1 // SPDX-License-Identifier: GPL-2.0-or-later 2 #define _GNU_SOURCE /* memmem() */ 3 #include <subcmd/parse-options.h> 4 #include <stdlib.h> 5 #include <string.h> 6 #include <libgen.h> 7 #include <stdio.h> 8 #include <ctype.h> 9 10 #include <objtool/objtool.h> 11 #include <objtool/warn.h> 12 #include <objtool/arch.h> 13 #include <objtool/klp.h> 14 #include <objtool/util.h> 15 #include <arch/special.h> 16 17 #include <linux/align.h> 18 #include <linux/objtool_types.h> 19 #include <linux/livepatch_external.h> 20 #include <linux/stringify.h> 21 #include <linux/string.h> 22 #include <linux/jhash.h> 23 24 #define sizeof_field(TYPE, MEMBER) sizeof((((TYPE *)0)->MEMBER)) 25 26 struct elfs { 27 struct elf *orig, *patched, *out; 28 const char *modname; 29 }; 30 31 struct export { 32 struct hlist_node hash; 33 char *mod, *sym; 34 }; 35 36 static const char * const klp_diff_usage[] = { 37 "objtool klp diff [<options>] <in1.o> <in2.o> <out.o>", 38 NULL, 39 }; 40 41 static const struct option klp_diff_options[] = { 42 OPT_GROUP("Options:"), 43 OPT_BOOLEAN('d', "debug", &debug, "enable debug output"), 44 OPT_END(), 45 }; 46 47 static DEFINE_HASHTABLE(exports, 15); 48 49 static char *escape_str(const char *orig) 50 { 51 size_t len = 0; 52 const char *a; 53 char *b, *new; 54 55 for (a = orig; *a; a++) { 56 switch (*a) { 57 case '\001': len += 5; break; 58 case '\n': 59 case '\t': len += 2; break; 60 default: len++; 61 } 62 } 63 64 new = malloc(len + 1); 65 if (!new) 66 return NULL; 67 68 for (a = orig, b = new; *a; a++) { 69 switch (*a) { 70 case '\001': memcpy(b, "<SOH>", 5); b += 5; break; 71 case '\n': *b++ = '\\'; *b++ = 'n'; break; 72 case '\t': *b++ = '\\'; *b++ = 't'; break; 73 default: *b++ = *a; 74 } 75 } 76 77 *b = '\0'; 78 return new; 79 } 80 81 static int read_exports(void) 82 { 83 const char *symvers = "Module.symvers"; 84 char line[1024], *path = NULL; 85 unsigned int line_num = 1; 86 FILE *file; 87 88 file = fopen(symvers, "r"); 89 if (!file) { 90 path = top_level_dir(symvers); 91 if (!path) { 92 ERROR("can't open '%s', \"objtool diff\" should be run from the kernel tree", symvers); 93 return -1; 94 } 95 96 file = fopen(path, "r"); 97 if (!file) { 98 ERROR_GLIBC("fopen"); 99 return -1; 100 } 101 } 102 103 while (fgets(line, 1024, file)) { 104 char *sym, *mod, *type; 105 struct export *export; 106 107 sym = strchr(line, '\t'); 108 if (!sym) { 109 ERROR("malformed Module.symvers (sym) at line %d", line_num); 110 return -1; 111 } 112 113 *sym++ = '\0'; 114 115 mod = strchr(sym, '\t'); 116 if (!mod) { 117 ERROR("malformed Module.symvers (mod) at line %d", line_num); 118 return -1; 119 } 120 121 *mod++ = '\0'; 122 123 type = strchr(mod, '\t'); 124 if (!type) { 125 ERROR("malformed Module.symvers (type) at line %d", line_num); 126 return -1; 127 } 128 129 *type++ = '\0'; 130 131 if (*sym == '\0' || *mod == '\0') { 132 ERROR("malformed Module.symvers at line %d", line_num); 133 return -1; 134 } 135 136 export = calloc(1, sizeof(*export)); 137 if (!export) { 138 ERROR_GLIBC("calloc"); 139 return -1; 140 } 141 142 export->mod = strdup(mod); 143 if (!export->mod) { 144 ERROR_GLIBC("strdup"); 145 return -1; 146 } 147 148 export->sym = strdup(sym); 149 if (!export->sym) { 150 ERROR_GLIBC("strdup"); 151 return -1; 152 } 153 154 hash_add(exports, &export->hash, str_hash(sym)); 155 } 156 157 free(path); 158 fclose(file); 159 160 return 0; 161 } 162 163 static int read_sym_checksums(struct elf *elf) 164 { 165 struct section *sec; 166 167 sec = find_section_by_name(elf, ".discard.sym_checksum"); 168 if (!sec) { 169 ERROR("'%s' missing .discard.sym_checksum section, file not processed by 'objtool --checksum'?", 170 elf->name); 171 return -1; 172 } 173 174 if (!sec->rsec) { 175 ERROR("missing reloc section for .discard.sym_checksum"); 176 return -1; 177 } 178 179 if (sec_size(sec) % sizeof(struct sym_checksum)) { 180 ERROR("struct sym_checksum size mismatch"); 181 return -1; 182 } 183 184 for (int i = 0; i < sec_size(sec) / sizeof(struct sym_checksum); i++) { 185 struct sym_checksum *sym_checksum; 186 struct reloc *reloc; 187 struct symbol *sym; 188 189 sym_checksum = (struct sym_checksum *)sec->data->d_buf + i; 190 191 reloc = find_reloc_by_dest(elf, sec, i * sizeof(*sym_checksum)); 192 if (!reloc) { 193 ERROR("can't find reloc for sym_checksum[%d]", i); 194 return -1; 195 } 196 197 sym = reloc->sym; 198 199 if (is_sec_sym(sym)) { 200 ERROR("not sure how to handle section %s", sym->name); 201 return -1; 202 } 203 204 if (is_func_sym(sym)) 205 sym->csum.checksum = sym_checksum->checksum; 206 } 207 208 return 0; 209 } 210 211 static struct symbol *first_file_symbol(struct elf *elf) 212 { 213 struct symbol *sym; 214 215 for_each_sym(elf, sym) { 216 if (is_file_sym(sym)) 217 return sym; 218 } 219 220 return NULL; 221 } 222 223 static struct symbol *next_file_symbol(struct elf *elf, struct symbol *sym) 224 { 225 for_each_sym_continue(elf, sym) { 226 if (is_file_sym(sym)) 227 return sym; 228 } 229 230 return NULL; 231 } 232 233 /* 234 * Certain static local variables should never be correlated. They will be 235 * used in place rather than referencing the originals. 236 */ 237 static bool is_uncorrelated_static_local(struct symbol *sym) 238 { 239 static const char * const vars[] = { 240 "__already_done", 241 "__func__", 242 "__key", 243 "__warned", 244 "_entry", 245 "_entry_ptr", 246 "_rs", 247 "descriptor", 248 "CSWTCH", 249 }; 250 const char *dot; 251 252 if (!is_object_sym(sym) || !is_local_sym(sym)) 253 return false; 254 255 /* WARN_ONCE, etc */ 256 if (!strcmp(sym->sec->name, ".data..once")) 257 return true; 258 259 dot = strchr(sym->name, '.'); 260 if (!dot) 261 return false; 262 263 for (int i = 0; i < ARRAY_SIZE(vars); i++) { 264 size_t len = strlen(vars[i]); 265 266 /* GCC: <var>.<id> */ 267 if (strstarts(sym->name, vars[i]) && (sym->name[len] == '.')) 268 return true; 269 270 /* Clang: <func>.<var>[.<id>] */ 271 if (strstarts(dot + 1, vars[i]) && 272 (dot[1 + len] == '.' || dot[1 + len] == '\0')) 273 return true; 274 } 275 276 return false; 277 } 278 279 /* 280 * .L symbols are assembler-local labels not present in kallsyms. They must 281 * never become KLP relocations; instead their data is cloned into the patch 282 * module. This covers .Ltmp* (Clang temp labels), .L__const.* (Clang local 283 * constants), and any other assembler-local pattern. 