From patchwork Fri Jul 22 02:24:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925911 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6758ECCA485 for ; Fri, 22 Jul 2022 02:24:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234095AbiGVCYa (ORCPT ); Thu, 21 Jul 2022 22:24:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36480 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233969AbiGVCY3 (ORCPT ); Thu, 21 Jul 2022 22:24:29 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8258E97A0F for ; Thu, 21 Jul 2022 19:24:28 -0700 (PDT) Received: from mail-oo1-f70.google.com (mail-oo1-f70.google.com [209.85.161.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id A68063F12D for ; Fri, 22 Jul 2022 02:24:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456666; bh=kC/1kbVNZHVRXUTB9yhNq16+U5x50YJN/lTo/8it5RY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=YjVXzyJkxTAPKXGiFVCKCCisT/ANosBE8gymr4/ej4R5yvJnG6ZetCorIe4Y/uDiz t0oRtipxPmZ6fCZ9EMhe4EIDa0pjOCSF3Wgz+V7YV1p3WIhyy/gbRomeuPOlSqyMVQ d9oQY1MBNioZBoOX6xeY1SkgV7m50dYuPjnjZqi5N7Mh4lYz9HrYSLxq+jX8oQPQ38 T/IP7g2N2cvu8xstIZbSOzuiZG3s8a6BnnjY/EYjL4DR+tQ0q0GdvrebeY/35srNtV R6k8OHxniBXYRDHK+CTJbp9/iwvs/XDv0eGd2U/YNPi8jfwllgpiFQ8nA8ChMRv7Eu QX2g2VvbDBe0A== Received: by mail-oo1-f70.google.com with SMTP id q17-20020a4a9611000000b0041b6e7f5d35so267203ooi.5 for ; Thu, 21 Jul 2022 19:24:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kC/1kbVNZHVRXUTB9yhNq16+U5x50YJN/lTo/8it5RY=; b=GPQ1Wcrbk9wZ1Ukq6JPE926iKRqV0LISx5iAxqBSzBcgtjp3AkTS41Kicm9cfmjPx/ TxPmGmaI9MmXJtYtTGXAJabRvtxzRoeFDzbbWfWPwiIAjlcxgNPu/wlGNYsv+q/COPly qMuwpxW27xW467gjGKIvSv+oLVY/ZoXYUAC6PNdfX7pEw+KjnyMqRVpTVBUdwcUaoy/0 zJKJ4/Qk9oNeyLGnnCeLkNlBknhEfQStE8vGDLgWlbqA451eY0EMmZ5EKC6q1C/Yhggv p/nEiOoD8ehxfcGuy6kffKdW1phFqk68GtGtIofduvd7Xn0TNI01GCeXU5woyPNk8dBi h2mw== X-Gm-Message-State: AJIora+aXyFe/x3+GzFwbUv3W02FVUiWl4rVJIzcCPUtFaBx2p52VyVp QMR2uB19YuIpf7qR8PjM8xA5g0sHImSq3BCvRIjOrHL2XkjVMuZSXTM/sxuL9xE64Zeyqpc957R 1L4MfGFA0vKGQf03cxb9sK06cgVOkE4Q+fJU4t6IebA== X-Received: by 2002:a05:6870:e245:b0:de:9321:9ea3 with SMTP id d5-20020a056870e24500b000de93219ea3mr575014oac.79.1658456665403; Thu, 21 Jul 2022 19:24:25 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vz9CcL2MR+9ZDnXuSckB30ZyxqPrqbHamINT424fwyaT0j4I7PHNlLUoX0SQRnEXszDNhPPQ== X-Received: by 2002:a05:6870:e245:b0:de:9321:9ea3 with SMTP id d5-20020a056870e24500b000de93219ea3mr574998oac.79.1658456665112; Thu, 21 Jul 2022 19:24:25 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:24 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 1/6] modpost: factor out elf/arch-specific code from section_rel[a]() Date: Thu, 21 Jul 2022 23:24:11 -0300 Message-Id: <20220722022416.137548-2-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org There's elf/arch-specific code identical in both functions, with some in section_rel() only. In order to factor that out, generalize the different relocation types Elf_Rela/Elf_Rel (relocation with/without an addend) with the Elf_Rela type, that is just Elf_Rel with a '.r_addend' field. Most of this code only uses Elf_Rel fields ('.r_offset' and '.r_info'). Make usage of '.r_addend' conditional on section header type SHT_RELA. (Note, though, that '.r_addend' is used on SHT_REL in some archs/formats for the _output_ relocation entry, but this is fine and existing code.) This change also seems to help with readability of section_rel[a](). Signed-off-by: Mauricio Faria de Oliveira --- scripts/mod/modpost.c | 141 +++++++++++++++++++++++++----------------- 1 file changed, 84 insertions(+), 57 deletions(-) diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index a0f59d7a8875..4c1038dccae0 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1716,13 +1716,90 @@ static int addend_mips_rel(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *r) #define R_RISCV_SUB32 39 #endif +/* + * RelX: refers to usage of Elf_Rela or Elf_Rel interchangeably where possible. + * + * The usage of Elf_Rela (relocation with an addend) even for Elf_Rel (without) + * as an input parameter is possible for .r_offset and .r_info (same offset on + * both struct types) *BUT* .r_addend can ONLY be accessed on SHT_RELA headers + * (i.e., where it is valid in the input). + * + * Note: .r_addend on SHT_REL is calculated/accessed for the _output_ parameter, + * via the addend_ARCH_rel() functions, but that is fine, as it's not the input. + * + * Return value 1 indicates to skip further processing on this relocation entry. + * + * Output parameters: + * - 'r' is the relocation entry (i.e., replace data at 'r.r_offset' in section + * w/ header 'sechdr' w/ data from symbol w/ symbol table index in 'r.r_info', + * w/ possible relocation addend 'r.r_addend'). + * - 'sym' is that symbol (a pointer to the symbol table + symbol table index). + */ +static int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, + Elf_Rela *out_r, Elf_Sym **out_sym) +{ + Elf_Sym *sym; + Elf_Rela r; + unsigned int r_sym; + + /* Get .r_offset/.r_info and r_sym */ + r.r_offset = TO_NATIVE(rela->r_offset); +#if KERNEL_ELFCLASS == ELFCLASS64 + if (elf->hdr->e_machine == EM_MIPS) { + unsigned int r_typ; + + r_sym = ELF64_MIPS_R_SYM(rela->r_info); + r_sym = TO_NATIVE(r_sym); + r_typ = ELF64_MIPS_R_TYPE(rela->r_info); + r.r_info = ELF64_R_INFO(r_sym, r_typ); + } else { + r.r_info = TO_NATIVE(rela->r_info); + r_sym = ELF_R_SYM(r.r_info); + } +#else + r.r_info = TO_NATIVE(rela->r_info); + r_sym = ELF_R_SYM(r.r_info); +#endif + + /* Get .r_addend (only output on SHT_REL) */ + if (sechdr->sh_type == SHT_RELA) { + r.r_addend = TO_NATIVE(rela->r_addend); + } else if (sechdr->sh_type == SHT_REL) { + r.r_addend = 0; + switch (elf->hdr->e_machine) { + case EM_386: + if (addend_386_rel(elf, sechdr, &r)) + return 1; + break; + case EM_ARM: + if (addend_arm_rel(elf, sechdr, &r)) + return 1; + break; + case EM_MIPS: + if (addend_mips_rel(elf, sechdr, &r)) + return 1; + break; + } + } + + sym = elf->symtab_start + r_sym; + + /* Skip special sections */ + if (is_shndx_special(sym->st_shndx)) + return 1; + + /* Done */ + *out_r = r; + *out_sym = sym; + return 0; +} + static void section_rela(const char *modname, struct elf_info *elf, Elf_Shdr *sechdr) { Elf_Sym *sym; Elf_Rela *rela; Elf_Rela r; - unsigned int r_sym; const char *fromsec; Elf_Rela *start = (void *)elf->hdr + sechdr->sh_offset; @@ -1735,23 +1812,9 @@ static void section_rela(const char *modname, struct elf_info *elf, return; for (rela = start; rela < stop; rela++) { - r.r_offset = TO_NATIVE(rela->r_offset); -#if KERNEL_ELFCLASS == ELFCLASS64 - if (elf->hdr->e_machine == EM_MIPS) { - unsigned int r_typ; - r_sym = ELF64_MIPS_R_SYM(rela->r_info); - r_sym = TO_NATIVE(r_sym); - r_typ = ELF64_MIPS_R_TYPE(rela->r_info); - r.r_info = ELF64_R_INFO(r_sym, r_typ); - } else { - r.r_info = TO_NATIVE(rela->r_info); - r_sym = ELF_R_SYM(r.r_info); - } -#else - r.r_info = TO_NATIVE(rela->r_info); - r_sym = ELF_R_SYM(r.r_info); -#endif - r.r_addend = TO_NATIVE(rela->r_addend); + if (get_relx_sym(elf, sechdr, rela, &r, &sym)) + continue; + switch (elf->hdr->e_machine) { case EM_RISCV: if (!strcmp("__ex_table", fromsec) && @@ -1759,10 +1822,7 @@ static void section_rela(const char *modname, struct elf_info *elf, continue; break; } - sym = elf->symtab_start + r_sym; - /* Skip special sections */ - if (is_shndx_special(sym->st_shndx)) - continue; + if (is_second_extable_reloc(start, rela, fromsec)) find_extable_entry_size(fromsec, &r); check_section_mismatch(modname, elf, &r, sym, fromsec); @@ -1775,7 +1835,6 @@ static void section_rel(const char *modname, struct elf_info *elf, Elf_Sym *sym; Elf_Rel *rel; Elf_Rela r; - unsigned int r_sym; const char *fromsec; Elf_Rel *start = (void *)elf->hdr + sechdr->sh_offset; @@ -1788,41 +1847,9 @@ static void section_rel(const char *modname, struct elf_info *elf, return; for (rel = start; rel < stop; rel++) { - r.r_offset = TO_NATIVE(rel->r_offset); -#if KERNEL_ELFCLASS == ELFCLASS64 - if (elf->hdr->e_machine == EM_MIPS) { - unsigned int r_typ; - r_sym = ELF64_MIPS_R_SYM(rel->r_info); - r_sym = TO_NATIVE(r_sym); - r_typ = ELF64_MIPS_R_TYPE(rel->r_info); - r.r_info = ELF64_R_INFO(r_sym, r_typ); - } else { - r.r_info = TO_NATIVE(rel->r_info); - r_sym = ELF_R_SYM(r.r_info); - } -#else - r.r_info = TO_NATIVE(rel->r_info); - r_sym = ELF_R_SYM(r.r_info); -#endif - r.r_addend = 0; - switch (elf->hdr->e_machine) { - case EM_386: - if (addend_386_rel(elf, sechdr, &r)) - continue; - break; - case EM_ARM: - if (addend_arm_rel(elf, sechdr, &r)) - continue; - break; - case EM_MIPS: - if (addend_mips_rel(elf, sechdr, &r)) - continue; - break; - } - sym = elf->symtab_start + r_sym; - /* Skip special sections */ - if (is_shndx_special(sym->st_shndx)) + if (get_relx_sym(elf, sechdr, (Elf_Rela *)rel, &r, &sym) continue; + if (is_second_extable_reloc(start, rel, fromsec)) find_extable_entry_size(fromsec, &r); check_section_mismatch(modname, elf, &r, sym, fromsec); From patchwork Fri Jul 22 02:24:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925912 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 70AE2C43334 for ; Fri, 22 Jul 2022 02:24:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234217AbiGVCYl (ORCPT ); Thu, 21 Jul 2022 22:24:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36786 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234175AbiGVCYk (ORCPT ); Thu, 21 Jul 2022 22:24:40 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BD8B697A2B for ; Thu, 21 Jul 2022 19:24:31 -0700 (PDT) Received: from mail-oa1-f72.google.com (mail-oa1-f72.google.com [209.85.160.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 9B5E03F12E for ; Fri, 22 Jul 2022 02:24:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456670; bh=3ZWy6oO045NhmDZUgGUtDdbm4GX85RgD6xaLJzXc/eE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=CTeawkRDoNBqmnB89bfRQ8Pk7CTm9cEqR2xXQtxBeYU1OW8rduk32svpVZJPdTisU g874cgA2+AiND2/SENKmlfq0fVllx/gWfi7fsuv1yePCH8izxAn3MRCSh4UYnTaCsh VzkuMJay7tQTOBQAVYjnpktjM5UhA9NDQyNyfGP/9XYprTj9j9zI+co/9Er/qegrRy zhNcB904EZs7z5vMcwprdN0UeWrvsA3YXwWXfLSFlp9uJr2U5xnBJloEdUTFnRG/EB U7HltZ/Tn9AA3sWr0NWcTWNMz8djK6QJom5Ti+cUH1TxpANA0aUVrD/OpZq0U31H3a A1OOIFHMddgQQ== Received: by mail-oa1-f72.google.com with SMTP id 586e51a60fabf-10d7a610a64so1774123fac.7 for ; Thu, 21 Jul 2022 19:24:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3ZWy6oO045NhmDZUgGUtDdbm4GX85RgD6xaLJzXc/eE=; b=k1wpP7p0d/NYXp0xo2y033dutkR41xFgL5/HQxb1goXDUP6jSRIj86FUzNe1ktL/ky dfYc1BLSV02q3jWZXvELdjj//bIGT/1daM1j4hEC+hNE2m1fNn41XRLm9FmCmMw7mHK3 G5PcImaSSq5wv2MUvbtSFoADQr26c3Q/8OgdYMpisuWAdU8k/fQTriHm3+sBxjjzgjL0 E9hfL4G+R8tkhij8wMydb6uv2bZJqZQoiGZ93HrrQ4nGxmOXT8Ly6OmUrhLaBwRh7STT r1vaKXqPOv/04XvjWdXwBbwNWLunvrySJDYvmqZzVIgJUXjMzduk2s+4jPM5607gJiNj zeag== X-Gm-Message-State: AJIora9JiRIL5vq/CBKb3w6v2UkaV3E/qVQcVccp+/Whu1+FCKjridNN