From patchwork Wed Jan 25 18:54:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Song Liu X-Patchwork-Id: 48265 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp434144wrn; Wed, 25 Jan 2023 10:59:41 -0800 (PST) X-Google-Smtp-Source: AMrXdXvXzpmJfmrrFZUStsPq0bX6Dxk9N86K2xaqK26I8z8qOOPL8DzRjpqX0gfvTl6wr8MieEQz X-Received: by 2002:a17:907:3ea9:b0:7ff:727f:65cb with SMTP id hs41-20020a1709073ea900b007ff727f65cbmr42108930ejc.19.1674673181582; Wed, 25 Jan 2023 10:59:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674673181; cv=none; d=google.com; s=arc-20160816; b=mlVwNnqih9DFEHI6+NTLGAtoyjF917tt4PIEdq8SPj7R3Udld1+B4KZmZENCKGOi3E gR/afA9o4+XsqRv0azrt0ftyCRtraeMOKbSPHQ4eC/Z9u6ZlMR4oracqCh5ON74gJzwm JccY7kWHiIx2DvSvptLnoYf4NH8b6LJPaL1FHf4V2rD+Mo2fbHOGHqUtcgxI/Ay1dgQT oZvOk/ng3sOI/04r6/fyoZAVo4FEh5EFBR2N7oliZeNiOpibHMlgzAPM9ZmMMRnHnGVc q9Ow5EB7gcI6+G72szfHz4Nner+P/vW+KEOIVkaLtoJwcGDUtT4zlG/OHQYr2JtmY7pf xjcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=dKDOr+3yXgOgq+iOQfVx+ANrs3jwKUhz1wj9fN6olD4=; b=A9t5M5RVumlXRArwjmuNhbrzQT/c99Q7LiD0HzH2pIY2pgZUS3LYb8oPrs4lEeFR6d X6WKXtbXfXb0jIlzcETzPxW5VtvcrqzUr5bWhzdzRp5E1D+XoHYTYO6pc5NbE4hp1vI5 XxXLWM9l7kxEsZ+udVhH48T+7pPdP96gndOJFxKzVNJ3ObCxD1B++XsOVy2yAUDiGxo2 UbD8P8JG3G7JbSXUdURdvRiqvUBjYT3wys6mZ+uhX31Nh7pitwRYY8unf1mmM1AqjTze sM7gzoGN7K1fKknAb94l6yDp7xfynRbU0Lfx8UVUtI9n/F/egyTtOo3Uw+Zqljkajzto NUvA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gj22-20020a170907741600b0087760e3018bsi6227451ejc.967.2023.01.25.10.59.18; Wed, 25 Jan 2023 10:59:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235712AbjAYSzD convert rfc822-to-8bit (ORCPT + 99 others); Wed, 25 Jan 2023 13:55:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46794 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235697AbjAYSzA (ORCPT ); Wed, 25 Jan 2023 13:55:00 -0500 Received: from mx0b-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 00186C15A for ; Wed, 25 Jan 2023 10:54:59 -0800 (PST) Received: from pps.filterd (m0109331.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 30PGPjQU019302 for ; Wed, 25 Jan 2023 10:54:59 -0800 Received: from mail.thefacebook.com ([163.114.132.120]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3najv1qt5m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Wed, 25 Jan 2023 10:54:59 -0800 Received: from twshared16996.15.frc2.facebook.com (2620:10d:c085:208::11) by mail.thefacebook.com (2620:10d:c085:21d::4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.17; Wed, 25 Jan 2023 10:54:57 -0800 Received: by devbig932.frc1.facebook.com (Postfix, from userid 4523) id 65B4C1469A25A; Wed, 25 Jan 2023 10:54:48 -0800 (PST) From: Song Liu To: , , CC: , Song Liu , Josh Poimboeuf , Petr Mladek Subject: [PATCH v11 1/2] x86/module: remove unused code in __apply_relocate_add Date: Wed, 25 Jan 2023 10:54:00 -0800 Message-ID: <20230125185401.279042-1-song@kernel.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-FB-Internal: Safe X-Proofpoint-GUID: fbMq_g4eyq7aPdPwM8aejIn-BH-m8SQz X-Proofpoint-ORIG-GUID: fbMq_g4eyq7aPdPwM8aejIn-BH-m8SQz X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.122.1 definitions=2023-01-25_12,2023-01-25_01,2022-06-22_01 X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1756022105917505316?