284 */ 285 static bool is_local_label(struct symbol *sym) 286 { 287 return strstarts(sym->name, ".L"); 288 } 289 290 static bool is_special_section(struct section *sec) 291 { 292 static const char * const specials[] = { 293 ".altinstructions", 294 ".smp_locks", 295 "__bug_table", 296 "__ex_table", 297 "__jump_table", 298 "__mcount_loc", 299 300 /* 301 * Extract .static_call_sites here to inherit non-module 302 * preferential treatment. The later static call processing 303 * during klp module build will be skipped when it sees this 304 * section already exists. 305 */ 306 ".static_call_sites", 307 }; 308 309 static const char * const non_special_discards[] = { 310 ".discard.addressable", 311 ".discard.sym_checksum", 312 }; 313 314 if (is_text_sec(sec)) 315 return false; 316 317 for (int i = 0; i < ARRAY_SIZE(specials); i++) { 318 if (!strcmp(sec->name, specials[i])) 319 return true; 320 } 321 322 /* Most .discard data sections are special */ 323 for (int i = 0; i < ARRAY_SIZE(non_special_discards); i++) { 324 if (!strcmp(sec->name, non_special_discards[i])) 325 return false; 326 } 327 328 return strstarts(sec->name, ".discard."); 329 } 330 331 /* 332 * These sections are referenced by special sections but aren't considered 333 * special sections themselves. 334 */ 335 static bool is_special_section_aux(struct section *sec) 336 { 337 static const char * const specials_aux[] = { 338 ".altinstr_replacement", 339 ".altinstr_aux", 340 }; 341 342 for (int i = 0; i < ARRAY_SIZE(specials_aux); i++) { 343 if (!strcmp(sec->name, specials_aux[i])) 344 return true; 345 } 346 347 return false; 348 } 349 350 /* 351 * Symbols created by ___ADDRESSABLE() are only used to convince the toolchain 352 * not to optimize out the referenced symbol. 353 */ 354 static bool is_addressable_sym(struct symbol *sym) 355 { 356 return !strcmp(sym->sec->name, ".discard.addressable"); 357 } 358 359 /* 360 * ABS symbols are typically assembly .set/.equ constants which are never 361 * referenced by relocations. (Exclude FILE symbols which are also SHN_ABS.) 362 */ 363 static bool is_abs_sym(struct symbol *sym) 364 { 365 return sym->sym.st_shndx == SHN_ABS && !is_file_sym(sym); 366 } 367 368 static bool is_initcall_sym(struct symbol *sym) 369 { 370 return strstarts(sym->name, "__initcall__") || 371 strstarts(sym->name, "__initstub__"); 372 } 373 374 /* 375 * These symbols should never be correlated, so their local patched versions 376 * are used instead of linking to the originals. 377 */ 378 static bool dont_correlate(struct symbol *sym) 379 { 380 return is_file_sym(sym) || 381 is_null_sym(sym) || 382 is_sec_sym(sym) || 383 is_abs_sym(sym) || 384 is_prefix_func(sym) || 385 is_uncorrelated_static_local(sym) || 386 is_local_label(sym) || 387 is_string_sec(sym->sec) || 388 is_initcall_sym(sym) || 389 is_addressable_sym(sym) || 390 is_special_section(sym->sec) || 391 is_special_section_aux(sym->sec); 392 } 393 394 /* 395 * When there is no full name match, try match demangled_name. This would 396 * match original foo.llvm.123 to patched foo.llvm.456. 397 * 398 * Note that, in very rare cases, it is possible to have multiple 399 * foo.llvm.<hash> in the same kernel. When this happens, report error and 400 * fail the diff. 401 */ 402 static int find_global_symbol_by_demangled_name(struct elf *elf, struct symbol *sym, 403 struct symbol **out_sym) 404 { 405 struct symbol *sym2, *result = NULL; 406 int count = 0; 407 408 for_each_sym_by_demangled_name(elf, sym->demangled_name, sym2) { 409 if (is_local_sym(sym2) || sym2->twin) 410 continue; 411 412 count++; 413 result = sym2; 414 } 415 416 if (count > 1) { 417 ERROR("Multiple (%d) correlation candidates for %s", count, sym->name); 418 return -1; 419 } 420 421 *out_sym = result; 422 return 0; 423 } 424 425 /* 426 * For each symbol in the original kernel, find its corresponding "twin" in the 427 * patched kernel. 428 */ 429 static int correlate_symbols(struct elfs *e) 430 { 431 struct symbol *file1_sym, *file2_sym; 432 struct symbol *sym1, *sym2; 433 434 file1_sym = first_file_symbol(e->orig); 435 file2_sym = first_file_symbol(e->patched); 436 437 /* 438 * Correlate any locals before the first FILE symbol. This has been 439 * seen when LTO inexplicably strips the initramfs_data.o FILE symbol 440 * due to the file only containing data and no code. 441 */ 442 for_each_sym(e->orig, sym1) { 443 if (sym1 == file1_sym || !is_local_sym(sym1)) 444 break; 445 446 if (dont_correlate(sym1)) 447 continue; 448 449 for_each_sym(e->patched, sym2) { 450 if (sym2 == file2_sym || !is_local_sym(sym2)) 451 break; 452 453 if (sym2->twin || dont_correlate(sym2)) 454 continue; 455 456 if (strcmp(sym1->demangled_name, sym2->demangled_name)) 457 continue; 458 459 sym1->twin = sym2; 460 sym2->twin = sym1; 461 break; 462 } 463 } 464 465 /* Correlate locals after the first FILE symbol */ 466 for (; ; file1_sym = next_file_symbol(e->orig, file1_sym), 467 file2_sym = next_file_symbol(e->patched, file2_sym)) { 468 469 if (!file1_sym && file2_sym) { 470 ERROR("FILE symbol mismatch: NULL != %s", file2_sym->name); 471 return -1; 472 } 473 474 if (file1_sym && !file2_sym) { 475 ERROR("FILE symbol mismatch: %s != NULL", file1_sym->name); 476 return -1; 477 } 478 479 if (!file1_sym) 480 break; 481 482 if (strcmp(file1_sym->name, file2_sym->name)) { 483 ERROR("FILE symbol mismatch: %s != %s", file1_sym->name, file2_sym->name); 484 return -1; 485 } 486 487 file1_sym->twin = file2_sym; 488 file2_sym->twin = file1_sym; 489 490 sym1 = file1_sym; 491 492 for_each_sym_continue(e->orig, sym1) { 493 if (is_file_sym(sym1) || !is_local_sym(sym1)) 494 break; 495 496 if (dont_correlate(sym1)) 497 continue; 498 499 sym2 = file2_sym; 500 for_each_sym_continue(e->patched, sym2) { 501 if (is_file_sym(sym2) || !is_local_sym(sym2)) 502 break; 503 504 if (sym2->twin || dont_correlate(sym2)) 505 continue; 506 507 if (strcmp(sym1->demangled_name, sym2->demangled_name)) 508 continue; 509 510 sym1->twin = sym2; 511 sym2->twin = sym1; 512 break; 513 } 514 } 515 } 516 517 /* Correlate globals */ 518 for_each_sym(e->orig, sym1) { 519 if (sym1->bind == STB_LOCAL) 520 continue; 521 522 sym2 = find_global_symbol_by_name(e->patched, sym1->name); 523 if (sym2 && !sym2->twin) { 524 sym1->twin = sym2; 525 sym2->twin = sym1; 526 } 527 } 528 529 /* 530 * Correlate globals with demangled_name. 531 * A separate loop is needed because we want to finish all the 532 * full name correlations first. 