From patchwork Fri Jul 22 02:24:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925918 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2918ACCA48A for ; Fri, 22 Jul 2022 02:24:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234135AbiGVCYa (ORCPT ); Thu, 21 Jul 2022 22:24:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36500 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234059AbiGVCYa (ORCPT ); Thu, 21 Jul 2022 22:24:30 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D1472974B1 for ; Thu, 21 Jul 2022 19:24:28 -0700 (PDT) Received: from mail-oo1-f70.google.com (mail-oo1-f70.google.com [209.85.161.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id A9D8D3F12F for ; Fri, 22 Jul 2022 02:24:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456667; bh=kC/1kbVNZHVRXUTB9yhNq16+U5x50YJN/lTo/8it5RY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=lYfuX5+o/z9WJDkS0R2uaFl5v14cyv/Aae2/+M1H7jlMig+LB8VpKmWkqS7ny+x/p DxGpNVEDFE5Qvn1amJ2wBDuJPfBWHtCwZj6X8wEfWOjnNonB3V7QRGSSiqf3DCavJg m2wcxuJZM/yz1SiPvSiGxLCnxD6gAeZvytoldMt/uculmbSeMOBEZqEOTopZBiubF3 x4jYrMek3ZbnTEF7ovETO7nu44micoyxCu5XAWRsqruK9KGbx4QS0s8m7kVDti1vr0 AVjrMf0gVQE9auy/HG1zdDjXZSB9UiAx3itxVTXKGOJl5KQtrB4ChaHkB24LcwjKA+ GkSEfiIgvN4Qw== Received: by mail-oo1-f70.google.com with SMTP id d22-20020a4a9196000000b00435761169daso270146ooh.10 for ; Thu, 21 Jul 2022 19:24:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kC/1kbVNZHVRXUTB9yhNq16+U5x50YJN/lTo/8it5RY=; b=p2XRRU/WOEn/SDwqliy3c5Ec2Dw5+0ZMKSf3Dsoma1ITC1MgENnGHBJ2RUhrpAx4nc lFhK5gdZ0V5RVwBDB2mHaIxt3rd+rNoAU6bLYHKfnh+Baf/Y64ZI3TmjLe8w4y+5hQJa Cxyr5KTpUYQtGNjHf3QG7bHzi5uld8hhEC6GxtKcqKyPDD3o6GlyiVt9VxqsTNEoKg1F MLe46PUNx4M0v1miN3pcsK9CRIWlOXSeIsDPGRwtrOJBrXprnrOqRiL5dZXDvxIalZw0 SUPah/qi6IqBWbZzhiGjRwXuA7KyxEnfD3YBzSF4UIUk1IDQlkSqe0Y63CucLl8YMmNR anOQ== X-Gm-Message-State: AJIora/WPRDoXliwJMbzxTqM4zMerfbt/Gr6zTtQQ4hL7ifdutk480iZ I8VWb3DM7iy9DKH7na0P92RDqYCzFmdQn4Go4sOHm4mF2pBJG3iUlrxwtOIgM5shcOTOWfUxCyc tppWNlP0Rp6Xqs71qODAboXpP9YuWs0y9vztsGZaA+l4= X-Received: by 2002:a05:6870:e245:b0:de:9321:9ea3 with SMTP id d5-20020a056870e24500b000de93219ea3mr575012oac.79.1658456665401; Thu, 21 Jul 2022 19:24:25 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vz9CcL2MR+9ZDnXuSckB30ZyxqPrqbHamINT424fwyaT0j4I7PHNlLUoX0SQRnEXszDNhPPQ== X-Received: by 2002:a05:6870:e245:b0:de:9321:9ea3 with SMTP id d5-20020a056870e24500b000de93219ea3mr574998oac.79.1658456665112; Thu, 21 Jul 2022 19:24:25 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:24 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 1/6] modpost: factor out elf/arch-specific code from section_rel[a]() Date: Thu, 21 Jul 2022 23:24:11 -0300 Message-Id: <20220722022416.137548-2-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: There's elf/arch-specific code identical in both functions, with some in section_rel() only. In order to factor that out, generalize the different relocation types Elf_Rela/Elf_Rel (relocation with/without an addend) with the Elf_Rela type, that is just Elf_Rel with a '.r_addend' field. Most of this code only uses Elf_Rel fields ('.r_offset' and '.r_info'). Make usage of '.r_addend' conditional on section header type SHT_RELA. (Note, though, that '.r_addend' is used on SHT_REL in some archs/formats for the _output_ relocation entry, but this is fine and existing code.) This change also seems to help with readability of section_rel[a](). Signed-off-by: Mauricio Faria de Oliveira --- scripts/mod/modpost.c | 141 +++++++++++++++++++++++++----------------- 1 file changed, 84 insertions(+), 57 deletions(-) diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index a0f59d7a8875..4c1038dccae0 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1716,13 +1716,90 @@ static int addend_mips_rel(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *r) #define R_RISCV_SUB32 39 #endif +/* + * RelX: refers to usage of Elf_Rela or Elf_Rel interchangeably where possible. + * + * The usage of Elf_Rela (relocation with an addend) even for Elf_Rel (without) + * as an input parameter is possible for .r_offset and .r_info (same offset on + * both struct types) *BUT* .r_addend can ONLY be accessed on SHT_RELA headers + * (i.e., where it is valid in the input). + * + * Note: .r_addend on SHT_REL is calculated/accessed for the _output_ parameter, + * via the addend_ARCH_rel() functions, but that is fine, as it's not the input. + * + * Return value 1 indicates to skip further processing on this relocation entry. + * + * Output parameters: + * - 'r' is the relocation entry (i.e., replace data at 'r.r_offset' in section + * w/ header 'sechdr' w/ data from symbol w/ symbol table index in 'r.r_info', + * w/ possible relocation addend 'r.r_addend'). + * - 'sym' is that symbol (a pointer to the symbol table + symbol table index). + */ +static int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, + Elf_Rela *out_r, Elf_Sym **out_sym) +{ + Elf_Sym *sym; + Elf_Rela r; + unsigned int r_sym; + + /* Get .r_offset/.r_info and r_sym */ + r.r_offset = TO_NATIVE(rela->r_offset); +#if KERNEL_ELFCLASS == ELFCLASS64 + if (elf->hdr->e_machine == EM_MIPS) { + unsigned int r_typ; + + r_sym = ELF64_MIPS_R_SYM(rela->r_info); + r_sym = TO_NATIVE(r_sym); + r_typ = ELF64_MIPS_R_TYPE(rela->r_info); + r.r_info = ELF64_R_INFO(r_sym, r_typ); + } else { + r.r_info = TO_NATIVE(rela->r_info); + r_sym = ELF_R_SYM(r.r_info); + } +#else + r.r_info = TO_NATIVE(rela->r_info); + r_sym = ELF_R_SYM(r.r_info); +#endif + + /* Get .r_addend (only output on SHT_REL) */ + if (sechdr->sh_type == SHT_RELA) { + r.r_addend = TO_NATIVE(rela->r_addend); + } else if (sechdr->sh_type == SHT_REL) { + r.r_addend = 0; + switch (elf->hdr->e_machine) { + case EM_386: + if (addend_386_rel(elf, sechdr, &r)) + return 1; + break; + case EM_ARM: + if (addend_arm_rel(elf, sechdr, &r)) + return 1; + break; + case EM_MIPS: + if (addend_mips_rel(elf, sechdr, &r)) + return 1; + break; + } + } + + sym = elf->symtab_start + r_sym; + + /* Skip special sections */ + if (is_shndx_special(sym->st_shndx)) + return 1; + + /* Done */ + *out_r = r; + *out_sym = sym; + return 0; +} + static void section_rela(const char *modname, struct elf_info *elf, Elf_Shdr *sechdr) { Elf_Sym *sym; Elf_Rela *rela; Elf_Rela r; - unsigned int r_sym; const char *fromsec; Elf_Rela *start = (void *)elf->hdr + sechdr->sh_offset; @@ -1735,23 +1812,9 @@ static void section_rela(const char *modname, struct elf_info *elf, return; for (rela = start; rela < stop; rela++) { - r.r_offset = TO_NATIVE(rela->r_offset); -#if KERNEL_ELFCLASS == ELFCLASS64 - if (elf->hdr->e_machine == EM_MIPS) { - unsigned int r_typ; - r_sym = ELF64_MIPS_R_SYM(rela->r_info); - r_sym = TO_NATIVE(r_sym); - r_typ = ELF64_MIPS_R_TYPE(rela->r_info); - r.r_info = ELF64_R_INFO(r_sym, r_typ); - } else { - r.r_info = TO_NATIVE(rela->r_info); - r_sym = ELF_R_SYM(r.r_info); - } -#else - r.r_info = TO_NATIVE(rela->r_info); - r_sym = ELF_R_SYM(r.r_info); -#endif - r.r_addend = TO_NATIVE(rela->r_addend); + if (get_relx_sym(elf, sechdr, rela, &r, &sym)) + continue; + switch (elf->hdr->e_machine) { case EM_RISCV: if (!strcmp("__ex_table", fromsec) && @@ -1759,10 +1822,7 @@ static void section_rela(const char *modname, struct elf_info *elf, continue; break; } - sym = elf->symtab_start + r_sym; - /* Skip special sections */ - if (is_shndx_special(sym->st_shndx)) - continue; + if (is_second_extable_reloc(start, rela, fromsec)) find_extable_entry_size(fromsec, &r); check_section_mismatch(modname, elf, &r, sym, fromsec); @@ -1775,7 +1835,6 @@ static void section_rel(const char *modname, struct elf_info *elf, Elf_Sym *sym; Elf_Rel *rel; Elf_Rela r; - unsigned int r_sym; const char *fromsec; Elf_Rel *start = (void *)elf->hdr + sechdr->sh_offset; @@ -1788,41 +1847,9 @@ static void section_rel(const char *modname, struct elf_info *elf, return; for (rel = start; rel < stop; rel++) { - r.r_offset = TO_NATIVE(rel->r_offset); -#if KERNEL_ELFCLASS == ELFCLASS64 - if (elf->hdr->e_machine == EM_MIPS) { - unsigned int r_typ; - r_sym = ELF64_MIPS_R_SYM(rel->r_info); - r_sym = TO_NATIVE(r_sym); - r_typ = ELF64_MIPS_R_TYPE(rel->r_info); - r.r_info = ELF64_R_INFO(r_sym, r_typ); - } else { - r.r_info = TO_NATIVE(rel->r_info); - r_sym = ELF_R_SYM(r.r_info); - } -#else - r.r_info = TO_NATIVE(rel->r_info); - r_sym = ELF_R_SYM(r.r_info); -#endif - r.r_addend = 0; - switch (elf->hdr->e_machine) { - case EM_386: - if (addend_386_rel(elf, sechdr, &r)) - continue; - break; - case EM_ARM: - if (addend_arm_rel(elf, sechdr, &r)) - continue; - break; - case EM_MIPS: - if (addend_mips_rel(elf, sechdr, &r)) - continue; - break; - } - sym = elf->symtab_start + r_sym; - /* Skip special sections */ - if (is_shndx_special(sym->st_shndx)) + if (get_relx_sym(elf, sechdr, (Elf_Rela *)rel, &r, &sym) continue; + if (is_second_extable_reloc(start, rel, fromsec)) find_extable_entry_size(fromsec, &r); check_section_mismatch(modname, elf, &r, sym, fromsec); From patchwork Fri Jul 22 02:24:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925919 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 62320C433EF for ; Fri, 22 Jul 2022 02:24:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234145AbiGVCYl (ORCPT ); Thu, 21 Jul 2022 22:24:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36558 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234148AbiGVCYc (ORCPT ); Thu, 21 Jul 2022 22:24:32 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF4B297A15 for ; Thu, 21 Jul 2022 19:24:30 -0700 (PDT) Received: from mail-oa1-f72.google.com (mail-oa1-f72.google.com [209.85.160.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 611C63F128 for ; Fri, 22 Jul 2022 02:24:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456669; bh=3ZWy6oO045NhmDZUgGUtDdbm4GX85RgD6xaLJzXc/eE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=cPquqsw+mci3kEp9X8003BpJ5hYUZU6NV1CbxqbI4PpPHywPxej7vwynWFFdNqqiv V1debT4RPDgIi9OuWO4Ltnb/AShM+nZrs6USiOrANbZuBHjVBdO3V0YY/jw9XJp3my LrsLMRqS2rxxzgfMs/KpUXwQZCeg6QIYGHvNbJPSkVMsPll6T3NEaXBZinItD0Bm+F cv8RUJnnKXovO4gQHxwD6e9uJ4uG+/fiQzSCFvOcpVgrjAlqckFjDtwTyG7IenfQjy W6Slo6QBSOaSXYgEXfjQG/snE97OVkrryfYroY0drRDqz1qDv7LZ8u4PnN0ya2B8yI Pi6frmNrRPbgw== Received: by mail-oa1-f72.google.com with SMTP id 586e51a60fabf-10d91acff93so1774795fac.12 for ; Thu, 21 Jul 2022 19:24:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3ZWy6oO045NhmDZUgGUtDdbm4GX85RgD6xaLJzXc/eE=; b=RAMOVXXkxkWAg+l8ubkx0oOaufd9l5h5UXrrwI8DXle8kSvyg4Wu6lhKDk9Qmxni/P zKsOxhtQ4DafjSgvhUCAhQXTyVLwZb8Nv9QqZqDqXiktwmjvEbgV3gxPnpxGmzB4yusI /VSVG/4h61F1h5pb9SuIhaHTkqr86IUQGrxcUvV7V8KAwsBfcU4bkvbPhrz/Lc2wwyZR afzWx82tSSC4KzSXuekbjUWXodYb3iBgtEeMWEwda+aM6CCdrbEFHiFS8bFcsfrKSqo9 dAPV3FjaiqO5goUGD996be6KPNEr/4iGDJmqnczAiiAB/pCIuyzFQuKmH/anppdafzuo Mw1Q== X-Gm-Message-State: AJIora+enavjoCmnq5ZZidPmt3jnxbZ6jsTNYZdWuCulsLO+SvDKxtrm WmtvVsSZvRCuPF3bs8PJlB/4ew7MiQTM/kt2t3aJrXnK8EayfXAhhdEImbDTFKomSPvpM+4O2dy rlYx3BBBLpzRp2ilKkI6eyvN8Sf7E3PwFwj+rbIy2Rjo= X-Received: by 