1 // SPDX-License-Identifier: GPL-2.0-or-later
2 #define _GNU_SOURCE /* memmem() */
3 #include <subcmd/parse-options.h>
4 #include <stdlib.h>
5 #include <string.h>
6 #include <libgen.h>
7 #include <stdio.h>
8 #include <ctype.h>
9
10 #include <objtool/objtool.h>
11 #include <objtool/warn.h>
12 #include <objtool/arch.h>
13 #include <objtool/klp.h>
14 #include <objtool/util.h>
15 #include <arch/special.h>
16
17 #include <linux/align.h>
18 #include <linux/objtool_types.h>
19 #include <linux/livepatch_external.h>
20 #include <linux/stringify.h>
21 #include <linux/string.h>
22 #include <linux/jhash.h>
23
24 #define sizeof_field(TYPE, MEMBER) sizeof((((TYPE *)0)->MEMBER))
25
26 struct elfs {
27 struct elf *orig, *patched, *out;
28 const char *modname;
29 };
30
31 struct export {
32 struct hlist_node hash;
33 char *mod, *sym;
34 };
35
36 static const char * const klp_diff_usage[] = {
37 "objtool klp diff [<options>] <in1.o> <in2.o> <out.o>",
38 NULL,
39 };
40
41 static const struct option klp_diff_options[] = {
42 OPT_GROUP("Options:"),
43 OPT_BOOLEAN('d', "debug", &debug, "enable debug output"),
44 OPT_END(),
45 };
46
47 static DEFINE_HASHTABLE(exports, 15);
48
str_hash(const char * str)49 static inline u32 str_hash(const char *str)
50 {
51 return jhash(str, strlen(str), 0);
52 }
53
escape_str(const char * orig)54 static char *escape_str(const char *orig)
55 {
56 size_t len = 0;
57 const char *a;
58 char *b, *new;
59
60 for (a = orig; *a; a++) {
61 switch (*a) {
62 case '\001': len += 5; break;
63 case '\n':
64 case '\t': len += 2; break;
65 default: len++;
66 }
67 }
68
69 new = malloc(len + 1);
70 if (!new)
71 return NULL;
72
73 for (a = orig, b = new; *a; a++) {
74 switch (*a) {
75 case '\001': memcpy(b, "<SOH>", 5); b += 5; break;
76 case '\n': *b++ = '\\'; *b++ = 'n'; break;
77 case '\t': *b++ = '\\'; *b++ = 't'; break;
78 default: *b++ = *a;
79 }
80 }
81
82 *b = '\0';
83 return new;
84 }
85
read_exports(void)86 static int read_exports(void)
87 {
88 const char *symvers = "Module.symvers";
89 char line[1024], *path = NULL;
90 unsigned int line_num = 1;
91 FILE *file;
92
93 file = fopen(symvers, "r");
94 if (!file) {
95 path = top_level_dir(symvers);
96 if (!path) {
97 ERROR("can't open '%s', \"objtool diff\" should be run from the kernel tree", symvers);
98 return -1;
99 }
100
101 file = fopen(path, "r");
102 if (!file) {
103 ERROR_GLIBC("fopen");
104 return -1;
105 }
106 }
107
108 while (fgets(line, 1024, file)) {
109 char *sym, *mod, *type;
110 struct export *export;
111
112 sym = strchr(line, '\t');
113 if (!sym) {
114 ERROR("malformed Module.symvers (sym) at line %d", line_num);
115 return -1;
116 }
117
118 *sym++ = '\0';
119
120 mod = strchr(sym, '\t');
121 if (!mod) {
122 ERROR("malformed Module.symvers (mod) at line %d", line_num);
123 return -1;
124 }
125
126 *mod++ = '\0';
127
128 type = strchr(mod, '\t');
129 if (!type) {
130 ERROR("malformed Module.symvers (type) at line %d", line_num);
131 return -1;
132 }
133
134 *type++ = '\0';
135
136 if (*sym == '\0' || *mod == '\0') {
137 ERROR("malformed Module.symvers at line %d", line_num);
138 return -1;
139 }
140
141 export = calloc(1, sizeof(*export));
142 if (!export) {
143 ERROR_GLIBC("calloc");
144 return -1;
145 }
146
147 export->mod = strdup(mod);
148 if (!export->mod) {
149 ERROR_GLIBC("strdup");
150 return -1;
151 }
152
153 export->sym = strdup(sym);
154 if (!export->sym) {
155 ERROR_GLIBC("strdup");
156 return -1;
157 }
158
159 hash_add(exports, &export->hash, str_hash(sym));
160 }
161
162 free(path);
163 fclose(file);
164
165 return 0;
166 }
167
read_sym_checksums(struct elf * elf)168 static int read_sym_checksums(struct elf *elf)
169 {
170 struct section *sec;
171
172 sec = find_section_by_name(elf, ".discard.sym_checksum");
173 if (!sec) {
174 ERROR("'%s' missing .discard.sym_checksum section, file not processed by 'objtool --checksum'?",
175 elf->name);
176 return -1;
177 }
178
179 if (!sec->rsec) {
180 ERROR("missing reloc section for .discard.sym_checksum");
181 return -1;
182 }
183
184 if (sec_size(sec) % sizeof(struct sym_checksum)) {
185 ERROR("struct sym_checksum size mismatch");
186 return -1;
187 }
188
189 for (int i = 0; i < sec_size(sec) / sizeof(struct sym_checksum); i++) {
190 struct sym_checksum *sym_checksum;
191 struct reloc *reloc;
192 struct symbol *sym;
193
194 sym_checksum = (struct sym_checksum *)sec->data->d_buf + i;
195
196 reloc = find_reloc_by_dest(elf, sec, i * sizeof(*sym_checksum));
197 if (!reloc) {
198 ERROR("can't find reloc for sym_checksum[%d]", i);
199 return -1;
200 }
201
202 sym = reloc->sym;
203
204 if (is_sec_sym(sym)) {
205 ERROR("not sure how to handle section %s", sym->name);
206 return -1;
207 }
208
209 if (is_func_sym(sym))
210 sym->csum.checksum = sym_checksum->checksum;
211 }
212
213 return 0;
214 }
215
first_file_symbol(struct elf * elf)216 static struct symbol *first_file_symbol(struct elf *elf)
217 {
218 struct symbol *sym;
219
220 for_each_sym(elf, sym) {
221 if (is_file_sym(sym))
222 return sym;
223 }
224
225 return NULL;
226 }
227
next_file_symbol(struct elf * elf,struct symbol * sym)228 static struct symbol *next_file_symbol(struct elf *elf, struct symbol *sym)
229 {
230 for_each_sym_continue(elf, sym) {
231 if (is_file_sym(sym))
232 return sym;
233 }
234
235 return NULL;
236 }
237
238 /*
239 * Certain static local variables should never be correlated. They will be
240 * used in place rather than referencing the originals.
241 */
is_uncorrelated_static_local(struct symbol * sym)242 static bool is_uncorrelated_static_local(struct symbol *sym)
243 {
244 static const char * const vars[] = {
245 "__already_done.",
246 "__func__.",
247 "__key.",
248 "__warned.",
249 "_entry.",
250 "_entry_ptr.",
251 "_rs.",
252 "descriptor.",
253 "CSWTCH.",
254 };
255
256 if (!is_object_sym(sym) || !is_local_sym(sym))
257 return false;
258
259 if (!strcmp(sym->sec->name, ".data.once"))
260 return true;
261
262 for (int i = 0; i < ARRAY_SIZE(vars); i++) {
263 if (strstarts(sym->name, vars[i]))
264 return true;
265 }
266
267 return false;
268 }
269
270 /*
271 * Clang emits several useless .Ltmp_* code labels.
