| 2d3bb398 | 20-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Cache dont_correlate() result
Cache the dont_correlate() result once per symbol at the start of correlate_symbols(). This reduces klp diff time on an arm64 LTO vmlinux.o from 2m51s to
objtool/klp: Cache dont_correlate() result
Cache the dont_correlate() result once per symbol at the start of correlate_symbols(). This reduces klp diff time on an arm64 LTO vmlinux.o from 2m51s to 35s.
Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| f7ceffd2 | 28-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Fix kCFI prefix finding/cloning
With CFI+CALL_PADDING, Clang places .Ltmp labels at the start of the NOP padding (offset 5) between the __cfi_ prefix and the function entry point. get_
objtool/klp: Fix kCFI prefix finding/cloning
With CFI+CALL_PADDING, Clang places .Ltmp labels at the start of the NOP padding (offset 5) between the __cfi_ prefix and the function entry point. get_func_prefix() only checks the immediately previous symbol, so the intervening .Ltmp label causes it to miss the __cfi_ prefix symbol.
This results in klp-diff not cloning the kCFI type hash into the livepatch module, causing a CFI failure at module load when calling callback functions through indirect calls:
CFI failure at __klp_enable_patch+0xab/0x140 (target: pre_patch_callback+0x0/0x80 [livepatch_combined]; expected type: 0xde073954)
Instead of walking backward through the section's symbol list, just use find_func_containing() for the byte before the function. This works now that __cfi_ symbols are being grown by objtool to fill the padding.
Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| fc0bb991 | 24-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool: Grow __cfi_* prefix symbols for all CFI+CALL_PADDING
For all CONFIG_CFI+CONFIG_CALL_PADDING configs, for C functions, the __cfi_ symbols only cover the 5-byte kCFI type hash. After that th
objtool: Grow __cfi_* prefix symbols for all CFI+CALL_PADDING
For all CONFIG_CFI+CONFIG_CALL_PADDING configs, for C functions, the __cfi_ symbols only cover the 5-byte kCFI type hash. After that there also N bytes of NOP padding between the hash and the function entry which aren't associated with any symbol.
The NOPs can be replaced with actual code at runtime. Without a symbol, unwinders and tooling have no way of knowing where those bytes belong.
Grow the existing __cfi_* symbols to fill that gap.
Note that assembly functions with SYM_TYPED_FUNC_START() aren't affected by this issue, their __cfi_ symbols also cover the padding.
Also, CONFIG_PREFIX_SYMBOLS has no reason to exist: CONFIG_CALL_PADDING is what causes the compiler to emit NOP padding before function entry (via -fpatchable-function-entry), so it's the right condition for creating prefix symbols.
Remove CONFIG_PREFIX_SYMBOLS, as it's no longer needed. Simplify the LONGEST_SYM_KUNIT_TEST dependency accordingly. Rework objtool's arguments a bit to handle the variety of prefix/cfi-related cases.
Suggested-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| cca84cb1 | 03-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Fix position-dependent checksums for non-relocated jumps/calls
When computing klp checksums, instructions with non-relocated jump/call destination offsets are problematic because the of
objtool/klp: Fix position-dependent checksums for non-relocated jumps/calls
When computing klp checksums, instructions with non-relocated jump/call destination offsets are problematic because the offset values can change when surrounding code has moved, causing the function to be incorrectly marked as changed.
Specifically, that includes jumps from alternatives to the end of the alternative, which from objtool's perspective are jumps to the end of the alternative instruction block in the original function.
Note that 'jump_dest' jumps don't include sibling calls (those use call_dest), nor do they include jumps to/from .cold sub functions (those are cross-section and need a reloc).
Fix it by hashing the opcode bytes (excluding the immediate operand) along with a position-independent representation of the destination. For calls, use the function name, and for jumps, use the destination's offset within its function.
[Note the "9 bit hole" comment was wrong: it has been 8 bits since commit 70589843b36f ("objtool: Add option to trace function validation") added the 'trace' field. Adding the 4-bit 'immediate_len' field now leaves a 4-bit hole.]
Fixes: 0d83da43b1e1 ("objtool/klp: Add --checksum option to generate per-function checksums") Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| 3ee67629 | 04-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool: Add insn_sym() helper
Alternative replacement instructions awkwardly have insn->sym set to the function they get patched to rather than the symbol (or rather lack thereof) they belong to in
objtool: Add insn_sym() helper
Alternative replacement instructions awkwardly have insn->sym set to the function they get patched to rather than the symbol (or rather lack thereof) they belong to in the file.
This makes it difficult to know where a given instruction actually lives.
Add a new insn_sym() helper which preserves the existing semantic of insn->sym. Rename insn->sym to insn->_sym, which contains the actual ELF binary symbol (or NULL, for alternative replacements) an instruction lives in.