2002:a05:6870:a54b:b0:10d:bd45:8acf with SMTP id p11-20020a056870a54b00b0010dbd458acfmr97021oal.137.1658456669036; Thu, 21 Jul 2022 19:24:29 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uXOJFfZ5xySXu/jnZXD4d8EwntbgED2XgYvhxCSIhrCPaTNG1IxGQOP+0DjE3kT8h+fPFKDg== X-Received: by 2002:a05:6870:a54b:b0:10d:bd45:8acf with SMTP id p11-20020a056870a54b00b0010dbd458acfmr97007oal.137.1658456668819; Thu, 21 Jul 2022 19:24:28 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:28 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 2/6] modpost: deduplicate section_rel[a]() Date: Thu, 21 Jul 2022 23:24:12 -0300 Message-Id: <20220722022416.137548-3-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: Now both functions are almost identical, and we can again generalize the relocation types Elf_Rela/Elf_Rel with Elf_Rela, and handle some differences with conditionals on section header type (SHT_RELA/REL). The important bit is to make sure the loop increment uses the right size for pointer arithmethic. The original reason for split functions to make program logic easier to follow; commit 5b24c0715fc4 ("kbuild: code refactoring in modpost"). Hopefully these 2 commits may help improving that, without an impact in understanding the code due to generalization of relocation types. Signed-off-by: Mauricio Faria de Oliveira --- scripts/mod/modpost.c | 61 ++++++++++++++++--------------------------- 1 file changed, 23 insertions(+), 38 deletions(-) diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index 4c1038dccae0..d1ed67fa290b 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1794,63 +1794,49 @@ static int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, return 0; } -static void section_rela(const char *modname, struct elf_info *elf, +/* The caller must ensure sechdr->sh_type == SHT_RELA or SHT_REL. */ +static void section_relx(const char *modname, struct elf_info *elf, Elf_Shdr *sechdr) { Elf_Sym *sym; - Elf_Rela *rela; + Elf_Rela *relx; /* access .r_addend in SHT_RELA _only_! */ Elf_Rela r; + size_t relx_size; const char *fromsec; Elf_Rela *start = (void *)elf->hdr + sechdr->sh_offset; Elf_Rela *stop = (void *)start + sechdr->sh_size; fromsec = sech_name(elf, sechdr); - fromsec += strlen(".rela"); + if (sechdr->sh_type == SHT_RELA) { + relx_size = sizeof(Elf_Rela); + fromsec += strlen(".rela"); + } else if (sechdr->sh_type == SHT_REL) { + relx_size = sizeof(Elf_Rel); + fromsec += strlen(".rel"); + } else { + error("%s: [%s.ko] not relocation section\n", fromsec, modname); + return; + } + /* if from section (name) is know good then skip it */ if (match(fromsec, section_white_list)) return; - for (rela = start; rela < stop; rela++) { - if (get_relx_sym(elf, sechdr, rela, &r, &sym)) + for (relx = start; relx < stop; relx = (void *)relx + relx_size) { + if (get_relx_sym(elf, sechdr, relx, &r, &sym)) continue; switch (elf->hdr->e_machine) { case EM_RISCV: - if (!strcmp("__ex_table", fromsec) && + if (sechdr->sh_type == SHT_RELA && + !strcmp("__ex_table", fromsec) && ELF_R_TYPE(r.r_info) == R_RISCV_SUB32) continue; break; } - if (is_second_extable_reloc(start, rela, fromsec)) - find_extable_entry_size(fromsec, &r); - check_section_mismatch(modname, elf, &r, sym, fromsec); - } -} - -static void section_rel(const char *modname, struct elf_info *elf, - Elf_Shdr *sechdr) -{ - Elf_Sym *sym; - Elf_Rel *rel; - Elf_Rela r; - const char *fromsec; - - Elf_Rel *start = (void *)elf->hdr + sechdr->sh_offset; - Elf_Rel *stop = (void *)start + sechdr->sh_size; - - fromsec = sech_name(elf, sechdr); - fromsec += strlen(".rel"); - /* if from section (name) is know good then skip it */ - if (match(fromsec, section_white_list)) - return; - - for (rel = start; rel < stop; rel++) { - if (get_relx_sym(elf, sechdr, (Elf_Rela *)rel, &r, &sym) - continue; - - if (is_second_extable_reloc(start, rel, fromsec)) + if (is_second_extable_reloc(start, relx, fromsec)) find_extable_entry_size(fromsec, &r); check_section_mismatch(modname, elf, &r, sym, fromsec); } @@ -1877,10 +1863,9 @@ static void check_sec_ref(const char *modname, struct elf_info *elf) for (i = 0; i < elf->num_sections; i++) { check_section(modname, elf, &elf->sechdrs[i]); /* We want to process only relocation sections and not .init */ - if (sechdrs[i].sh_type == SHT_RELA) - section_rela(modname, elf, &elf->sechdrs[i]); - else if (sechdrs[i].sh_type == SHT_REL) - section_rel(modname, elf, &elf->sechdrs[i]); + if (sechdrs[i].sh_type == SHT_RELA || + sechdrs[i].sh_type == SHT_REL) + section_relx(modname, elf, &elf->sechdrs[i]); } } From patchwork Fri Jul 22 02:24:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925920 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C4A7C433EF for ; Fri, 22 Jul 2022 02:24:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234247AbiGVCYs (ORCPT ); Thu, 21 Jul 2022 22:24:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36802 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234204AbiGVCYk (ORCPT ); Thu, 21 Jul 2022 22:24:40 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 065EF97D49 for ; Thu, 21 Jul 2022 19:24:35 -0700 (PDT) Received: from mail-oa1-f71.google.com (mail-oa1-f71.google.com [209.85.160.