272 */
is_clang_tmp_label(struct symbol * sym)273 static bool is_clang_tmp_label(struct symbol *sym)
274 {
275 return sym->type == STT_NOTYPE &&
276 is_text_sec(sym->sec) &&
277 strstarts(sym->name, ".Ltmp") &&
278 isdigit(sym->name[5]);
279 }
280
is_special_section(struct section * sec)281 static bool is_special_section(struct section *sec)
282 {
283 static const char * const specials[] = {
284 ".altinstructions",
285 ".smp_locks",
286 "__bug_table",
287 "__ex_table",
288 "__jump_table",
289 "__mcount_loc",
290
291 /*
292 * Extract .static_call_sites here to inherit non-module
293 * preferential treatment. The later static call processing
294 * during klp module build will be skipped when it sees this
295 * section already exists.
296 */
297 ".static_call_sites",
298 };
299
300 static const char * const non_special_discards[] = {
301 ".discard.addressable",
302 ".discard.sym_checksum",
303 };
304
305 if (is_text_sec(sec))
306 return false;
307
308 for (int i = 0; i < ARRAY_SIZE(specials); i++) {
309 if (!strcmp(sec->name, specials[i]))
310 return true;
311 }
312
313 /* Most .discard data sections are special */
314 for (int i = 0; i < ARRAY_SIZE(non_special_discards); i++) {
315 if (!strcmp(sec->name, non_special_discards[i]))
316 return false;
317 }
318
319 return strstarts(sec->name, ".discard.");
320 }
321
322 /*
323 * These sections are referenced by special sections but aren't considered
324 * special sections themselves.
325 */
is_special_section_aux(struct section * sec)326 static bool is_special_section_aux(struct section *sec)
327 {
328 static const char * const specials_aux[] = {
329 ".altinstr_replacement",
330 ".altinstr_aux",
331 };
332
333 for (int i = 0; i < ARRAY_SIZE(specials_aux); i++) {
334 if (!strcmp(sec->name, specials_aux[i]))
335 return true;
336 }
337
338 return false;
339 }
340
341 /*
342 * These symbols should never be correlated, so their local patched versions
343 * are used instead of linking to the originals.
344 */
dont_correlate(struct symbol * sym)345 static bool dont_correlate(struct symbol *sym)
346 {
347 return is_file_sym(sym) ||
348 is_null_sym(sym) ||
349 is_sec_sym(sym) ||
350 is_prefix_func(sym) ||
351 is_uncorrelated_static_local(sym) ||
352 is_clang_tmp_label(sym) ||
353 is_string_sec(sym->sec) ||
354 is_special_section(sym->sec) ||
355 is_special_section_aux(sym->sec) ||
356 strstarts(sym->name, "__initcall__");
357 }
358
359 /*
360 * For each symbol in the original kernel, find its corresponding "twin" in the
361 * patched kernel.
362 */
correlate_symbols(struct elfs * e)363 static int correlate_symbols(struct elfs *e)
364 {
365 struct symbol *file1_sym, *file2_sym;
366 struct symbol *sym1, *sym2;
367
368 file1_sym = first_file_symbol(e->orig);
369 file2_sym = first_file_symbol(e->patched);
370
371 /*
372 * Correlate any locals before the first FILE symbol. This has been
373 * seen when LTO inexplicably strips the initramfs_data.o FILE symbol
374 * due to the file only containing data and no code.
375 */
376 for_each_sym(e->orig, sym1) {
377 if (sym1 == file1_sym || !is_local_sym(sym1))
378 break;
379
380 if (dont_correlate(sym1))
381 continue;
382
383 for_each_sym(e->patched, sym2) {
384 if (sym2 == file2_sym || !is_local_sym(sym2))
385 break;
386
387 if (sym2->twin || dont_correlate(sym2))
388 continue;
389
390 if (strcmp(sym1->demangled_name, sym2->demangled_name))
391 continue;
392
393 sym1->twin = sym2;
394 sym2->twin = sym1;
395 break;
396 }
397 }
398
399 /* Correlate locals after the first FILE symbol */
400 for (; ; file1_sym = next_file_symbol(e->orig, file1_sym),
401 file2_sym = next_file_symbol(e->patched, file2_sym)) {
402
403 if (!file1_sym && file2_sym) {
404 ERROR("FILE symbol mismatch: NULL != %s", file2_sym->name);
405 return -1;
406 }
407
408 if (file1_sym && !file2_sym) {
409 ERROR("FILE symbol mismatch: %s != NULL", file1_sym->name);
410 return -1;
411 }
412
413 if (!file1_sym)
414 break;
415
416 if (strcmp(file1_sym->name, file2_sym->name)) {
417 ERROR("FILE symbol mismatch: %s != %s", file1_sym->name, file2_sym->name);
418 return -1;
419 }
420
421 file1_sym->twin = file2_sym;
422 file2_sym->twin = file1_sym;
423
424 sym1 = file1_sym;
425
426 for_each_sym_continue(e->orig, sym1) {
427 if (is_file_sym(sym1) || !is_local_sym(sym1))
428 break;
429
430 if (dont_correlate(sym1))
431 continue;
432
433 sym2 = file2_sym;
434 for_each_sym_continue(e->patched, sym2) {
435 if (is_file_sym(sym2) || !is_local_sym(sym2))
436 break;
437
438 if (sym2->twin || dont_correlate(sym2))
439 continue;
440
441 if (strcmp(sym1->demangled_name, sym2->demangled_name))
442 continue;
443
444 sym1->twin = sym2;
445 sym2->twin = sym1;
446 break;
447 }
448 }
449 }
450
451 /* Correlate globals */
452 for_each_sym(e->orig, sym1) {
453 if (sym1->bind == STB_LOCAL)
454 continue;
455
456 sym2 = find_global_symbol_by_name(e->patched, sym1->name);
457
458 if (sym2 && !sym2->twin && !strcmp(sym1->name, sym2->name)) {
459 sym1->twin = sym2;
460 sym2->twin = sym1;
461 }
462 }
463
464 for_each_sym(e->orig, sym1) {
465 if (sym1->twin || dont_correlate(sym1))
466 continue;
467 WARN("no correlation: %s", sym1->name);
468 }
469
470 return 0;
471 }
472
473 /* "sympos" is used by livepatch to disambiguate duplicate symbol names */
find_sympos(struct elf * elf,struct symbol * sym)474 static unsigned long find_sympos(struct elf *elf, struct symbol *sym)
475 {
476 bool vmlinux = str_ends_with(objname, "vmlinux.o");
477 unsigned long sympos = 0, nr_matches = 0;
478 bool has_dup = false;
479 struct symbol *s;
480
481 if (sym->bind != STB_LOCAL)
482 return 0;
483
484 if (vmlinux && sym->type == STT_FUNC) {
485 /*
486 * HACK: Unfortunately, symbol ordering can differ between
487 * vmlinux.o and vmlinux due to the linker script emitting
488 * .text.unlikely* before .text*. Count .text.unlikely* first.
489 *
490 * TODO: Disambiguate symbols more reliably (checksums?)