533 */ 534 for_each_sym(e->orig, sym1) { 535 if (sym1->bind == STB_LOCAL || sym1->twin) 536 continue; 537 538 if (find_global_symbol_by_demangled_name(e->patched, sym1, &sym2)) 539 return -1; 540 541 if (sym2 && !sym2->twin) { 542 sym1->twin = sym2; 543 sym2->twin = sym1; 544 } 545 } 546 547 /* Correlate original locals with patched globals */ 548 for_each_sym(e->orig, sym1) { 549 if (sym1->twin || dont_correlate(sym1) || !is_local_sym(sym1)) 550 continue; 551 552 sym2 = find_global_symbol_by_name(e->patched, sym1->name); 553 if (!sym2 && find_global_symbol_by_demangled_name(e->patched, sym1, &sym2)) 554 return -1; 555 556 if (sym2 && !sym2->twin) { 557 sym1->twin = sym2; 558 sym2->twin = sym1; 559 } 560 } 561 562 /* Correlate original globals with patched locals */ 563 for_each_sym(e->patched, sym2) { 564 if (sym2->twin || dont_correlate(sym2) || !is_local_sym(sym2)) 565 continue; 566 567 sym1 = find_global_symbol_by_name(e->orig, sym2->name); 568 if (!sym1 && find_global_symbol_by_demangled_name(e->orig, sym2, &sym1)) 569 return -1; 570 571 if (sym1 && !sym1->twin) { 572 sym2->twin = sym1; 573 sym1->twin = sym2; 574 } 575 } 576 577 for_each_sym(e->orig, sym1) { 578 if (sym1->twin || dont_correlate(sym1)) 579 continue; 580 WARN("no correlation: %s", sym1->name); 581 } 582 583 return 0; 584 } 585 586 /* "sympos" is used by livepatch to disambiguate duplicate symbol names */ 587 static unsigned long find_sympos(struct elf *elf, struct symbol *sym) 588 { 589 bool vmlinux = str_ends_with(objname, "vmlinux.o"); 590 unsigned long sympos = 0, nr_matches = 0; 591 bool has_dup = false; 592 struct symbol *s; 593 594 if (sym->bind != STB_LOCAL) 595 return 0; 596 597 if (vmlinux && is_func_sym(sym)) { 598 /* 599 * HACK: Unfortunately, symbol ordering can differ between 600 * vmlinux.o and vmlinux due to the linker script emitting 601 * .text.unlikely* before .text*. Count .text.unlikely* first. 602 * 603 * TODO: Disambiguate symbols more reliably (checksums?) 604 */ 605 for_each_sym(elf, s) { 606 if (strstarts(s->sec->name, ".text.unlikely") && 607 !strcmp(s->name, sym->name)) { 608 nr_matches++; 609 if (s == sym) 610 sympos = nr_matches; 611 else 612 has_dup = true; 613 } 614 } 615 for_each_sym(elf, s) { 616 if (!strstarts(s->sec->name, ".text.unlikely") && 617 !strcmp(s->name, sym->name)) { 618 nr_matches++; 619 if (s == sym) 620 sympos = nr_matches; 621 else 622 has_dup = true; 623 } 624 } 625 } else { 626 for_each_sym(elf, s) { 627 if (!strcmp(s->name, sym->name)) { 628 nr_matches++; 629 if (s == sym) 630 sympos = nr_matches; 631 else 632 has_dup = true; 633 } 634 } 635 } 636 637 if (!sympos) { 638 ERROR("can't find sympos for %s", sym->name); 639 return ULONG_MAX; 640 } 641 642 return has_dup ? sympos : 0; 643 } 644 645 static int clone_sym_relocs(struct elfs *e, struct symbol *patched_sym); 646 647 static struct symbol *__clone_symbol(struct elf *elf, struct symbol *patched_sym, 648 bool data_too) 649 { 650 struct section *out_sec = NULL; 651 unsigned long offset = 0; 652 struct symbol *out_sym; 653 654 if (data_too && !is_undef_sym(patched_sym)) { 655 struct section *patched_sec = patched_sym->sec; 656 657 out_sec = find_section_by_name(elf, patched_sec->name); 658 if (!out_sec) { 659 out_sec = elf_create_section(elf, patched_sec->name, 0, 660 patched_sec->sh.sh_entsize, 661 patched_sec->sh.sh_type, 662 patched_sec->sh.sh_addralign, 663 patched_sec->sh.sh_flags); 664 if (!out_sec) 665 return NULL; 666 } 667 668 if (is_string_sec(patched_sym->sec)) { 669 out_sym = elf_create_section_symbol(elf, out_sec); 670 if (!out_sym) 671 return NULL; 672 673 goto sym_created; 674 } 675 676 if (!is_sec_sym(patched_sym)) 677 offset = ALIGN(sec_size(out_sec), out_sec->sh.sh_addralign); 678 679 if (patched_sym->len || is_sec_sym(patched_sym)) { 680 void *data = NULL; 681 size_t size; 682 683 /* bss doesn't have data */ 684 if (patched_sym->sec->data && patched_sym->sec->data->d_buf) 685 data = patched_sym->sec->data->d_buf + patched_sym->offset; 686 687 if (is_sec_sym(patched_sym)) 688 size = sec_size(patched_sym->sec); 689 else 690 size = patched_sym->len; 691 692 if (!elf_add_data(elf, out_sec, data, size)) 693 return NULL; 694 } 695 } 696 697 out_sym = elf_create_symbol(elf, patched_sym->name, out_sec, 698 patched_sym->bind, patched_sym->type, 699 offset, patched_sym->len); 700 if (!out_sym) 701 return NULL; 702 703 sym_created: 704 patched_sym->clone = out_sym; 705 out_sym->clone = patched_sym; 706 707 return out_sym; 708 } 709 710 static const char *sym_type(struct symbol *sym) 711 { 712 switch (sym->type) { 713 case STT_NOTYPE: return "NOTYPE"; 714 case STT_OBJECT: return "OBJECT"; 715 case STT_FUNC: return "FUNC"; 716 case STT_SECTION: return "SECTION"; 717 case STT_FILE: return "FILE"; 718 default: return "UNKNOWN"; 719 } 720 } 721 722 static const char *sym_bind(struct symbol *sym) 723 { 724 switch (sym->bind) { 725 case STB_LOCAL: return "LOCAL"; 726 case STB_GLOBAL: return "GLOBAL"; 727 case STB_WEAK: return "WEAK"; 728 default: return "UNKNOWN"; 729 } 730 } 731 732 /* 733 * Copy a symbol to the output object, optionally including its data and 734 * relocations. 735 */ 736 static struct symbol *clone_symbol(struct elfs *e, struct symbol *patched_sym, 737 bool data_too) 738 { 739 struct symbol *pfx; 740 741 if (patched_sym->clone) 742 return patched_sym->clone; 743 744 dbg_indent("%s%s", patched_sym->name, data_too ? " [+DATA]" : ""); 745 746 /* Make sure the prefix gets cloned first */ 747 if (is_func_sym(patched_sym) && data_too) { 748 pfx = get_func_prefix(patched_sym); 749 if (pfx) 750 clone_symbol(e, pfx, true); 751 } 752 753 if (!__clone_symbol(e->out, patched_sym, data_too)) 754 return NULL; 755 756 if (data_too && clone_sym_relocs(e, patched_sym)) 757 return NULL; 758 759 return patched_sym->clone; 760 } 761 762 static void mark_included_function(struct symbol *func) 763 { 764 struct symbol *pfx; 765 766 func->included = 1; 767 768 /* Include prefix function */ 769 pfx = get_func_prefix(func); 770 if (pfx) 771 pfx->included = 1; 772 773 /* Make sure .cold parent+child always stay together */ 774 if (func->cfunc && func->cfunc != func) 775 func->cfunc->included = 1; 776 if (func->pfunc && func->pfunc != func) 777 func->pfunc->included = 1; 778 } 779 780 /* 781 * Copy all changed functions (and their dependencies) from the patched object 782 * to the output object. 