1 // SPDX-License-Identifier: GPL-2.0-or-later 2 #define _GNU_SOURCE /* memmem() */ 3 #include <subcmd/parse-options.h> 4 #include <stdlib.h> 5 #include <string.h> 6 #include <libgen.h> 7 #include <stdio.h> 8 #include <ctype.h> 9 10 #include <objtool/objtool.h> 11 #include <objtool/warn.h> 12 #include <objtool/arch.h> 13 #include <objtool/klp.h> 14 #include <objtool/util.h> 15 #include <arch/special.h> 16 17 #include <linux/align.h> 18 #include <linux/objtool_types.h> 19 #include <linux/livepatch_external.h> 20 #include <linux/stringify.h> 21 #include <linux/string.h> 22 #include <linux/jhash.h> 23 24 #define sizeof_field(TYPE, MEMBER) sizeof((((TYPE *)0)->MEMBER)) 25 26 struct elfs { 27 struct elf *orig, *patched, *out; 28 const char *modname; 29 }; 30 31 struct export { 32 struct hlist_node hash; 33 char *mod, *sym; 34 }; 35 36 static const char * const klp_diff_usage[] = { 37 "objtool klp diff [<options>] <in1.o> <in2.o> <out.o>", 38 NULL, 39 }; 40 41 static const struct option klp_diff_options[] = { 42 OPT_GROUP("Options:"), 43 OPT_BOOLEAN('d', "debug", &debug, "enable debug output"), 44 OPT_END(), 45 }; 46 47 static DEFINE_HASHTABLE(exports, 15); 48 49 static inline u32 str_hash(const char *str) 50 { 51 return jhash(str, strlen(str), 0); 52 } 53 54 static char *escape_str(const char *orig) 55 { 56 size_t len = 0; 57 const char *a; 58 char *b, *new; 59 60 for (a = orig; *a; a++) { 61 switch (*a) { 62 case '\001': len += 5; break; 63 case '\n': 64 case '\t': len += 2; break; 65 default: len++; 66 } 67 } 68 69 new = malloc(len + 1); 70 if (!new) 71 return NULL; 72 73 for (a = orig, b = new; *a; a++) { 74 switch (*a) { 75 case '\001': memcpy(b, "<SOH>", 5); b += 5; break; 76 case '\n': *b++ = '\\'; *b++ = 'n'; break; 77 case '\t': *b++ = '\\'; *b++ = 't'; break; 78 default: *b++ = *a; 79 } 80 } 81 82 *b = '\0'; 83 return new; 84 } 85 86 static int read_exports(void) 87 { 88 const char *symvers = "Module.symvers"; 89 char line[1024], *path = NULL; 90 unsigned int line_num = 1; 91 FILE *file; 92 93 file = fopen(symvers, "r"); 94 if (!file) { 95 path = top_level_dir(symvers); 96 if (!path) { 97 ERROR("can't open '%s', \"objtool diff\" should be run from the kernel tree", symvers); 98 return -1; 99 } 100 101 file = fopen(path, "r"); 102 if (!file) { 103 ERROR_GLIBC("fopen"); 104 return -1; 105 } 106 } 107 108 while (fgets(line, 1024, file)) { 109 char *sym, *mod, *type; 110 struct export *export; 111 112 sym = strchr(line, '\t'); 113 if (!sym) { 114 ERROR("malformed Module.symvers (sym) at line %d", line_num); 115 return -1; 116 } 117 118 *sym++ = '\0'; 119 120 mod = strchr(sym, '\t'); 121 if (!mod) { 122 ERROR("malformed Module.symvers (mod) at line %d", line_num); 123 return -1; 124 } 125 126 *mod++ = '\0'; 127 128 type = strchr(mod, '\t'); 129 if (!type) { 130 ERROR("malformed Module.symvers (type) at line %d", line_num); 131 return -1; 132 } 133 134 *type++ = '\0'; 135 136 if (*sym == '\0' || *mod == '\0') { 137 ERROR("malformed Module.symvers at line %d", line_num); 138 return -1; 139 } 140 141 export = calloc(1, sizeof(*export)); 142 if (!export) { 143 ERROR_GLIBC("calloc"); 144 return -1; 145 } 146 147 export->mod = strdup(mod); 148 if (!export->mod) { 149 ERROR_GLIBC("strdup"); 150 return -1; 151 } 152 153 export->sym = strdup(sym); 154 if (!export->sym) { 155 ERROR_GLIBC("strdup"); 156 return -1; 157 } 158 159 hash_add(exports, &export->hash, str_hash(sym)); 160 } 161 162 free(path); 163 fclose(file); 164 165 return 0; 166 } 167 168 static int read_sym_checksums(struct elf *elf) 169 { 170 struct section *sec; 171 172 sec = find_section_by_name(elf, ".discard.sym_checksum"); 173 if (!sec) { 174 ERROR("'%s' missing .discard.sym_checksum section, file not processed by 'objtool --checksum'?", 175 elf->name); 176 return -1; 177 } 178 179 if (!sec->rsec) { 180 ERROR("missing reloc section for .discard.sym_checksum"); 181 return -1; 182 } 183 184 if (sec_size(sec) % sizeof(struct sym_checksum)) { 185 ERROR("struct sym_checksum size mismatch"); 186 return -1; 187 } 188 189 for (int i = 0; i < sec_size(sec) / sizeof(struct sym_checksum); i++) { 190 struct sym_checksum *sym_checksum; 191 struct reloc *reloc; 192 struct symbol *sym; 193 194 sym_checksum = (struct sym_checksum *)sec->data->d_buf + i; 195 196 reloc = find_reloc_by_dest(elf, sec, i * sizeof(*sym_checksum)); 197 if (!reloc) { 198 ERROR("can't find reloc for sym_checksum[%d]", i); 199 return -1; 200 } 201 202 sym = reloc->sym; 203 204 if (is_sec_sym(sym)) { 205 ERROR("not sure how to handle section %s", sym->name); 206 return -1; 207 } 208 209 if (is_func_sym(sym)) 210 sym->csum.checksum = sym_checksum->checksum; 211 } 212 213 return 0; 214 } 215 216 static struct symbol *first_file_symbol(struct elf *elf) 217 { 218 struct symbol *sym; 219 220 for_each_sym(elf, sym) { 221 if (is_file_sym(sym)) 222 return sym; 223 } 224 225 return NULL; 226 } 227 228 static struct symbol *next_file_symbol(struct elf *elf, struct symbol *sym) 229 { 230 for_each_sym_continue(elf, sym) { 231 if (is_file_sym(sym)) 232 return sym; 233 } 234 235 return NULL; 236 } 237 238 /* 239 * Certain static local variables should never be correlated. They will be 240 * used in place rather than referencing the originals. 241 */ 242 static bool is_uncorrelated_static_local(struct symbol *sym) 243 { 244 static const char * const vars[] = { 245 "__already_done.", 246 "__func__.", 247 "__key.", 248 "__warned.", 249 "_entry.", 250 "_entry_ptr.", 251 "_rs.", 252 "descriptor.", 253 "CSWTCH.", 254 }; 255 256 if (!is_object_sym(sym) || !is_local_sym(sym)) 257 return false; 258 259 if (!strcmp(sym->sec->name, ".data.once")) 260 return true; 261 262 for (int i = 0; i < ARRAY_SIZE(vars); i++) { 263 if (strstarts(sym->name, vars[i])) 264 return true; 265 } 266 267 return false; 268 } 269 270 /* 271 * Clang emits several useless .Ltmp_* code labels. 272 */ 273 static bool is_clang_tmp_label(struct symbol *sym) 274 { 275 return is_notype_sym(sym) && 276 is_text_sec(sym->sec) && 277 strstarts(sym->name, ".Ltmp") && 278 isdigit(sym->name[5]); 279 } 280 281 static bool is_special_section(struct section *sec) 282 { 283 static const char * const specials[] = { 284 ".altinstructions", 285 ".smp_locks", 286 "__bug_table", 287 "__ex_table", 288 "__jump_table", 289 "__mcount_loc", 290 291 /* 292 * Extract .static_call_sites here to inherit non-module 293 * preferential treatment. The later static call processing 294 * during klp module build will be skipped when it sees this 295 * section already exists. 