ufhqUnawPBhQWbjGCWCp5pBCIHdlqZ2lkGHLyVjdZwynseEtiVcJK7Aa1jSPGP36nzRR7JLXmOj KZdha1PqfemWVF3SweNWz1jpjClTDvPOPe/OS9M/bNw== X-Received: by 2002:a05:6870:a54b:b0:10d:bd45:8acf with SMTP id p11-20020a056870a54b00b0010dbd458acfmr97016oal.137.1658456669033; Thu, 21 Jul 2022 19:24:29 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uXOJFfZ5xySXu/jnZXD4d8EwntbgED2XgYvhxCSIhrCPaTNG1IxGQOP+0DjE3kT8h+fPFKDg== X-Received: by 2002:a05:6870:a54b:b0:10d:bd45:8acf with SMTP id p11-20020a056870a54b00b0010dbd458acfmr97007oal.137.1658456668819; Thu, 21 Jul 2022 19:24:28 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:28 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 2/6] modpost: deduplicate section_rel[a]() Date: Thu, 21 Jul 2022 23:24:12 -0300 Message-Id: <20220722022416.137548-3-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org Now both functions are almost identical, and we can again generalize the relocation types Elf_Rela/Elf_Rel with Elf_Rela, and handle some differences with conditionals on section header type (SHT_RELA/REL). The important bit is to make sure the loop increment uses the right size for pointer arithmethic. The original reason for split functions to make program logic easier to follow; commit 5b24c0715fc4 ("kbuild: code refactoring in modpost"). Hopefully these 2 commits may help improving that, without an impact in understanding the code due to generalization of relocation types. Signed-off-by: Mauricio Faria de Oliveira --- scripts/mod/modpost.c | 61 ++++++++++++++++--------------------------- 1 file changed, 23 insertions(+), 38 deletions(-) diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index 4c1038dccae0..d1ed67fa290b 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1794,63 +1794,49 @@ static int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, return 0; } -static void section_rela(const char *modname, struct elf_info *elf, +/* The caller must ensure sechdr->sh_type == SHT_RELA or SHT_REL. */ +static void section_relx(const char *modname, struct elf_info *elf, Elf_Shdr *sechdr) { Elf_Sym *sym; - Elf_Rela *rela; + Elf_Rela *relx; /* access .r_addend in SHT_RELA _only_! */ Elf_Rela r; + size_t relx_size; const char *fromsec; Elf_Rela *start = (void *)elf->hdr + sechdr->sh_offset; Elf_Rela *stop = (void *)start + sechdr->sh_size; fromsec = sech_name(elf, sechdr); - fromsec += strlen(".rela"); + if (sechdr->sh_type == SHT_RELA) { + relx_size = sizeof(Elf_Rela); + fromsec += strlen(".rela"); + } else if (sechdr->sh_type == SHT_REL) { + relx_size = sizeof(Elf_Rel); + fromsec += strlen(".rel"); + } else { + error("%s: [%s.ko] not relocation section\n", fromsec, modname); + return; + } + /* if from section (name) is know good then skip it */ if (match(fromsec, section_white_list)) return; - for (rela = start; rela < stop; rela++) { - if (get_relx_sym(elf, sechdr, rela, &r, &sym)) + for (relx = start; relx < stop; relx = (void *)relx + relx_size) { + if (get_relx_sym(elf, sechdr, relx, &r, &sym)) continue; switch (elf->hdr->e_machine) { case EM_RISCV: - if (!strcmp("__ex_table", fromsec) && + if (sechdr->sh_type == SHT_RELA && + !strcmp("__ex_table", fromsec) && ELF_R_TYPE(r.r_info) == R_RISCV_SUB32) continue; break; } - if (is_second_extable_reloc(start, rela, fromsec)) - find_extable_entry_size(fromsec, &r); - check_section_mismatch(modname, elf, &r, sym, fromsec); - } -} - -static void section_rel(const char *modname, struct elf_info *elf, - Elf_Shdr *sechdr) -{ - Elf_Sym *sym; - Elf_Rel *rel; - Elf_Rela r; - const char *fromsec; - - Elf_Rel *start = (void *)elf->hdr + sechdr->sh_offset; - Elf_Rel *stop = (void *)start + sechdr->sh_size; - - fromsec = sech_name(elf, sechdr); - fromsec += strlen(".rel"); - /* if from section (name) is know good then skip it */ - if (match(fromsec, section_white_list)) - return; - - for (rel = start; rel < stop; rel++) { - if (get_relx_sym(elf, sechdr, (Elf_Rela *)rel, &r, &sym) - continue; - - if (is_second_extable_reloc(start, rel, fromsec)) + if (is_second_extable_reloc(start, relx, fromsec)) find_extable_entry_size(fromsec, &r); check_section_mismatch(modname, elf, &r, sym, fromsec); } @@ -1877,10 +1863,9 @@ static void check_sec_ref(const char *modname, struct elf_info *elf) for (i = 0; i < elf->num_sections; i++) { check_section(modname, elf, &elf->sechdrs[i]); /* We want to process only relocation sections and not .init */ - if (sechdrs[i].sh_type == SHT_RELA) - section_rela(modname, elf, &elf->sechdrs[i]); - else if (sechdrs[i].sh_type == SHT_REL) - section_rel(modname, elf, &elf->sechdrs[i]); + if (sechdrs[i].sh_type == SHT_RELA || + sechdrs[i].sh_type == SHT_REL) + section_relx(modname, elf, &elf->sechdrs[i]); } } From patchwork Fri Jul 22 02:24:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925913 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D53AFCCA485 for ; Fri, 22 Jul 2022 02:24:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234195AbiGVCYt (ORCPT ); Thu, 21 Jul 2022 22:24:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36788 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234212AbiGVCYk (ORCPT ); Thu, 21 Jul 2022 22:24:40 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 786EB97D4F for ; Thu, 21 Jul 2022 19:24:35 -0700 (PDT) Received: from mail-oa1-f71.google.com (mail-oa1-f71.google.com [209.85.160.