diff options
author | Lukas Wunner <lukas@wunner.de> | 2018-09-08 09:59:01 +0200 |
---|---|---|
committer | Bjorn Helgaas <bhelgaas@google.com> | 2018-09-18 17:52:15 -0500 |
commit | 81c4b5bf30de01a0f6b43ccaa1d220f4a0a5d99c (patch) | |
tree | 275be529eee5898b58dd9457b58cc07344692ece /drivers/pci/pci.c | |
parent | d758714235e7abb7984468370c912ca2f4dc4e57 (diff) | |
download | linux-81c4b5bf30de01a0f6b43ccaa1d220f4a0a5d99c.tar.gz linux-81c4b5bf30de01a0f6b43ccaa1d220f4a0a5d99c.tar.bz2 linux-81c4b5bf30de01a0f6b43ccaa1d220f4a0a5d99c.zip |
PCI: hotplug: Constify hotplug_slot_ops
Hotplug drivers cannot declare their hotplug_slot_ops const, making them
attractive targets for attackers, because upon registration of a hotplug
slot, __pci_hp_initialize() writes to the "owner" and "mod_name" members
in that struct.
Fix by moving these members to struct hotplug_slot and constify every
driver's hotplug_slot_ops except for pciehp.
pciehp constructs its hotplug_slot_ops at runtime based on the PCIe
port's capabilities, hence cannot declare them const. It can be
converted to __write_rarely once that's mainlined:
http://www.openwall.com/lists/kernel-hardening/2016/11/16/3
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Reviewed-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Acked-by: Tyrel Datwyler <tyreld@linux.vnet.ibm.com> # drivers/pci/hotplug/rpa*
Acked-by: Andy Shevchenko <andy.shevchenko@gmail.com> # drivers/platform/x86
Cc: Len Brown <lenb@kernel.org>
Cc: Scott Murray <scott@spiteful.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Oliver OHalloran <oliveroh@au1.ibm.com>
Cc: Gavin Shan <gwshan@linux.vnet.ibm.com>
Cc: Sebastian Ott <sebott@linux.vnet.ibm.com>
Cc: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Cc: Corentin Chary <corentin.chary@gmail.com>
Cc: Darren Hart <dvhart@infradead.org>
Diffstat (limited to 'drivers/pci/pci.c')
-rw-r--r-- | drivers/pci/pci.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index 1835f3a7aa8d..0e54588825cb 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -4571,13 +4571,13 @@ static int pci_reset_hotplug_slot(struct hotplug_slot *hotplug, int probe) { int rc = -ENOTTY; - if (!hotplug || !try_module_get(hotplug->ops->owner)) + if (!hotplug || !try_module_get(hotplug->owner)) return rc; if (hotplug->ops->reset_slot) rc = hotplug->ops->reset_slot(hotplug, probe); - module_put(hotplug->ops->owner); + module_put(hotplug->owner); return rc; } |