783 */ 784 static int mark_changed_functions(struct elfs *e) 785 { 786 struct symbol *sym_orig, *patched_sym; 787 bool changed = false; 788 789 /* Find changed functions */ 790 for_each_sym(e->orig, sym_orig) { 791 if (!is_func_sym(sym_orig) || dont_correlate(sym_orig)) 792 continue; 793 794 patched_sym = sym_orig->twin; 795 if (!patched_sym) 796 continue; 797 798 if (sym_orig->csum.checksum != patched_sym->csum.checksum) { 799 patched_sym->changed = 1; 800 mark_included_function(patched_sym); 801 changed = true; 802 } 803 } 804 805 /* Find added functions and print them */ 806 for_each_sym(e->patched, patched_sym) { 807 if (!is_func_sym(patched_sym) || dont_correlate(patched_sym)) 808 continue; 809 810 if (!patched_sym->twin) { 811 printf("%s: new function: %s\n", objname, patched_sym->name); 812 mark_included_function(patched_sym); 813 changed = true; 814 } 815 } 816 817 /* Print changed functions */ 818 for_each_sym(e->patched, patched_sym) { 819 if (patched_sym->changed) 820 printf("%s: changed function: %s\n", objname, patched_sym->name); 821 } 822 823 return !changed ? -1 : 0; 824 } 825 826 static int clone_included_functions(struct elfs *e) 827 { 828 struct symbol *patched_sym; 829 830 for_each_sym(e->patched, patched_sym) { 831 if (patched_sym->included) { 832 if (!clone_symbol(e, patched_sym, true)) 833 return -1; 834 } 835 } 836 837 return 0; 838 } 839 840 /* 841 * Determine whether a relocation should reference the section rather than the 842 * underlying symbol. 843 */ 844 static bool section_reference_needed(struct section *sec) 845 { 846 /* 847 * String symbols are zero-length and uncorrelated. It's easier to 848 * deal with them as section symbols. 849 */ 850 if (is_string_sec(sec)) 851 return true; 852 853 /* 854 * .rodata has mostly anonymous data so there's no way to determine the 855 * length of a needed reference. just copy the whole section if needed. 856 */ 857 if (strstarts(sec->name, ".rodata")) 858 return true; 859 860 /* UBSAN anonymous data */ 861 if (strstarts(sec->name, ".data..Lubsan") || /* GCC */ 862 strstarts(sec->name, ".data..L__unnamed_")) /* Clang */ 863 return true; 864 865 return false; 866 } 867 868 static bool is_reloc_allowed(struct reloc *reloc) 869 { 870 return section_reference_needed(reloc->sym->sec) == is_sec_sym(reloc->sym); 871 } 872 873 static struct export *find_export(struct symbol *sym) 874 { 875 struct export *export; 876 877 hash_for_each_possible(exports, export, hash, str_hash(sym->name)) { 878 if (!strcmp(export->sym, sym->name)) 879 return export; 880 } 881 882 return NULL; 883 } 884 885 static const char *__find_modname(struct elfs *e) 886 { 887 struct section *sec; 888 char *name; 889 890 sec = find_section_by_name(e->orig, ".modinfo"); 891 if (!sec) { 892 ERROR("missing .modinfo section"); 893 return NULL; 894 } 895 896 name = memmem(sec->data->d_buf, sec_size(sec), "\0name=", 6); 897 if (name) 898 return name + 6; 899 900 name = strdup(e->orig->name); 901 if (!name) { 902 ERROR_GLIBC("strdup"); 903 return NULL; 904 } 905 906 for (char *c = name; *c; c++) { 907 if (*c == '/') 908 name = c + 1; 909 else if (*c == '-') 910 *c = '_'; 911 else if (*c == '.') { 912 *c = '\0'; 913 break; 914 } 915 } 916 917 return name; 918 } 919 920 /* Get the object's module name as defined by the kernel (and klp_object) */ 921 static const char *find_modname(struct elfs *e) 922 { 923 const char *modname; 924 925 if (e->modname) 926 return e->modname; 927 928 modname = __find_modname(e); 929 e->modname = modname; 930 return modname; 931 } 932 933 /* 934 * Copying a function from its native compiled environment to a kernel module 935 * removes its natural access to local functions/variables and unexported 936 * globals. References to such symbols need to be converted to KLP relocs so 937 * the kernel arch relocation code knows to apply them and where to find the 938 * symbols. Particularly, duplicate static symbols need to be disambiguated. 939 */ 940 static bool klp_reloc_needed(struct reloc *patched_reloc) 941 { 942 struct symbol *patched_sym = patched_reloc->sym; 943 struct export *export; 944 945 /* no external symbol to reference */ 946 if (dont_correlate(patched_sym)) 947 return false; 948 949 /* For included functions, a regular reloc will do. */ 950 if (patched_sym->included) 951 return false; 952 953 /* 954 * If exported by a module, it has to be a klp reloc. Thanks to the 955 * clusterfunk that is late module patching, the patch module is 956 * allowed to be loaded before any modules it depends on. 957 * 958 * If exported by vmlinux, a normal reloc will do. 959 */ 960 export = find_export(patched_sym); 961 if (export) 962 return strcmp(export->mod, "vmlinux"); 963 964 if (!patched_sym->twin) { 965 /* 966 * Presumably the symbol and its reference were added by the 967 * patch. The symbol could be defined in this .o or in another 968 * .o in the patch module. 969 * 970 * This check needs to be *after* the export check due to the 971 * possibility of the patch adding a new UNDEF reference to an 972 * exported symbol. 973 */ 974 return false; 975 } 976 977 /* Unexported symbol which lives in the original vmlinux or module. */ 978 return true; 979 } 980 981 static int convert_reloc_sym_to_secsym(struct elf *elf, struct reloc *reloc) 982 { 983 struct symbol *sym = reloc->sym; 984 struct section *sec = sym->sec; 985 986 if (!sec->sym && !elf_create_section_symbol(elf, sec)) 987 return -1; 988 989 reloc->sym = sec->sym; 990 set_reloc_sym(elf, reloc, sym->idx); 991 set_reloc_addend(elf, reloc, sym->offset + reloc_addend(reloc)); 992 return 0; 993 } 994 995 static int convert_reloc_secsym_to_sym(struct elf *elf, struct reloc *reloc) 996 { 997 struct symbol *sym = reloc->sym; 998 struct section *sec = sym->sec; 999 1000 /* If the symbol has a dedicated section, it's easy to find */ 1001 sym = find_symbol_by_offset(sec, 0); 1002 if (sym && sym->len == sec_size(sec)) 1003 goto found_sym; 1004 1005 /* No dedicated section; find the symbol manually */ 1006 sym = find_symbol_containing(sec, arch_adjusted_addend(reloc)); 1007 if (!sym) { 1008 /* 1009 * This is presumably an .altinstr_replacement section which is 1010 * empty due to it only having zero-length replacement(s). 1011 */ 1012 if (!sec_size(sec)) 1013 return 1; 1014 1015 /* 1016 * This can happen for special section references to weak code 1017 * whose symbol has been stripped by the linker. 1018 */ 1019 return -1; 1020 } 1021 1022 found_sym: 1023 reloc->sym = sym; 1024 set_reloc_sym(elf, reloc, sym->idx); 1025 set_reloc_addend(elf, reloc, reloc_addend(reloc) - sym->offset); 1026 return 0; 1027 } 1028 1029 /* 1030 * Convert a relocation symbol reference to the needed format: either a section 1031 * symbol or the underlying symbol itself. 