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 0CFFD3F12B for ; Fri, 22 Jul 2022 02:24:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456674; bh=wJNrQQtx3gOtb03R7lr5BRoZshGsFg1ZQbX8SV/qIv0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=DPHuJYlc4YmFRgeqIzI/U1mdavzByvRQGK76SyICVOOPYHxyoUIEC0ERg6BJnberM cJ1PnXRAVwfV1+N4PNTq/yf034WerjPwDaC7To1JvHdNW8W92WkOFJTqAu/x7FmKvZ pIfRnHA3FSv+3IOVw7vyPbKoDEudUiD7OJnZWqXFG0ihilEXxRq5NMoT3Eem6swotv X7WCb2cLW+6ff5qdv0t6Hn4Fj54rCCHmHsMGt4uS/0yw66JSS+nG7VoCY1SWagNN/F vezk3Tl0ijzpYBrYAV1hbaCAP50Im1iCzKLz9TKJMBawuIXt35rIZoscuZGfXqtZjH ZRVmm82DGc2Gg== Received: by mail-oa1-f71.google.com with SMTP id 586e51a60fabf-10d6ce04410so1783076fac.23 for ; Thu, 21 Jul 2022 19:24:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=wJNrQQtx3gOtb03R7lr5BRoZshGsFg1ZQbX8SV/qIv0=; b=U8rXUFNMCFQa6gH2RTFFANRUsV17Hk/phQvafrF5QKPNPVzH0XiDYnymgs1ukruN1y KLPn7tpjdQfciKa9JSQyjOnKkbUxeysxYGGO/ZgW1RU+RydUdIQmWLkGl+b7J1aPpO8+ 0qKcLHSMEc24FbXotojL3Kyox74yu6KGNjM/8jcfRjQYZubm3s3AMx+rMvQAVha1R4VM zUjvPm+MqzIA6K1j8ev4P52PgC/FOrpTuRteXc4TlkDQo1HRmFGCf+rn3AvweY6Hjof2 B2tXCymKSgzzfZ19aizYo6S4PcuFUCXLhm46ruaPwzzlVt5k1D9qdJTIBKkFFpUebzO6 rTww== X-Gm-Message-State: AJIora9L4L9rrYWCtzk4BP2qD5riToSLisKzlXoQTlXchDkVNyU2UUGM 65oY25SVGF3d2azv1zgj6jMTi77EjHLaOPSpdjDat/D2XgZftCIPr829iiKabsvVJitJsEYHiVx HJHRWTNp8ziFTeV2Homx9RhpIKZfBcQw9TQQp8JG+dA== X-Received: by 2002:a05:6808:168f:b0:325:2974:77d6 with SMTP id bb15-20020a056808168f00b00325297477d6mr475100oib.199.1658456672598; Thu, 21 Jul 2022 19:24:32 -0700 (PDT) X-Google-Smtp-Source: AGRyM1s65fv3xUo8XMCP9XXulfad6SVF8ugAzDtIkHRV6v0nExF6efgLcw0ldBLwljX4w1+HXqAo5Q== X-Received: by 2002:a05:6808:168f:b0:325:2974:77d6 with SMTP id bb15-20020a056808168f00b00325297477d6mr475086oib.199.1658456672319; Thu, 21 Jul 2022 19:24:32 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:31 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 3/6] sysctl, mod_devicetable: shadow struct ctl_table.procname for file2alias Date: Thu, 21 Jul 2022 23:24:13 -0300 Message-Id: <20220722022416.137548-4-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org In order to expose a sysctl entry to modpost (file2alias.c, precisely) we have to shadow 'struct ctl_table' in mod_devicetable.h, as scripts should not access kernel headers or its types (see file2alias.c). The required field is '.procname' (basename of '/proc/sys/.../entry'). Since 'struct ctl_table' is annotated for structure randomization and we need a known offset for '.procname' (remember, no kernel headers), take it out of the randomized portion (as in, eg, 'struct task_struct'). Of course, add build-time checks for struct size and .procname offset between both structs. (This has to be done on kernel side; for headers.) With that in place, use the regular macros in devicetable-offsets.c to define SIZE_... and OFF_... macros for the shadow struct and the field of interest. Signed-off-by: Mauricio Faria de Oliveira --- fs/proc/proc_sysctl.c | 19 +++++++++++++++++++ include/linux/mod_devicetable.h | 25 +++++++++++++++++++++++++ include/linux/sysctl.h | 11 ++++++++++- kernel/sysctl.c | 1 + scripts/mod/devicetable-offsets.c | 3 +++ 5 files changed, 58 insertions(+), 1 deletion(-) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 021e83fe831f..ebbf8702387e 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -19,6 +19,24 @@ #include #include "internal.h" +#ifdef CONFIG_MODULES +#include + +static void check_struct_sysctl_device_id(void) +{ + /* + * The shadow struct sysctl_device_id for file2alias.c needs + * the same size of struct ctl_table and offset for procname. + */ + BUILD_BUG_ON(sizeof(struct sysctl_device_id) + != sizeof(struct ctl_table)); + BUILD_BUG_ON(offsetof(struct sysctl_device_id, procname) + != offsetof(struct ctl_table, procname)); +} +#else +static void check_struct_sysctl_device_id(void) {} +#endif + #define list_for_each_table_entry(entry, table) \ for ((entry) = (table); (entry)->procname; (entry)++) @@ -1779,6 +1797,7 @@ int __init proc_sys_init(void) proc_sys_root->proc_dir_ops = &proc_sys_dir_file_operations; proc_sys_root->nlink = 0; + check_struct_sysctl_device_id(); return sysctl_init_bases(); } diff --git a/include/linux/mod_devicetable.h b/include/linux/mod_devicetable.h index 549590e9c644..9cee024d8f2f 100644 --- a/include/linux/mod_devicetable.h +++ b/include/linux/mod_devicetable.h @@ -20,6 +20,31 @@ enum { PCI_ID_F_VFIO_DRIVER_OVERRIDE = 1, }; +/* + * "Device" table entry for a sysctl file (shadow of struct ctl_table). + * + * Only the procname field is reliable (known offset); all other fields + * are in the randomized portion of struct ctl_table, do NOT use them. + */ +struct sysctl_device_id { + + /* This must be the first field (shadowed from struct ctl_table). */ + const char *procname; + + /* Here begins the randomizable portion of struct ctl_table. */ + + void *data; + int maxlen; + unsigned short mode; // umode_t in + void *child; + void *proc_handler; + void *poll; + void *extra1; + void *extra2; + + /* Here ends the randomizable portion of struct ctl_table. */ +}; + /** * struct pci_device_id - PCI device ID structure * @vendor: Vendor ID to match (or PCI_ANY_ID) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 780690dc08cd..676112fde5ff 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -133,7 +133,13 @@ static inline void *proc_sys_poll_event(struct ctl_table_poll *poll) /* A sysctl table is an array of struct ctl_table: */ struct ctl_table { + + /* This must be the first field (shadowed to struct sysctl_device_id) */ const char *procname; /* Text ID for /proc/sys, or zero */ + + /* This begins the randomizable portion of the struct. */ + randomized_struct_fields_start + void *data; int maxlen; umode_t mode; @@ -142,7 +148,10 @@ struct ctl_table { struct ctl_table_poll *poll; void *extra1; void *extra2; -} __randomize_layout; + + /* New fields go above here, so they are in the randomized portion. */ + randomized_struct_fields_end +}; struct ctl_node { struct rb_node node; diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 223376959d29..15073621cfa8 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -2487,6 +2487,7 @@ int __init sysctl_init_bases(void) return 0; } + #endif /* CONFIG_SYSCTL */ /* * No sense putting this after each symbol definition, twice, diff --git a/scripts/mod/devicetable-offsets.c b/scripts/mod/devicetable-offsets.c index c0d3bcb99138..43b2549940d2 100644 --- a/scripts/mod/devicetable-offsets.c +++ b/scripts/mod/devicetable-offsets.c @@ -262,5 +262,8 @@ int main(void) DEVID(ishtp_device_id); DEVID_FIELD(ishtp_device_id, guid); + DEVID(sysctl_device_id); + DEVID_FIELD(sysctl_device_id, procname); + return 0; } From patchwork Fri Jul 22 02:24:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925914 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3CD9AC43334 for ; Fri, 22 Jul 2022 02:25:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234189AbiGVCZC (ORCPT ); Thu, 21 Jul 2022 22:25:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37124 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234194AbiGVCYs (ORCPT ); Thu, 21 Jul 2022 22:24:48 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 008AB97D55 for ; Thu, 21 Jul 2022 19:24:39 -0700 (PDT) Received: from mail-oa1-f72.google.com (mail-oa1-f72.google.com [209.85.160.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 798213F132 for ; Fri, 22 Jul 2022 02:24:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456677; bh=hqasS2PjFohy8PE1VKCVY/VWJWfGA+Wsx6gjsloj5Nc=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ruUJKpGkx9caOkt0mRkjNs40c+5P33vKUlsA+MKo4CZuPzcbWuBpVdP+iWfw+0VE8 idCqfHVTcEmk/3402dbTDQIQ0GoN0wxh8mg3bNVaVykfytT0IHQg6I+R0wonYSFkvf ez3Z9ckwItsUMeCWytjpYNaovvXwmGOG3UFd/STtqpYkWDUVfBCmqryruuLwf+MJ/d 592xTXWYAAIgyrieUEd0l9F7mVap3nXGvicnDQsUoAJavhDcMiE+xFPK6T67/HoLnD nfNFqus3ef3DZBA8VTHC60RwoWOeY36jCykD5x+NF+82HYyR0U3WCjiEaJBDf/HiUG xD45zLtFMrmgg== Received: by mail-oa1-f72.google.com with SMTP id 586e51a60fabf-10d91acff93so1774882fac.12 for ; Thu, 21 Jul 2022 19:24:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hqasS2PjFohy8PE1VKCVY/VWJWfGA+Wsx6gjsloj5Nc=; b=5gyTik4x5UrqpmoDn54SNSIUKZAuwPcFBct+z+wLMEGn8fIpqohipU2r0ydnGpyHyY vE78LnGYWAc5eWr0H0wMvYLtlxMVCSj4tdhINTWl2PqjgjRu7OSxXHFVv3poeZQ0tyuA 6vug11l8BS/vTt+gnelwVq2kRcIfw92yNhC+A5bO8/KD/ouZNRh4Xb15o47ZerLZ6MiU 3VJbB96GbnxMYDZm8f2rlo1ThdlqmxG1OHsjcanZLANR3RM0ElZAsFuXA3m2TOzwq/QS O7RLnP1FUjS0S0aagEiCu7YPrD/1MCprbqVCWIhTU1c0TnLYiVWR93ke/PJhnjElxScm 0I6Q== X-Gm-Message-State: AJIora/PwF+ixeGn3Cr74MO2D9KEdjWHyZVgSdvx5I86Mg6Ouw0n8Rvc U0njj0lpvpiT1IWbv6OJ+sYb+inOaURAD/pfFGqID5LfImWm/cW/Mm2qX06+hCtPbGrjjmNgtt8 yiNO3U8dd2kqzsjKFuiSkfSRD2Cq2b6/1QW/Ib5Z/rg== X-Received: by 2002:a05:6830:6517:b0:614:d582:77d7 with SMTP id cm23-20020a056830651700b00614d58277d7mr507278otb.323.1658456675938; Thu, 21 Jul 2022 19:24:35 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uLS6QJ5eow90pKBFp4ctGLCUQ8MqGGb68x3HdZDh7OOZ9QuEHvw5tz1dmPFuwuWlLEdvLurA== X-Received: by 2002:a05:6830:6517:b0:614:d582:77d7 with SMTP id cm23-20020a056830651700b00614d58277d7mr507263otb.323.1658456675607; Thu, 21 Jul 2022 19:24:35 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:35 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 4/6] module, modpost: introduce support for MODULE_SYSCTL_TABLE Date: Thu, 21 Jul 2022 23:24:14 -0300 Message-Id: <20220722022416.137548-5-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org Now that 'struct ctl_table' is exposed to modpost/file2alias, introduce MODULE_SYSCTL_TABLE to register some sysctl tables, just like MODULE_DEVICE_TABLE for, eg, drivers PCI ID tables. This adds a '__mod_sysctl___device_table' symbol in the module that points to the array of 'struct ctl_table' entries. This is identified and handled by file2alias, as other tables, that emits MODULE_ALIAS("sysctl:") statements for each entry. That would be relatively simple for 'procname' as a char array (eg, do_{rpmsg,i2c,spi}_entry()) but since it's a char pointer an ELF relocation is used (it sets that pointer value to where the string it should point to actually ends up). ... It's probably not ideal to convert 'struct ctl_table.procname' to a char array, as the max length it uses in some modules is long, and all other users would pay the memory price of a one- size-fits-all array size. Also, some places set it to NULL, which requires special care and changes (i.e., set/check the first byte is '\0'). Anyway, the resulting disadvantages in the general case aren't worth the simplicity gain in this particular case. ... So, add ELF relocation handling code, borrowing that function we factored-out in modpost.c earlier. The logic and details are commented in the source, but briefly: 0) modpost.c calls file2alias.c's handle_moddevtable() 1) handle_moddevtable() 1.1) matches a '__mod__sysctl__..._device_table' symbol 1.2) calls do_sysctl_table() for it (array of struct ctl_table) 2) do_sysctl_table() 2.1) finds the relocation section that _references_ the section that defines that symbol (ie, that holds the actual values of 'procname' char pointers to be replaced in that symbol). 