296 */ 297 ".static_call_sites", 298 }; 299 300 static const char * const non_special_discards[] = { 301 ".discard.addressable", 302 ".discard.sym_checksum", 303 }; 304 305 if (is_text_sec(sec)) 306 return false; 307 308 for (int i = 0; i < ARRAY_SIZE(specials); i++) { 309 if (!strcmp(sec->name, specials[i])) 310 return true; 311 } 312 313 /* Most .discard data sections are special */ 314 for (int i = 0; i < ARRAY_SIZE(non_special_discards); i++) { 315 if (!strcmp(sec->name, non_special_discards[i])) 316 return false; 317 } 318 319 return strstarts(sec->name, ".discard."); 320 } 321 322 /* 323 * These sections are referenced by special sections but aren't considered 324 * special sections themselves. 325 */ 326 static bool is_special_section_aux(struct section *sec) 327 { 328 static const char * const specials_aux[] = { 329 ".altinstr_replacement", 330 ".altinstr_aux", 331 }; 332 333 for (int i = 0; i < ARRAY_SIZE(specials_aux); i++) { 334 if (!strcmp(sec->name, specials_aux[i])) 335 return true; 336 } 337 338 return false; 339 } 340 341 /* 342 * These symbols should never be correlated, so their local patched versions 343 * are used instead of linking to the originals. 344 */ 345 static bool dont_correlate(struct symbol *sym) 346 { 347 return is_file_sym(sym) || 348 is_null_sym(sym) || 349 is_sec_sym(sym) || 350 is_prefix_func(sym) || 351 is_uncorrelated_static_local(sym) || 352 is_clang_tmp_label(sym) || 353 is_string_sec(sym->sec) || 354 is_special_section(sym->sec) || 355 is_special_section_aux(sym->sec) || 356 strstarts(sym->name, "__initcall__"); 357 } 358 359 struct process_demangled_name_data { 360 struct symbol *ret; 361 int count; 362 }; 363 364 static void process_demangled_name(struct symbol *sym, void *d) 365 { 366 struct process_demangled_name_data *data = d; 367 368 if (sym->twin) 369 return; 370 371 data->count++; 372 data->ret = sym; 373 } 374 375 /* 376 * When there is no full name match, try match demangled_name. This would 377 * match original foo.llvm.123 to patched foo.llvm.456. 378 * 379 * Note that, in very rare cases, it is possible to have multiple 380 * foo.llvm.<hash> in the same kernel. When this happens, report error and 381 * fail the diff. 382 */ 383 static int find_global_symbol_by_demangled_name(struct elf *elf, struct symbol *sym, 384 struct symbol **out_sym) 385 { 386 struct process_demangled_name_data data = {}; 387 388 iterate_global_symbol_by_demangled_name(elf, sym->demangled_name, 389 process_demangled_name, 390 &data); 391 if (data.count > 1) { 392 ERROR("Multiple (%d) correlation candidates for %s", data.count, sym->name); 393 return -1; 394 } 395 *out_sym = data.ret; 396 return 0; 397 } 398 399 /* 400 * For each symbol in the original kernel, find its corresponding "twin" in the 401 * patched kernel. 402 */ 403 static int correlate_symbols(struct elfs *e) 404 { 405 struct symbol *file1_sym, *file2_sym; 406 struct symbol *sym1, *sym2; 407 408 file1_sym = first_file_symbol(e->orig); 409 file2_sym = first_file_symbol(e->patched); 410 411 /* 412 * Correlate any locals before the first FILE symbol. This has been 413 * seen when LTO inexplicably strips the initramfs_data.o FILE symbol 414 * due to the file only containing data and no code. 415 */ 416 for_each_sym(e->orig, sym1) { 417 if (sym1 == file1_sym || !is_local_sym(sym1)) 418 break; 419 420 if (dont_correlate(sym1)) 421 continue; 422 423 for_each_sym(e->patched, sym2) { 424 if (sym2 == file2_sym || !is_local_sym(sym2)) 425 break; 426 427 if (sym2->twin || dont_correlate(sym2)) 428 continue; 429 430 if (strcmp(sym1->demangled_name, sym2->demangled_name)) 431 continue; 432 433 sym1->twin = sym2; 434 sym2->twin = sym1; 435 break; 436 } 437 } 438 439 /* Correlate locals after the first FILE symbol */ 440 for (; ; file1_sym = next_file_symbol(e->orig, file1_sym), 441 file2_sym = next_file_symbol(e->patched, file2_sym)) { 442 443 if (!file1_sym && file2_sym) { 444 ERROR("FILE symbol mismatch: NULL != %s", file2_sym->name); 445 return -1; 446 } 447 448 if (file1_sym && !file2_sym) { 449 ERROR("FILE symbol mismatch: %s != NULL", file1_sym->name); 450 return -1; 451 } 452 453 if (!file1_sym) 454 break; 455 456 if (strcmp(file1_sym->name, file2_sym->name)) { 457 ERROR("FILE symbol mismatch: %s != %s", file1_sym->name, file2_sym->name); 458 return -1; 459 } 460 461 file1_sym->twin = file2_sym; 462 file2_sym->twin = file1_sym; 463 464 sym1 = file1_sym; 465 466 for_each_sym_continue(e->orig, sym1) { 467 if (is_file_sym(sym1) || !is_local_sym(sym1)) 468 break; 469 470 if (dont_correlate(sym1)) 471 continue; 472 473 sym2 = file2_sym; 474 for_each_sym_continue(e->patched, sym2) { 475 if (is_file_sym(sym2) || !is_local_sym(sym2)) 476 break; 477 478 if (sym2->twin || dont_correlate(sym2)) 479 continue; 480 481 if (strcmp(sym1->demangled_name, sym2->demangled_name)) 482 continue; 483 484 sym1->twin = sym2; 485 sym2->twin = sym1; 486 break; 487 } 488 } 489 } 490 491 /* Correlate globals */ 492 for_each_sym(e->orig, sym1) { 493 if (sym1->bind == STB_LOCAL) 494 continue; 495 496 sym2 = find_global_symbol_by_name(e->patched, sym1->name); 497 if (sym2 && !sym2->twin) { 498 sym1->twin = sym2; 499 sym2->twin = sym1; 500 } 501 } 502 503 /* 504 * Correlate globals with demangled_name. 505 * A separate loop is needed because we want to finish all the 506 * full name correlations first. 