1032 */ 1033 static int convert_reloc_sym(struct elf *elf, struct reloc *reloc) 1034 { 1035 if (is_reloc_allowed(reloc)) 1036 return 0; 1037 1038 if (section_reference_needed(reloc->sym->sec)) 1039 return convert_reloc_sym_to_secsym(elf, reloc); 1040 else 1041 return convert_reloc_secsym_to_sym(elf, reloc); 1042 } 1043 1044 /* 1045 * Convert a regular relocation to a klp relocation (sort of). 1046 */ 1047 static int clone_reloc_klp(struct elfs *e, struct reloc *patched_reloc, 1048 struct section *sec, unsigned long offset, 1049 struct export *export) 1050 { 1051 struct symbol *patched_sym = patched_reloc->sym; 1052 s64 addend = reloc_addend(patched_reloc); 1053 const char *sym_modname, *sym_orig_name; 1054 static struct section *klp_relocs; 1055 struct symbol *sym, *klp_sym; 1056 unsigned long klp_reloc_off; 1057 char sym_name[SYM_NAME_LEN]; 1058 struct klp_reloc klp_reloc; 1059 unsigned long sympos; 1060 1061 if (!patched_sym->twin) { 1062 ERROR("unexpected klp reloc for new symbol %s", patched_sym->name); 1063 return -1; 1064 } 1065 1066 /* 1067 * Keep the original reloc intact for now to avoid breaking objtool run 1068 * which relies on proper relocations for many of its features. This 1069 * will be disabled later by "objtool klp post-link". 1070 * 1071 * Convert it to UNDEF (and WEAK to avoid modpost warnings). 1072 */ 1073 1074 sym = patched_sym->clone; 1075 if (!sym) { 1076 /* STB_WEAK: avoid modpost undefined symbol warnings */ 1077 sym = elf_create_symbol(e->out, patched_sym->name, NULL, 1078 STB_WEAK, patched_sym->type, 0, 0); 1079 if (!sym) 1080 return -1; 1081 1082 patched_sym->clone = sym; 1083 sym->clone = patched_sym; 1084 } 1085 1086 if (!elf_create_reloc(e->out, sec, offset, sym, addend, reloc_type(patched_reloc))) 1087 return -1; 1088 1089 /* 1090 * Create the KLP symbol. 1091 */ 1092 1093 if (export) { 1094 sym_modname = export->mod; 1095 sym_orig_name = export->sym; 1096 sympos = 0; 1097 } else { 1098 sym_modname = find_modname(e); 1099 if (!sym_modname) 1100 return -1; 1101 1102 sym_orig_name = patched_sym->twin->name; 1103 sympos = find_sympos(e->orig, patched_sym->twin); 1104 if (sympos == ULONG_MAX) 1105 return -1; 1106 } 1107 1108 /* symbol format: .klp.sym.modname.sym_name,sympos */ 1109 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_SYM_PREFIX "%s.%s,%ld", 1110 sym_modname, sym_orig_name, sympos)) 1111 return -1; 1112 1113 klp_sym = find_symbol_by_name(e->out, sym_name); 1114 if (!klp_sym) { 1115 __dbg_indent("%s", sym_name); 1116 1117 /* STB_WEAK: avoid modpost undefined symbol warnings */ 1118 klp_sym = elf_create_symbol(e->out, sym_name, NULL, 1119 STB_WEAK, patched_sym->type, 0, 0); 1120 if (!klp_sym) 1121 return -1; 1122 } 1123 1124 /* 1125 * Create the __klp_relocs entry. This will be converted to an actual 1126 * KLP rela by "objtool klp post-link". 1127 * 1128 * This intermediate step is necessary to prevent corruption by the 1129 * linker, which doesn't know how to properly handle two rela sections 1130 * applying to the same base section. 1131 */ 1132 1133 if (!klp_relocs) { 1134 klp_relocs = elf_create_section(e->out, KLP_RELOCS_SEC, 0, 1135 0, SHT_PROGBITS, 8, SHF_ALLOC); 1136 if (!klp_relocs) 1137 return -1; 1138 } 1139 1140 klp_reloc_off = sec_size(klp_relocs); 1141 memset(&klp_reloc, 0, sizeof(klp_reloc)); 1142 1143 klp_reloc.type = reloc_type(patched_reloc); 1144 if (!elf_add_data(e->out, klp_relocs, &klp_reloc, sizeof(klp_reloc))) 1145 return -1; 1146 1147 /* klp_reloc.offset */ 1148 if (!sec->sym && !elf_create_section_symbol(e->out, sec)) 1149 return -1; 1150 1151 if (!elf_create_reloc(e->out, klp_relocs, 1152 klp_reloc_off + offsetof(struct klp_reloc, offset), 1153 sec->sym, offset, R_ABS64)) 1154 return -1; 1155 1156 /* klp_reloc.sym */ 1157 if (!elf_create_reloc(e->out, klp_relocs, 1158 klp_reloc_off + offsetof(struct klp_reloc, sym), 1159 klp_sym, addend, R_ABS64)) 1160 return -1; 1161 1162 return 0; 1163 } 1164 1165 #define dbg_clone_reloc(sec, offset, patched_sym, addend, export, klp) \ 1166 dbg_indent("%s+0x%lx: %s%s0x%lx [%s%s%s%s%s%s]", \ 1167 sec->name, offset, patched_sym->name, \ 1168 addend >= 0 ? "+" : "-", labs(addend), \ 1169 sym_type(patched_sym), \ 1170 is_sec_sym(patched_sym) ? "" : " ", \ 1171 is_sec_sym(patched_sym) ? "" : sym_bind(patched_sym), \ 1172 is_undef_sym(patched_sym) ? " UNDEF" : "", \ 1173 export ? " EXPORTED" : "", \ 1174 klp ? " KLP" : "") 1175 1176 /* Copy a reloc and its symbol to the output object */ 1177 static int clone_reloc(struct elfs *e, struct reloc *patched_reloc, 1178 struct section *sec, unsigned long offset) 1179 { 1180 struct symbol *patched_sym = patched_reloc->sym; 1181 struct export *export = find_export(patched_sym); 1182 long addend = reloc_addend(patched_reloc); 1183 struct symbol *out_sym; 1184 bool klp; 1185 1186 if (!is_reloc_allowed(patched_reloc)) { 1187 ERROR_FUNC(patched_reloc->sec->base, reloc_offset(patched_reloc), 1188 "missing symbol for reference to %s+%ld", 1189 patched_sym->name, addend); 1190 return -1; 1191 } 1192 1193 klp = klp_reloc_needed(patched_reloc); 1194 1195 dbg_clone_reloc(sec, offset, patched_sym, addend, export, klp); 1196 1197 if (klp) { 1198 if (clone_reloc_klp(e, patched_reloc, sec, offset, export)) 1199 return -1; 1200 1201 return 0; 1202 } 1203 1204 /* 1205 * Why !export sets 'data_too': 1206 * 1207 * Unexported non-klp symbols need to live in the patch module, 1208 * otherwise there will be unresolved symbols. Notably, this includes: 1209 * 1210 * - New functions/data 1211 * - String sections 1212 * - Special section entries 1213 * - Uncorrelated static local variables 1214 * - UBSAN sections 1215 */ 1216 out_sym = clone_symbol(e, patched_sym, patched_sym->included || !export); 1217 if (!out_sym) 1218 return -1; 1219 1220 /* 1221 * For strings, all references use section symbols, thanks to 1222 * section_reference_needed(). clone_symbol() has cloned an empty 1223 * version of the string section. Now copy the string itself. 