= X-GMAIL-MSGID: =?utf-8?q?1756022105917505316?= This "#if 0" block has been untouched for many years. Remove it to clean up the code. Suggested-by: Josh Poimboeuf Signed-off-by: Song Liu Reviewed-by: Petr Mladek Acked-by: Josh Poimboeuf Reviewed-by: Joe Lawrence --- arch/x86/kernel/module.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c index 705fb2a41d7d..1dee3ad82da2 100644 --- a/arch/x86/kernel/module.c +++ b/arch/x86/kernel/module.c @@ -188,10 +188,6 @@ static int __apply_relocate_add(Elf64_Shdr *sechdrs, goto invalid_relocation; val -= (u64)loc; write(loc, &val, 4); -#if 0 - if ((s64)val != *(s32 *)loc) - goto overflow; -#endif break; case R_X86_64_PC64: if (*(u64 *)loc != 0) From patchwork Wed Jan 25 18:54:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Song Liu X-Patchwork-Id: 48264 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp434119wrn; Wed, 25 Jan 2023 10:59:35 -0800 (PST) X-Google-Smtp-Source: AMrXdXv1FnZrWol+k1ITyA18JtYvIEvUTJyR8c/9qz1tWjTxLdXmPSQCm97cBxN1/j987q9+TaHi X-Received: by 2002:a17:907:a708:b0:86d:e1ce:5c9c with SMTP id vw8-20020a170907a70800b0086de1ce5c9cmr37010829ejc.76.1674673175475; Wed, 25 Jan 2023 10:59:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674673175; cv=none; d=google.com; s=arc-20160816; b=dL51PgvO0S3iL+IPp9rEq1EURCqHzfv09nfIDeCDPZlZsw8gDTKgmsUBTpbmKI0BvY x05GgtQZjisI5pWjsXctnI9DlEf+AlxY3Fp7lVLTTEhWl/GyDtXs9VzsCkD9NIFmEYpt frx167mFb4VyX/CfbV01iyLfCAwXAp6UCjFbg+3lHVZfKvbk7SQIiej4UAA7MydKCylZ aZatCIEX7o8kk3+SR7LLGsMxhKJPuQCZ6+ed2gU3TnVprfFIgNnC72IauBJaygldgKG/ 6djgIWorKZA3GKUTeJ9Osva4JE+somzF3lyqwL2SECW2Dwe4SviKnITDQooB4oRHMwov iavQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :references:in-reply-to:message-id:date:subject:cc:to:from; bh=x9e6vCvfOXx36XIuE6T7fR1wtkjBmQkxDWSrdfVH6KU=; b=I2Z5Hig7TXGgyeltQjye9SMbyKAmlJ5l7ptPqRKt3k0QpDEUa69752OFLMpMzDQbN9 hKUNWH5r2WMlYeE4RvN+S+eafrSaPCRdICbC/PgIfL2r7UQ8sMtvsyzb+Ls9apehlvKG 6vOYEgf+V4f/+ykr1TLlfAwnkUNZbuvS37ep82YBrsCuCQulx4K2MhZOmRFYvfet9Pr+ Rv49zEAMWc8jWbLqVNvznjKMOWvaeYuub8vs3696y8eOZ+IYo0pHwLaPdyPAthGuKbxH nQ/P/HJUB+O5XbuC7QwboOgrnJ3iwc3Qkuj4Ky9VHbfyPIDCZdDx9OwZQdTZ82KoeRck 3z0g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ee37-20020a056402292500b004872d72e769si6898017edb.632.2023.01.25.10.59.11; Wed, 25 Jan 2023 10:59:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235591AbjAYSy7 convert rfc822-to-8bit (ORCPT + 99 others); Wed, 25 Jan 2023 13:54:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46748 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229449AbjAYSy5 (ORCPT ); Wed, 25 Jan 2023 13:54:57 -0500 Received: from mx0b-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1B0179EFA for ; Wed, 25 Jan 2023 10:54:56 -0800 (PST) Received: from pps.filterd (m0109332.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 30PGOwR6012768 for ; Wed, 25 Jan 2023 10:54:55 -0800 Received: from mail.thefacebook.com ([163.114.132.120]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3narn0n7jj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Wed, 25 Jan 2023 10:54:55 -0800 Received: from twshared25601.14.frc2.facebook.com (2620:10d:c085:208::f) by mail.thefacebook.com (2620:10d:c085:21d::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.17; Wed, 25 Jan 2023 10:54:53 -0800 Received: by devbig932.frc1.facebook.com (Postfix, from userid 4523) id 9E75F1469A274; Wed, 25 Jan 2023 10:54:49 -0800 (PST) From: Song Liu To: , , CC: , Song Liu , Josh Poimboeuf , Miroslav Benes , Petr Mladek Subject: [PATCH v11 2/2] livepatch,x86: Clear relocation targets on a module removal Date: Wed, 25 Jan 2023 10:54:01 -0800 Message-ID: <20230125185401.279042-2-song@kernel.