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id A26C33F0DE for ; Fri, 22 Jul 2022 02:24:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456673; bh=wJNrQQtx3gOtb03R7lr5BRoZshGsFg1ZQbX8SV/qIv0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=r4lSoSS5CaVrwrWKRmJWV2+/IEfrTcWEZHu/kaIZrYuC5SbuuiY9+2tXWwf6weg3i nmFdJdz10A7QQXG6+FzOqh91lD2rXhVU/Zn8InBoLokf5BsbVkify5aSoL5n2Kzk3S ap7kFTYL6ozFsdqgzznbHfATlS5F2Ggp/xNE45k3tw9EXZzIeBYcqB+JQJegjfHWRT Gqne7fnYWDvPLh63KK6/i+sACeiFLgnG9Sl/pVuxKZMaFn1wuy7l1rfRLV6WgZAT1m gUbCIq4Qs//6HRwRjvIXcvCbvae/6vCnJp4NkMqmkUc2VLsESqZhEPtKoiqy5Cb9U4 4E7rGCwcims7w== Received: by mail-oa1-f71.google.com with SMTP id 586e51a60fabf-1048dffc888so1799140fac.11 for ; Thu, 21 Jul 2022 19:24:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=wJNrQQtx3gOtb03R7lr5BRoZshGsFg1ZQbX8SV/qIv0=; b=Nkg/k0aifVE2FAk3MIPwJedhpU8pcVPbmgPd4DPethwq9tIywyiyxWKTpbkDKOCHLr /e6UPSriF5trPOqS/tbjOPnj7CYZLR5lhdoVw5TmPglVhpEWoXKd1jAzZPY2K5qGo2sz 8up3kC1nOQWvqvNOPpA6iQJRGaGT0EoWcxH3uKpu3CjSm6y8Mwt80Ye5zm14MmEb0bnV Htg9LBOVcpML2JRVo5E0OCyjQpLILJWHNtp6q0WNJQiGK2po9VBJzd0YMtb+pRavhskh uAsEDBpfgj+eX92YRP6ZvSSqMZxnZ2vi99Ru1vR1d8ubppmf5SlQe/ySglJqdy0gan41 MVlg== X-Gm-Message-State: AJIora+By3DFM3Jf4LUq9DHuV0IzdQ/EzZMx7pViXdfIf+iIjee0UMAv VJXsryjwfh6VVLl0ze1hV3TYmBPH9oNfIfQU139wKg2RAw0ve+GxRxugnC6lvNV1ltaHL1QZEzm qfKlbtyY6FjLXCcq9YvpmS5PwwwqRJANvSMjRzQpJpiM= X-Received: by 2002:a05:6808:168f:b0:325:2974:77d6 with SMTP id bb15-20020a056808168f00b00325297477d6mr475094oib.199.1658456672596; Thu, 21 Jul 2022 19:24:32 -0700 (PDT) X-Google-Smtp-Source: AGRyM1s65fv3xUo8XMCP9XXulfad6SVF8ugAzDtIkHRV6v0nExF6efgLcw0ldBLwljX4w1+HXqAo5Q== X-Received: by 2002:a05:6808:168f:b0:325:2974:77d6 with SMTP id bb15-20020a056808168f00b00325297477d6mr475086oib.199.1658456672319; Thu, 21 Jul 2022 19:24:32 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:31 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 3/6] sysctl, mod_devicetable: shadow struct ctl_table.procname for file2alias Date: Thu, 21 Jul 2022 23:24:13 -0300 Message-Id: <20220722022416.137548-4-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: In order to expose a sysctl entry to modpost (file2alias.c, precisely) we have to shadow 'struct ctl_table' in mod_devicetable.h, as scripts should not access kernel headers or its types (see file2alias.c). The required field is '.procname' (basename of '/proc/sys/.../entry'). Since 'struct ctl_table' is annotated for structure randomization and we need a known offset for '.procname' (remember, no kernel headers), take it out of the randomized portion (as in, eg, 'struct task_struct'). Of course, add build-time checks for struct size and .procname offset between both structs. (This has to be done on kernel side; for headers.) With that in place, use the regular macros in devicetable-offsets.c to define SIZE_... and OFF_... macros for the shadow struct and the field of interest. Signed-off-by: Mauricio Faria de Oliveira --- fs/proc/proc_sysctl.c | 19 +++++++++++++++++++ include/linux/mod_devicetable.h | 25 +++++++++++++++++++++++++ include/linux/sysctl.h | 11 ++++++++++- kernel/sysctl.c | 1 + scripts/mod/devicetable-offsets.c | 3 +++ 5 files changed, 58 insertions(+), 1 deletion(-) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 021e83fe831f..ebbf8702387e 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -19,6 +19,24 @@ #include #include "internal.h" +#ifdef CONFIG_MODULES +#include + +static void check_struct_sysctl_device_id(void) +{ + /* + * The shadow struct sysctl_device_id for file2alias.c needs + * the same size of struct ctl_table and offset for procname. + */ + BUILD_BUG_ON(sizeof(struct sysctl_device_id) + != sizeof(struct ctl_table)); + BUILD_BUG_ON(offsetof(struct sysctl_device_id, procname) + != offsetof(struct ctl_table, procname)); +} +#else +static void check_struct_sysctl_device_id(void) {} +#endif + #define list_for_each_table_entry(entry, table) \ for ((entry) = (table); (entry)->procname; (entry)++) @@ -1779,6 +1797,7 @@ int __init proc_sys_init(void) proc_sys_root->proc_dir_ops = &proc_sys_dir_file_operations; proc_sys_root->nlink = 0; + check_struct_sysctl_device_id(); return sysctl_init_bases(); } diff --git a/include/linux/mod_devicetable.h b/include/linux/mod_devicetable.h index 549590e9c644..9cee024d8f2f 100644 --- a/include/linux/mod_devicetable.h +++ b/include/linux/mod_devicetable.h @@ -20,6 +20,31 @@ enum { PCI_ID_F_VFIO_DRIVER_OVERRIDE = 1, }; +/* + * "Device" table entry for a sysctl file (shadow of struct ctl_table). + * + * Only the procname field is reliable (known offset); all other fields + * are in the randomized portion of struct ctl_table, do NOT use them. + */ +struct sysctl_device_id { + + /* This must be the first field (shadowed from struct ctl_table). */ + const char *procname; + + /* Here begins the randomizable portion of struct ctl_table. */ + + void *data; + int maxlen; + unsigned short mode; // umode_t in + void *child; + void *proc_handler; + void *poll; + void *extra1; + void *extra2; + + /* Here ends the randomizable portion of struct ctl_table. */ +}; + /** * struct pci_device_id - PCI device ID structure * @vendor: Vendor ID to match (or PCI_ANY_ID) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 780690dc08cd..676112fde5ff 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -133,7 +133,13 @@ static inline void *proc_sys_poll_event(struct ctl_table_poll *poll) /* A sysctl table is an array of struct ctl_table: */ struct ctl_table { + + /* This must be the first field (shadowed to struct sysctl_device_id) */ const char *procname; /* Text ID for /proc/sys, or zero */ + + /* This begins the randomizable portion of the struct. */ + randomized_struct_fields_start + void *data; int maxlen; umode_t mode; @@ -142,7 +148,10 @@ struct ctl_table { struct ctl_table_poll *poll; void *extra1; void *extra2; -} __randomize_layout; + + /* New fields go above here, so they are in the randomized portion. */ + randomized_struct_fields_end +}; struct ctl_node { struct rb_node node; diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 223376959d29..15073621cfa8 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -2487,6 +2487,7 @@ int __init sysctl_init_bases(void) return 0; } + #endif /* CONFIG_SYSCTL */ /* * No sense putting this after each symbol definition, twice, diff --git a/scripts/mod/devicetable-offsets.c b/scripts/mod/devicetable-offsets.c index c0d3bcb99138..43b2549940d2 100644 --- a/scripts/mod/devicetable-offsets.c +++ b/scripts/mod/devicetable-offsets.c @@ -262,5 +262,8 @@ int main(void) DEVID(ishtp_device_id); DEVID_FIELD(ishtp_device_id, guid); + DEVID(sysctl_device_id); + DEVID_FIELD(sysctl_device_id, procname); + return 0; } From patchwork Fri Jul 22 02:24:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925921 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EF987C433EF for ; Fri, 22 Jul 2022 02:25:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234287AbiGVCZC (ORCPT ); Thu, 21 Jul 2022 22:25:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36800 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234189AbiGVCYs (ORCPT ); Thu, 21 Jul 2022 22:24:48 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DA4D597A0F for ; Thu, 21 Jul 2022 19:24:39 -0700 (PDT) Received: from mail-oa1-f72.google.com (mail-oa1-f72.google.com [209.85.160.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 796903F12F for ; Fri, 22 Jul 2022 02:24:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456677; bh=hqasS2PjFohy8PE1VKCVY/VWJWfGA+Wsx6gjsloj5Nc=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ruUJKpGkx9caOkt0mRkjNs40c+5P33vKUlsA+MKo4CZuPzcbWuBpVdP+iWfw+0VE8 idCqfHVTcEmk/3402dbTDQIQ0GoN0wxh8mg3bNVaVykfytT0IHQg6I+R0wonYSFkvf ez3Z9ckwItsUMeCWytjpYNaovvXwmGOG3UFd/STtqpYkWDUVfBCmqryruuLwf+MJ/d 592xTXWYAAIgyrieUEd0l9F7mVap3nXGvicnDQsUoAJavhDcMiE+xFPK6T67/HoLnD nfNFqus3ef3DZBA8VTHC60RwoWOeY36jCykD5x+NF+82HYyR0U3WCjiEaJBDf/HiUG xD45zLtFMrmgg== Received: by mail-oa1-f72.google.com with SMTP id 586e51a60fabf-10c30284e52so1789782fac.21 for ; Thu, 21 Jul 2022 19:24:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hqasS2PjFohy8PE1VKCVY/VWJWfGA+Wsx6gjsloj5Nc=; b=LJOdz9dmAtufA6Hz9ED1Bztff1PcFZX2n2jDku+YBBxzuq800GQCpDANgWV8p9SaC7 2ZgHQb35OzTaYDGIXjejdxRjSxDywZFJKb47AF5v+TssH+eDmsLT0L7WCjYz3IP9ZuwK 9XfDRDDjqpzxzj1QAMt8rIc6aMDH7I1j2hQ1Q7t/rcXxD46KsDDZCo6hd5LwwBUOBMm6 OFXyHD29i2bm2bYh4rQnUDgfUh3TKJ7hV4QfrIox6KWbKoJVFUR08vVlSzXLJr+/V19W z0K+qTJOx2rAJtAuWOChNvwk14YAuWbwuBMBO5Hu5xqDtg/y8tMfbwk6zcFDeeHKDdf+ qEUw== X-Gm-Message-State: AJIora/Zu/hh9ekxXBwtSbSPo9K5faxGJczGTTAs2buCd6Wk3t2ZPnIb WgVAMZrxwV0Q1Exw3IgSelfb9/u4VFGlm/kavYM1VmSTjp96kuDCHZ2mff5wiXzQj9J7RoiyMgQ LXnRBEX8KyASSvy4NffUz8VqeVOwSomP1aAujsRt5ALU= X-Received: by 2002:a05:6830:6517:b0:614:d582:77d7 with SMTP id cm23-20020a056830651700b00614d58277d7mr507269otb.323.1658456675936; Thu, 21 Jul 2022 19:24:35 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uLS6QJ5eow90pKBFp4ctGLCUQ8MqGGb68x3HdZDh7OOZ9QuEHvw5tz1dmPFuwuWlLEdvLurA== X-Received: by 2002:a05:6830:6517:b0:614:d582:77d7 with SMTP id cm23-20020a056830651700b00614d58277d7mr507263otb.323.1658456675607; Thu, 21 Jul 2022 19:24:35 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:35 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 4/6] module, modpost: introduce support for MODULE_SYSCTL_TABLE Date: Thu, 21 Jul 2022 23:24:14 -0300 Message-Id: <20220722022416.137548-5-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: Now that 'struct ctl_table' is exposed to modpost/file2alias, introduce MODULE_SYSCTL_TABLE to register some sysctl tables, just like MODULE_DEVICE_TABLE for, eg, drivers PCI ID tables. This adds a '__mod_sysctl___device_table' symbol in the module that points to the array of 'struct ctl_table' entries. This is identified and handled by file2alias, as other tables, that emits MODULE_ALIAS("sysctl:") statements for each entry. That would be relatively simple for 'procname' as a char array (eg, do_{rpmsg,i2c,spi}_entry()) but since it's a char pointer an ELF relocation is used (it sets that pointer value to where the string it should point to actually ends up). ... It's probably not ideal to convert 'struct ctl_table.procname' to a char array, as the max length it uses in some modules is long, and all other users would pay the memory price of a one- size-fits-all array size. Also, some places set it to NULL, which requires special care and changes (i.e., set/check the first byte is '\0'). Anyway, the resulting disadvantages in the general case aren't worth the simplicity gain in this particular case. ... So, add ELF relocation handling code, borrowing that function we factored-out in modpost.c earlier. The logic and details are commented in the source, but briefly: 0) modpost.c calls file2alias.c's handle_moddevtable() 1) handle_moddevtable() 1.1) matches a '__mod__sysctl__..._device_table' symbol 1.2) calls do_sysctl_table() for it (array of struct ctl_table) 2) do_sysctl_table() 2.1) finds the relocation section that _references_ the section that defines that symbol (ie, that holds the actual values of 'procname' char pointers to be replaced in that symbol). 