2.2) calls do_sysctl_entry() for each entry in that table/array 3) do_sysctl_entry() 3.1) calls do_sysctl_section_relx() to scan a relocation section for the relocation entry that targets a particular procname pointer of this entry (struct ctl_table). 3.2) do_sysctl_section_relx() returns its source string pointer. 3.3) do_sysctl_entry() stores 'sysctl:' in the buffer. 4) do_sysctl_table() emits a 'MODULE_ALIAS()' statement with it. ... This algorithm is likely iterating over the earlier relocation entries many times as each 'struct ctl_table' entry starts the loop over the relocation section again, but keep it simple now. We could keep the relocation entry cursor pointer across calls, and start over only when we can't find a relocation, I guess. Signed-off-by: Mauricio Faria de Oliveira --- include/linux/module.h | 7 +++ scripts/mod/file2alias.c | 111 +++++++++++++++++++++++++++++++++++++++ scripts/mod/modpost.c | 4 +- scripts/mod/modpost.h | 3 ++ 4 files changed, 123 insertions(+), 2 deletions(-) diff --git a/include/linux/module.h b/include/linux/module.h index 518296ea7f73..3010f687df19 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -247,6 +247,13 @@ extern typeof(name) __mod_##type##__##name##_device_table \ #define MODULE_DEVICE_TABLE(type, name) #endif +#if defined(MODULE) && defined(CONFIG_PROC_SYSCTL) +/* Creates an alias so file2alias.c can find sysctl "device" table. */ +#define MODULE_SYSCTL_TABLE(name) MODULE_DEVICE_TABLE(sysctl, name) +#else /* !MODULE || !CONFIG_PROC_SYSCTL */ +#define MODULE_SYSCTL_TABLE(name) +#endif + /* Version of form [:][-]. * Or for CVS/RCS ID version, everything but the number is stripped. * : A (small) unsigned integer which allows you to start versions diff --git a/scripts/mod/file2alias.c b/scripts/mod/file2alias.c index cbd6b0f48b4e..3bf9cb84c548 100644 --- a/scripts/mod/file2alias.c +++ b/scripts/mod/file2alias.c @@ -1452,6 +1452,115 @@ static int do_dfl_entry(const char *filename, void *symval, char *alias) return 1; } +/* + * Scan the relocation section with section header index 'relx_shndx' + * for the relocation entry for target 'offset' and return a pointer + * to its source value (from another section/offset). + * + * The caller must ensure sechdr->sh_type == SHT_RELA or SHT_REL. + */ +static void *do_sysctl_section_relx(struct elf_info *info, + unsigned int relx_shndx, int offset) +{ + /* Relocation section's header, and start/stop addresses. */ + Elf_Shdr *sechdr = &info->sechdrs[relx_shndx]; + Elf_Rela *start = (void *)info->hdr + sechdr->sh_offset; + Elf_Rela *stop = (void *)start + sechdr->sh_size; + + /* Relocation entry cursor and size in SHT_RELA or SHT_REL. */ + Elf_Rela *relx; /* access .r_addend in SHT_RELA _only_! */ + size_t relx_size; + + if (sechdr->sh_type == SHT_RELA) + relx_size = sizeof(Elf_Rela); + else if (sechdr->sh_type == SHT_REL) + relx_size = sizeof(Elf_Rel); + else + return NULL; + + for (relx = start; relx < stop; relx = (void *)relx + relx_size) { + /* + * 'r' is the relocation entry, applied to the 'target offset' + * in the 'target section' of this (relocation) section, with + * the value from symbol 'sym' (in/at 'source section/offset'). + */ + Elf_Rela r; + Elf_Sym *sym; + unsigned int sym_shndx; + int sym_offset; + + if (get_relx_sym(info, sechdr, relx, &r, &sym)) + continue; + + /* Looking for this target offset. */ + if (r.r_offset != offset) + continue; + + /* Pointer to source section/offset (note: addend is needed). */ + sym_shndx = get_secindex(info, sym); + sym_offset = sym->st_value; + return (void *)info->hdr + info->sechdrs[sym_shndx].sh_offset + + sym_offset + r.r_addend; + } + + return NULL; +} + +/* Looks like: sysctl:S */ +static int do_sysctl_entry(const char *modname, int sym_entry_offset, + char *alias, const char *symname, + unsigned int relx_shndx, struct elf_info *info) +{ + /* Find the relocation entry for procname's offset and use its string */ + int offset = sym_entry_offset + OFF_sysctl_device_id_procname; + const char *procname = do_sysctl_section_relx(info, relx_shndx, offset); + + if (procname) { + sprintf(alias, "sysctl:%s", procname); + return 1; + } + + error("%s: [%s.ko] cannot find relocation string.\n", symname, modname); + return 0; +} + +static void do_sysctl_table(void *symval, unsigned long size, + struct module *mod, const char *symname, + Elf_Sym *sym, struct elf_info *info) +{ + unsigned long id_size = SIZE_sysctl_device_id; + unsigned int i, secindex, shndx; + char alias[ALIAS_SIZE]; + + device_id_check(mod->name, "sysctl", size, id_size, symval); + /* Leave last one: it's the terminator. */ + size -= id_size; + + /* Find relocation section that references the section w/ the symbol. */ + shndx = sym->st_shndx; + for (secindex = 0; secindex < info->num_sections; secindex++) { + Elf_Shdr *shdr = &info->sechdrs[secindex]; + + if ((shdr->sh_type == SHT_REL || shdr->sh_type == SHT_RELA) && + (shdr->sh_flags & SHF_INFO_LINK) && shdr->sh_info == shndx) + break; + } + + if (secindex == info->num_sections) { + error("%s: [%s.ko] cannot find relocation section.