491 */
492 for_each_sym(elf, s) {
493 if (strstarts(s->sec->name, ".text.unlikely") &&
494 !strcmp(s->name, sym->name)) {
495 nr_matches++;
496 if (s == sym)
497 sympos = nr_matches;
498 else
499 has_dup = true;
500 }
501 }
502 for_each_sym(elf, s) {
503 if (!strstarts(s->sec->name, ".text.unlikely") &&
504 !strcmp(s->name, sym->name)) {
505 nr_matches++;
506 if (s == sym)
507 sympos = nr_matches;
508 else
509 has_dup = true;
510 }
511 }
512 } else {
513 for_each_sym(elf, s) {
514 if (!strcmp(s->name, sym->name)) {
515 nr_matches++;
516 if (s == sym)
517 sympos = nr_matches;
518 else
519 has_dup = true;
520 }
521 }
522 }
523
524 if (!sympos) {
525 ERROR("can't find sympos for %s", sym->name);
526 return ULONG_MAX;
527 }
528
529 return has_dup ? sympos : 0;
530 }
531
532 static int clone_sym_relocs(struct elfs *e, struct symbol *patched_sym);
533
__clone_symbol(struct elf * elf,struct symbol * patched_sym,bool data_too)534 static struct symbol *__clone_symbol(struct elf *elf, struct symbol *patched_sym,
535 bool data_too)
536 {
537 struct section *out_sec = NULL;
538 unsigned long offset = 0;
539 struct symbol *out_sym;
540
541 if (data_too && !is_undef_sym(patched_sym)) {
542 struct section *patched_sec = patched_sym->sec;
543
544 out_sec = find_section_by_name(elf, patched_sec->name);
545 if (!out_sec) {
546 out_sec = elf_create_section(elf, patched_sec->name, 0,
547 patched_sec->sh.sh_entsize,
548 patched_sec->sh.sh_type,
549 patched_sec->sh.sh_addralign,
550 patched_sec->sh.sh_flags);
551 if (!out_sec)
552 return NULL;
553 }
554
555 if (is_string_sec(patched_sym->sec)) {
556 out_sym = elf_create_section_symbol(elf, out_sec);
557 if (!out_sym)
558 return NULL;
559
560 goto sym_created;
561 }
562
563 if (!is_sec_sym(patched_sym))
564 offset = ALIGN(sec_size(out_sec), out_sec->sh.sh_addralign);
565
566 if (patched_sym->len || is_sec_sym(patched_sym)) {
567 void *data = NULL;
568 size_t size;
569
570 /* bss doesn't have data */
571 if (patched_sym->sec->data->d_buf)
572 data = patched_sym->sec->data->d_buf + patched_sym->offset;
573
574 if (is_sec_sym(patched_sym))
575 size = sec_size(patched_sym->sec);
576 else
577 size = patched_sym->len;
578
579 if (!elf_add_data(elf, out_sec, data, size))
580 return NULL;
581 }
582 }
583
584 out_sym = elf_create_symbol(elf, patched_sym->name, out_sec,
585 patched_sym->bind, patched_sym->type,
586 offset, patched_sym->len);
587 if (!out_sym)
588 return NULL;
589
590 sym_created:
591 patched_sym->clone = out_sym;
592 out_sym->clone = patched_sym;
593
594 return out_sym;
595 }
596
sym_type(struct symbol * sym)597 static const char *sym_type(struct symbol *sym)
598 {
599 switch (sym->type) {
600 case STT_NOTYPE: return "NOTYPE";
601 case STT_OBJECT: return "OBJECT";
602 case STT_FUNC: return "FUNC";
603 case STT_SECTION: return "SECTION";
604 case STT_FILE: return "FILE";
605 default: return "UNKNOWN";
606 }
607 }
608
sym_bind(struct symbol * sym)609 static const char *sym_bind(struct symbol *sym)
610 {
611 switch (sym->bind) {
612 case STB_LOCAL: return "LOCAL";
613 case STB_GLOBAL: return "GLOBAL";
614 case STB_WEAK: return "WEAK";
615 default: return "UNKNOWN";
616 }
617 }
618
619 /*
620 * Copy a symbol to the output object, optionally including its data and
621 * relocations.
622 */
clone_symbol(struct elfs * e,struct symbol * patched_sym,bool data_too)623 static struct symbol *clone_symbol(struct elfs *e, struct symbol *patched_sym,
624 bool data_too)
625 {
626 struct symbol *pfx;
627
628 if (patched_sym->clone)
629 return patched_sym->clone;
630
631 dbg_indent("%s%s", patched_sym->name, data_too ? " [+DATA]" : "");
632
633 /* Make sure the prefix gets cloned first */
634 if (is_func_sym(patched_sym) && data_too) {
635 pfx = get_func_prefix(patched_sym);
636 if (pfx)
637 clone_symbol(e, pfx, true);
638 }
639
640 if (!__clone_symbol(e->out, patched_sym, data_too))
641 return NULL;
642
643 if (data_too && clone_sym_relocs(e, patched_sym))
644 return NULL;
645
646 return patched_sym->clone;
647 }
648
mark_included_function(struct symbol * func)649 static void mark_included_function(struct symbol *func)
650 {
651 struct symbol *pfx;
652
653 func->included = 1;
654
655 /* Include prefix function */
656 pfx = get_func_prefix(func);
657 if (pfx)
658 pfx->included = 1;
659
660 /* Make sure .cold parent+child always stay together */
661 if (func->cfunc && func->cfunc != func)
662 func->cfunc->included = 1;
663 if (func->pfunc && func->pfunc != func)
664 func->pfunc->included = 1;
665 }
666
667 /*
668 * Copy all changed functions (and their dependencies) from the patched object
669 * to the output object.
670 */
mark_changed_functions(struct elfs * e)671 static int mark_changed_functions(struct elfs *e)
672 {
673 struct symbol *sym_orig, *patched_sym;
674 bool changed = false;
675
676 /* Find changed functions */
677 for_each_sym(e->orig, sym_orig) {
678 if (!is_func_sym(sym_orig) || is_prefix_func(sym_orig))
679 continue;
680
681 patched_sym = sym_orig->twin;
682 if (!patched_sym)
683 continue;
684
685 if (sym_orig->csum.checksum != patched_sym->csum.checksum) {
686 patched_sym->changed = 1;
687 mark_included_function(patched_sym);
688 changed = true;
689 }
690 }
691
692 /* Find added functions and print them */
693 for_each_sym(e->patched, patched_sym) {
694 if (!is_func_sym(patched_sym) || is_prefix_func(patched_sym))
695 continue;
696
697 if (!patched_sym->twin) {
698 printf("%s: new function: %s\n", objname, patched_sym->name);
699 mark_included_function(patched_sym);
700 changed = true;
701 }
702 }
703
704 /* Print changed functions */
705 for_each_sym(e->patched, patched_sym) {
706 if (patched_sym->changed)
707 printf("%s: changed function: %s\n", objname, patched_sym->name);
708 }
709
710 return !changed ? -1 : 0;
711 }
712
clone_included_functions(struct elfs * e)713 static int clone_included_functions(struct elfs *e)
714 {
715 struct symbol *patched_sym;
716
717 for_each_sym(e->patched, patched_sym) {
718 if (patched_sym->included) {
719 if (!clone_symbol(e, patched_sym, true))
720 return -1;
721 }
722 }
723
724 return 0;
725 }
726
727 /*
728 * Determine whether a relocation should reference the section rather than the
729 * underlying symbol.
730 */
section_reference_needed(struct section * sec)731 static bool section_reference_needed(struct section *sec)
732 {
733 /*
734 * String symbols are zero-length and uncorrelated. It's easier to
735 * deal with them as section symbols.