The private insn->_sym value will be needed for a subsequent patch.
Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| 5d6a03ee | 21-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Add correlation debugging output
Add debugging messages to show how duplicate symbols get correlated, and split the --debug feature into --debug-correlate and --debug-clone.
Acked-by:
objtool/klp: Add correlation debugging output
Add debugging messages to show how duplicate symbols get correlated, and split the --debug feature into --debug-correlate and --debug-clone.
Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| e1076461 | 03-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Add "objtool klp checksum" subcommand
Move the checksum functionality out of the main objtool command into a new "objtool klp checksum" subcommand.
This has the benefit of making the c
objtool/klp: Add "objtool klp checksum" subcommand
Move the checksum functionality out of the main objtool command into a new "objtool klp checksum" subcommand.
This has the benefit of making the code (and the patch generation process itself) more modular.
For bisectability, both "objtool --checksum" and "objtool klp checksum" work for now. The former will be removed after klp-build has been converted to use the new subcommand.
Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| a5b66123 | 03-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool: Consolidate file decoding into decode_file()
decode_sections() relies on CFI and cfi_hash initialization done separately in check(), making it unusable outside of check().
Consolidate the
objtool: Consolidate file decoding into decode_file()
decode_sections() relies on CFI and cfi_hash initialization done separately in check(), making it unusable outside of check().
Consolidate the initialization into decode_sections() and rename it to decode_file(), and make it global along with free_insns() and insn_reloc() for use by other objtool components -- namely, the checksum code which will be moving to another file.
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| 30cae58c | 03-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Extricate checksum calculation from validate_branch()
In preparation for porting the checksum code to other arches, make its functionality independent from the CFG reverse engineering c
objtool/klp: Extricate checksum calculation from validate_branch()
In preparation for porting the checksum code to other arches, make its functionality independent from the CFG reverse engineering code.
Move it into a standalone calculate_checksums() function which iterates all functions and instructions directly, rather than being called inline from do_validate_branch().
Since checksum_update_insn() is no longer called during CFG traversal, it needs to manually iterate the alternatives.
Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| d5b0f025 | 28-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Fix pointer comparisons for rodata objects
klp-diff treats all rodata as uncorrelated, so any reference to it uses a duplicated copy rather than using a KLP reloc.
For the contents of
objtool/klp: Fix pointer comparisons for rodata objects
klp-diff treats all rodata as uncorrelated, so any reference to it uses a duplicated copy rather than using a KLP reloc.
For the contents of the data itself, a duplicated copy is fine. However, pointer comparisons (e.g., f->f_op == &foo_ops) are broken.
Fix it by correlating non-anonymous rodata objects.
Also, use a new find_symbol_containing_inclusive() helper for matching the end of a symbol so bounds calculations don't get broken, for the case where an array or other symbol's ending address is used as part of a bounds calculation.
While these are really two distinct changes, they need to be done in the same patch so as to avoid introducing bisection regressions.
Acked-by: Song Liu <song@kernel.org> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| 3e01ab44 | 13-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool: Move mark_rodata() to elf.c
Move the sec->rodata marking from check.c to elf.c so it's set during ELF reading rather than during the check pipeline. This makes the rodata flag available to
objtool: Move mark_rodata() to elf.c
Move the sec->rodata marking from check.c to elf.c so it's set during ELF reading rather than during the check pipeline. This makes the rodata flag available to all objtool users, including klp-diff which reads ELF files directly without running check().
Add an is_rodata_sec() helper to elf.h for consistency with is_text_sec() and is_string_sec().
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: Song Liu <song@kernel.org> Reviewed-by: Miroslav Benes <mbenes@suse.cz> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| 479ac526 | 03-Apr-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Fix XXH3 state memory leak
The XXH3 state allocated in checksum_init() is never freed. Free it in checksum_finish().
Acked-by: Song Liu <song@kernel.org> Reviewed-by: Miroslav Benes <
objtool/klp: Fix XXH3 state memory leak
The XXH3 state allocated in checksum_init() is never freed. Free it in checksum_finish().
Acked-by: Song Liu <song@kernel.org> Reviewed-by: Miroslav Benes <mbenes@suse.cz> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|
| def5b60d | 31-Mar-2026 |
Josh Poimboeuf <jpoimboe@kernel.org> |
objtool/klp: Fix --debug-checksum for duplicate symbol names
find_symbol_by_name() only returns the first match, so --debug-checksum=<func> silently ignores any subsequent duplicately named function
objtool/klp: Fix --debug-checksum for duplicate symbol names
find_symbol_by_name() only returns the first match, so --debug-checksum=<func> silently ignores any subsequent duplicately named functions after the first.
Fix that, along with a new for_each_sym_by_name() helper.
Acked-by: Song Liu <song@kernel.org> Reviewed-by: Miroslav Benes <mbenes@suse.cz> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
show more ...
|