 @@ BLOCKING_NOTIFIER_HEAD(reboot_notifier_list); | |||
| 21 | static int notifier_chain_register(struct notifier_block **nl, | 21 | static int notifier_chain_register(struct notifier_block **nl, |
| 22 | struct notifier_block *n) | 22 | struct notifier_block *n) |
| 23 | { | 23 | { |
| 24 | if (!kernel_text_address((unsigned long)n->notifier_call)) { | ||
| 25 | WARN(1, "Invalid notifier registered!"); | ||
| 26 | return 0; | ||
| 27 | } | ||
| 28 | while ((*nl) != NULL) { | 24 | while ((*nl) != NULL) { |
| 29 | if (n->priority > (*nl)->priority) | 25 | if (n->priority > (*nl)->priority) |
| 30 | break; | 26 | break; |
| @@ -38,10 +34,6 @@ static int notifier_chain_register(struct notifier_block **nl, | |||
| 38 | static int notifier_chain_cond_register(struct notifier_block **nl, | 34 | static int notifier_chain_cond_register(struct notifier_block **nl, |
| 39 | struct notifier_block *n) | 35 | struct notifier_block *n) |
| 40 | { | 36 | { |
| 41 | if (!kernel_text_address((unsigned long)n->notifier_call)) { | ||
| 42 | WARN(1, "Invalid notifier registered!"); | ||
| 43 | return 0; | ||
| 44 | } | ||
| 45 | while ((*nl) != NULL) { | 37 | while ((*nl) != NULL) { |
| 46 | if ((*nl) == n) | 38 | if ((*nl) == n) |
| 47 | return 0; | 39 | return 0; |
| @@ -92,7 +84,7 @@ static int __kprobes notifier_call_chain(struct notifier_block **nl, | |||
| 92 | next_nb = rcu_dereference(nb->next); | 84 | next_nb = rcu_dereference(nb->next); |
| 93 | 85 | ||
| 94 | #ifdef CONFIG_DEBUG_NOTIFIERS | 86 | #ifdef CONFIG_DEBUG_NOTIFIERS |
| 95 | if (!kernel_text_address((unsigned long)nb->notifier_call)) { | 87 | if (unlikely(!func_ptr_is_kernel_text(nb->notifier_call))) { |
| 96 | WARN(1, "Invalid notifier called!"); | 88 | WARN(1, "Invalid notifier called!"); |
| 97 | nb = next_nb; | 89 | nb = next_nb; |
| 98 | continue; | 90 | continue; |