507 */ 508 for_each_sym(e->orig, sym1) { 509 if (sym1->bind == STB_LOCAL || sym1->twin) 510 continue; 511 512 if (find_global_symbol_by_demangled_name(e->patched, sym1, &sym2)) 513 return -1; 514 515 if (sym2 && !sym2->twin) { 516 sym1->twin = sym2; 517 sym2->twin = sym1; 518 } 519 } 520 521 /* Correlate original locals with patched globals */ 522 for_each_sym(e->orig, sym1) { 523 if (sym1->twin || dont_correlate(sym1) || !is_local_sym(sym1)) 524 continue; 525 526 sym2 = find_global_symbol_by_name(e->patched, sym1->name); 527 if (!sym2 && find_global_symbol_by_demangled_name(e->patched, sym1, &sym2)) 528 return -1; 529 530 if (sym2 && !sym2->twin) { 531 sym1->twin = sym2; 532 sym2->twin = sym1; 533 } 534 } 535 536 /* Correlate original globals with patched locals */ 537 for_each_sym(e->patched, sym2) { 538 if (sym2->twin || dont_correlate(sym2) || !is_local_sym(sym2)) 539 continue; 540 541 sym1 = find_global_symbol_by_name(e->orig, sym2->name); 542 if (!sym1 && find_global_symbol_by_demangled_name(e->orig, sym2, &sym1)) 543 return -1; 544 545 if (sym1 && !sym1->twin) { 546 sym2->twin = sym1; 547 sym1->twin = sym2; 548 } 549 } 550 551 for_each_sym(e->orig, sym1) { 552 if (sym1->twin || dont_correlate(sym1)) 553 continue; 554 WARN("no correlation: %s", sym1->name); 555 } 556 557 return 0; 558 } 559 560 /* "sympos" is used by livepatch to disambiguate duplicate symbol names */ 561 static unsigned long find_sympos(struct elf *elf, struct symbol *sym) 562 { 563 bool vmlinux = str_ends_with(objname, "vmlinux.o"); 564 unsigned long sympos = 0, nr_matches = 0; 565 bool has_dup = false; 566 struct symbol *s; 567 568 if (sym->bind != STB_LOCAL) 569 return 0; 570 571 if (vmlinux && is_func_sym(sym)) { 572 /* 573 * HACK: Unfortunately, symbol ordering can differ between 574 * vmlinux.o and vmlinux due to the linker script emitting 575 * .text.unlikely* before .text*. Count .text.unlikely* first. 576 * 577 * TODO: Disambiguate symbols more reliably (checksums?) 578 */ 579 for_each_sym(elf, s) { 580 if (strstarts(s->sec->name, ".text.unlikely") && 581 !strcmp(s->name, sym->name)) { 582 nr_matches++; 583 if (s == sym) 584 sympos = nr_matches; 585 else 586 has_dup = true; 587 } 588 } 589 for_each_sym(elf, s) { 590 if (!strstarts(s->sec->name, ".text.unlikely") && 591 !strcmp(s->name, sym->name)) { 592 nr_matches++; 593 if (s == sym) 594 sympos = nr_matches; 595 else 596 has_dup = true; 597 } 598 } 599 } else { 600 for_each_sym(elf, s) { 601 if (!strcmp(s->name, sym->name)) { 602 nr_matches++; 603 if (s == sym) 604 sympos = nr_matches; 605 else 606 has_dup = true; 607 } 608 } 609 } 610 611 if (!sympos) { 612 ERROR("can't find sympos for %s", sym->name); 613 return ULONG_MAX; 614 } 615 616 return has_dup ? sympos : 0; 617 } 618 619 static int clone_sym_relocs(struct elfs *e, struct symbol *patched_sym); 620 621 static struct symbol *__clone_symbol(struct elf *elf, struct symbol *patched_sym, 622 bool data_too) 623 { 624 struct section *out_sec = NULL; 625 unsigned long offset = 0; 626 struct symbol *out_sym; 627 628 if (data_too && !is_undef_sym(patched_sym)) { 629 struct section *patched_sec = patched_sym->sec; 630 631 out_sec = find_section_by_name(elf, patched_sec->name); 632 if (!out_sec) { 633 out_sec = elf_create_section(elf, patched_sec->name, 0, 634 patched_sec->sh.sh_entsize, 635 patched_sec->sh.sh_type, 636 patched_sec->sh.sh_addralign, 637 patched_sec->sh.sh_flags); 638 if (!out_sec) 639 return NULL; 640 } 641 642 if (is_string_sec(patched_sym->sec)) { 643 out_sym = elf_create_section_symbol(elf, out_sec); 644 if (!out_sym) 645 return NULL; 646 647 goto sym_created; 648 } 649 650 if (!is_sec_sym(patched_sym)) 651 offset = ALIGN(sec_size(out_sec), out_sec->sh.sh_addralign); 652 653 if (patched_sym->len || is_sec_sym(patched_sym)) { 654 void *data = NULL; 655 size_t size; 656 657 /* bss doesn't have data */ 658 if (patched_sym->sec->data->d_buf) 659 data = patched_sym->sec->data->d_buf + patched_sym->offset; 660 661 if (is_sec_sym(patched_sym)) 662 size = sec_size(patched_sym->sec); 663 else 664 size = patched_sym->len; 665 666 if (!elf_add_data(elf, out_sec, data, size)) 667 return NULL; 668 } 669 } 670 671 out_sym = elf_create_symbol(elf, patched_sym->name, out_sec, 672 patched_sym->bind, patched_sym->type, 673 offset, patched_sym->len); 674 if (!out_sym) 675 return NULL; 676 677 sym_created: 678 patched_sym->clone = out_sym; 679 out_sym->clone = patched_sym; 680 681 return out_sym; 682 } 683 684 static const char *sym_type(struct symbol *sym) 685 { 686 switch (sym->type) { 687 case STT_NOTYPE: return "NOTYPE"; 688 case STT_OBJECT: return "OBJECT"; 689 case STT_FUNC: return "FUNC"; 690 case STT_SECTION: return "SECTION"; 691 case STT_FILE: return "FILE"; 692 default: return "UNKNOWN"; 693 } 694 } 695 696 static const char *sym_bind(struct symbol *sym) 697 { 698 switch (sym->bind) { 699 case STB_LOCAL: return "LOCAL"; 700 case STB_GLOBAL: return "GLOBAL"; 701 case STB_WEAK: return "WEAK"; 702 default: return "UNKNOWN"; 703 } 704 } 705 706 /* 707 * Copy a symbol to the output object, optionally including its data and 708 * relocations. 709 */ 710 static struct symbol *clone_symbol(struct elfs *e, struct symbol *patched_sym, 711 bool data_too) 712 { 713 struct symbol *pfx; 714 715 if (patched_sym->clone) 716 return patched_sym->clone; 717 718 dbg_indent("%s%s", patched_sym->name, data_too ? " [+DATA]" : ""); 719 720 /* Make sure the prefix gets cloned first */ 721 if (is_func_sym(patched_sym) && data_too) { 722 pfx = get_func_prefix(patched_sym); 723 if (pfx) 724 clone_symbol(e, pfx, true); 725 } 726 727 if (!__clone_symbol(e->out, patched_sym, data_too)) 728 return NULL; 729 730 if (data_too && clone_sym_relocs(e, patched_sym)) 731 return NULL; 732 733 return patched_sym->clone; 734 } 735 736 static void mark_included_function(struct symbol *func) 737 { 738 struct symbol *pfx; 739 740 func->included = 1; 741 742 /* Include prefix function */ 743 pfx = get_func_prefix(func); 744 if (pfx) 745 pfx->included = 1; 746 747 /* Make sure .cold parent+child always stay together */ 748 if (func->cfunc && func->cfunc != func) 749 func->cfunc->included = 1; 750 if (func->pfunc && func->pfunc != func) 751 func->pfunc->included = 1; 752 } 753 754 /* 755 * Copy all changed functions (and their dependencies) from the patched object 756 * to the output object. 