1224 */ 1225 if (is_string_sec(patched_sym->sec)) { 1226 const char *str = patched_sym->sec->data->d_buf + addend; 1227 1228 __dbg_indent("\"%s\"", escape_str(str)); 1229 1230 addend = elf_add_string(e->out, out_sym->sec, str); 1231 if (addend == -1) 1232 return -1; 1233 } 1234 1235 if (!elf_create_reloc(e->out, sec, offset, out_sym, addend, 1236 reloc_type(patched_reloc))) 1237 return -1; 1238 1239 return 0; 1240 } 1241 1242 /* Copy all relocs needed for a symbol's contents */ 1243 static int clone_sym_relocs(struct elfs *e, struct symbol *patched_sym) 1244 { 1245 struct section *patched_rsec = patched_sym->sec->rsec; 1246 struct reloc *patched_reloc; 1247 unsigned long start, end; 1248 struct symbol *out_sym; 1249 1250 out_sym = patched_sym->clone; 1251 if (!out_sym) { 1252 ERROR("no clone for %s", patched_sym->name); 1253 return -1; 1254 } 1255 1256 if (!patched_rsec) 1257 return 0; 1258 1259 if (!is_sec_sym(patched_sym) && !patched_sym->len) 1260 return 0; 1261 1262 if (is_string_sec(patched_sym->sec)) 1263 return 0; 1264 1265 if (is_sec_sym(patched_sym)) { 1266 start = 0; 1267 end = sec_size(patched_sym->sec); 1268 } else { 1269 start = patched_sym->offset; 1270 end = start + patched_sym->len; 1271 } 1272 1273 for_each_reloc(patched_rsec, patched_reloc) { 1274 unsigned long offset; 1275 int ret; 1276 1277 if (reloc_offset(patched_reloc) < start || 1278 reloc_offset(patched_reloc) >= end) 1279 continue; 1280 1281 /* 1282 * Skip any reloc referencing .altinstr_aux. Its code is 1283 * always patched by alternatives. See ALTERNATIVE_TERNARY(). 1284 */ 1285 if (patched_reloc->sym->sec && 1286 !strcmp(patched_reloc->sym->sec->name, ".altinstr_aux")) 1287 continue; 1288 1289 ret = convert_reloc_sym(e->patched, patched_reloc); 1290 if (ret < 0) { 1291 ERROR_FUNC(patched_rsec->base, reloc_offset(patched_reloc), 1292 "failed to convert reloc sym '%s' to its proper format", 1293 patched_reloc->sym->name); 1294 return -1; 1295 } 1296 if (ret > 0) 1297 continue; 1298 1299 offset = out_sym->offset + (reloc_offset(patched_reloc) - patched_sym->offset); 1300 1301 if (clone_reloc(e, patched_reloc, out_sym->sec, offset)) 1302 return -1; 1303 } 1304 return 0; 1305 1306 } 1307 1308 static int create_fake_symbol(struct elf *elf, struct section *sec, 1309 unsigned long offset, size_t size) 1310 { 1311 char name[SYM_NAME_LEN]; 1312 unsigned int type; 1313 static int ctr; 1314 char *c; 1315 1316 if (snprintf_check(name, SYM_NAME_LEN, "%s_%d", sec->name, ctr++)) 1317 return -1; 1318 1319 for (c = name; *c; c++) 1320 if (*c == '.') 1321 *c = '_'; 1322 1323 /* 1324 * STT_NOTYPE: Prevent objtool from validating .altinstr_replacement 1325 * while still allowing objdump to disassemble it. 1326 */ 1327 type = is_text_sec(sec) ? STT_NOTYPE : STT_OBJECT; 1328 return elf_create_symbol(elf, name, sec, STB_LOCAL, type, offset, size) ? 0 : -1; 1329 } 1330 1331 /* 1332 * Special sections (alternatives, etc) are basically arrays of structs. 1333 * For all the special sections, create a symbol for each struct entry. This 1334 * is a bit cumbersome, but it makes the extracting of the individual entries 1335 * much more straightforward. 1336 * 1337 * There are three ways to identify the entry sizes for a special section: 1338 * 1339 * 1) ELF section header sh_entsize: Ideally this would be used almost 1340 * everywhere. But unfortunately the toolchains make it difficult. The 1341 * assembler .[push]section directive syntax only takes entsize when 1342 * combined with SHF_MERGE. But Clang disallows combining SHF_MERGE with 1343 * SHF_WRITE. And some special sections do need to be writable. 1344 * 1345 * Another place this wouldn't work is .altinstr_replacement, whose entries 1346 * don't have a fixed size. 1347 * 1348 * 2) ANNOTATE_DATA_SPECIAL: This is a lightweight objtool annotation which 1349 * points to the beginning of each entry. The size of the entry is then 1350 * inferred by the location of the subsequent annotation (or end of 1351 * section). 1352 * 1353 * 3) Simple array of pointers: If the special section is just a basic array of 1354 * pointers, the entry size can be inferred by the number of relocations. 1355 * No annotations needed. 1356 * 1357 * Note I also tried to create per-entry symbols at the time of creation, in 1358 * the original [inline] asm. Unfortunately, creating uniquely named symbols 1359 * is trickier than one might think, especially with Clang inline asm. I 1360 * eventually just gave up trying to make that work, in favor of using 1361 * ANNOTATE_DATA_SPECIAL and creating the symbols here after the fact. 1362 */ 1363 static int create_fake_symbols(struct elf *elf) 1364 { 1365 struct section *sec; 1366 struct reloc *reloc; 1367 1368 /* 1369 * 1) Make symbols for all the ANNOTATE_DATA_SPECIAL entries: 1370 */ 1371 1372 sec = find_section_by_name(elf, ".discard.annotate_data"); 1373 if (!sec || !sec->rsec) 1374 goto entsize; 1375 1376 for_each_reloc(sec->rsec, reloc) { 1377 unsigned long offset, size; 1378 struct reloc *next_reloc; 1379 1380 if (annotype(elf, sec, reloc) != ANNOTYPE_DATA_SPECIAL) 1381 continue; 1382 1383 offset = reloc_addend(reloc); 1384 1385 size = 0; 1386 next_reloc = reloc; 1387 for_each_reloc_continue(sec->rsec, next_reloc) { 1388 if (annotype(elf, sec, next_reloc) != ANNOTYPE_DATA_SPECIAL || 1389 next_reloc->sym->sec != reloc->sym->sec) 1390 continue; 1391 1392 size = reloc_addend(next_reloc) - offset; 1393 break; 1394 } 1395 1396 if (!size) 1397 size = sec_size(reloc->sym->sec) - offset; 1398 1399 if (create_fake_symbol(elf, reloc->sym->sec, offset, size)) 1400 return -1; 1401 } 1402 1403 /* 1404 * 2) Make symbols for sh_entsize, and simple arrays of pointers: 1405 */ 1406 entsize: 1407 for_each_sec(elf, sec) { 1408 unsigned int entry_size; 1409 unsigned long offset; 1410 1411 if (!is_special_section(sec) || find_symbol_by_offset(sec, 0)) 1412 continue; 1413 1414 if (!sec->rsec) { 1415 ERROR("%s: missing special section relocations", sec->name); 1416 return -1; 1417 } 1418 1419 entry_size = sec->sh.sh_entsize; 1420 if (!entry_size) { 1421 entry_size = arch_reloc_size(sec->rsec->relocs); 1422 if (sec_size(sec) != entry_size * sec_num_entries(sec->rsec)) { 1423 ERROR("%s: missing special section entsize or annotations", sec->name); 1424 return -1; 1425 } 1426 } 1427 1428 for (offset = 0; offset < sec_size(sec); offset += entry_size) { 1429 if (create_fake_symbol(elf, sec, offset, entry_size)) 1430 return -1; 1431 } 1432 } 1433 1434 return 0; 1435 } 1436 1437 /* Keep a special section entry if it references an included function */ 1438 static bool should_keep_special_sym(struct elf *elf, struct symbol *sym) 1439 { 1440 struct reloc *reloc; 1441 1442 if (is_sec_sym(sym) || !sym->sec->rsec) 1443 return false; 1444 1445 sym_for_each_reloc(elf, sym, reloc) { 1446 if (convert_reloc_sym(elf, reloc)) 1447 continue; 1448 1449 if (is_func_sym(reloc->sym) && reloc->sym->included) 1450 return true; 1451 } 1452 1453 return false; 1454 } 1455 1456 /* 1457 * Klp relocations aren't allowed for __jump_table and .static_call_sites if 1458 * the referenced symbol lives in a kernel module, because such klp relocs may 1459 * be applied after static branch/call init, resulting in code corruption. 