736 */
737 if (is_string_sec(sec))
738 return true;
739
740 /*
741 * .rodata has mostly anonymous data so there's no way to determine the
742 * length of a needed reference. just copy the whole section if needed.
743 */
744 if (strstarts(sec->name, ".rodata"))
745 return true;
746
747 /* UBSAN anonymous data */
748 if (strstarts(sec->name, ".data..Lubsan") || /* GCC */
749 strstarts(sec->name, ".data..L__unnamed_")) /* Clang */
750 return true;
751
752 return false;
753 }
754
is_reloc_allowed(struct reloc * reloc)755 static bool is_reloc_allowed(struct reloc *reloc)
756 {
757 return section_reference_needed(reloc->sym->sec) == is_sec_sym(reloc->sym);
758 }
759
find_export(struct symbol * sym)760 static struct export *find_export(struct symbol *sym)
761 {
762 struct export *export;
763
764 hash_for_each_possible(exports, export, hash, str_hash(sym->name)) {
765 if (!strcmp(export->sym, sym->name))
766 return export;
767 }
768
769 return NULL;
770 }
771
__find_modname(struct elfs * e)772 static const char *__find_modname(struct elfs *e)
773 {
774 struct section *sec;
775 char *name;
776
777 sec = find_section_by_name(e->orig, ".modinfo");
778 if (!sec) {
779 ERROR("missing .modinfo section");
780 return NULL;
781 }
782
783 name = memmem(sec->data->d_buf, sec_size(sec), "\0name=", 6);
784 if (name)
785 return name + 6;
786
787 name = strdup(e->orig->name);
788 if (!name) {
789 ERROR_GLIBC("strdup");
790 return NULL;
791 }
792
793 for (char *c = name; *c; c++) {
794 if (*c == '/')
795 name = c + 1;
796 else if (*c == '-')
797 *c = '_';
798 else if (*c == '.') {
799 *c = '\0';
800 break;
801 }
802 }
803
804 return name;
805 }
806
807 /* Get the object's module name as defined by the kernel (and klp_object) */
find_modname(struct elfs * e)808 static const char *find_modname(struct elfs *e)
809 {
810 const char *modname;
811
812 if (e->modname)
813 return e->modname;
814
815 modname = __find_modname(e);
816 e->modname = modname;
817 return modname;
818 }
819
820 /*
821 * Copying a function from its native compiled environment to a kernel module
822 * removes its natural access to local functions/variables and unexported
823 * globals. References to such symbols need to be converted to KLP relocs so
824 * the kernel arch relocation code knows to apply them and where to find the
825 * symbols. Particularly, duplicate static symbols need to be disambiguated.
826 */
klp_reloc_needed(struct reloc * patched_reloc)827 static bool klp_reloc_needed(struct reloc *patched_reloc)
828 {
829 struct symbol *patched_sym = patched_reloc->sym;
830 struct export *export;
831
832 /* no external symbol to reference */
833 if (dont_correlate(patched_sym))
834 return false;
835
836 /* For included functions, a regular reloc will do. */
837 if (patched_sym->included)
838 return false;
839
840 /*
841 * If exported by a module, it has to be a klp reloc. Thanks to the
842 * clusterfunk that is late module patching, the patch module is
843 * allowed to be loaded before any modules it depends on.
844 *
845 * If exported by vmlinux, a normal reloc will do.
846 */
847 export = find_export(patched_sym);
848 if (export)
849 return strcmp(export->mod, "vmlinux");
850
851 if (!patched_sym->twin) {
852 /*
853 * Presumably the symbol and its reference were added by the
854 * patch. The symbol could be defined in this .o or in another
855 * .o in the patch module.
856 *
857 * This check needs to be *after* the export check due to the
858 * possibility of the patch adding a new UNDEF reference to an
859 * exported symbol.
860 */
861 return false;
862 }
863
864 /* Unexported symbol which lives in the original vmlinux or module. */
865 return true;
866 }
867
convert_reloc_sym_to_secsym(struct elf * elf,struct reloc * reloc)868 static int convert_reloc_sym_to_secsym(struct elf *elf, struct reloc *reloc)
869 {
870 struct symbol *sym = reloc->sym;
871 struct section *sec = sym->sec;
872
873 if (!sec->sym && !elf_create_section_symbol(elf, sec))
874 return -1;
875
876 reloc->sym = sec->sym;
877 set_reloc_sym(elf, reloc, sym->idx);
878 set_reloc_addend(elf, reloc, sym->offset + reloc_addend(reloc));
879 return 0;
880 }
881
convert_reloc_secsym_to_sym(struct elf * elf,struct reloc * reloc)882 static int convert_reloc_secsym_to_sym(struct elf *elf, struct reloc *reloc)
883 {
884 struct symbol *sym = reloc->sym;
885 struct section *sec = sym->sec;
886
887 /* If the symbol has a dedicated section, it's easy to find */
888 sym = find_symbol_by_offset(sec, 0);
889 if (sym && sym->len == sec_size(sec))
890 goto found_sym;
891
892 /* No dedicated section; find the symbol manually */
893 sym = find_symbol_containing(sec, arch_adjusted_addend(reloc));
894 if (!sym) {
895 /*
896 * This can happen for special section references to weak code
897 * whose symbol has been stripped by the linker.
898 */
899 return -1;
900 }
901
902 found_sym:
903 reloc->sym = sym;
904 set_reloc_sym(elf, reloc, sym->idx);
905 set_reloc_addend(elf, reloc, reloc_addend(reloc) - sym->offset);
906 return 0;
907 }
908
909 /*
910 * Convert a relocation symbol reference to the needed format: either a section
911 * symbol or the underlying symbol itself.
912 */
convert_reloc_sym(struct elf * elf,struct reloc * reloc)913 static int convert_reloc_sym(struct elf *elf, struct reloc *reloc)
914 {
915 if (is_reloc_allowed(reloc))
916 return 0;
917
918 if (section_reference_needed(reloc->sym->sec))
919 return convert_reloc_sym_to_secsym(elf, reloc);
920 else
921 return convert_reloc_secsym_to_sym(elf, reloc);
922 }
923
924 /*
925 * Convert a regular relocation to a klp relocation (sort of).
926 */
clone_reloc_klp(struct elfs * e,struct reloc * patched_reloc,struct section * sec,unsigned long offset,struct export * export)927 static int clone_reloc_klp(struct elfs *e, struct reloc *patched_reloc,
928 struct section *sec, unsigned long offset,
929 struct export *export)
930 {
931 struct symbol *patched_sym = patched_reloc->sym;
932 s64 addend = reloc_addend(patched_reloc);
933 const char *sym_modname, *sym_orig_name;
934 static struct section *klp_relocs;
935 struct symbol *sym, *klp_sym;
936 unsigned long klp_reloc_off;
937 char sym_name[SYM_NAME_LEN];
938 struct klp_reloc klp_reloc;
939 unsigned long sympos;
940
941 if (!patched_sym->twin) {
942 ERROR("unexpected klp reloc for new symbol %s", patched_sym->name);
943 return -1;
944 }
945
946 /*
947 * Keep the original reloc intact for now to avoid breaking objtool run
948 * which relies on proper relocations for many of its features. This
949 * will be disabled later by "objtool klp post-link".
950 *
951 * Convert it to UNDEF (and WEAK to avoid modpost warnings).