757 */ 758 static int mark_changed_functions(struct elfs *e) 759 { 760 struct symbol *sym_orig, *patched_sym; 761 bool changed = false; 762 763 /* Find changed functions */ 764 for_each_sym(e->orig, sym_orig) { 765 if (!is_func_sym(sym_orig) || is_prefix_func(sym_orig)) 766 continue; 767 768 patched_sym = sym_orig->twin; 769 if (!patched_sym) 770 continue; 771 772 if (sym_orig->csum.checksum != patched_sym->csum.checksum) { 773 patched_sym->changed = 1; 774 mark_included_function(patched_sym); 775 changed = true; 776 } 777 } 778 779 /* Find added functions and print them */ 780 for_each_sym(e->patched, patched_sym) { 781 if (!is_func_sym(patched_sym) || is_prefix_func(patched_sym)) 782 continue; 783 784 if (!patched_sym->twin) { 785 printf("%s: new function: %s\n", objname, patched_sym->name); 786 mark_included_function(patched_sym); 787 changed = true; 788 } 789 } 790 791 /* Print changed functions */ 792 for_each_sym(e->patched, patched_sym) { 793 if (patched_sym->changed) 794 printf("%s: changed function: %s\n", objname, patched_sym->name); 795 } 796 797 return !changed ? -1 : 0; 798 } 799 800 static int clone_included_functions(struct elfs *e) 801 { 802 struct symbol *patched_sym; 803 804 for_each_sym(e->patched, patched_sym) { 805 if (patched_sym->included) { 806 if (!clone_symbol(e, patched_sym, true)) 807 return -1; 808 } 809 } 810 811 return 0; 812 } 813 814 /* 815 * Determine whether a relocation should reference the section rather than the 816 * underlying symbol. 817 */ 818 static bool section_reference_needed(struct section *sec) 819 { 820 /* 821 * String symbols are zero-length and uncorrelated. It's easier to 822 * deal with them as section symbols. 823 */ 824 if (is_string_sec(sec)) 825 return true; 826 827 /* 828 * .rodata has mostly anonymous data so there's no way to determine the 829 * length of a needed reference. just copy the whole section if needed. 830 */ 831 if (strstarts(sec->name, ".rodata")) 832 return true; 833 834 /* UBSAN anonymous data */ 835 if (strstarts(sec->name, ".data..Lubsan") || /* GCC */ 836 strstarts(sec->name, ".data..L__unnamed_")) /* Clang */ 837 return true; 838 839 return false; 840 } 841 842 static bool is_reloc_allowed(struct reloc *reloc) 843 { 844 return section_reference_needed(reloc->sym->sec) == is_sec_sym(reloc->sym); 845 } 846 847 static struct export *find_export(struct symbol *sym) 848 { 849 struct export *export; 850 851 hash_for_each_possible(exports, export, hash, str_hash(sym->name)) { 852 if (!strcmp(export->sym, sym->name)) 853 return export; 854 } 855 856 return NULL; 857 } 858 859 static const char *__find_modname(struct elfs *e) 860 { 861 struct section *sec; 862 char *name; 863 864 sec = find_section_by_name(e->orig, ".modinfo"); 865 if (!sec) { 866 ERROR("missing .modinfo section"); 867 return NULL; 868 } 869 870 name = memmem(sec->data->d_buf, sec_size(sec), "\0name=", 6); 871 if (name) 872 return name + 6; 873 874 name = strdup(e->orig->name); 875 if (!name) { 876 ERROR_GLIBC("strdup"); 877 return NULL; 878 } 879 880 for (char *c = name; *c; c++) { 881 if (*c == '/') 882 name = c + 1; 883 else if (*c == '-') 884 *c = '_'; 885 else if (*c == '.') { 886 *c = '\0'; 887 break; 888 } 889 } 890 891 return name; 892 } 893 894 /* Get the object's module name as defined by the kernel (and klp_object) */ 895 static const char *find_modname(struct elfs *e) 896 { 897 const char *modname; 898 899 if (e->modname) 900 return e->modname; 901 902 modname = __find_modname(e); 903 e->modname = modname; 904 return modname; 905 } 906 907 /* 908 * Copying a function from its native compiled environment to a kernel module 909 * removes its natural access to local functions/variables and unexported 910 * globals. References to such symbols need to be converted to KLP relocs so 911 * the kernel arch relocation code knows to apply them and where to find the 912 * symbols. Particularly, duplicate static symbols need to be disambiguated. 913 */ 914 static bool klp_reloc_needed(struct reloc *patched_reloc) 915 { 916 struct symbol *patched_sym = patched_reloc->sym; 917 struct export *export; 918 919 /* no external symbol to reference */ 920 if (dont_correlate(patched_sym)) 921 return false; 922 923 /* For included functions, a regular reloc will do. */ 924 if (patched_sym->included) 925 return false; 926 927 /* 928 * If exported by a module, it has to be a klp reloc. Thanks to the 929 * clusterfunk that is late module patching, the patch module is 930 * allowed to be loaded before any modules it depends on. 931 * 932 * If exported by vmlinux, a normal reloc will do. 933 */ 934 export = find_export(patched_sym); 935 if (export) 936 return strcmp(export->mod, "vmlinux"); 937 938 if (!patched_sym->twin) { 939 /* 940 * Presumably the symbol and its reference were added by the 941 * patch. The symbol could be defined in this .o or in another 942 * .o in the patch module. 943 * 944 * This check needs to be *after* the export check due to the 945 * possibility of the patch adding a new UNDEF reference to an 946 * exported symbol. 947 */ 948 return false; 949 } 950 951 /* Unexported symbol which lives in the original vmlinux or module. */ 952 return true; 953 } 954 955 static int convert_reloc_sym_to_secsym(struct elf *elf, struct reloc *reloc) 956 { 957 struct symbol *sym = reloc->sym; 958 struct section *sec = sym->sec; 959 960 if (!sec->sym && !elf_create_section_symbol(elf, sec)) 961 return -1; 962 963 reloc->sym = sec->sym; 964 set_reloc_sym(elf, reloc, sym->idx); 965 set_reloc_addend(elf, reloc, sym->offset + reloc_addend(reloc)); 966 return 0; 967 } 968 969 static int convert_reloc_secsym_to_sym(struct elf *elf, struct reloc *reloc) 970 { 971 struct symbol *sym = reloc->sym; 972 struct section *sec = sym->sec; 973 974 /* If the symbol has a dedicated section, it's easy to find */ 975 sym = find_symbol_by_offset(sec, 0); 976 if (sym && sym->len == sec_size(sec)) 977 goto found_sym; 978 979 /* No dedicated section; find the symbol manually */ 980 sym = find_symbol_containing(sec, arch_adjusted_addend(reloc)); 981 if (!sym) { 982 /* 983 * This can happen for special section references to weak code 984 * whose symbol has been stripped by the linker. 985 */ 986 return -1; 987 } 988 989 found_sym: 990 reloc->sym = sym; 991 set_reloc_sym(elf, reloc, sym->idx); 992 set_reloc_addend(elf, reloc, reloc_addend(reloc) - sym->offset); 993 return 0; 994 } 995 996 /* 997 * Convert a relocation symbol reference to the needed format: either a section 998 * symbol or the underlying symbol itself. 999 */ 1000 static int convert_reloc_sym(struct elf *elf, struct reloc *reloc) 1001 { 1002 if (is_reloc_allowed(reloc)) 1003 return 0; 1004 1005 if (section_reference_needed(reloc->sym->sec)) 1006 return convert_reloc_sym_to_secsym(elf, reloc); 1007 else 1008 return convert_reloc_secsym_to_sym(elf, reloc); 1009 } 1010 1011 /* 1012 * Convert a regular relocation to a klp relocation (sort of). 