diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2015-04-22 12:49:24 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2015-04-22 12:49:24 -0400 |
| commit | 15ce2658ddbd3db20dfba3622f3d224f01837fdc (patch) | |
| tree | c1a62e6d2c0b5942cbb8624e8db9be06e28e04b0 | |
| parent | f3ca10dde49043fbbb055854278b26954b549b36 (diff) | |
| parent | 4a3893d069b788f3570c19c12d9e986e8e15870f (diff) | |
Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module updates from Rusty Russell:
"Quentin opened a can of worms by adding extable entry checking to
modpost, but most architectures seem fixed now. Thanks to all
involved.
Last minute rebase because I noticed a "[PATCH]" had snuck into a
commit message somehow"
* tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
modpost: don't emit section mismatch warnings for compiler optimizations
modpost: expand pattern matching to support substring matches
modpost: do not try to match the SHT_NUL section.
modpost: fix extable entry size calculation.
modpost: fix inverted logic in is_extable_fault_address().
modpost: handle -ffunction-sections
modpost: Whitelist .text.fixup and .exception.text
params: handle quotes properly for values not of form foo="bar".
modpost: document the use of struct section_check.
modpost: handle relocations mismatch in __ex_table.
scripts: add check_extable.sh script.
modpost: mismatch_handler: retrieve tosym information only when needed.
modpost: factorize symbol pretty print in get_pretty_name().
modpost: add handler function pointer to sectioncheck.
modpost: add .sched.text and .kprobes.text to the TEXT_SECTIONS list.
modpost: add strict white-listing when referencing sections.
module: do not print allocation-fail warning on bogus user buffer size
kernel/module.c: fix typos in message about unused symbols
| -rw-r--r-- | kernel/module.c | 9 | ||||
| -rw-r--r-- | kernel/params.c | 4 | ||||
| -rwxr-xr-x | scripts/check_extable.sh | 146 | ||||
| -rw-r--r-- | scripts/mod/modpost.c | 341 |
4 files changed, 440 insertions, 60 deletions
diff --git a/kernel/module.c b/kernel/module.c index 650b038ae520..42a1d2afb217 100644 --- a/kernel/module.c +++ b/kernel/module.c | |||
| @@ -387,9 +387,9 @@ static bool check_symbol(const struct symsearch *syms, | |||
| 387 | pr_warn("Symbol %s is marked as UNUSED, however this module is " | 387 | pr_warn("Symbol %s is marked as UNUSED, however this module is " |
| 388 | "using it.\n", fsa->name); | 388 | "using it.\n", fsa->name); |
| 389 | pr_warn("This symbol will go away in the future.\n"); | 389 | pr_warn("This symbol will go away in the future.\n"); |
| 390 | pr_warn("Please evalute if this is the right api to use and if " | 390 | pr_warn("Please evaluate if this is the right api to use and " |
| 391 | "it really is, submit a report the linux kernel " | 391 | "if it really is, submit a report to the linux kernel " |
| 392 | "mailinglist together with submitting your code for " | 392 | "mailing list together with submitting your code for " |
| 393 | "inclusion.\n"); | 393 | "inclusion.\n"); |
| 394 | } | 394 | } |
| 395 | #endif | 395 | #endif |
| @@ -2511,7 +2511,8 @@ static int copy_module_from_user(const void __user *umod, unsigned long len, | |||
| 2511 | return err; | 2511 | return err; |
| 2512 | 2512 | ||
| 2513 | /* Suck in entire file: we'll want most of it. */ | 2513 | /* Suck in entire file: we'll want most of it. */ |
| 2514 | info->hdr = vmalloc(info->len); | 2514 | info->hdr = __vmalloc(info->len, |
| 2515 | GFP_KERNEL | __GFP_HIGHMEM | __GFP_NOWARN, PAGE_KERNEL); | ||
| 2515 | if (!info->hdr) | 2516 | if (!info->hdr) |
| 2516 | return -ENOMEM; | 2517 | return -ENOMEM; |
