aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Ellerman <michael@ellerman.id.au>2008-04-23 22:08:22 -0400
committerPaul Mackerras <paulus@samba.org>2008-04-24 06:58:03 -0400
commit5c02cd2fb83bd4a11270eeb6682e507f04897837 (patch)
treed2b2a294dfab46543232dc0d6082abe71398186b
parentd9e9d82c24e55b8a0fcc89032fdf9f58f1fb56d7 (diff)
[POWERPC] Discourage people from fiddling with kernel data from prom_init
As BenH said the other day, it is an "accident" that prom_init.o is linked with the rest of the kernel. The truth is a little more subtle, prom_init isn't truly bootloader, it does access kernel data in a few places. What we can do is discourage people from adding new code that accesses data outside of prom_init. And hence this patch; from the script: # This script checks prom_init.o to see what external symbols it # is using, if it finds symbols not in the whitelist it returns # an error. The point of this is to discourage people from # intentionally or accidentally adding new code to prom_init.c # which has side effects on other parts of the kernel. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Paul Mackerras <paulus@samba.org>
-rw-r--r--arch/powerpc/kernel/Makefile9
-rw-r--r--arch/powerpc/kernel/prom_init_check.sh58
2 files changed, 67 insertions, 0 deletions
diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile
index ce1e8d24e747..9177b21b1a95 100644
--- a/arch/powerpc/kernel/Makefile
+++ b/arch/powerpc/kernel/Makefile
@@ -106,4 +106,13 @@ PHONY += systbl_chk
106systbl_chk: $(src)/systbl_chk.sh $(obj)/systbl_chk.i 106systbl_chk: $(src)/systbl_chk.sh $(obj)/systbl_chk.i
107 $(call cmd,systbl_chk) 107 $(call cmd,systbl_chk)
108 108
109$(obj)/built-in.o: prom_init_check
110
111quiet_cmd_prom_init_check = CALL $<
112 cmd_prom_init_check = $(CONFIG_SHELL) $< "$(NM)" "$(obj)/prom_init.o"
113
114PHONY += prom_init_check
115prom_init_check: $(src)/prom_init_check.sh $(obj)/prom_init.o
116 $(call cmd,prom_init_check)
117
109clean-files := vmlinux.lds 118clean-files := vmlinux.lds
diff --git a/arch/powerpc/kernel/prom_init_check.sh b/arch/powerpc/kernel/prom_init_check.sh
new file mode 100644
index 000000000000..8e24fc1821e8
--- /dev/null
+++ b/arch/powerpc/kernel/prom_init_check.sh
@@ -0,0 +1,58 @@
1#!/bin/sh
2#
3# Copyright © 2008 IBM Corporation
4#
5# This program is free software; you can redistribute it and/or
6# modify it under the terms of the GNU General Public License
7# as published by the Free Software Foundation; either version
8# 2 of the License, or (at your option) any later version.
9
10# This script checks prom_init.o to see what external symbols it
11# is using, if it finds symbols not in the whitelist it returns
12# an error. The point of this is to discourage people from
13# intentionally or accidentally adding new code to prom_init.c
14# which has side effects on other parts of the kernel.
15
16# If you really need to reference something from prom_init.o add
17# it to the list below:
18
19WHITELIST="add_reloc_offset __bss_start __bss_stop copy_and_flush
20_end enter_prom memcpy memset reloc_offset __secondary_hold
21__secondary_hold_acknowledge __secondary_hold_spinloop __start
22strcmp strcpy strlcpy strlen strncmp strstr logo_linux_clut224
23reloc_got2"
24
25NM="$1"
26OBJ="$2"
27
28ERROR=0
29
30for UNDEF in $($NM -u $OBJ | awk '{print $2}')
31do
32 # On 64-bit nm gives us the function descriptors, which have
33 # a leading . on the name, so strip it off here.
34 UNDEF="${UNDEF#.}"
35
36 if [ $KBUILD_VERBOSE ]; then
37 if [ $KBUILD_VERBOSE -ne 0 ]; then
38 echo "Checking prom_init.o symbol '$UNDEF'"
39 fi
40 fi
41
42 OK=0
43 for WHITE in $WHITELIST
44 do
45 if [ "$UNDEF" = "$WHITE" ]; then
46 OK=1
47 break
48 fi
49 done
50
51 if [ $OK -eq 0 ]; then
52 ERROR=1
53 echo "Error: External symbol '$UNDEF' referenced" \
54 "from prom_init.c" >&2
55 fi
56done
57
58exit $ERROR