1460 * 1461 * Validate a special section entry to avoid that. Note that an inert 1462 * tracepoint or pr_debug() is harmless enough, in that case just skip the 1463 * entry and print a warning. Otherwise, return an error. 1464 * 1465 * TODO: This is only a temporary limitation which will be fixed when livepatch 1466 * adds support for submodules: fully self-contained modules which are embedded 1467 * in the top-level livepatch module's data and which can be loaded on demand 1468 * when their corresponding to-be-patched module gets loaded. Then klp relocs 1469 * can be retired. 1470 * 1471 * Return: 1472 * -1: error: validation failed 1473 * 1: warning: disabled tracepoint or pr_debug() 1474 * 0: success 1475 */ 1476 static int validate_special_section_klp_reloc(struct elfs *e, struct symbol *sym) 1477 { 1478 bool static_branch = !strcmp(sym->sec->name, "__jump_table"); 1479 bool static_call = !strcmp(sym->sec->name, ".static_call_sites"); 1480 const char *code_sym = NULL; 1481 unsigned long code_offset = 0; 1482 struct reloc *reloc; 1483 int ret = 0; 1484 1485 if (!static_branch && !static_call) 1486 return 0; 1487 1488 sym_for_each_reloc(e->patched, sym, reloc) { 1489 const char *sym_modname; 1490 struct export *export; 1491 1492 if (convert_reloc_sym(e->patched, reloc)) 1493 continue; 1494 1495 /* Static branch/call keys are always STT_OBJECT */ 1496 if (reloc->sym->type != STT_OBJECT) { 1497 1498 /* Save code location which can be printed below */ 1499 if (reloc->sym->type == STT_FUNC && !code_sym) { 1500 code_sym = reloc->sym->name; 1501 code_offset = reloc_addend(reloc); 1502 } 1503 1504 continue; 1505 } 1506 1507 if (!klp_reloc_needed(reloc)) 1508 continue; 1509 1510 export = find_export(reloc->sym); 1511 if (export) { 1512 sym_modname = export->mod; 1513 } else { 1514 sym_modname = find_modname(e); 1515 if (!sym_modname) 1516 return -1; 1517 } 1518 1519 /* vmlinux keys are ok */ 1520 if (!strcmp(sym_modname, "vmlinux")) 1521 continue; 1522 1523 if (!code_sym) 1524 code_sym = "<unknown>"; 1525 1526 if (static_branch) { 1527 if (strstarts(reloc->sym->name, "__tracepoint_")) { 1528 WARN("%s: disabling unsupported tracepoint %s", 1529 code_sym, reloc->sym->name + 13); 1530 ret = 1; 1531 continue; 1532 } 1533 1534 if (strstr(reloc->sym->name, "__UNIQUE_ID_ddebug_")) { 1535 WARN("%s: disabling unsupported pr_debug()", 1536 code_sym); 1537 ret = 1; 1538 continue; 1539 } 1540 1541 ERROR("%s+0x%lx: unsupported static branch key %s. Use static_key_enabled() instead", 1542 code_sym, code_offset, reloc->sym->name); 1543 return -1; 1544 } 1545 1546 /* static call */ 1547 if (strstarts(reloc->sym->name, "__SCK__tp_func_")) { 1548 ret = 1; 1549 continue; 1550 } 1551 1552 ERROR("%s()+0x%lx: unsupported static call key %s. Use KLP_STATIC_CALL() instead", 1553 code_sym, code_offset, reloc->sym->name); 1554 return -1; 1555 } 1556 1557 return ret; 1558 } 1559 1560 static int clone_special_section(struct elfs *e, struct section *patched_sec) 1561 { 1562 struct symbol *patched_sym; 1563 1564 /* 1565 * Extract all special section symbols (and their dependencies) which 1566 * reference included functions. 1567 */ 1568 sec_for_each_sym(patched_sec, patched_sym) { 1569 int ret; 1570 1571 if (!is_object_sym(patched_sym)) 1572 continue; 1573 1574 if (!should_keep_special_sym(e->patched, patched_sym)) 1575 continue; 1576 1577 ret = validate_special_section_klp_reloc(e, patched_sym); 1578 if (ret < 0) 1579 return -1; 1580 if (ret > 0) 1581 continue; 1582 1583 if (!clone_symbol(e, patched_sym, true)) 1584 return -1; 1585 } 1586 1587 return 0; 1588 } 1589 1590 /* Extract only the needed bits from special sections */ 1591 static int clone_special_sections(struct elfs *e) 1592 { 1593 struct section *patched_sec; 1594 1595 for_each_sec(e->patched, patched_sec) { 1596 if (is_special_section(patched_sec)) { 1597 if (clone_special_section(e, patched_sec)) 1598 return -1; 1599 } 1600 } 1601 1602 return 0; 1603 } 1604 1605 /* 1606 * Create .init.klp_objects and .init.klp_funcs sections which are intermediate 1607 * sections provided as input to the patch module's init code for building the 1608 * klp_patch, klp_object and klp_func structs for the livepatch API. 1609 */ 1610 static int create_klp_sections(struct elfs *e) 1611 { 1612 size_t obj_size = sizeof(struct klp_object_ext); 1613 size_t func_size = sizeof(struct klp_func_ext); 1614 struct section *obj_sec, *funcs_sec, *str_sec; 1615 struct symbol *funcs_sym, *str_sym, *sym; 1616 char sym_name[SYM_NAME_LEN]; 1617 unsigned int nr_funcs = 0; 1618 const char *modname; 1619 void *obj_data; 1620 s64 addend; 1621 1622 obj_sec = elf_create_section_pair(e->out, KLP_OBJECTS_SEC, obj_size, 0, 0); 1623 if (!obj_sec) 1624 return -1; 1625 1626 funcs_sec = elf_create_section_pair(e->out, KLP_FUNCS_SEC, func_size, 0, 0); 1627 if (!funcs_sec) 1628 return -1; 1629 1630 funcs_sym = elf_create_section_symbol(e->out, funcs_sec); 1631 if (!funcs_sym) 1632 return -1; 1633 1634 str_sec = elf_create_section(e->out, KLP_STRINGS_SEC, 0, 0, 1635 SHT_PROGBITS, 1, 1636 SHF_ALLOC | SHF_STRINGS | SHF_MERGE); 1637 if (!str_sec) 1638 return -1; 1639 1640 if (elf_add_string(e->out, str_sec, "") == -1) 1641 return -1; 1642 1643 str_sym = elf_create_section_symbol(e->out, str_sec); 1644 if (!str_sym) 1645 return -1; 1646 1647 /* allocate klp_object_ext */ 1648 obj_data = elf_add_data(e->out, obj_sec, NULL, obj_size); 1649 if (!obj_data) 1650 return -1; 1651 1652 modname = find_modname(e); 1653 if (!modname) 1654 return -1; 1655 1656 /* klp_object_ext.name */ 1657 if (strcmp(modname, "vmlinux")) { 1658 addend = elf_add_string(e->out, str_sec, modname); 1659 if (addend == -1) 1660 return -1; 1661 1662 if (!elf_create_reloc(e->out, obj_sec, 1663 offsetof(struct klp_object_ext, name), 1664 str_sym, addend, R_ABS64)) 1665 return -1; 1666 } 1667 1668 /* klp_object_ext.funcs */ 1669 if (!elf_create_reloc(e->out, obj_sec, offsetof(struct klp_object_ext, funcs), 