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230125185401.279042-1-song@kernel.org> References: <20230125185401.279042-1-song@kernel.org> X-FB-Internal: Safe X-Proofpoint-GUID: jYUcy19FRyf8rbRggnQ59m819DLLh_5G X-Proofpoint-ORIG-GUID: jYUcy19FRyf8rbRggnQ59m819DLLh_5G X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.122.1 definitions=2023-01-25_12,2023-01-25_01,2022-06-22_01 X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1756022099565136269?= X-GMAIL-MSGID: =?utf-8?q?1756022099565136269?= Josh reported a bug: When the object to be patched is a module, and that module is rmmod'ed and reloaded, it fails to load with: module: x86/modules: Skipping invalid relocation target, existing value is nonzero for type 2, loc 00000000ba0302e9, val ffffffffa03e293c livepatch: failed to initialize patch 'livepatch_nfsd' for module 'nfsd' (-8) livepatch: patch 'livepatch_nfsd' failed for module 'nfsd', refusing to load module 'nfsd' The livepatch module has a relocation which references a symbol in the _previous_ loading of nfsd. When apply_relocate_add() tries to replace the old relocation with a new one, it sees that the previous one is nonzero and it errors out. He also proposed three different solutions. We could remove the error check in apply_relocate_add() introduced by commit eda9cec4c9a1 ("x86/module: Detect and skip invalid relocations"). However the check is useful for detecting corrupted modules. We could also deny the patched modules to be removed. If it proved to be a major drawback for users, we could still implement a different approach. The solution would also complicate the existing code a lot. We thus decided to reverse the relocation patching (clear all relocation targets on x86_64). The solution is not universal and is too much arch-specific, but it may prove to be simpler in the end. Reported-by: Josh Poimboeuf Originally-by: Miroslav Benes Signed-off-by: Song Liu Acked-by: Miroslav Benes Reviewed-by: Petr Mladek Acked-by: Josh Poimboeuf --- NOTE: powerpc32 code is only compile tested. Changes v10 => v11: 1. Do not initialize "size" in __write_relocate_add(). (Petr Mladek) 2. Use __weak clear_relocate_add(). (Christophe Leroy) Changes v9 => v10: 1. Revise commit log. (Josh Poimboeuf) 2. Various improvements in code style, comments, etc. (Josh Poimboeuf) Changes v8 => v9: 1. Fix overflow check for R_X86_64_PC32 and R_X86_64_PLT32. (Petr Mladek) Changes v7 = v8: 1. Remove the logic in powerpc/kernel/module_64.c, as there is ongoing discussions. 2. For x86_64, add check for expected value during clear_relocate_add(). (Petr Mladek) 3. Optimize the logic in klp_write_section_relocs(). (Petr Mladek) 4. Optimize __write_relocate_add (x86_64). (Joe Lawrence) Changes v6 = v7: 1. Reduce code duplication in livepatch/core.c and x86/kernel/module.c. 2. Add more comments to powerpc/kernel/module_64.c. 3. Added Joe's Tested-by (which I should have added in v6). Changes v5 = v6: 1. Fix powerpc64. 