1013 */ 1014 static int clone_reloc_klp(struct elfs *e, struct reloc *patched_reloc, 1015 struct section *sec, unsigned long offset, 1016 struct export *export) 1017 { 1018 struct symbol *patched_sym = patched_reloc->sym; 1019 s64 addend = reloc_addend(patched_reloc); 1020 const char *sym_modname, *sym_orig_name; 1021 static struct section *klp_relocs; 1022 struct symbol *sym, *klp_sym; 1023 unsigned long klp_reloc_off; 1024 char sym_name[SYM_NAME_LEN]; 1025 struct klp_reloc klp_reloc; 1026 unsigned long sympos; 1027 1028 if (!patched_sym->twin) { 1029 ERROR("unexpected klp reloc for new symbol %s", patched_sym->name); 1030 return -1; 1031 } 1032 1033 /* 1034 * Keep the original reloc intact for now to avoid breaking objtool run 1035 * which relies on proper relocations for many of its features. This 1036 * will be disabled later by "objtool klp post-link". 1037 * 1038 * Convert it to UNDEF (and WEAK to avoid modpost warnings). 1039 */ 1040 1041 sym = patched_sym->clone; 1042 if (!sym) { 1043 /* STB_WEAK: avoid modpost undefined symbol warnings */ 1044 sym = elf_create_symbol(e->out, patched_sym->name, NULL, 1045 STB_WEAK, patched_sym->type, 0, 0); 1046 if (!sym) 1047 return -1; 1048 1049 patched_sym->clone = sym; 1050 sym->clone = patched_sym; 1051 } 1052 1053 if (!elf_create_reloc(e->out, sec, offset, sym, addend, reloc_type(patched_reloc))) 1054 return -1; 1055 1056 /* 1057 * Create the KLP symbol. 1058 */ 1059 1060 if (export) { 1061 sym_modname = export->mod; 1062 sym_orig_name = export->sym; 1063 sympos = 0; 1064 } else { 1065 sym_modname = find_modname(e); 1066 if (!sym_modname) 1067 return -1; 1068 1069 sym_orig_name = patched_sym->twin->name; 1070 sympos = find_sympos(e->orig, patched_sym->twin); 1071 if (sympos == ULONG_MAX) 1072 return -1; 1073 } 1074 1075 /* symbol format: .klp.sym.modname.sym_name,sympos */ 1076 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_SYM_PREFIX "%s.%s,%ld", 1077 sym_modname, sym_orig_name, sympos)) 1078 return -1; 1079 1080 klp_sym = find_symbol_by_name(e->out, sym_name); 1081 if (!klp_sym) { 1082 __dbg_indent("%s", sym_name); 1083 1084 /* STB_WEAK: avoid modpost undefined symbol warnings */ 1085 klp_sym = elf_create_symbol(e->out, sym_name, NULL, 1086 STB_WEAK, patched_sym->type, 0, 0); 1087 if (!klp_sym) 1088 return -1; 1089 } 1090 1091 /* 1092 * Create the __klp_relocs entry. This will be converted to an actual 1093 * KLP rela by "objtool klp post-link". 1094 * 1095 * This intermediate step is necessary to prevent corruption by the 1096 * linker, which doesn't know how to properly handle two rela sections 1097 * applying to the same base section. 1098 */ 1099 1100 if (!klp_relocs) { 1101 klp_relocs = elf_create_section(e->out, KLP_RELOCS_SEC, 0, 1102 0, SHT_PROGBITS, 8, SHF_ALLOC); 1103 if (!klp_relocs) 1104 return -1; 1105 } 1106 1107 klp_reloc_off = sec_size(klp_relocs); 1108 memset(&klp_reloc, 0, sizeof(klp_reloc)); 1109 1110 klp_reloc.type = reloc_type(patched_reloc); 1111 if (!elf_add_data(e->out, klp_relocs, &klp_reloc, sizeof(klp_reloc))) 1112 return -1; 1113 1114 /* klp_reloc.offset */ 1115 if (!sec->sym && !elf_create_section_symbol(e->out, sec)) 1116 return -1; 1117 1118 if (!elf_create_reloc(e->out, klp_relocs, 1119 klp_reloc_off + offsetof(struct klp_reloc, offset), 1120 sec->sym, offset, R_ABS64)) 1121 return -1; 1122 1123 /* klp_reloc.sym */ 1124 if (!elf_create_reloc(e->out, klp_relocs, 1125 klp_reloc_off + offsetof(struct klp_reloc, sym), 1126 klp_sym, addend, R_ABS64)) 1127 return -1; 1128 1129 return 0; 1130 } 1131 1132 #define dbg_clone_reloc(sec, offset, patched_sym, addend, export, klp) \ 1133 dbg_indent("%s+0x%lx: %s%s0x%lx [%s%s%s%s%s%s]", \ 1134 sec->name, offset, patched_sym->name, \ 1135 addend >= 0 ? "+" : "-", labs(addend), \ 1136 sym_type(patched_sym), \ 1137 is_sec_sym(patched_sym) ? "" : " ", \ 1138 is_sec_sym(patched_sym) ? "" : sym_bind(patched_sym), \ 1139 is_undef_sym(patched_sym) ? " UNDEF" : "", \ 1140 export ? " EXPORTED" : "", \ 1141 klp ? " KLP" : "") 1142 1143 /* Copy a reloc and its symbol to the output object */ 1144 static int clone_reloc(struct elfs *e, struct reloc *patched_reloc, 1145 struct section *sec, unsigned long offset) 1146 { 1147 struct symbol *patched_sym = patched_reloc->sym; 1148 struct export *export = find_export(patched_sym); 1149 long addend = reloc_addend(patched_reloc); 1150 struct symbol *out_sym; 1151 bool klp; 1152 1153 if (!is_reloc_allowed(patched_reloc)) { 1154 ERROR_FUNC(patched_reloc->sec->base, reloc_offset(patched_reloc), 1155 "missing symbol for reference to %s+%ld", 1156 patched_sym->name, addend); 1157 return -1; 1158 } 1159 1160 klp = klp_reloc_needed(patched_reloc); 1161 1162 dbg_clone_reloc(sec, offset, patched_sym, addend, export, klp); 1163 1164 if (klp) { 1165 if (clone_reloc_klp(e, patched_reloc, sec, offset, export)) 1166 return -1; 1167 1168 return 0; 1169 } 1170 1171 /* 1172 * Why !export sets 'data_too': 1173 * 1174 * Unexported non-klp symbols need to live in the patch module, 1175 * otherwise there will be unresolved symbols. Notably, this includes: 1176 * 1177 * - New functions/data 1178 * - String sections 1179 * - Special section entries 1180 * - Uncorrelated static local variables 1181 * - UBSAN sections 1182 */ 1183 out_sym = clone_symbol(e, patched_sym, patched_sym->included || !export); 1184 if (!out_sym) 1185 return -1; 1186 1187 /* 1188 * For strings, all references use section symbols, thanks to 1189 * section_reference_needed(). clone_symbol() has cloned an empty 1190 * version of the string section. Now copy the string itself. 