| 2517 | 2518 | ||
diff --git a/kernel/params.c b/kernel/params.c index 728e05b167de..a22d6a759b1a 100644 --- a/kernel/params.c +++ b/kernel/params.c | |||
| @@ -173,9 +173,9 @@ static char *next_arg(char *args, char **param, char **val) | |||
| 173 | if (args[i-1] == '"') | 173 | if (args[i-1] == '"') |
| 174 | args[i-1] = '\0'; | 174 | args[i-1] = '\0'; |
| 175 | } | 175 | } |
| 176 | if (quoted && args[i-1] == '"') | ||
| 177 | args[i-1] = '\0'; | ||
| 178 | } | 176 | } |
| 177 | if (quoted && args[i-1] == '"') | ||
| 178 | args[i-1] = '\0'; | ||
| 179 | 179 | ||
| 180 | if (args[i]) { | 180 | if (args[i]) { |
| 181 | args[i] = '\0'; | 181 | args[i] = '\0'; |
diff --git a/scripts/check_extable.sh b/scripts/check_extable.sh new file mode 100755 index 000000000000..0fb6b1c97c27 --- /dev/null +++ b/scripts/check_extable.sh | |||
| @@ -0,0 +1,146 @@ | |||
| 1 | #! /bin/bash | ||
| 2 | # (c) 2015, Quentin Casasnovas <quentin.casasnovas@oracle.com> | ||
| 3 | |||
| 4 | obj=$1 | ||
| 5 | |||
| 6 | file ${obj} | grep -q ELF || (echo "${obj} is not and ELF file." 1>&2 ; exit 0) | ||
| 7 | |||
| 8 | # Bail out early if there isn't an __ex_table section in this object file. | ||
| 9 | objdump -hj __ex_table ${obj} 2> /dev/null > /dev/null | ||
| 10 | [ $? -ne 0 ] && exit 0 | ||
| 11 | |||
| 12 | white_list=.text,.fixup | ||
| 13 | |||
| 14 | suspicious_relocs=$(objdump -rj __ex_table ${obj} | tail -n +6 | | ||
| 15 | grep -v $(eval echo -e{${white_list}}) | awk '{print $3}') | ||
| 16 | |||
| 17 | # No suspicious relocs in __ex_table, jobs a good'un | ||
| 18 | [ -z "${suspicious_relocs}" ] && exit 0 | ||
| 19 | |||
| 20 | |||
| 21 | # After this point, something is seriously wrong since we just found out we | ||
| 22 | # have some relocations in __ex_table which point to sections which aren't | ||
| 23 | # white listed. If you're adding a new section in the Linux kernel, and | ||
| 24 | # you're expecting this section to contain code which can fault (i.e. the | ||
| 25 | # __ex_table relocation to your new section is expected), simply add your | ||
| 26 | # new section to the white_list variable above. If not, you're probably | ||
| 27 | # doing something wrong and the rest of this code is just trying to print | ||
| 28 | # you more information about it. | ||
| 29 | |||
| 30 | function find_section_offset_from_symbol() | ||
| 31 | { | ||
| 32 | eval $(objdump -t ${obj} | grep ${1} | sed 's/\([0-9a-f]\+\) .\{7\} \([^ \t]\+\).*/section="\2"; section_offset="0x\1" /') | ||
| 33 | |||
| 34 | # addr2line takes addresses in hexadecimal... | ||
| 35 | section_offset=$(printf "0x%016x" $(( ${section_offset} + $2 )) ) | ||
| 36 | } | ||
| 37 | |||
| 38 | function find_symbol_and_offset_from_reloc() | ||
| 39 | { | ||
| 40 | # Extract symbol and offset from the objdump output | ||
| 41 | eval $(echo $reloc | sed 's/\([^+]\+\)+\?\(0x[0-9a-f]\+\)\?/symbol="\1"; symbol_offset="\2"/') | ||
| 42 | |||
| 43 | # When the relocation points to the begining of a symbol or section, it | ||
| 44 | # won't print the offset since it is zero. | ||
| 45 | if [ -z "${symbol_offset}" ]; then | ||
| 46 | symbol_offset=0x0 | ||
| 47 | fi | ||
| 48 | } | ||
| 49 | |||
| 50 | function find_alt_replacement_target() | ||
| 51 | { | ||
| 52 | # The target of the .altinstr_replacement is the relocation just before | ||
| 53 | # the .altinstr_replacement one. | ||
| 54 | eval $(objdump -rj .altinstructions ${obj} | grep -B1 "${section}+${section_offset}" | head -n1 | awk '{print $3}' | | ||
| 55 | sed 's/\([^+]\+\)+\(0x[0-9a-f]\+\)/alt_target_section="\1"; alt_target_offset="\2"/') | ||
| 56 | } | ||
| 57 | |||