952 */
953
954 sym = patched_sym->clone;
955 if (!sym) {
956 /* STB_WEAK: avoid modpost undefined symbol warnings */
957 sym = elf_create_symbol(e->out, patched_sym->name, NULL,
958 STB_WEAK, patched_sym->type, 0, 0);
959 if (!sym)
960 return -1;
961
962 patched_sym->clone = sym;
963 sym->clone = patched_sym;
964 }
965
966 if (!elf_create_reloc(e->out, sec, offset, sym, addend, reloc_type(patched_reloc)))
967 return -1;
968
969 /*
970 * Create the KLP symbol.
971 */
972
973 if (export) {
974 sym_modname = export->mod;
975 sym_orig_name = export->sym;
976 sympos = 0;
977 } else {
978 sym_modname = find_modname(e);
979 if (!sym_modname)
980 return -1;
981
982 sym_orig_name = patched_sym->twin->name;
983 sympos = find_sympos(e->orig, patched_sym->twin);
984 if (sympos == ULONG_MAX)
985 return -1;
986 }
987
988 /* symbol format: .klp.sym.modname.sym_name,sympos */
989 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_SYM_PREFIX "%s.%s,%ld",
990 sym_modname, sym_orig_name, sympos))
991 return -1;
992
993 klp_sym = find_symbol_by_name(e->out, sym_name);
994 if (!klp_sym) {
995 __dbg_indent("%s", sym_name);
996
997 /* STB_WEAK: avoid modpost undefined symbol warnings */
998 klp_sym = elf_create_symbol(e->out, sym_name, NULL,
999 STB_WEAK, patched_sym->type, 0, 0);
1000 if (!klp_sym)
1001 return -1;
1002 }
1003
1004 /*
1005 * Create the __klp_relocs entry. This will be converted to an actual
1006 * KLP rela by "objtool klp post-link".
1007 *
1008 * This intermediate step is necessary to prevent corruption by the
1009 * linker, which doesn't know how to properly handle two rela sections
1010 * applying to the same base section.
1011 */
1012
1013 if (!klp_relocs) {
1014 klp_relocs = elf_create_section(e->out, KLP_RELOCS_SEC, 0,
1015 0, SHT_PROGBITS, 8, SHF_ALLOC);
1016 if (!klp_relocs)
1017 return -1;
1018 }
1019
1020 klp_reloc_off = sec_size(klp_relocs);
1021 memset(&klp_reloc, 0, sizeof(klp_reloc));
1022
1023 klp_reloc.type = reloc_type(patched_reloc);
1024 if (!elf_add_data(e->out, klp_relocs, &klp_reloc, sizeof(klp_reloc)))
1025 return -1;
1026
1027 /* klp_reloc.offset */
1028 if (!sec->sym && !elf_create_section_symbol(e->out, sec))
1029 return -1;
1030
1031 if (!elf_create_reloc(e->out, klp_relocs,
1032 klp_reloc_off + offsetof(struct klp_reloc, offset),
1033 sec->sym, offset, R_ABS64))
1034 return -1;
1035
1036 /* klp_reloc.sym */
1037 if (!elf_create_reloc(e->out, klp_relocs,
1038 klp_reloc_off + offsetof(struct klp_reloc, sym),
1039 klp_sym, addend, R_ABS64))
1040 return -1;
1041
1042 return 0;
1043 }
1044
1045 #define dbg_clone_reloc(sec, offset, patched_sym, addend, export, klp) \
1046 dbg_indent("%s+0x%lx: %s%s0x%lx [%s%s%s%s%s%s]", \
1047 sec->name, offset, patched_sym->name, \
1048 addend >= 0 ? "+" : "-", labs(addend), \
1049 sym_type(patched_sym), \
1050 patched_sym->type == STT_SECTION ? "" : " ", \
1051 patched_sym->type == STT_SECTION ? "" : sym_bind(patched_sym), \
1052 is_undef_sym(patched_sym) ? " UNDEF" : "", \
1053 export ? " EXPORTED" : "", \
1054 klp ? " KLP" : "")
1055
1056 /* Copy a reloc and its symbol to the output object */
clone_reloc(struct elfs * e,struct reloc * patched_reloc,struct section * sec,unsigned long offset)1057 static int clone_reloc(struct elfs *e, struct reloc *patched_reloc,
1058 struct section *sec, unsigned long offset)
1059 {
1060 struct symbol *patched_sym = patched_reloc->sym;
1061 struct export *export = find_export(patched_sym);
1062 long addend = reloc_addend(patched_reloc);
1063 struct symbol *out_sym;
1064 bool klp;
1065
1066 if (!is_reloc_allowed(patched_reloc)) {
1067 ERROR_FUNC(patched_reloc->sec->base, reloc_offset(patched_reloc),
1068 "missing symbol for reference to %s+%ld",
1069 patched_sym->name, addend);
1070 return -1;
1071 }
1072
1073 klp = klp_reloc_needed(patched_reloc);
1074
1075 dbg_clone_reloc(sec, offset, patched_sym, addend, export, klp);
1076
1077 if (klp) {
1078 if (clone_reloc_klp(e, patched_reloc, sec, offset, export))
1079 return -1;
1080
1081 return 0;
1082 }
1083
1084 /*
1085 * Why !export sets 'data_too':
1086 *
1087 * Unexported non-klp symbols need to live in the patch module,
1088 * otherwise there will be unresolved symbols. Notably, this includes:
1089 *
1090 * - New functions/data
1091 * - String sections
1092 * - Special section entries
1093 * - Uncorrelated static local variables
1094 * - UBSAN sections
1095 */
1096 out_sym = clone_symbol(e, patched_sym, patched_sym->included || !export);
1097 if (!out_sym)
1098 return -1;
1099
1100 /*
1101 * For strings, all references use section symbols, thanks to
1102 * section_reference_needed(). clone_symbol() has cloned an empty
1103 * version of the string section. Now copy the string itself.
1104 */
1105 if (is_string_sec(patched_sym->sec)) {
1106 const char *str = patched_sym->sec->data->d_buf + addend;
1107
1108 __dbg_indent("\"%s\"", escape_str(str));
1109
1110 addend = elf_add_string(e->out, out_sym->sec, str);
1111 if (addend == -1)
1112 return -1;
1113 }
1114
1115 if (!elf_create_reloc(e->out, sec, offset, out_sym, addend,
1116 reloc_type(patched_reloc)))
1117 return -1;
1118
1119 return 0;
1120 }
1121
1122 /* Copy all relocs needed for a symbol's contents */
clone_sym_relocs(struct elfs * e,struct symbol * patched_sym)1123 static int clone_sym_relocs(struct elfs *e, struct symbol *patched_sym)
1124 {
1125 struct section *patched_rsec = patched_sym->sec->rsec;
1126 struct reloc *patched_reloc;
1127 unsigned long start, end;
1128 struct symbol *out_sym;
1129
1130 out_sym = patched_sym->clone;
1131 if (!out_sym) {
1132 ERROR("no clone for %s", patched_sym->name);
1133 return -1;
1134 }
1135
1136 if (!patched_rsec)
1137 return 0;
1138
1139 if (!is_sec_sym(patched_sym) && !patched_sym->len)
1140 return 0;
1141
1142 if (is_string_sec(patched_sym->sec))
1143 return 0;
1144
1145 if (is_sec_sym(patched_sym)) {
1146 start = 0;
1147 end = sec_size(patched_sym->sec);
1148 } else {
1149 start = patched_sym->offset;
1150 end = start + patched_sym->len;
1151 }
1152
1153 for_each_reloc(patched_rsec, patched_reloc) {
1154 unsigned long offset;
1155
1156 if (reloc_offset(patched_reloc) < start ||
1157 reloc_offset(patched_reloc) >= end)
1158 continue;
1159
1160 /*
1161 * Skip any reloc referencing .altinstr_aux. Its code is
1162 * always patched by alternatives. See ALTERNATIVE_TERNARY().