1191 */ 1192 if (is_string_sec(patched_sym->sec)) { 1193 const char *str = patched_sym->sec->data->d_buf + addend; 1194 1195 __dbg_indent("\"%s\"", escape_str(str)); 1196 1197 addend = elf_add_string(e->out, out_sym->sec, str); 1198 if (addend == -1) 1199 return -1; 1200 } 1201 1202 if (!elf_create_reloc(e->out, sec, offset, out_sym, addend, 1203 reloc_type(patched_reloc))) 1204 return -1; 1205 1206 return 0; 1207 } 1208 1209 /* Copy all relocs needed for a symbol's contents */ 1210 static int clone_sym_relocs(struct elfs *e, struct symbol *patched_sym) 1211 { 1212 struct section *patched_rsec = patched_sym->sec->rsec; 1213 struct reloc *patched_reloc; 1214 unsigned long start, end; 1215 struct symbol *out_sym; 1216 1217 out_sym = patched_sym->clone; 1218 if (!out_sym) { 1219 ERROR("no clone for %s", patched_sym->name); 1220 return -1; 1221 } 1222 1223 if (!patched_rsec) 1224 return 0; 1225 1226 if (!is_sec_sym(patched_sym) && !patched_sym->len) 1227 return 0; 1228 1229 if (is_string_sec(patched_sym->sec)) 1230 return 0; 1231 1232 if (is_sec_sym(patched_sym)) { 1233 start = 0; 1234 end = sec_size(patched_sym->sec); 1235 } else { 1236 start = patched_sym->offset; 1237 end = start + patched_sym->len; 1238 } 1239 1240 for_each_reloc(patched_rsec, patched_reloc) { 1241 unsigned long offset; 1242 1243 if (reloc_offset(patched_reloc) < start || 1244 reloc_offset(patched_reloc) >= end) 1245 continue; 1246 1247 /* 1248 * Skip any reloc referencing .altinstr_aux. Its code is 1249 * always patched by alternatives. See ALTERNATIVE_TERNARY(). 1250 */ 1251 if (patched_reloc->sym->sec && 1252 !strcmp(patched_reloc->sym->sec->name, ".altinstr_aux")) 1253 continue; 1254 1255 if (convert_reloc_sym(e->patched, patched_reloc)) { 1256 ERROR_FUNC(patched_rsec->base, reloc_offset(patched_reloc), 1257 "failed to convert reloc sym '%s' to its proper format", 1258 patched_reloc->sym->name); 1259 return -1; 1260 } 1261 1262 offset = out_sym->offset + (reloc_offset(patched_reloc) - patched_sym->offset); 1263 1264 if (clone_reloc(e, patched_reloc, out_sym->sec, offset)) 1265 return -1; 1266 } 1267 return 0; 1268 1269 } 1270 1271 static int create_fake_symbol(struct elf *elf, struct section *sec, 1272 unsigned long offset, size_t size) 1273 { 1274 char name[SYM_NAME_LEN]; 1275 unsigned int type; 1276 static int ctr; 1277 char *c; 1278 1279 if (snprintf_check(name, SYM_NAME_LEN, "%s_%d", sec->name, ctr++)) 1280 return -1; 1281 1282 for (c = name; *c; c++) 1283 if (*c == '.') 1284 *c = '_'; 1285 1286 /* 1287 * STT_NOTYPE: Prevent objtool from validating .altinstr_replacement 1288 * while still allowing objdump to disassemble it. 1289 */ 1290 type = is_text_sec(sec) ? STT_NOTYPE : STT_OBJECT; 1291 return elf_create_symbol(elf, name, sec, STB_LOCAL, type, offset, size) ? 0 : -1; 1292 } 1293 1294 /* 1295 * Special sections (alternatives, etc) are basically arrays of structs. 1296 * For all the special sections, create a symbol for each struct entry. This 1297 * is a bit cumbersome, but it makes the extracting of the individual entries 1298 * much more straightforward. 1299 * 1300 * There are three ways to identify the entry sizes for a special section: 1301 * 1302 * 1) ELF section header sh_entsize: Ideally this would be used almost 1303 * everywhere. But unfortunately the toolchains make it difficult. The 1304 * assembler .[push]section directive syntax only takes entsize when 1305 * combined with SHF_MERGE. But Clang disallows combining SHF_MERGE with 1306 * SHF_WRITE. And some special sections do need to be writable. 1307 * 1308 * Another place this wouldn't work is .altinstr_replacement, whose entries 1309 * don't have a fixed size. 1310 * 1311 * 2) ANNOTATE_DATA_SPECIAL: This is a lightweight objtool annotation which 1312 * points to the beginning of each entry. The size of the entry is then 1313 * inferred by the location of the subsequent annotation (or end of 1314 * section). 1315 * 1316 * 3) Simple array of pointers: If the special section is just a basic array of 1317 * pointers, the entry size can be inferred by the number of relocations. 1318 * No annotations needed. 1319 * 1320 * Note I also tried to create per-entry symbols at the time of creation, in 1321 * the original [inline] asm. Unfortunately, creating uniquely named symbols 1322 * is trickier than one might think, especially with Clang inline asm. I 1323 * eventually just gave up trying to make that work, in favor of using 1324 * ANNOTATE_DATA_SPECIAL and creating the symbols here after the fact. 1325 */ 1326 static int create_fake_symbols(struct elf *elf) 1327 { 1328 struct section *sec; 1329 struct reloc *reloc; 1330 1331 /* 1332 * 1) Make symbols for all the ANNOTATE_DATA_SPECIAL entries: 1333 */ 1334 1335 sec = find_section_by_name(elf, ".discard.annotate_data"); 1336 if (!sec || !sec->rsec) 1337 return 0; 1338 1339 for_each_reloc(sec->rsec, reloc) { 1340 unsigned long offset, size; 1341 struct reloc *next_reloc; 1342 1343 if (annotype(elf, sec, reloc) != ANNOTYPE_DATA_SPECIAL) 1344 continue; 1345 1346 offset = reloc_addend(reloc); 1347 1348 size = 0; 1349 next_reloc = reloc; 1350 for_each_reloc_continue(sec->rsec, next_reloc) { 1351 if (annotype(elf, sec, next_reloc) != ANNOTYPE_DATA_SPECIAL || 1352 next_reloc->sym->sec != reloc->sym->sec) 1353 continue; 1354 1355 size = reloc_addend(next_reloc) - offset; 1356 break; 1357 } 1358 1359 if (!size) 1360 size = sec_size(reloc->sym->sec) - offset; 1361 1362 if (create_fake_symbol(elf, reloc->sym->sec, offset, size)) 1363 return -1; 1364 } 1365 1366 /* 1367 * 2) Make symbols for sh_entsize, and simple arrays of pointers: 1368 */ 1369 1370 for_each_sec(elf, sec) { 1371 unsigned int entry_size; 1372 unsigned long offset; 1373 1374 if (!is_special_section(sec) || find_symbol_by_offset(sec, 0)) 1375 continue; 1376 1377 if (!sec->rsec) { 1378 ERROR("%s: missing special section relocations", sec->name); 1379 return -1; 1380 } 1381 1382 entry_size = sec->sh.sh_entsize; 1383 if (!entry_size) { 1384 entry_size = arch_reloc_size(sec->rsec->relocs); 1385 if (sec_size(sec) != entry_size * sec_num_entries(sec->rsec)) { 1386 ERROR("%s: missing special section entsize or annotations", sec->name); 1387 return -1; 1388 } 1389 } 1390 1391 for (offset = 0; offset < sec_size(sec); offset += entry_size) { 1392 if (create_fake_symbol(elf, sec, offset, entry_size)) 1393 return -1; 1394 } 1395 } 1396 1397 return 0; 1398 } 1399 1400 /* Keep a special section entry if it references an included function */ 1401 static bool should_keep_special_sym(struct elf *elf, struct symbol *sym) 1402 { 1403 struct reloc *reloc; 1404 1405 if (is_sec_sym(sym) || !sym->sec->rsec) 1406 return false; 1407 1408 sym_for_each_reloc(elf, sym, reloc) { 1409 if (convert_reloc_sym(elf, reloc)) 1410 continue; 1411 1412 if (is_func_sym(reloc->sym) && reloc->sym->included) 1413 return true; 1414 } 1415 1416 return false; 1417 } 1418 1419 /* 1420 * Klp relocations aren't allowed for __jump_table and .static_call_sites if 1421 * the referenced symbol lives in a kernel module, because such klp relocs may 1422 * be applied after static branch/call init, resulting in code corruption. 