\n", + symname, mod->name); + return; + } + + /* The symbol is an array of struct ctl_table elements at offset 'i'. */ + for (i = 0; i < size; i += id_size) { + if (do_sysctl_entry(mod->name, sym->st_value+i, alias, symname, secindex, info)) { + buf_printf(&mod->dev_table_buf, + "MODULE_ALIAS(\"%s\");\n", alias); + } + } +} + /* Does namelen bytes of name exactly match the symbol? */ static bool sym_is(const char *name, unsigned namelen, const char *symbol) { @@ -1585,6 +1694,8 @@ void handle_moddevtable(struct module *mod, struct elf_info *info, do_pnp_device_entry(symval, sym->st_size, mod); else if (sym_is(name, namelen, "pnp_card")) do_pnp_card_entries(symval, sym->st_size, mod); + if (sym_is(name, namelen, "sysctl")) + do_sysctl_table(symval, sym->st_size, mod, symname, sym, info); else { int i; diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index d1ed67fa290b..e2df2fbb0909 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1735,8 +1735,8 @@ static int addend_mips_rel(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *r) * w/ possible relocation addend 'r.r_addend'). * - 'sym' is that symbol (a pointer to the symbol table + symbol table index). */ -static int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, - Elf_Rela *out_r, Elf_Sym **out_sym) +int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, + Elf_Rela *out_r, Elf_Sym **out_sym) { Elf_Sym *sym; Elf_Rela r; diff --git a/scripts/mod/modpost.h b/scripts/mod/modpost.h index 044bdfb894b7..cdb95c7e03a9 100644 --- a/scripts/mod/modpost.h +++ b/scripts/mod/modpost.h @@ -212,3 +212,6 @@ void modpost_log(enum loglevel loglevel, const char *fmt, ...); #define warn(fmt, args...) modpost_log(LOG_WARN, fmt, ##args) #define error(fmt, args...) modpost_log(LOG_ERROR, fmt, ##args) #define fatal(fmt, args...) modpost_log(LOG_FATAL, fmt, ##args) + +int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, + Elf_Rela *out_r, Elf_Sym **out_sym); From patchwork Fri Jul 22 02:24:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925915 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5FAC7C43334 for ; Fri, 22 Jul 2022 02:25:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234311AbiGVCZJ (ORCPT ); Thu, 21 Jul 2022 22:25:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37220 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234251AbiGVCYu (ORCPT ); Thu, 21 Jul 2022 22:24:50 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 138CD98201 for ; Thu, 21 Jul 2022 19:24:41 -0700 (PDT) Received: from mail-oa1-f71.google.com (mail-oa1-f71.google.com [209.85.160.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 80F613F129 for ; Fri, 22 Jul 2022 02:24:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456679; bh=rPPCOknk12Lnh3nWhsdYWqa1mH1t/OQEcqVOb72oZWk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ZV4IuniIEjzX9z9SvCaco7mf/9gnod6Uvnu1QAphZ6uq1Vwt/5Jg5/iMLpVPq6I6E 4KOKr5P3yHmThHdjGLi676xlmlqSBwkBuowoknrwvZ0cm6LsNn5ihJqKWlFw94VYjT gH/YBdUt37Sv7SyFomg/rFRblgfre6IjZ1eslQGfxrQg4A1YBosFJbZgbbSNjiUar0 2NE7KD14ckvpAar6dTMYmtXWlLxg1oTUlQnAgSbd8uEL76hw6X+q1Asx8BZmHdKIO2 lDZiH4iH/Mr0HOzKnEENYCY46CCugy04FmKrYR9Ub8vrlwa/93jZK6zuvpUopKy9PJ y52LJznxqwNlw== Received: by mail-oa1-f71.google.com with SMTP id 586e51a60fabf-1048dffc888so1799225fac.11 for ; Thu, 21 Jul 2022 19:24:39 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rPPCOknk12Lnh3nWhsdYWqa1mH1t/OQEcqVOb72oZWk=; b=bV95fvDW1T+2ZoNNOEPea/a/FbBkgR+3mBNo/dUOpL48RSLr/6J25YMuDTi3oh+R6+ dh4Cp+Vm5zMn/dd/g1KL/VkCgLLmo3mW+L1qo84s9WRI5AGiotpd2v/HUQGjSoFZFcdp sgawEHW6k53LXplxAalRv1Ioro5+5T53wOrqczsuo836uxRIRwm0NLCfvy6KANrDiOgz 1asQg2YpnpuGNpcQ6DOZ5WVZ6luQU7NpOQHTDjqyljwCZKAiCJLMNzdu9/6+9EQr5gk4 OIFpJ0+E0C690K6WQHEcRYYtB2swOau81flMivesWMXaw/xdRucN0SXfOoSNnmx0g8J2 ztGQ== X-Gm-Message-State: AJIora8bpuREy9oeffva1QpYoepLKeJQyZzxOCYrlL10XJlmAI9rHTL2 FE76zBBgJDcfGaQ77IFEZYjgE5QgRfCknV3CQjfBwp3DiTu6Yf30jYPFCLikHhhanuhRYwFVp4q mIVLCwgQJN08jF760ceN82iRKhvmdk6UjaTl0c7EWRg== X-Received: by 2002:a05:6808:d52:b0:339:c88b:8100 with SMTP id w18-20020a0568080d5200b00339c88b8100mr5817225oik.93.1658456679125; Thu, 21 Jul 2022 19:24:39 -0700 (PDT) X-Google-Smtp-Source: AGRyM1shUKvZ85RWsVY2FWznWPtQPVSjurfGAiTl4rOQmkm6bAI1hnYtfZhQRHhT4FIYWpHeOcMWbw== X-Received: by 2002:a05:6808:d52:b0:339:c88b:8100 with SMTP id w18-20020a0568080d5200b00339c88b8100mr5817215oik.93.1658456678903; Thu, 21 Jul 2022 19:24:38 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:38 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 5/6] netfilter: conntrack: use MODULE_SYSCTL_TABLE Date: Thu, 21 Jul 2022 23:24:15 -0300 Message-Id: <20220722022416.137548-6-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org Let's take nf_conntrack as an (actually helpful) example and exerciser, as it has many sysctl entries, and other module aliases already. Signed-off-by: Mauricio Faria de Oliveira --- net/netfilter/nf_conntrack_standalone.