1163 */
1164 if (patched_reloc->sym->sec &&
1165 !strcmp(patched_reloc->sym->sec->name, ".altinstr_aux"))
1166 continue;
1167
1168 if (convert_reloc_sym(e->patched, patched_reloc)) {
1169 ERROR_FUNC(patched_rsec->base, reloc_offset(patched_reloc),
1170 "failed to convert reloc sym '%s' to its proper format",
1171 patched_reloc->sym->name);
1172 return -1;
1173 }
1174
1175 offset = out_sym->offset + (reloc_offset(patched_reloc) - patched_sym->offset);
1176
1177 if (clone_reloc(e, patched_reloc, out_sym->sec, offset))
1178 return -1;
1179 }
1180 return 0;
1181
1182 }
1183
create_fake_symbol(struct elf * elf,struct section * sec,unsigned long offset,size_t size)1184 static int create_fake_symbol(struct elf *elf, struct section *sec,
1185 unsigned long offset, size_t size)
1186 {
1187 char name[SYM_NAME_LEN];
1188 unsigned int type;
1189 static int ctr;
1190 char *c;
1191
1192 if (snprintf_check(name, SYM_NAME_LEN, "%s_%d", sec->name, ctr++))
1193 return -1;
1194
1195 for (c = name; *c; c++)
1196 if (*c == '.')
1197 *c = '_';
1198
1199 /*
1200 * STT_NOTYPE: Prevent objtool from validating .altinstr_replacement
1201 * while still allowing objdump to disassemble it.
1202 */
1203 type = is_text_sec(sec) ? STT_NOTYPE : STT_OBJECT;
1204 return elf_create_symbol(elf, name, sec, STB_LOCAL, type, offset, size) ? 0 : -1;
1205 }
1206
1207 /*
1208 * Special sections (alternatives, etc) are basically arrays of structs.
1209 * For all the special sections, create a symbol for each struct entry. This
1210 * is a bit cumbersome, but it makes the extracting of the individual entries
1211 * much more straightforward.
1212 *
1213 * There are three ways to identify the entry sizes for a special section:
1214 *
1215 * 1) ELF section header sh_entsize: Ideally this would be used almost
1216 * everywhere. But unfortunately the toolchains make it difficult. The
1217 * assembler .[push]section directive syntax only takes entsize when
1218 * combined with SHF_MERGE. But Clang disallows combining SHF_MERGE with
1219 * SHF_WRITE. And some special sections do need to be writable.
1220 *
1221 * Another place this wouldn't work is .altinstr_replacement, whose entries
1222 * don't have a fixed size.
1223 *
1224 * 2) ANNOTATE_DATA_SPECIAL: This is a lightweight objtool annotation which
1225 * points to the beginning of each entry. The size of the entry is then
1226 * inferred by the location of the subsequent annotation (or end of
1227 * section).
1228 *
1229 * 3) Simple array of pointers: If the special section is just a basic array of
1230 * pointers, the entry size can be inferred by the number of relocations.
1231 * No annotations needed.
1232 *
1233 * Note I also tried to create per-entry symbols at the time of creation, in
1234 * the original [inline] asm. Unfortunately, creating uniquely named symbols
1235 * is trickier than one might think, especially with Clang inline asm. I
1236 * eventually just gave up trying to make that work, in favor of using
1237 * ANNOTATE_DATA_SPECIAL and creating the symbols here after the fact.
1238 */
create_fake_symbols(struct elf * elf)1239 static int create_fake_symbols(struct elf *elf)
1240 {
1241 struct section *sec;
1242 struct reloc *reloc;
1243
1244 /*
1245 * 1) Make symbols for all the ANNOTATE_DATA_SPECIAL entries:
1246 */
1247
1248 sec = find_section_by_name(elf, ".discard.annotate_data");
1249 if (!sec || !sec->rsec)
1250 return 0;
1251
1252 for_each_reloc(sec->rsec, reloc) {
1253 unsigned long offset, size;
1254 struct reloc *next_reloc;
1255
1256 if (annotype(elf, sec, reloc) != ANNOTYPE_DATA_SPECIAL)
1257 continue;
1258
1259 offset = reloc_addend(reloc);
1260
1261 size = 0;
1262 next_reloc = reloc;
1263 for_each_reloc_continue(sec->rsec, next_reloc) {
1264 if (annotype(elf, sec, next_reloc) != ANNOTYPE_DATA_SPECIAL ||
1265 next_reloc->sym->sec != reloc->sym->sec)
1266 continue;
1267
1268 size = reloc_addend(next_reloc) - offset;
1269 break;
1270 }
1271
1272 if (!size)
1273 size = sec_size(reloc->sym->sec) - offset;
1274
1275 if (create_fake_symbol(elf, reloc->sym->sec, offset, size))
1276 return -1;
1277 }
1278
1279 /*
1280 * 2) Make symbols for sh_entsize, and simple arrays of pointers:
1281 */
1282
1283 for_each_sec(elf, sec) {
1284 unsigned int entry_size;
1285 unsigned long offset;
1286
1287 if (!is_special_section(sec) || find_symbol_by_offset(sec, 0))
1288 continue;
1289
1290 if (!sec->rsec) {
1291 ERROR("%s: missing special section relocations", sec->name);
1292 return -1;
1293 }
1294
1295 entry_size = sec->sh.sh_entsize;
1296 if (!entry_size) {
1297 entry_size = arch_reloc_size(sec->rsec->relocs);
1298 if (sec_size(sec) != entry_size * sec_num_entries(sec->rsec)) {
1299 ERROR("%s: missing special section entsize or annotations", sec->name);
1300 return -1;
1301 }
1302 }
1303
1304 for (offset = 0; offset < sec_size(sec); offset += entry_size) {
1305 if (create_fake_symbol(elf, sec, offset, entry_size))
1306 return -1;
1307 }
1308 }
1309
1310 return 0;
1311 }
1312
1313 /* Keep a special section entry if it references an included function */
should_keep_special_sym(struct elf * elf,struct symbol * sym)1314 static bool should_keep_special_sym(struct elf *elf, struct symbol *sym)
1315 {
1316 struct reloc *reloc;
1317
1318 if (is_sec_sym(sym) || !sym->sec->rsec)
1319 return false;
1320
1321 sym_for_each_reloc(elf, sym, reloc) {
1322 if (convert_reloc_sym(elf, reloc))
1323 continue;
1324
1325 if (is_func_sym(reloc->sym) && reloc->sym->included)
1326 return true;
1327 }
1328
1329 return false;
1330 }
1331
1332 /*
1333 * Klp relocations aren't allowed for __jump_table and .static_call_sites if
1334 * the referenced symbol lives in a kernel module, because such klp relocs may
1335 * be applied after static branch/call init, resulting in code corruption.
1336 *
1337 * Validate a special section entry to avoid that. Note that an inert
1338 * tracepoint or pr_debug() is harmless enough, in that case just skip the
1339 * entry and print a warning. Otherwise, return an error.
1340 *
1341 * TODO: This is only a temporary limitation which will be fixed when livepatch
1342 * adds support for submodules: fully self-contained modules which are embedded
1343 * in the top-level livepatch module's data and which can be loaded on demand
1344 * when their corresponding to-be-patched module gets loaded. Then klp relocs
1345 * can be retired.