2. Fix compile for powerpc32. Changes v4 = v5: 1. Fix compile with powerpc. Changes v3 = v4: 1. Reuse __apply_relocate_add to make it more reliable in long term. (Josh Poimboeuf) 2. Add back ppc64 logic from v2, with changes to match current code. (Josh Poimboeuf) Changes v2 => v3: 1. Rewrite x86 changes to match current code style. 2. Remove powerpc changes as there is no test coverage in v3. 3. Only keep 1/3 of v2. v2: https://lore.kernel.org/all/20190905124514.8944-1-mbenes@suse.cz/T/#u fix --- arch/x86/kernel/module.c | 93 +++++++++++++++++++++++------------- include/linux/moduleloader.h | 17 +++++++ kernel/livepatch/core.c | 62 +++++++++++++++++++----- 3 files changed, 126 insertions(+), 46 deletions(-) diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c index 1dee3ad82da2..84ad0e61ba6e 100644 --- a/arch/x86/kernel/module.c +++ b/arch/x86/kernel/module.c @@ -129,22 +129,27 @@ int apply_relocate(Elf32_Shdr *sechdrs, return 0; } #else /*X86_64*/ -static int __apply_relocate_add(Elf64_Shdr *sechdrs, +static int __write_relocate_add(Elf64_Shdr *sechdrs, const char *strtab, unsigned int symindex, unsigned int relsec, struct module *me, - void *(*write)(void *dest, const void *src, size_t len)) + void *(*write)(void *dest, const void *src, size_t len), + bool apply) { unsigned int i; Elf64_Rela *rel = (void *)sechdrs[relsec].sh_addr; Elf64_Sym *sym; void *loc; u64 val; + u64 zero = 0ULL; - DEBUGP("Applying relocate section %u to %u\n", + DEBUGP("%s relocate section %u to %u\n", + apply ? "Applying" : "Clearing", relsec, sechdrs[relsec].sh_info); for (i = 0; i < sechdrs[relsec].sh_size / sizeof(*rel); i++) { + size_t size; + /* This is where to make the change */ loc = (void *)sechdrs[sechdrs[relsec].sh_info].sh_addr + rel[i].r_offset; @@ -162,52 +167,53 @@ static int __apply_relocate_add(Elf64_Shdr *sechdrs, switch (ELF64_R_TYPE(rel[i].r_info)) { case R_X86_64_NONE: - break; + continue; /* nothing to write */ case R_X86_64_64: - if (*(u64 *)loc != 0) - goto invalid_relocation; - write(loc, &val, 8); + size = 8; break; case R_X86_64_32: - if (*(u32 *)loc != 0) - goto invalid_relocation; - write(loc, &val, 4); - if (val != *(u32 *)loc) + if (val != *(u32 *)&val) goto overflow; + size = 4; break; case R_X86_64_32S: - if (*(s32 *)loc != 0) - goto invalid_relocation; - write(loc, &val, 4); - if ((s64)val != *(s32 *)loc) + if ((s64)val != *(s32 *)&val) goto overflow; + size = 4; break; case R_X86_64_PC32: case R_X86_64_PLT32: - if (*(u32 *)loc != 0) - goto invalid_relocation; val -= (u64)loc; - write(loc, &val, 4); + size = 4; break; case R_X86_64_PC64: - if (*(u64 *)loc != 0) - goto invalid_relocation; val -= (u64)loc; - write(loc, &val, 8); + size = 8; break; default: pr_err("%s: Unknown rela relocation: %llu\n", me->name, ELF64_R_TYPE(rel[i].r_info)); return -ENOEXEC; } + + if (apply) { + if (memcmp(loc, &zero, size)) { + pr_err("x86/modules: Invalid relocation target, existing value is nonzero for type %d, loc %p, val %Lx\n", + (int)ELF64_R_TYPE(rel[i].r_info), loc, val); + return -ENOEXEC; + } + write(loc, &val, size); + } else { + if (memcmp(loc, &val, size)) { + pr_warn("x86/modules: Invalid relocation target, existing value