1670 funcs_sym, 0, R_ABS64)) 1671 return -1; 1672 1673 for_each_sym(e->out, sym) { 1674 unsigned long offset = nr_funcs * func_size; 1675 unsigned long sympos; 1676 void *func_data; 1677 1678 if (!is_func_sym(sym) || sym->cold || !sym->clone || !sym->clone->changed) 1679 continue; 1680 1681 /* allocate klp_func_ext */ 1682 func_data = elf_add_data(e->out, funcs_sec, NULL, func_size); 1683 if (!func_data) 1684 return -1; 1685 1686 /* klp_func_ext.old_name */ 1687 addend = elf_add_string(e->out, str_sec, sym->clone->twin->name); 1688 if (addend == -1) 1689 return -1; 1690 1691 if (!elf_create_reloc(e->out, funcs_sec, 1692 offset + offsetof(struct klp_func_ext, old_name), 1693 str_sym, addend, R_ABS64)) 1694 return -1; 1695 1696 /* klp_func_ext.new_func */ 1697 if (!elf_create_reloc(e->out, funcs_sec, 1698 offset + offsetof(struct klp_func_ext, new_func), 1699 sym, 0, R_ABS64)) 1700 return -1; 1701 1702 /* klp_func_ext.sympos */ 1703 BUILD_BUG_ON(sizeof(sympos) != sizeof_field(struct klp_func_ext, sympos)); 1704 sympos = find_sympos(e->orig, sym->clone->twin); 1705 if (sympos == ULONG_MAX) 1706 return -1; 1707 memcpy(func_data + offsetof(struct klp_func_ext, sympos), &sympos, 1708 sizeof_field(struct klp_func_ext, sympos)); 1709 1710 nr_funcs++; 1711 } 1712 1713 /* klp_object_ext.nr_funcs */ 1714 BUILD_BUG_ON(sizeof(nr_funcs) != sizeof_field(struct klp_object_ext, nr_funcs)); 1715 memcpy(obj_data + offsetof(struct klp_object_ext, nr_funcs), &nr_funcs, 1716 sizeof_field(struct klp_object_ext, nr_funcs)); 1717 1718 /* 1719 * Find callback pointers created by KLP_PRE_PATCH_CALLBACK() and 1720 * friends, and add them to the klp object. 1721 */ 1722 1723 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_PRE_PATCH_PREFIX "%s", modname)) 1724 return -1; 1725 1726 sym = find_symbol_by_name(e->out, sym_name); 1727 if (sym) { 1728 struct reloc *reloc; 1729 1730 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset); 1731 1732 if (!elf_create_reloc(e->out, obj_sec, 1733 offsetof(struct klp_object_ext, callbacks) + 1734 offsetof(struct klp_callbacks, pre_patch), 1735 reloc->sym, reloc_addend(reloc), R_ABS64)) 1736 return -1; 1737 } 1738 1739 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_POST_PATCH_PREFIX "%s", modname)) 1740 return -1; 1741 1742 sym = find_symbol_by_name(e->out, sym_name); 1743 if (sym) { 1744 struct reloc *reloc; 1745 1746 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset); 1747 1748 if (!elf_create_reloc(e->out, obj_sec, 1749 offsetof(struct klp_object_ext, callbacks) + 1750 offsetof(struct klp_callbacks, post_patch), 1751 reloc->sym, reloc_addend(reloc), R_ABS64)) 1752 return -1; 1753 } 1754 1755 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_PRE_UNPATCH_PREFIX "%s", modname)) 1756 return -1; 1757 1758 sym = find_symbol_by_name(e->out, sym_name); 1759 if (sym) { 1760 struct reloc *reloc; 1761 1762 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset); 1763 1764 if (!elf_create_reloc(e->out, obj_sec, 1765 offsetof(struct klp_object_ext, callbacks) + 1766 offsetof(struct klp_callbacks, pre_unpatch), 1767 reloc->sym, reloc_addend(reloc), R_ABS64)) 1768 return -1; 1769 } 1770 1771 if (snprintf_check(sym_name, SYM_NAME_LEN, KLP_POST_UNPATCH_PREFIX "%s", modname)) 1772 return -1; 1773 1774 sym = find_symbol_by_name(e->out, sym_name); 1775 if (sym) { 1776 struct reloc *reloc; 1777 1778 reloc = find_reloc_by_dest(e->out, sym->sec, sym->offset); 1779 1780 if (!elf_create_reloc(e->out, obj_sec, 1781 offsetof(struct klp_object_ext, callbacks) + 1782 offsetof(struct klp_callbacks, post_unpatch), 1783 reloc->sym, reloc_addend(reloc), R_ABS64)) 1784 return -1; 1785 } 1786 1787 return 0; 1788 } 1789 1790 /* 1791 * Copy all .modinfo import_ns= tags to ensure all namespaced exported symbols 1792 * can be accessed via normal relocs. 1793 */ 1794 static int copy_import_ns(struct elfs *e) 1795 { 1796 struct section *patched_sec, *out_sec = NULL; 1797 char *import_ns, *data_end; 1798 1799 patched_sec = find_section_by_name(e->patched, ".modinfo"); 1800 if (!patched_sec) 1801 return 0; 1802 1803 import_ns = patched_sec->data->d_buf; 1804 if (!import_ns) 1805 return 0; 1806 1807 for (data_end = import_ns + sec_size(patched_sec); 1808 import_ns < data_end; 1809 import_ns += strlen(import_ns) + 1) { 1810 1811 import_ns = memmem(import_ns, data_end - import_ns, "import_ns=", 10); 1812 if (!import_ns) 1813 return 0; 1814 1815 if (!out_sec) { 1816 out_sec = find_section_by_name(e->out, ".modinfo"); 1817 if (!out_sec) { 1818 out_sec = elf_create_section(e->out, ".modinfo", 0, 1819 patched_sec->sh.sh_entsize, 1820 patched_sec->sh.sh_type, 1821 patched_sec->sh.sh_addralign, 1822 patched_sec->sh.sh_flags); 1823 if (!out_sec) 1824 return -1; 1825 } 1826 } 1827 1828 if (!elf_add_data(e->out, out_sec, import_ns, strlen(import_ns) + 1)) 1829 return -1; 1830 } 1831 1832 return 0; 1833 } 1834 1835 int cmd_klp_diff(int argc, const char **argv) 1836 { 1837 struct elfs e = {0}; 1838 1839 argc = parse_options(argc, argv, klp_diff_options, klp_diff_usage, 0); 1840 if (argc != 3) 1841 usage_with_options(klp_diff_usage, klp_diff_options); 1842 1843 objname = argv[0]; 1844 1845 e.orig = elf_open_read(argv[0], O_RDONLY); 1846 e.patched = elf_open_read(argv[1], O_RDONLY); 1847 e.out = NULL; 1848 1849 if (!e.orig || !e.patched) 1850 return -1; 1851 1852 if (read_exports()) 1853 return -1; 1854 1855 if (read_sym_checksums(e.orig)) 1856 return -1; 1857 1858 if (read_sym_checksums(e.patched)) 1859 return -1; 1860 1861 if (correlate_symbols(&e)) 1862 return -1; 1863 1864 if (mark_changed_functions(&e)) 1865 return 0; 1866 1867 e.out = elf_create_file(&e.orig->ehdr, argv[2]); 1868 if (!e.out) 1869 return -1; 1870 1871 /* 1872 * Special section fake symbols are needed so that individual special 1873 * section entries can be extracted by clone_special_sections(). 1874 * 1875 * Note the fake symbols are also needed by clone_included_functions() 1876 * because __WARN_printf() call sites add references to bug table 1877 * entries in the calling functions. 1878 */ 1879 if (create_fake_symbols(e.patched)) 1880 return -1; 1881 1882 if (clone_included_functions(&e)) 1883 return -1; 1884 1885 if (clone_special_sections(&e)) 1886 return -1; 1887 1888 if (create_klp_sections(&e)) 1889 return -1; 1890 1891 if (copy_import_ns(&e)) 1892 return -1; 1893 1894 if (elf_write(e.out)) 1895 return -1; 1896 1897 return elf_close(e.out); 1898 } 1899