1346 *
1347 * Return:
1348 * -1: error: validation failed
1349 * 1: warning: disabled tracepoint or pr_debug()
1350 * 0: success
1351 */
validate_special_section_klp_reloc(struct elfs * e,struct symbol * sym)1352 static int validate_special_section_klp_reloc(struct elfs *e, struct symbol *sym)
1353 {
1354 bool static_branch = !strcmp(sym->sec->name, "__jump_table");
1355 bool static_call = !strcmp(sym->sec->name, ".static_call_sites");
1356 const char *code_sym = NULL;
1357 unsigned long code_offset = 0;
1358 struct reloc *reloc;
1359 int ret = 0;
1360
1361 if (!static_branch && !static_call)
1362 return 0;
1363
1364 sym_for_each_reloc(e->patched, sym, reloc) {
1365 const char *sym_modname;
1366 struct export *export;
1367
1368 if (convert_reloc_sym(e->patched, reloc))
1369 continue;
1370
1371 /* Static branch/call keys are always STT_OBJECT */
1372 if (reloc->sym->type != STT_OBJECT) {
1373
1374 /* Save code location which can be printed below */
1375 if (reloc->sym->type == STT_FUNC && !code_sym) {
1376 code_sym = reloc->sym->name;
1377 code_offset = reloc_addend(reloc);
1378 }
1379
1380 continue;
1381 }
1382
1383 if (!klp_reloc_needed(reloc))
1384 continue;
1385
1386 export = find_export(reloc->sym);
1387 if (export) {
1388 sym_modname = export->mod;
1389 } else {
1390 sym_modname = find_modname(e);
1391 if (!sym_modname)
1392 return -1;
1393 }
1394
1395 /* vmlinux keys are ok */
1396 if (!strcmp(sym_modname, "vmlinux"))
1397 continue;
1398
1399 if (!code_sym)
1400 code_sym = "<unknown>";
1401
1402 if (static_branch) {
1403 if (strstarts(reloc->sym->name, "__tracepoint_")) {
1404 WARN("%s: disabling unsupported tracepoint %s",
1405 code_sym, reloc->sym->name + 13);
1406 ret = 1;
1407 continue;
1408 }
1409
1410 if (strstr(reloc->sym->name, "__UNIQUE_ID_ddebug_")) {
1411 WARN("%s: disabling unsupported pr_debug()",
1412 code_sym);
1413 ret = 1;
1414 continue;
1415 }
1416
1417 ERROR("%s+0x%lx: unsupported static branch key %s. Use static_key_enabled() instead",
1418 code_sym, code_offset, reloc->sym->name);
1419 return -1;
1420 }
1421
1422 /* static call */
1423 if (strstarts(reloc->sym->name, "__SCK__tp_func_")) {
1424 ret = 1;
1425 continue;
1426 }
1427
1428 ERROR("%s()+0x%lx: unsupported static call key %s. Use KLP_STATIC_CALL() instead",
1429 code_sym, code_offset, reloc->sym->name);
1430 return -1;
1431 }
1432
1433 return ret;
1434 }
1435
clone_special_section(struct elfs * e,struct section * patched_sec)1436 static int clone_special_section(struct elfs *e, struct section *patched_sec)
1437 {
1438 struct symbol *patched_sym;
1439
1440 /*
1441 * Extract all special section symbols (and their dependencies) which
1442 * reference included functions.
1443 */
1444 sec_for_each_sym(patched_sec, patched_sym) {
1445 int ret;
1446
1447 if (!is_object_sym(patched_sym))
1448 continue;
1449
1450 if (!should_keep_special_sym(e->patched, patched_sym))
1451 continue;
1452
1453 ret = validate_special_section_klp_reloc(e, patched_sym);
1454 if (ret < 0)
1455 return -1;
1456 if (ret > 0)
1457 continue;
1458
1459 if (!clone_symbol(e, patched_sym, true))
1460 return -1;
1461 }
1462
1463 return 0;
1464 }
1465
1466 /* Extract only the needed bits from special sections */
clone_special_sections(struct elfs * e)1467 static int clone_special_sections(struct elfs *e)
1468 {
1469 struct section *patched_sec;
1470
1471 for_each_sec(e->patched, patched_sec) {
1472 if (is_special_section(patched_sec)) {
1473 if (clone_special_section(e, patched_sec))
1474 return -1;
1475 }
1476 }
1477
1478 return 0;
1479 }
1480
1481 /*
1482 * Create .init.klp_objects and .init.klp_funcs sections which are intermediate
1483 * sections provided as input to the patch module's init code for building the
1484 * klp_patch, klp_object and klp_func structs for the livepatch API.
1485 */
create_klp_sections(struct elfs * e)1486 static int create_klp_sections(struct elfs *e)
1487 {
1488 size_t obj_size = sizeof(struct klp_object_ext);
1489 size_t func_size = sizeof(struct klp_func_ext);
1490 struct section *obj_sec, *funcs_sec, *str_sec;
1491 struct symbol *funcs_sym, *str_sym, *sym;
1492 char sym_name[SYM_NAME_LEN];
1493 unsigned int nr_funcs = 0;
1494 const char *modname;
1495 void *obj_data;
1496 s64 addend;
1497
1498 obj_sec = elf_create_section_pair(e->out, KLP_OBJECTS_SEC, obj_size, 0, 0);
1499 if (!obj_sec)
1500 return -1;
1501
1502 funcs_sec = elf_create_section_pair(e->out, KLP_FUNCS_SEC, func_size, 0, 0);
1503 if (!funcs_sec)
1504 return -1;
1505
1506 funcs_sym = elf_create_section_symbol(e->out, funcs_sec);
1507 if (!funcs_sym)
1508 return -1;
1509
1510 str_sec = elf_create_section(e->out, KLP_STRINGS_SEC, 0, 0,
1511 SHT_PROGBITS, 1,
1512 SHF_ALLOC | SHF_STRINGS | SHF_MERGE);
1513 if (!str_sec)
1514 return -1;
1515
1516 if (elf_add_string(e->out, str_sec, "") == -1)
1517 return -1;
1518
1519 str_sym = elf_create_section_symbol(e->out, str_sec);
1520 if (!str_sym)
1521 return -1;
1522
1523 /* allocate klp_object_ext */
1524 obj_data = elf_add_data(e->out, obj_sec, NULL, obj_size);
1525 if (!obj_data)
1526 return -1;
1527
1528 modname = find_modname(e);
1529 if (!modname)
1530 return -1;
1531
1532 /* klp_object_ext.name */
1533 if (strcmp(modname, "vmlinux")) {
1534 addend = elf_add_string(e->out, str_sec, modname);
1535 if (addend == -1)
1536 return -1;
1537
1538 if (!elf_create_reloc(e->out, obj_sec,
1539 offsetof(struct klp_object_ext, name),
1540 str_sym, addend, R_ABS64))
1541 return -1;
1542 }
1543
1544 /* klp_object_ext.funcs */
1545 if (!elf_create_reloc(e->out, obj_sec, offsetof(struct klp_object_ext, funcs),
1546 funcs_sym, 0, R_ABS64))
1547 return -1;
1548
1549 for_each_sym(e->out, sym) {
1550 unsigned long offset = nr_funcs * func_size;
1551 unsigned long sympos;
1552 void *func_data;
1553
1554 if (!is_func_sym(sym) || sym->cold || !sym->clone || !sym->clone->changed)
1555 continue;
1556
1557 /* allocate klp_func_ext */
1558 func_data = elf_add_data(e->out, funcs_sec, NULL, func_size);
1559 if (!func_data)
1560 return -1;
1561
1562 /* klp_func_ext.old_name */
1563 addend = elf_add_string(e->out, str_sec, sym->clone->twin->name);
1564 if (addend == -1)
1565 return -1;
1566
1567 if (!elf_create_reloc(e->out, funcs_sec,
1568 offset + offsetof(struct klp_func_ext, old_name),
1569 str_sym, addend, R_ABS64))
1570 return -1;
1571
1572 /* klp_func_ext.new_func */
1573 if (!elf_create_reloc(e->out, funcs_sec,
1574 offset + offsetof(struct klp_func_ext, new_func),
1575 sym, 0, R_ABS64))
1576 return -1;
1577
1578 /* klp_func_ext.sympos */
1579 BUILD_BUG_ON(sizeof(sympos) != sizeof_field(struct klp_func_ext, sympos));
1580 sympos = find_sympos(e->orig, sym->clone->twin);
1581 if (sympos == ULONG_MAX)
1582 return -1;
1583 memcpy(func_data + offsetof(struct klp_func_ext, sympos), &sympos,
1584 sizeof_field(struct klp_func_ext, sympos));
1585
1586 nr_funcs++;
1587 }
1588
1589 /* klp_object_ext.nr_funcs */
1590 BUILD_BUG_ON(sizeof(nr_funcs) != sizeof_field(struct klp_object_ext, nr_funcs));
1591 memcpy(obj_data + offsetof(struct klp_object_ext, nr_funcs), &nr_funcs,
1592 sizeof_field(struct klp_object_ext, nr_funcs));
1593
1594 /*
1595 * Find callback pointers created by KLP_PRE_PATCH_CALLBACK() and
1596 * friends, and add them to the klp object.