2.2) calls do_sysctl_entry() for each entry in that table/array 3) do_sysctl_entry() 3.1) calls do_sysctl_section_relx() to scan a relocation section for the relocation entry that targets a particular procname pointer of this entry (struct ctl_table). 3.2) do_sysctl_section_relx() returns its source string pointer. 3.3) do_sysctl_entry() stores 'sysctl:' in the buffer. 4) do_sysctl_table() emits a 'MODULE_ALIAS()' statement with it. ... This algorithm is likely iterating over the earlier relocation entries many times as each 'struct ctl_table' entry starts the loop over the relocation section again, but keep it simple now. We could keep the relocation entry cursor pointer across calls, and start over only when we can't find a relocation, I guess. Signed-off-by: Mauricio Faria de Oliveira --- include/linux/module.h | 7 +++ scripts/mod/file2alias.c | 111 +++++++++++++++++++++++++++++++++++++++ scripts/mod/modpost.c | 4 +- scripts/mod/modpost.h | 3 ++ 4 files changed, 123 insertions(+), 2 deletions(-) diff --git a/include/linux/module.h b/include/linux/module.h index 518296ea7f73..3010f687df19 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -247,6 +247,13 @@ extern typeof(name) __mod_##type##__##name##_device_table \ #define MODULE_DEVICE_TABLE(type, name) #endif +#if defined(MODULE) && defined(CONFIG_PROC_SYSCTL) +/* Creates an alias so file2alias.c can find sysctl "device" table. */ +#define MODULE_SYSCTL_TABLE(name) MODULE_DEVICE_TABLE(sysctl, name) +#else /* !MODULE || !CONFIG_PROC_SYSCTL */ +#define MODULE_SYSCTL_TABLE(name) +#endif + /* Version of form [:][-]. * Or for CVS/RCS ID version, everything but the number is stripped. * : A (small) unsigned integer which allows you to start versions diff --git a/scripts/mod/file2alias.c b/scripts/mod/file2alias.c index cbd6b0f48b4e..3bf9cb84c548 100644 --- a/scripts/mod/file2alias.c +++ b/scripts/mod/file2alias.c @@ -1452,6 +1452,115 @@ static int do_dfl_entry(const char *filename, void *symval, char *alias) return 1; } +/* + * Scan the relocation section with section header index 'relx_shndx' + * for the relocation entry for target 'offset' and return a pointer + * to its source value (from another section/offset). + * + * The caller must ensure sechdr->sh_type == SHT_RELA or SHT_REL. + */ +static void *do_sysctl_section_relx(struct elf_info *info, + unsigned int relx_shndx, int offset) +{ + /* Relocation section's header, and start/stop addresses. */ + Elf_Shdr *sechdr = &info->sechdrs[relx_shndx]; + Elf_Rela *start = (void *)info->hdr + sechdr->sh_offset; + Elf_Rela *stop = (void *)start + sechdr->sh_size; + + /* Relocation entry cursor and size in SHT_RELA or SHT_REL. */ + Elf_Rela *relx; /* access .r_addend in SHT_RELA _only_! */ + size_t relx_size; + + if (sechdr->sh_type == SHT_RELA) + relx_size = sizeof(Elf_Rela); + else if (sechdr->sh_type == SHT_REL) + relx_size = sizeof(Elf_Rel); + else + return NULL; + + for (relx = start; relx < stop; relx = (void *)relx + relx_size) { + /* + * 'r' is the relocation entry, applied to the 'target offset' + * in the 'target section' of this (relocation) section, with + * the value from symbol 'sym' (in/at 'source section/offset'). + */ + Elf_Rela r; + Elf_Sym *sym; + unsigned int sym_shndx; + int sym_offset; + + if (get_relx_sym(info, sechdr, relx, &r, &sym)) + continue; + + /* Looking for this target offset. */ + if (r.r_offset != offset) + continue; + + /* Pointer to source section/offset (note: addend is needed). */ + sym_shndx = get_secindex(info, sym); + sym_offset = sym->st_value; + return (void *)info->hdr + info->sechdrs[sym_shndx].sh_offset + + sym_offset + r.r_addend; + } + + return NULL; +} + +/* Looks like: sysctl:S */ +static int do_sysctl_entry(const char *modname, int sym_entry_offset, + char *alias, const char *symname, + unsigned int relx_shndx, struct elf_info *info) +{ + /* Find the relocation entry for procname's offset and use its string */ + int offset = sym_entry_offset + OFF_sysctl_device_id_procname; + const char *procname = do_sysctl_section_relx(info, relx_shndx, offset); + + if (procname) { + sprintf(alias, "sysctl:%s", procname); + return 1; + } + + error("%s: [%s.ko] cannot find relocation string.\n", symname, modname); + return 0; +} + +static void do_sysctl_table(void *symval, unsigned long size, + struct module *mod, const char *symname, + Elf_Sym *sym, struct elf_info *info) +{ + unsigned long id_size = SIZE_sysctl_device_id; + unsigned int i, secindex, shndx; + char alias[ALIAS_SIZE]; + + device_id_check(mod->name, "sysctl", size, id_size, symval); + /* Leave last one: it's the terminator. */ + size -= id_size; + + /* Find relocation section that references the section w/ the symbol. */ + shndx = sym->st_shndx; + for (secindex = 0; secindex < info->num_sections; secindex++) { + Elf_Shdr *shdr = &info->sechdrs[secindex]; + + if ((shdr->sh_type == SHT_REL || shdr->sh_type == SHT_RELA) && + (shdr->sh_flags & SHF_INFO_LINK) && shdr->sh_info == shndx) + break; + } + + if (secindex == info->num_sections) { + error("%s: [%s.ko] cannot find relocation section.