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 05895878610c..2da628f054cf 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -980,6 +980,8 @@ static struct ctl_table nf_ct_sysctl_table[] = { {} }; +MODULE_SYSCTL_TABLE(nf_ct_sysctl_table); + static struct ctl_table nf_ct_netfilter_table[] = { { .procname = "nf_conntrack_max", @@ -991,6 +993,8 @@ static struct ctl_table nf_ct_netfilter_table[] = { { } }; +/* MODULE_SYSCTL_TABLE(nf_ct_sysctl_table) already includes nf_conntrack_max. */ + static void nf_conntrack_standalone_init_tcp_sysctl(struct net *net, struct ctl_table *table) { From patchwork Fri Jul 22 02:24:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925916 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CC921C433EF for ; Fri, 22 Jul 2022 02:25:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234362AbiGVCZY (ORCPT ); Thu, 21 Jul 2022 22:25:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37446 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234239AbiGVCY6 (ORCPT ); Thu, 21 Jul 2022 22:24:58 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7FF6397D4B for ; Thu, 21 Jul 2022 19:24:45 -0700 (PDT) Received: from mail-ot1-f71.google.com (mail-ot1-f71.google.com [209.85.210.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id DD3813F12D for ; Fri, 22 Jul 2022 02:24:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456682; bh=21lfF1OMKLeXFtULRWjRtXARMWFjMfI3d/p5JlAEia8=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=j7ypn63L/VZft1Xt+AoQ482eB7JitZn+eM2kBk8QMadfswfT/mLTK6SvKcH3JwDkz nM120srDsJ/L1UR9dQ65B4t/4DabA+thQAq3w9btgSI+baFtysaOyHxngjPfiTz2vr ZBqMR3zUL4zFoELRQiD3pM8Yxu54+ZECTm8eyM4jXjL9zFHBrJIfKRb9vbuc6ULzzW NwSTiH5cGN+38TF7TlwSGkOg26CisYbRndE3CneAy4YLrbPWvtl/Ct7NH7+wLSH90x bFlt+nfV3Kyo/Wtn6XkhxYu0UFJv3MOhBqLQ9iB/Ocv523zotPglJFYBQKHS0MXaFu mX2nbWUXIFdPQ== Received: by mail-ot1-f71.google.com with SMTP id s2-20020a0568301e0200b0061c8364ad61so1620687otr.1 for ; Thu, 21 Jul 2022 19:24:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=21lfF1OMKLeXFtULRWjRtXARMWFjMfI3d/p5JlAEia8=; b=GaCaCdFXnXHFltRzMTQOIx3OzgsIRYOOJ2j4bO4LwHBLZD8SQGNP4dQFDYgctzkgnx niMFyUTHNRHdZYfO/NZ1gEFzceIfs+O8uaY7yWUrFvNIk/w8NI5k7T05v5mbhBQ82Mvz uHD6+S0/nbb/GFTnaMbAH7HqRUAYis7l19olIHt++LNB6GKogvlccDmECoNPlpkvcKfr /LRd36TrYbPrvC5SRjjLMm69XkIBJcjbWnBNZoX9N+umm1yBX9eOshaL946foVBEdzD+ hEmuHv2/RinyjQo0E0UjciPSKZEqrZJPjrx6bUQFOw0G5IniRkNDC7BEakmRKdW8I3q8 ucKw== X-Gm-Message-State: AJIora/j4p+TQX5SxmPRrxm2hCMifqd50zuZm6cJsJ7Z8ZRLDHbSK7VQ bPnok6uLHI0a8T/1SlKng36pwiUUjNM63wIt6GhoQcxPSmD25MvYjsrM3vcKceeY4GE1ywY3bAB /RBsZdYb/M/oKbWJ7H18wiz9D6hUUQGAtuRiujXCfug== X-Received: by 2002:a05:6870:9691:b0:10d:4e09:6d0d with SMTP id o17-20020a056870969100b0010d4e096d0dmr620839oaq.54.1658456682546; Thu, 21 Jul 2022 19:24:42 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uvU9qJw3xZdY8qLtAMfrO1WVNCSVRdNA2PSo7g3N3dxoTLVc+Yd1R+zm9uxw3Fm3r+ZL9hVg== X-Received: by 2002:a05:6870:9691:b0:10d:4e09:6d0d with SMTP id o17-20020a056870969100b0010d4e096d0dmr620824oaq.54.1658456682346; Thu, 21 Jul 2022 19:24:42 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:41 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 6/6] sysctl: introduce /proc/sys/kernel/modprobe_sysctl_alias Date: Thu, 21 Jul 2022 23:24:16 -0300 Message-Id: <20220722022416.137548-7-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org The goal of the earlier patches is to let sysctl userspace tools load the kernel module with a sysctl entry that is not available yet in /proc/sys/ when the tool runs (so it can become available). Let's expose this file for userspace for two reasons: 1) Allow such tools to identify that the running kernel has the code which produces sysctl module aliases, so they could run 'modprobe sysctl:' only when it may actually help. 2) Allow an administrator to hint such tools not to do that, if that is desired for some reason (e.g., rather have the tools fail if something is misconfigured in a critical deployment). Also add a module parameter for that (proc.modprobe_sysctl_alias), for another method that doesn't depend on sysctl tools to be set (that wouldn't fail them to try and set it if it's not there yet). Signed-off-by: Mauricio Faria de Oliveira --- fs/proc/proc_sysctl.c | 8 ++++++++ include/linux/module.h | 1 + kernel/sysctl.c | 9 +++++++++ 3 files changed, 18 insertions(+) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index ebbf8702387e..1e63819fcda8 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -33,6 +33,14 @@ static void check_struct_sysctl_device_id(void) BUILD_BUG_ON(offsetof(struct sysctl_device_id, procname) != offsetof(struct ctl_table, procname)); } + +/* + * Hint sysctl userspace tools whether or not to run modprobe with sysctl alias + * ('modprobe sysctl:entry') if they cannot find the file '/proc/sys/.../entry' + */ +int modprobe_sysctl_alias = 1; +module_param(modprobe_sysctl_alias, int, 0644); + #else static void check_struct_sysctl_device_id(void) {} #endif diff --git a/include/linux/module.h b/include/linux/module.h index 3010f687df19..5f565491c596 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -304,6 +304,7 @@ struct notifier_block; #ifdef CONFIG_MODULES extern int modules_disabled; /* for sysctl */ +extern int modprobe_sysctl_alias; /* for proc sysctl */ /* Get/put a kernel symbol (calls must be symmetric) */ void *__symbol_get(const char *symbol); void *__symbol_get_gpl(const char *symbol); diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 15073621cfa8..b396cfcb55fc 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -1763,6 +1763,15 @@ static struct ctl_table kern_table[] = { .mode = 0644, .proc_handler = proc_dostring, }, +#ifdef CONFIG_PROC_SYSCTL + { + .procname = "modprobe_sysctl_alias", + .data = &modprobe_sysctl_alias, + .maxlen = sizeof(modprobe_sysctl_alias), + .mode = 0644, + .proc_handler = proc_dointvec, + }, +#endif { .procname = "modules_disabled", .data = &modules_disabled,