1597 */
1598
1599 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_PRE_PATCH_PREFIX "%s", modname))
1600 return -1;
1601
1602 sym = find_symbol_by_name(e->out, sym_name);
1603 if (sym) {
1604 struct reloc *reloc;
1605
1606 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset);
1607
1608 if (!elf_create_reloc(e->out, obj_sec,
1609 offsetof(struct klp_object_ext, callbacks) +
1610 offsetof(struct klp_callbacks, pre_patch),
1611 reloc->sym, reloc_addend(reloc), R_ABS64))
1612 return -1;
1613 }
1614
1615 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_POST_PATCH_PREFIX "%s", modname))
1616 return -1;
1617
1618 sym = find_symbol_by_name(e->out, sym_name);
1619 if (sym) {
1620 struct reloc *reloc;
1621
1622 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset);
1623
1624 if (!elf_create_reloc(e->out, obj_sec,
1625 offsetof(struct klp_object_ext, callbacks) +
1626 offsetof(struct klp_callbacks, post_patch),
1627 reloc->sym, reloc_addend(reloc), R_ABS64))
1628 return -1;
1629 }
1630
1631 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_PRE_UNPATCH_PREFIX "%s", modname))
1632 return -1;
1633
1634 sym = find_symbol_by_name(e->out, sym_name);
1635 if (sym) {
1636 struct reloc *reloc;
1637
1638 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset);
1639
1640 if (!elf_create_reloc(e->out, obj_sec,
1641 offsetof(struct klp_object_ext, callbacks) +
1642 offsetof(struct klp_callbacks, pre_unpatch),
1643 reloc->sym, reloc_addend(reloc), R_ABS64))
1644 return -1;
1645 }
1646
1647 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_POST_UNPATCH_PREFIX "%s", modname))
1648 return -1;
1649
1650 sym = find_symbol_by_name(e->out, sym_name);
1651 if (sym) {
1652 struct reloc *reloc;
1653
1654 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset);
1655
1656 if (!elf_create_reloc(e->out, obj_sec,
1657 offsetof(struct klp_object_ext, callbacks) +
1658 offsetof(struct klp_callbacks, post_unpatch),
1659 reloc->sym, reloc_addend(reloc), R_ABS64))
1660 return -1;
1661 }
1662
1663 return 0;
1664 }
1665
1666 /*
1667 * Copy all .modinfo import_ns= tags to ensure all namespaced exported symbols
1668 * can be accessed via normal relocs.
1669 */
copy_import_ns(struct elfs * e)1670 static int copy_import_ns(struct elfs *e)
1671 {
1672 struct section *patched_sec, *out_sec = NULL;
1673 char *import_ns, *data_end;
1674
1675 patched_sec = find_section_by_name(e->patched, ".modinfo");
1676 if (!patched_sec)
1677 return 0;
1678
1679 import_ns = patched_sec->data->d_buf;
1680 if (!import_ns)
1681 return 0;
1682
1683 for (data_end = import_ns + sec_size(patched_sec);
1684 import_ns < data_end;
1685 import_ns += strlen(import_ns) + 1) {
1686
1687 import_ns = memmem(import_ns, data_end - import_ns, "import_ns=", 10);
1688 if (!import_ns)
1689 return 0;
1690
1691 if (!out_sec) {
1692 out_sec = find_section_by_name(e->out, ".modinfo");
1693 if (!out_sec) {
1694 out_sec = elf_create_section(e->out, ".modinfo", 0,
1695 patched_sec->sh.sh_entsize,
1696 patched_sec->sh.sh_type,
1697 patched_sec->sh.sh_addralign,
1698 patched_sec->sh.sh_flags);
1699 if (!out_sec)
1700 return -1;
1701 }
1702 }
1703
1704 if (!elf_add_data(e->out, out_sec, import_ns, strlen(import_ns) + 1))
1705 return -1;
1706 }
1707
1708 return 0;
1709 }
1710
cmd_klp_diff(int argc,const char ** argv)1711 int cmd_klp_diff(int argc, const char **argv)
1712 {
1713 struct elfs e = {0};
1714
1715 argc = parse_options(argc, argv, klp_diff_options, klp_diff_usage, 0);
1716 if (argc != 3)
1717 usage_with_options(klp_diff_usage, klp_diff_options);
1718
1719 objname = argv[0];
1720
1721 e.orig = elf_open_read(argv[0], O_RDONLY);
1722 e.patched = elf_open_read(argv[1], O_RDONLY);
1723 e.out = NULL;
1724
1725 if (!e.orig || !e.patched)
1726 return -1;
1727
1728 if (read_exports())
1729 return -1;
1730
1731 if (read_sym_checksums(e.orig))
1732 return -1;
1733
1734 if (read_sym_checksums(e.patched))
1735 return -1;
1736
1737 if (correlate_symbols(&e))
1738 return -1;
1739
1740 if (mark_changed_functions(&e))
1741 return 0;
1742
1743 e.out = elf_create_file(&e.orig->ehdr, argv[2]);
1744 if (!e.out)
1745 return -1;
1746
1747 /*
1748 * Special section fake symbols are needed so that individual special
1749 * section entries can be extracted by clone_special_sections().
1750 *
1751 * Note the fake symbols are also needed by clone_included_functions()
1752 * because __WARN_printf() call sites add references to bug table
1753 * entries in the calling functions.
1754 */
1755 if (create_fake_symbols(e.patched))
1756 return -1;
1757
1758 if (clone_included_functions(&e))
1759 return -1;
1760
1761 if (clone_special_sections(&e))
1762 return -1;
1763
1764 if (create_klp_sections(&e))
1765 return -1;
1766
1767 if (copy_import_ns(&e))
1768 return -1;
1769
1770 if (elf_write(e.out))
1771 return -1;
1772
1773 return elf_close(e.out);
1774 }
1775