does not match expected value for type %d, loc %p, val %Lx\n", + (int)ELF64_R_TYPE(rel[i].r_info), loc, val); + return -ENOEXEC; + } + write(loc, &zero, size); + } } return 0; -invalid_relocation: - pr_err("x86/modules: Skipping invalid relocation target, existing value is nonzero for type %d, loc %p, val %Lx\n", - (int)ELF64_R_TYPE(rel[i].r_info), loc, val); - return -ENOEXEC; - overflow: pr_err("overflow in relocation type %d val %Lx\n", (int)ELF64_R_TYPE(rel[i].r_info), val); @@ -216,11 +222,12 @@ static int __apply_relocate_add(Elf64_Shdr *sechdrs, return -ENOEXEC; } -int apply_relocate_add(Elf64_Shdr *sechdrs, - const char *strtab, - unsigned int symindex, - unsigned int relsec, - struct module *me) +static int write_relocate_add(Elf64_Shdr *sechdrs, + const char *strtab, + unsigned int symindex, + unsigned int relsec, + struct module *me, + bool apply) { int ret; bool early = me->state == MODULE_STATE_UNFORMED; @@ -231,8 +238,8 @@ int apply_relocate_add(Elf64_Shdr *sechdrs, mutex_lock(&text_mutex); } - ret = __apply_relocate_add(sechdrs, strtab, symindex, relsec, me, - write); + ret = __write_relocate_add(sechdrs, strtab, symindex, relsec, me, + write, apply); if (!early) { text_poke_sync(); @@ -242,6 +249,26 @@ int apply_relocate_add(Elf64_Shdr *sechdrs, return ret; } +int apply_relocate_add(Elf64_Shdr *sechdrs, + const char *strtab, + unsigned int symindex, + unsigned int relsec, + struct module *me) +{ + return write_relocate_add(sechdrs, strtab, symindex, relsec, me, true); +} + +#ifdef CONFIG_LIVEPATCH +void clear_relocate_add(Elf64_Shdr *sechdrs, + const char *strtab, + unsigned int symindex, + unsigned int relsec, + struct module *me) +{ + write_relocate_add(sechdrs, strtab, symindex, relsec, me, false); +} +#endif + #endif int module_finalize(const Elf_Ehdr *hdr, diff --git a/include/linux/moduleloader.h b/include/linux/moduleloader.h index 7b4587a19189..03be088fb439 100644 --- a/include/linux/moduleloader.h +++ b/include/linux/moduleloader.h @@ -75,6 +75,23 @@ int apply_relocate_add(Elf_Shdr *sechdrs, unsigned int symindex, unsigned int relsec, struct module *mod); +#ifdef CONFIG_LIVEPATCH +/* + * Some architectures (namely x86_64 and ppc64) perform sanity checks when + * applying relocations. If a patched module gets unloaded and then later + * reloaded (and re-patched), klp re-applies relocations to the replacement + * function(s). Any leftover relocations from the previous loading of the + * patched module might trigger the sanity checks. + * + * To prevent that, when unloading a patched module, clear out any relocations + * that might trigger arch-specific sanity checks on a future module reload. + */ +void clear_relocate_add(Elf_Shdr *sechdrs, + const char *strtab, + unsigned int symindex, + unsigned int relsec, + struct module *me); +#endif #else static inline int apply_relocate_add(Elf_Shdr *sechdrs, const char *strtab, diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c index 201f0c0482fb..140997b36025 100644 --- a/kernel/livepatch/core.c +++ b/kernel/livepatch/core.c @@ -268,6 +268,14 @@ static int klp_resolve_symbols(Elf_Shdr *sechdrs, const char *strtab, return 0; } +void __weak clear_relocate_add(Elf_Shdr *sechdrs, + const char *strtab, + unsigned int symindex, + unsigned