On Sun, Aug 19, 2018 at 4:36 PM Lukas Wunner <lu...@wunner.de> wrote: > > Hotplug drivers cannot declare their hotplug_slot_ops const, making them > attractive targets for attackers, because upon registration of a hotplug > slot, __pci_hp_initialize() writes to the "owner" and "mod_name" members > in that struct. > > Fix by moving these members to struct hotplug_slot and constify every > driver's hotplug_slot_ops except for pciehp. > > pciehp constructs its hotplug_slot_ops at runtime based on the PCIe > port's capabilities, hence cannot declare them const. It can be > converted to __write_rarely once that's mainlined: > http://www.openwall.com/lists/kernel-hardening/2016/11/16/3 > > Signed-off-by: Lukas Wunner <lu...@wunner.de> > Cc: Rafael J. Wysocki <r...@rjwysocki.net> > Cc: Len Brown <l...@kernel.org> > Cc: Scott Murray <sc...@spiteful.org> > Cc: Benjamin Herrenschmidt <b...@kernel.crashing.org> > Cc: Paul Mackerras <pau...@samba.org> > Cc: Michael Ellerman <m...@ellerman.id.au> > Cc: Gavin Shan <gws...@linux.vnet.ibm.com> > Cc: Sebastian Ott <seb...@linux.vnet.ibm.com> > Cc: Gerald Schaefer <gerald.schae...@de.ibm.com> > Cc: Corentin Chary <corentin.ch...@gmail.com> > Cc: Darren Hart <dvh...@infradead.org> > Cc: Andy Shevchenko <a...@infradead.org> > --- > drivers/pci/hotplug/acpiphp_core.c | 2 +- > drivers/pci/hotplug/cpci_hotplug_core.c | 2 +- > drivers/pci/hotplug/cpqphp_core.c | 2 +- > drivers/pci/hotplug/ibmphp.h | 2 +- > drivers/pci/hotplug/ibmphp_core.c | 2 +- > drivers/pci/hotplug/pci_hotplug_core.c | 27 +++++++++++++------------ > drivers/pci/hotplug/pnv_php.c | 2 +- > drivers/pci/hotplug/rpaphp.h | 2 +- > drivers/pci/hotplug/rpaphp_core.c | 2 +- > drivers/pci/hotplug/s390_pci_hpc.c | 2 +- > drivers/pci/hotplug/sgi_hotplug.c | 2 +- > drivers/pci/hotplug/shpchp_core.c | 2 +- > drivers/pci/pci.c | 4 ++-- > drivers/pci/slot.c | 2 +- > drivers/platform/x86/asus-wmi.c | 3 +-- > drivers/platform/x86/eeepc-laptop.c | 3 +-- > include/linux/pci_hotplug.h | 10 ++++----- > 17 files changed, 35 insertions(+), 36 deletions(-)
Nice! Reviewed-by: Rafael J. Wysocki <rafael.j.wyso...@intel.com>