| 58 | function handle_alt_replacement_reloc() | ||
| 59 | { | ||
| 60 | # This will define alt_target_section and alt_target_section_offset | ||
| 61 | find_alt_replacement_target ${section} ${section_offset} | ||
| 62 | |||
| 63 | echo "Error: found a reference to .altinstr_replacement in __ex_table:" | ||
| 64 | addr2line -fip -j ${alt_target_section} -e ${obj} ${alt_target_offset} | awk '{print "\t" $0}' | ||
| 65 | |||
| 66 | error=true | ||
| 67 | } | ||
| 68 | |||
| 69 | function is_executable_section() | ||
| 70 | { | ||
| 71 | objdump -hwj ${section} ${obj} | grep -q CODE | ||
| 72 | return $? | ||
| 73 | } | ||
| 74 | |||
| 75 | function handle_suspicious_generic_reloc() | ||
| 76 | { | ||
| 77 | if is_executable_section ${section}; then | ||
| 78 | # We've got a relocation to a non white listed _executable_ | ||
| 79 | # section, print a warning so the developper adds the section to | ||
| 80 | # the white list or fix his code. We try to pretty-print the file | ||
| 81 | # and line number where that relocation was added. | ||
| 82 | echo "Warning: found a reference to section \"${section}\" in __ex_table:" | ||
| 83 | addr2line -fip -j ${section} -e ${obj} ${section_offset} | awk '{print "\t" $0}' | ||
| 84 | else | ||
| 85 | # Something is definitively wrong here since we've got a relocation | ||
| 86 | # to a non-executable section, there's no way this would ever be | ||
| 87 | # running in the kernel. | ||
| 88 | echo "Error: found a reference to non-executable section \"${section}\" in __ex_table at offset ${section_offset}" | ||
| 89 | error=true | ||
| 90 | fi | ||
| 91 | } | ||
| 92 | |||
| 93 | function handle_suspicious_reloc() | ||
| 94 | { | ||
| 95 | case "${section}" in | ||
| 96 | ".altinstr_replacement") | ||
| 97 | handle_alt_replacement_reloc ${section} ${section_offset} | ||
| 98 | ;; | ||
| 99 | *) | ||
| 100 | handle_suspicious_generic_reloc ${section} ${section_offset} | ||
| 101 | ;; | ||
| 102 | esac | ||
| 103 | } | ||
| 104 | |||
| 105 | function diagnose() | ||
| 106 | { | ||
| 107 | |||
| 108 | for reloc in ${suspicious_relocs}; do | ||
| 109 | # Let's find out where the target of the relocation in __ex_table | ||
| 110 | # is, this will define ${symbol} and ${symbol_offset} | ||
| 111 | find_symbol_and_offset_from_reloc ${reloc} | ||
| 112 | |||
| 113 | # When there's a global symbol at the place of the relocation, | ||
| 114 | # objdump will use it instead of giving us a section+offset, so | ||
| 115 | # let's find out which section is this symbol in and the total | ||
| 116 | # offset withing that section. | ||
| 117 | find_section_offset_from_symbol ${symbol} ${symbol_offset} | ||
| 118 | |||
| 119 | # In this case objdump was presenting us with a reloc to a symbol | ||
| 120 | # rather than a section. Now that we've got the actual section, | ||
| 121 | # we can skip it if it's in the white_list. | ||
| 122 | if [ -z "$( echo $section | grep -v $(eval echo -e{${white_list}}))" ]; then | ||
| 123 | continue; | ||
| 124 | fi | ||
| 125 | |||
| 126 | # Will either print a warning if the relocation happens to be in a | ||
| 127 | # section we do not know but has executable bit set, or error out. | ||
| 128 | handle_suspicious_reloc | ||
| 129 | done | ||
| 130 | } | ||
| 131 | |||
| 132 | function check_debug_info() { | ||
| 133 | objdump -hj .debug_info ${obj} 2> /dev/null > /dev/null || | ||
| 134 | echo -e "${obj} does not contain debug information, the addr2line output will be limited.\n" \ | ||
| 135 | "Recompile ${obj} with CONFIG_DEBUG_INFO to get a more useful output." | ||
| 136 | } | ||
| 137 | |||
| 138 | check_debug_info | ||
| 139 | |||
| 140 | diagnose | ||
