From 89279d87c5d3e0ea330be1f927e3f3bc59dbc2a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=81LI=20G=C3=A1bor=20J=C3=A1nos?= Date: Thu, 3 Aug 2023 10:10:44 +0200 Subject: Update to Linux 6.1 and Alpine 3.18 - Update base-layout to 3.4.3 - Update busybox to 1.36.1 - Update iptables to 1.8.9 - Update linux-lts to 6.1.53 - Update to openrc to 0.48 - Update rtl8821ce to snapshot of 20230915 - Replace rtwB88 with a third-party driver - Update rtw89 to snapshot of 20230913 - Import wpa_supplicant fixes from Arch Linux --- ...eck-ELF-header-before-calling-finit_modul.patch | 149 +++++++++++++++++++++ 1 file changed, 149 insertions(+) create mode 100644 aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_modul.patch (limited to 'aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_modul.patch') diff --git a/aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_modul.patch b/aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_modul.patch new file mode 100644 index 0000000..dd83a76 --- /dev/null +++ b/aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_modul.patch @@ -0,0 +1,149 @@ +From e1a02faa656420a3c32fc8733e0566c2e430e6d6 Mon Sep 17 00:00:00 2001 +From: Qu Wenruo +Date: Sun, 3 Jan 2021 16:00:14 +0000 +Subject: [PATCH] modutils: check ELF header before calling finit_module() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +finit_module() and init_module() system calls have clear specification +to only accept valid ELF image. + +Although we try finit_module() on compressed modules to let the kernel +determine if it's an ELF image, but it's not ideal, especially when +newer kernel will complain when some invalid files/memory is passed in. + +Treat the kernel better by just doing a very basic ELF header check +before calling finit_module(). + +Signed-off-by: Qu Wenruo +--- + modutils/modprobe-small.c | 33 ++++++++++++++++++++++++++++++++- + modutils/modutils.c | 37 ++++++++++++++++++++++++++++++++++++- + 2 files changed, 68 insertions(+), 2 deletions(-) + +diff --git a/modutils/modprobe-small.c b/modutils/modprobe-small.c +index b61651621..4763e0811 100644 +--- a/modutils/modprobe-small.c ++++ b/modutils/modprobe-small.c +@@ -24,6 +24,7 @@ + //kbuild:lib-$(CONFIG_MODPROBE_SMALL) += modprobe-small.o + + #include "libbb.h" ++#include /* for ELF header magic */ + /* After libbb.h, since it needs sys/types.h on some systems */ + #include /* uname() */ + #include +@@ -249,6 +250,33 @@ static const char *moderror(int err) + } + } + ++#ifdef __NR_finit_module ++/* ++ * Return: ++ * 0 on success, ++ * <0 for error. ++ * ++ * finit_module()/init_module() only accepts ELF format. ++ * Do basic ELF check to avoid calling finit_module() with compressed module. ++ */ ++static int check_elf_header(int fd) ++{ ++ unsigned char buf[EI_NIDENT]; ++ int ret; ++ ++ ret = pread(fd, buf, sizeof(buf), 0); ++ if (ret < sizeof(buf)) ++ return -EIO; ++ if (buf[EI_MAG0] != ELFMAG0 || ++ buf[EI_MAG1] != ELFMAG1 || ++ buf[EI_MAG2] != ELFMAG2 || ++ buf[EI_MAG3] != ELFMAG3) ++ return -EINVAL; ++ /* Other more comprehensive check will be done inside kernel */ ++ return 0; ++} ++#endif ++ + static int load_module(const char *fname, const char *options) + { + #if 1 +@@ -272,7 +300,10 @@ static int load_module(const char *fname, const char *options) + { + int fd = open(fname, O_RDONLY | O_CLOEXEC); + if (fd >= 0) { +- r = finit_module(fd, options, 0) != 0; ++ if (!check_elf_header(fd)) ++ r = finit_module(fd, options, 0) != 0; ++ else ++ r = 1; + close(fd); + } + } +diff --git a/modutils/modutils.c b/modutils/modutils.c +index f7ad5e805..037d609e4 100644 +--- a/modutils/modutils.c ++++ b/modutils/modutils.c +@@ -7,6 +7,7 @@ + */ + #include "modutils.h" + ++#include + #include + + #define init_module(mod, len, opts) syscall(__NR_init_module, mod, len, opts) +@@ -186,6 +187,33 @@ void* FAST_FUNC try_to_mmap_module(const char *filename, size_t *image_size_p) + } + #endif + ++#ifdef __NR_finit_module ++/* ++ * Return: ++ * 0 on success, ++ * <0 for error. ++ * ++ * finit_module()/init_module() only accepts ELF format. ++ * Do basic ELF check to avoid calling finit_module() with compressed module. ++ */ ++static int check_elf_header(int fd) ++{ ++ unsigned char buf[EI_NIDENT]; ++ int ret; ++ ++ ret = pread(fd, buf, sizeof(buf), 0); ++ if (ret < sizeof(buf)) ++ return -EIO; ++ if (buf[EI_MAG0] != ELFMAG0 || ++ buf[EI_MAG1] != ELFMAG1 || ++ buf[EI_MAG2] != ELFMAG2 || ++ buf[EI_MAG3] != ELFMAG3) ++ return -EINVAL; ++ /* Other more comprehensive check will be done inside kernel */ ++ return 0; ++} ++#endif ++ + /* Return: + * 0 on success, + * -errno on open/read error, +@@ -212,12 +240,19 @@ int FAST_FUNC bb_init_module(const char *filename, const char *options) + * to only allow loading of modules off of secure storage (like a read- + * only rootfs) which needs the finit_module call. If it fails, we fall + * back to normal module loading to support compressed modules. ++ * ++ * Note that finit_module()/init_module() only accept ELF image, do ++ * basic check before calling finit_module() to avoid kernel ++ * complaining. + */ + # ifdef __NR_finit_module + { + int fd = open(filename, O_RDONLY | O_CLOEXEC); + if (fd >= 0) { +- rc = finit_module(fd, options, 0) != 0; ++ if (!check_elf_header(fd)) ++ rc = finit_module(fd, options, 0) != 0; ++ else ++ rc = 1; + close(fd); + if (rc == 0) + return rc; -- cgit v1.2.3