1423 * 1424 * Validate a special section entry to avoid that. Note that an inert 1425 * tracepoint or pr_debug() is harmless enough, in that case just skip the 1426 * entry and print a warning. Otherwise, return an error. 1427 * 1428 * TODO: This is only a temporary limitation which will be fixed when livepatch 1429 * adds support for submodules: fully self-contained modules which are embedded 1430 * in the top-level livepatch module's data and which can be loaded on demand 1431 * when their corresponding to-be-patched module gets loaded. Then klp relocs 1432 * can be retired. 1433 * 1434 * Return: 1435 * -1: error: validation failed 1436 * 1: warning: disabled tracepoint or pr_debug() 1437 * 0: success 1438 */ 1439 static int validate_special_section_klp_reloc(struct elfs *e, struct symbol *sym) 1440 { 1441 bool static_branch = !strcmp(sym->sec->name, "__jump_table"); 1442 bool static_call = !strcmp(sym->sec->name, ".static_call_sites"); 1443 const char *code_sym = NULL; 1444 unsigned long code_offset = 0; 1445 struct reloc *reloc; 1446 int ret = 0; 1447 1448 if (!static_branch && !static_call) 1449 return 0; 1450 1451 sym_for_each_reloc(e->patched, sym, reloc) { 1452 const char *sym_modname; 1453 struct export *export; 1454 1455 if (convert_reloc_sym(e->patched, reloc)) 1456 continue; 1457 1458 /* Static branch/call keys are always STT_OBJECT */ 1459 if (reloc->sym->type != STT_OBJECT) { 1460 1461 /* Save code location which can be printed below */ 1462 if (reloc->sym->type == STT_FUNC && !code_sym) { 1463 code_sym = reloc->sym->name; 1464 code_offset = reloc_addend(reloc); 1465 } 1466 1467 continue; 1468 } 1469 1470 if (!klp_reloc_needed(reloc)) 1471 continue; 1472 1473 export = find_export(reloc->sym); 1474 if (export) { 1475 sym_modname = export->mod; 1476 } else { 1477 sym_modname = find_modname(e); 1478 if (!sym_modname) 1479 return -1; 1480 } 1481 1482 /* vmlinux keys are ok */ 1483 if (!strcmp(sym_modname, "vmlinux")) 1484 continue; 1485 1486 if (!code_sym) 1487 code_sym = "<unknown>"; 1488 1489 if (static_branch) { 1490 if (strstarts(reloc->sym->name, "__tracepoint_")) { 1491 WARN("%s: disabling unsupported tracepoint %s", 1492 code_sym, reloc->sym->name + 13); 1493 ret = 1; 1494 continue; 1495 } 1496 1497 if (strstr(reloc->sym->name, "__UNIQUE_ID_ddebug_")) { 1498 WARN("%s: disabling unsupported pr_debug()", 1499 code_sym); 1500 ret = 1; 1501 continue; 1502 } 1503 1504 ERROR("%s+0x%lx: unsupported static branch key %s. Use static_key_enabled() instead", 1505 code_sym, code_offset, reloc->sym->name); 1506 return -1; 1507 } 1508 1509 /* static call */ 1510 if (strstarts(reloc->sym->name, "__SCK__tp_func_")) { 1511 ret = 1; 1512 continue; 1513 } 1514 1515 ERROR("%s()+0x%lx: unsupported static call key %s. Use KLP_STATIC_CALL() instead", 1516 code_sym, code_offset, reloc->sym->name); 1517 return -1; 1518 } 1519 1520 return ret; 1521 } 1522 1523 static int clone_special_section(struct elfs *e, struct section *patched_sec) 1524 { 1525 struct symbol *patched_sym; 1526 1527 /* 1528 * Extract all special section symbols (and their dependencies) which 1529 * reference included functions. 1530 */ 1531 sec_for_each_sym(patched_sec, patched_sym) { 1532 int ret; 1533 1534 if (!is_object_sym(patched_sym)) 1535 continue; 1536 1537 if (!should_keep_special_sym(e->patched, patched_sym)) 1538 continue; 1539 1540 ret = validate_special_section_klp_reloc(e, patched_sym); 1541 if (ret < 0) 1542 return -1; 1543 if (ret > 0) 1544 continue; 1545 1546 if (!clone_symbol(e, patched_sym, true)) 1547 return -1; 1548 } 1549 1550 return 0; 1551 } 1552 1553 /* Extract only the needed bits from special sections */ 1554 static int clone_special_sections(struct elfs *e) 1555 { 1556 struct section *patched_sec; 1557 1558 for_each_sec(e->patched, patched_sec) { 1559 if (is_special_section(patched_sec)) { 1560 if (clone_special_section(e, patched_sec)) 1561 return -1; 1562 } 1563 } 1564 1565 return 0; 1566 } 1567 1568 /* 1569 * Create .init.klp_objects and .init.klp_funcs sections which are intermediate 1570 * sections provided as input to the patch module's init code for building the 1571 * klp_patch, klp_object and klp_func structs for the livepatch API. 1572 */ 1573 static int create_klp_sections(struct elfs *e) 1574 { 1575 size_t obj_size = sizeof(struct klp_object_ext); 1576 size_t func_size = sizeof(struct klp_func_ext); 1577 struct section *obj_sec, *funcs_sec, *str_sec; 1578 struct symbol *funcs_sym, *str_sym, *sym; 1579 char sym_name[SYM_NAME_LEN]; 1580 unsigned int nr_funcs = 0; 1581 const char *modname; 1582 void *obj_data; 1583 s64 addend; 1584 1585 obj_sec = elf_create_section_pair(e->out, KLP_OBJECTS_SEC, obj_size, 0, 0); 1586 if (!obj_sec) 1587 return -1; 1588 1589 funcs_sec = elf_create_section_pair(e->out, KLP_FUNCS_SEC, func_size, 0, 0); 1590 if (!funcs_sec) 1591 return -1; 1592 1593 funcs_sym = elf_create_section_symbol(e->out, funcs_sec); 1594 if (!funcs_sym) 1595 return -1; 1596 1597 str_sec = elf_create_section(e->out, KLP_STRINGS_SEC, 0, 0, 1598 SHT_PROGBITS, 1, 1599 SHF_ALLOC | SHF_STRINGS | SHF_MERGE); 1600 if (!str_sec) 1601 return -1; 1602 1603 if (elf_add_string(e->out, str_sec, "") == -1) 1604 return -1; 1605 1606 str_sym = elf_create_section_symbol(e->out, str_sec); 1607 if (!str_sym) 1608 return -1; 1609 1610 /* allocate klp_object_ext */ 1611 obj_data = elf_add_data(e->out, obj_sec, NULL, obj_size); 1612 if (!obj_data) 1613 return -1; 1614 1615 modname = find_modname(e); 1616 if (!modname) 1617 return -1; 1618 1619 /* klp_object_ext.name */ 1620 if (strcmp(modname, "vmlinux")) { 1621 addend = elf_add_string(e->out, str_sec, modname); 1622 if (addend == -1) 1623 return -1; 1624 1625 if (!elf_create_reloc(e->out, obj_sec, 1626 offsetof(struct klp_object_ext, name), 1627 str_sym, addend, R_ABS64)) 1628 return -1; 1629 } 1630 1631 /* klp_object_ext.funcs */ 1632 if (!elf_create_reloc(e->out, obj_sec, offsetof(struct klp_object_ext, funcs), 1633 funcs_sym, 0, R_ABS64)) 1634 return -1; 1635 1636 for_each_sym(e->out, sym) { 1637 unsigned long offset = nr_funcs * func_size; 1638 unsigned long