\n", + symname, mod->name); + return; + } + + /* The symbol is an array of struct ctl_table elements at offset 'i'. */ + for (i = 0; i < size; i += id_size) { + if (do_sysctl_entry(mod->name, sym->st_value+i, alias, symname, secindex, info)) { + buf_printf(&mod->dev_table_buf, + "MODULE_ALIAS(\"%s\");\n", alias); + } + } +} + /* Does namelen bytes of name exactly match the symbol? */ static bool sym_is(const char *name, unsigned namelen, const char *symbol) { @@ -1585,6 +1694,8 @@ void handle_moddevtable(struct module *mod, struct elf_info *info, do_pnp_device_entry(symval, sym->st_size, mod); else if (sym_is(name, namelen, "pnp_card")) do_pnp_card_entries(symval, sym->st_size, mod); + if (sym_is(name, namelen, "sysctl")) + do_sysctl_table(symval, sym->st_size, mod, symname, sym, info); else { int i; diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index d1ed67fa290b..e2df2fbb0909 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1735,8 +1735,8 @@ static int addend_mips_rel(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *r) * w/ possible relocation addend 'r.r_addend'). * - 'sym' is that symbol (a pointer to the symbol table + symbol table index). */ -static int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, - Elf_Rela *out_r, Elf_Sym **out_sym) +int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, + Elf_Rela *out_r, Elf_Sym **out_sym) { Elf_Sym *sym; Elf_Rela r; diff --git a/scripts/mod/modpost.h b/scripts/mod/modpost.h index 044bdfb894b7..cdb95c7e03a9 100644 --- a/scripts/mod/modpost.h +++ b/scripts/mod/modpost.h @@ -212,3 +212,6 @@ void modpost_log(enum loglevel loglevel, const char *fmt, ...); #define warn(fmt, args...) modpost_log(LOG_WARN, fmt, ##args) #define error(fmt, args...) modpost_log(LOG_ERROR, fmt, ##args) #define fatal(fmt, args...) modpost_log(LOG_FATAL, fmt, ##args) + +int get_relx_sym(struct elf_info *elf, Elf_Shdr *sechdr, Elf_Rela *rela, + Elf_Rela *out_r, Elf_Sym **out_sym); From patchwork Fri Jul 22 02:24:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925922 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 63AEECCA485 for ; Fri, 22 Jul 2022 02:25:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234330AbiGVCZK (ORCPT ); Thu, 21 Jul 2022 22:25:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37362 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234223AbiGVCY4 (ORCPT ); Thu, 21 Jul 2022 22:24:56 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 51EE398213 for ; Thu, 21 Jul 2022 19:24:43 -0700 (PDT) Received: from mail-ot1-f69.google.com (mail-ot1-f69.google.com [209.85.210.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 9D6833F130 for ; Fri, 22 Jul 2022 02:24:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456681; bh=rPPCOknk12Lnh3nWhsdYWqa1mH1t/OQEcqVOb72oZWk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=PJgksh3jPRgTS/TSF2s7rGtKyZIZ1p9t4d5lNzBR3Umb/RV99jkT045FR4TlvDfIp grq3jPQ+y6TgDbA/yXpJ5ujHswLLSQ1USwg4JlrLbQqTqQdQ5GfpuAMEgNT+xiv6xQ Ph2VOx7GUR0Ml5vCoZ9z+slukKb8+m96wUn68qjUCQY7szt0IN7xJk2l/8syobPptT HOqHbN79OYINtlyDxalwma+ST7YEZ2Ona9lSUCGNxgvlYXDHW73QYwO8XQ4JQ26lpj 6AeWPoBdyALv/6QISem9ANAN/z4DrOgQdkRv7rNEti1R73j35p8oI1LIv6RuUKWPrK 7K+y0A5Hh8aLQ== Received: by mail-ot1-f69.google.com with SMTP id f4-20020a056830204400b0061c9d50ace0so1629063otp.5 for ; Thu, 21 Jul 2022 19:24:41 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rPPCOknk12Lnh3nWhsdYWqa1mH1t/OQEcqVOb72oZWk=; b=dR9eavRvn9ifCKc/yBTL7GOTOo4fqJTWuNZOEeheuTh3D1VwOZgClyyqlJfMnnsDaj gLrPXFrmXXTp0Y5jo0mLIefk9LN+zSqi6F5178yJ9Q8Bhngbgx+Tc89DyWFPYHZOZCOp i3Y0R69OEO36Cl8okL2dMlma8F2T6/Hyhwk5iYOQtjmNLZUBFvOKdKWNQI8k2Ia7SVcx 5THuE2XQc8fzYJ2n0+9FHwuAxTUEaKPx7JVy4Q0YmOMbEucD4N104mGj23IQJYP6+l1T pDstrzjTVNQryTdy6uvGDQB/1BYWGHH5dOtFKmVYHoZ7cs+CHd2CX0Zwh7070XoxC1jh Nngg== X-Gm-Message-State: AJIora+LJcAlIs7lxmv6zf4X/c1WXcqbKktZ9GO+6kCY/342qRfhp5xE LvQ5a4r+/Fzb9MPpwlIfPIAKR05vypsr1C1ae9mDdURYQnZtN+fbYVXpKF63h7kYiABzFH6WdB/ xGpXQk/ws8FzieQszlAsYEuB8kFrH0aW1edvgVP1mM4M= X-Received: by 2002:a05:6808:d52:b0:339:c88b:8100 with SMTP id w18-20020a0568080d5200b00339c88b8100mr5817222oik.93.1658456679122; Thu, 21 Jul 2022 19:24:39 -0700 (PDT) X-Google-Smtp-Source: AGRyM1shUKvZ85RWsVY2FWznWPtQPVSjurfGAiTl4rOQmkm6bAI1hnYtfZhQRHhT4FIYWpHeOcMWbw== X-Received: by 2002:a05:6808:d52:b0:339:c88b:8100 with SMTP id w18-20020a0568080d5200b00339c88b8100mr5817215oik.93.1658456678903; Thu, 21 Jul 2022 19:24:38 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:38 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 5/6] netfilter: conntrack: use MODULE_SYSCTL_TABLE Date: Thu, 21 Jul 2022 23:24:15 -0300 Message-Id: <20220722022416.137548-6-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: Let's take nf_conntrack as an (actually helpful) example and exerciser, as it has many sysctl entries, and other module aliases already. Signed-off-by: Mauricio Faria de Oliveira --- net/netfilter/nf_conntrack_standalone.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 05895878610c..2da628f054cf 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -980,6 +980,8 @@ static struct ctl_table nf_ct_sysctl_table[] = { {} }; +MODULE_SYSCTL_TABLE(nf_ct_sysctl_table); + static struct ctl_table nf_ct_netfilter_table[] = { { .procname = "nf_conntrack_max", @@ -991,6 +993,8 @@ static struct ctl_table nf_ct_netfilter_table[] = { { } }; +/* MODULE_SYSCTL_TABLE(nf_ct_sysctl_table) already includes nf_conntrack_max. */ + static void nf_conntrack_standalone_init_tcp_sysctl(struct net *net, struct ctl_table *table) { From patchwork Fri Jul 22 02:24:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mauricio Faria de Oliveira X-Patchwork-Id: 12925923 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6F5CCC43334 for ; Fri, 22 Jul 2022 02:25:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234367AbiGVCZZ (ORCPT ); Thu, 21 Jul 2022 22:25:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36800 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234178AbiGVCZB (ORCPT ); Thu, 21 Jul 2022 22:25:01 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 85B809823D for ; Thu, 21 Jul 2022 19:24:45 -0700 (PDT) Received: from mail-oi1-f197.google.com (mail-oi1-f197.google.com [209.85.167.197]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 39CD13F133 for ; Fri, 22 Jul 2022 02:24:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1658456683; bh=21lfF1OMKLeXFtULRWjRtXARMWFjMfI3d/p5JlAEia8=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Vf7233D7ytA6ZTtX9mLYYWxhKK9hYQtdMFnxeN1tmh3hKfX4TVbolh602Sm5j6+XE IHVJ+gq6i1/7lKF40qeHk4xg7mR9o2HDPkbY1/z1+PJCoUNysK+cuRGeLocuNUmVAV js76IMhzVMHe3yDm4WmsUNLBI94R5idTJFnYvZ0z3L+3h6gAL4BfqOuyJ3hh/Kt4iu XrqtwGSh14MJUYIZtKcDCqdXK7Ns8oYqqmGObQz1fh4Gk6Xzlyirr4zezFytq9r+2m ZMS2R5wGaAKG9vmvZ/EatNqeJ3pzGLR35uyvfbN1Vv6ktiWS0kPh9EEJTGiWKKUoLa Yv5sUkIV0yaEQ== Received: by mail-oi1-f197.google.com with SMTP id u127-20020aca6085000000b00335812e0b1eso1699289oib.22 for ; Thu, 21 Jul 2022 19:24:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=21lfF1OMKLeXFtULRWjRtXARMWFjMfI3d/p5JlAEia8=; b=QtldXLbN6mBbaHAVeUGqFagLAmg/67ttGGhbMY9N2eDXzhqzYMAdQRqbJhXC0SmIbX /Rtad0TXs1vXqpBOz9LRgz+Gn8gd6eoHR1UhmbrlUtqra1Pq1jEph3NU7TlcXgp5TGDU 7yGaLFXRiBCoXivZkAnTUAFu7yCqMhKmQC6kP9Vci0LzRfvW9X73K+hZE5cynvVjKDST 8vJ6qM+c28ppyq8lYUf1t9vxVhr4Kb8UI5KcD5AgLWTdXtv4CjffZ1XuyBol1bLLLAjz 8hWQkTLx8mg2v2MsUtqrXBelIj5NQ11squ4zMmOF7sHihv5GhHQoEuWECmXON2dK2kC3 vnqg== X-Gm-Message-State: AJIora8pT9tNQwiy3Ldh2KRysr6Ywhnz7JKo5iumqF1iScMt1xcpDBrS 8GZrlGF279IxS+szxWmo1jwH58t6RfbMkmugRxaQkntxgc0XdLdd0V2jYOcu0YG+GcL94G/4qHA utFHFZfa5R3BD0PxHBdjKJk1cRx1/FfZeTXn3376ly0k= X-Received: by 2002:a05:6870:9691:b0:10d:4e09:6d0d with SMTP id o17-20020a056870969100b0010d4e096d0dmr620836oaq.54.1658456682544; Thu, 21 Jul 2022 19:24:42 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uvU9qJw3xZdY8qLtAMfrO1WVNCSVRdNA2PSo7g3N3dxoTLVc+Yd1R+zm9uxw3Fm3r+ZL9hVg== X-Received: by 2002:a05:6870:9691:b0:10d:4e09:6d0d with SMTP id o17-20020a056870969100b0010d4e096d0dmr620824oaq.54.1658456682346; Thu, 21 Jul 2022 19:24:42 -0700 (PDT) Received: from mfo-t470.. ([2804:14c:4e1:8732:c479:1206:16fb:ce1f]) by smtp.gmail.com with ESMTPSA id k23-20020a056870959700b000f5f4ad194bsm1814528oao.25.2022.07.21.19.24.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 19:24:41 -0700 (PDT) From: Mauricio Faria de Oliveira To: linux-kernel@vger.kernel.org, linux-modules@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: Masahiro Yamada , Michal Marek , Nick Desaulniers , Luis Chamberlain , Kees Cook , Iurii Zaikin Subject: [RFC PATCH 6/6] sysctl: introduce /proc/sys/kernel/modprobe_sysctl_alias Date: Thu, 21 Jul 2022 23:24:16 -0300 Message-Id: <20220722022416.137548-7-mfo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220722022416.137548-1-mfo@canonical.com> References: <20220722022416.137548-1-mfo@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: The goal of the earlier patches is to let sysctl userspace tools load the kernel module with a sysctl entry that is not available yet in /proc/sys/ when the tool runs (so it can become available). Let's expose this file for userspace for two reasons: 1) Allow such tools to identify that the running kernel has the code which produces sysctl module aliases, so they could run 'modprobe sysctl:' only when it may actually help. 2) Allow an administrator to hint such tools not to do that, if that is desired for some reason (e.g., rather have the tools fail if something is misconfigured in a critical deployment). Also add a module parameter for that (proc.modprobe_sysctl_alias), for another method that doesn't depend on sysctl tools to be set (that wouldn't fail them to try and set it if it's not there yet). Signed-off-by: Mauricio Faria de Oliveira --- fs/proc/proc_sysctl.c | 8 ++++++++ include/linux/module.h | 1 + kernel/sysctl.c | 9 +++++++++ 3 files changed, 18 insertions(+) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index ebbf8702387e..1e63819fcda8 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -33,6 +33,14 @@ static void check_struct_sysctl_device_id(void) BUILD_BUG_ON(offsetof(struct sysctl_device_id, procname) != offsetof(struct ctl_table, procname)); } + +/* + * Hint sysctl userspace tools whether or not to run modprobe with sysctl alias + * ('modprobe sysctl:entry') if they cannot find the file '/proc/sys/.../entry' + */ +int modprobe_sysctl_alias = 1; +module_param(modprobe_sysctl_alias, int, 0644); + #else static void check_struct_sysctl_device_id(void) {} #endif diff --git a/include/linux/module.h b/include/linux/module.h index 3010f687df19..5f565491c596 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -304,6 +304,7 @@ struct notifier_block; #ifdef CONFIG_MODULES extern int modules_disabled; /* for sysctl */ +extern int modprobe_sysctl_alias; /* for proc sysctl */ /* Get/put a kernel symbol (calls must be symmetric) */ void *__symbol_get(const char *symbol); void *__symbol_get_gpl(const char *symbol); diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 15073621cfa8..b396cfcb55fc 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -1763,6 +1763,15 @@ static struct ctl_table kern_table[] = { .mode = 0644, .proc_handler = proc_dostring, }, +#ifdef CONFIG_PROC_SYSCTL + { + .procname = "modprobe_sysctl_alias", + .data = &modprobe_sysctl_alias, + .maxlen = sizeof(modprobe_sysctl_alias), + .mode = 0644, + .proc_handler = proc_dointvec, + }, +#endif { .procname = "modules_disabled", .data = &modules_disabled,