int relsec, + struct module *me) +{ +} + /* * At a high-level, there are two types of klp relocation sections: those which * reference symbols which live in vmlinux; and those which reference symbols @@ -291,10 +299,10 @@ static int klp_resolve_symbols(Elf_Shdr *sechdrs, const char *strtab, * the to-be-patched module to be loaded and patched sometime *after* the * klp module is loaded. */ -int klp_apply_section_relocs(struct module *pmod, Elf_Shdr *sechdrs, - const char *shstrtab, const char *strtab, - unsigned int symndx, unsigned int secndx, - const char *objname) +static int klp_write_section_relocs(struct module *pmod, Elf_Shdr *sechdrs, + const char *shstrtab, const char *strtab, + unsigned int symndx, unsigned int secndx, + const char *objname, bool apply) { int cnt, ret; char sec_objname[MODULE_NAME_LEN]; @@ -316,11 +324,26 @@ int klp_apply_section_relocs(struct module *pmod, Elf_Shdr *sechdrs, if (strcmp(objname ? objname : "vmlinux", sec_objname)) return 0; - ret = klp_resolve_symbols(sechdrs, strtab, symndx, sec, sec_objname); - if (ret) - return ret; + if (apply) { + ret = klp_resolve_symbols(sechdrs, strtab, symndx, + sec, sec_objname); + if (ret) + return ret; + + return apply_relocate_add(sechdrs, strtab, symndx, secndx, pmod); + } + + clear_relocate_add(sechdrs, strtab, symndx, secndx, pmod); + return 0; +} - return apply_relocate_add(sechdrs, strtab, symndx, secndx, pmod); +int klp_apply_section_relocs(struct module *pmod, Elf_Shdr *sechdrs, + const char *shstrtab, const char *strtab, + unsigned int symndx, unsigned int secndx, + const char *objname) +{ + return klp_write_section_relocs(pmod, sechdrs, shstrtab, strtab, symndx, + secndx, objname, true); } /* @@ -769,8 +792,9 @@ static int klp_init_func(struct klp_object *obj, struct klp_func *func) func->old_sympos ? func->old_sympos : 1); } -static int klp_apply_object_relocs(struct klp_patch *patch, - struct klp_object *obj) +static int klp_write_object_relocs(struct klp_patch *patch, + struct klp_object *obj, + bool apply) { int i, ret; struct klp_modinfo *info = patch->mod->klp_info; @@ -781,10 +805,10 @@ static int klp_apply_object_relocs(struct klp_patch *patch, if (!(sec->sh_flags & SHF_RELA_LIVEPATCH)) continue; - ret = klp_apply_section_relocs(patch->mod, info->sechdrs, + ret = klp_write_section_relocs(patch->mod, info->sechdrs, info->secstrings, patch->mod->core_kallsyms.strtab, - info->symndx, i, obj->name); + info->symndx, i, obj->name, apply); if (ret) return ret; } @@ -792,6 +816,18 @@ static int klp_apply_object_relocs(struct klp_patch *patch, return 0; } +static int klp_apply_object_relocs(struct klp_patch *patch, + struct klp_object *obj) +{ + return klp_write_object_relocs(patch, obj, true); +} + +static void klp_clear_object_relocs(struct klp_patch *patch, + struct klp_object *obj) +{ + klp_write_object_relocs(patch, obj, false); +} + /* parts of the initialization that is done only when the object is loaded */ static int klp_init_object_loaded(struct klp_patch *patch, struct klp_object *obj) @@ -1179,7 +1215,7 @@ static void klp_cleanup_module_patches_limited(struct module *mod, klp_unpatch_object(obj); klp_post_unpatch_callback(obj); - + klp_clear_object_relocs(patch, obj); klp_free_object_loaded(obj); break; }