sympos; 1639 void *func_data; 1640 1641 if (!is_func_sym(sym) || sym->cold || !sym->clone || !sym->clone->changed) 1642 continue; 1643 1644 /* allocate klp_func_ext */ 1645 func_data = elf_add_data(e->out, funcs_sec, NULL, func_size); 1646 if (!func_data) 1647 return -1; 1648 1649 /* klp_func_ext.old_name */ 1650 addend = elf_add_string(e->out, str_sec, sym->clone->twin->name); 1651 if (addend == -1) 1652 return -1; 1653 1654 if (!elf_create_reloc(e->out, funcs_sec, 1655 offset + offsetof(struct klp_func_ext, old_name), 1656 str_sym, addend, R_ABS64)) 1657 return -1; 1658 1659 /* klp_func_ext.new_func */ 1660 if (!elf_create_reloc(e->out, funcs_sec, 1661 offset + offsetof(struct klp_func_ext, new_func), 1662 sym, 0, R_ABS64)) 1663 return -1; 1664 1665 /* klp_func_ext.sympos */ 1666 BUILD_BUG_ON(sizeof(sympos) != sizeof_field(struct klp_func_ext, sympos)); 1667 sympos = find_sympos(e->orig, sym->clone->twin); 1668 if (sympos == ULONG_MAX) 1669 return -1; 1670 memcpy(func_data + offsetof(struct klp_func_ext, sympos), &sympos, 1671 sizeof_field(struct klp_func_ext, sympos)); 1672 1673 nr_funcs++; 1674 } 1675 1676 /* klp_object_ext.nr_funcs */ 1677 BUILD_BUG_ON(sizeof(nr_funcs) != sizeof_field(struct klp_object_ext, nr_funcs)); 1678 memcpy(obj_data + offsetof(struct klp_object_ext, nr_funcs), &nr_funcs, 1679 sizeof_field(struct klp_object_ext, nr_funcs)); 1680 1681 /* 1682 * Find callback pointers created by KLP_PRE_PATCH_CALLBACK() and 1683 * friends, and add them to the klp object. 1684 */ 1685 1686 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_PRE_PATCH_PREFIX "%s", modname)) 1687 return -1; 1688 1689 sym = find_symbol_by_name(e->out, sym_name); 1690 if (sym) { 1691 struct reloc *reloc; 1692 1693 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset); 1694 1695 if (!elf_create_reloc(e->out, obj_sec, 1696 offsetof(struct klp_object_ext, callbacks) + 1697 offsetof(struct klp_callbacks, pre_patch), 1698 reloc->sym, reloc_addend(reloc), R_ABS64)) 1699 return -1; 1700 } 1701 1702 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_POST_PATCH_PREFIX "%s", modname)) 1703 return -1; 1704 1705 sym = find_symbol_by_name(e->out, sym_name); 1706 if (sym) { 1707 struct reloc *reloc; 1708 1709 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset); 1710 1711 if (!elf_create_reloc(e->out, obj_sec, 1712 offsetof(struct klp_object_ext, callbacks) + 1713 offsetof(struct klp_callbacks, post_patch), 1714 reloc->sym, reloc_addend(reloc), R_ABS64)) 1715 return -1; 1716 } 1717 1718 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_PRE_UNPATCH_PREFIX "%s", modname)) 1719 return -1; 1720 1721 sym = find_symbol_by_name(e->out, sym_name); 1722 if (sym) { 1723 struct reloc *reloc; 1724 1725 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset); 1726 1727 if (!elf_create_reloc(e->out, obj_sec, 1728 offsetof(struct klp_object_ext, callbacks) + 1729 offsetof(struct klp_callbacks, pre_unpatch), 1730 reloc->sym, reloc_addend(reloc), R_ABS64)) 1731 return -1; 1732 } 1733 1734 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_POST_UNPATCH_PREFIX "%s", modname)) 1735 return -1; 1736 1737 sym = find_symbol_by_name(e->out, sym_name); 1738 if (sym) { 1739 struct reloc *reloc; 1740 1741 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset); 1742 1743 if (!elf_create_reloc(e->out, obj_sec, 1744 offsetof(struct klp_object_ext, callbacks) + 1745 offsetof(struct klp_callbacks, post_unpatch), 1746 reloc->sym, reloc_addend(reloc), R_ABS64)) 1747 return -1; 1748 } 1749 1750 return 0; 1751 } 1752 1753 /* 1754 * Copy all .modinfo import_ns= tags to ensure all namespaced exported symbols 1755 * can be accessed via normal relocs. 1756 */ 1757 static int copy_import_ns(struct elfs *e) 1758 { 1759 struct section *patched_sec, *out_sec = NULL; 1760 char *import_ns, *data_end; 1761 1762 patched_sec = find_section_by_name(e->patched, ".modinfo"); 1763 if (!patched_sec) 1764 return 0; 1765 1766 import_ns = patched_sec->data->d_buf; 1767 if (!import_ns) 1768 return 0; 1769 1770 for (data_end = import_ns + sec_size(patched_sec); 1771 import_ns < data_end; 1772 import_ns += strlen(import_ns) + 1) { 1773 1774 import_ns = memmem(import_ns, data_end - import_ns, "import_ns=", 10); 1775 if (!import_ns) 1776 return 0; 1777 1778 if (!out_sec) { 1779 out_sec = find_section_by_name(e->out, ".modinfo"); 1780 if (!out_sec) { 1781 out_sec = elf_create_section(e->out, ".modinfo", 0, 1782 patched_sec->sh.sh_entsize, 1783 patched_sec->sh.sh_type, 1784 patched_sec->sh.sh_addralign, 1785 patched_sec->sh.sh_flags); 1786 if (!out_sec) 1787 return -1; 1788 } 1789 } 1790 1791 if (!elf_add_data(e->out, out_sec, import_ns, strlen(import_ns) + 1)) 1792 return -1; 1793 } 1794 1795 return 0; 1796 } 1797 1798 int cmd_klp_diff(int argc, const char **argv) 1799 { 1800 struct elfs e = {0}; 1801 1802 argc = parse_options(argc, argv, klp_diff_options, klp_diff_usage, 0); 1803 if (argc != 3) 1804 usage_with_options(klp_diff_usage, klp_diff_options); 1805 1806 objname = argv[0]; 1807 1808 e.orig = elf_open_read(argv[0], O_RDONLY); 1809 e.patched = elf_open_read(argv[1], O_RDONLY); 1810 e.out = NULL; 1811 1812 if (!e.orig || !e.patched) 1813 return -1; 1814 1815 if (read_exports()) 1816 return -1; 1817 1818 if (read_sym_checksums(e.orig)) 1819 return -1; 1820 1821 if (read_sym_checksums(e.patched)) 1822 return -1; 1823 1824 if (correlate_symbols(&e)) 1825 return -1; 1826 1827 if (mark_changed_functions(&e)) 1828 return 0; 1829 1830 e.out = elf_create_file(&e.orig->ehdr, argv[2]); 1831 if (!e.out) 1832 return -1; 1833 1834 /* 1835 * Special section fake symbols are needed so that individual special 1836 * section entries can be extracted by clone_special_sections(). 1837 * 1838 * Note the fake symbols are also needed by clone_included_functions() 1839 * because __WARN_printf() call sites add references to bug table 1840 * entries in the calling functions. 1841 */ 1842 if (create_fake_symbols(e.patched)) 1843 return -1; 1844 1845 if (clone_included_functions(&e)) 1846 return -1; 1847 1848 if (clone_special_sections(&e)) 1849 return -1; 1850 1851 if (create_klp_sections(&e)) 1852 return -1; 1853 1854 if (copy_import_ns(&e)) 1855 return -1; 1856 1857 if (elf_write(e.out)) 1858 return -1; 1859 1860 return elf_close(e.out); 1861 } 1862