mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-01 02:36:02 +00:00
0c133b1e78
In order to support ROX allocations for module text, it is necessary to handle modifications to the code, such as relocations and alternatives patching, without write access to that memory. One option is to use text patching, but this would make module loading extremely slow and will expose executable code that is not finally formed. A better way is to have memory allocated with ROX permissions contain invalid instructions and keep a writable, but not executable copy of the module text. The relocations and alternative patches would be done on the writable copy using the addresses of the ROX memory. Once the module is completely ready, the updated text will be copied to ROX memory using text patching in one go and the writable copy will be freed. Add support for that to module initialization code and provide necessary interfaces in execmem. Link: https://lkml.kernel.org/r/20241023162711.2579610-5-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org> Reviewd-by: Luis Chamberlain <mcgrof@kernel.org> Tested-by: kdevops <kdevops@lists.linux.dev> Cc: Andreas Larsson <andreas@gaisler.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Ard Biesheuvel <ardb@kernel.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Borislav Petkov (AMD) <bp@alien8.de> Cc: Brian Cain <bcain@quicinc.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Christophe Leroy <christophe.leroy@csgroup.eu> Cc: Christoph Hellwig <hch@lst.de> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: Dinh Nguyen <dinguyen@kernel.org> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: Guo Ren <guoren@kernel.org> Cc: Helge Deller <deller@gmx.de> Cc: Huacai Chen <chenhuacai@kernel.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Johannes Berg <johannes@sipsolutions.net> Cc: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> Cc: Kent Overstreet <kent.overstreet@linux.dev> Cc: Liam R. Howlett <Liam.Howlett@Oracle.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Masami Hiramatsu (Google) <mhiramat@kernel.org> Cc: Matt Turner <mattst88@gmail.com> Cc: Max Filippov <jcmvbkbc@gmail.com> Cc: Michael Ellerman <mpe@ellerman.id.au> Cc: Michal Simek <monstr@monstr.eu> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Palmer Dabbelt <palmer@dabbelt.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Richard Weinberger <richard@nod.at> Cc: Russell King <linux@armlinux.org.uk> Cc: Song Liu <song@kernel.org> Cc: Stafford Horne <shorne@gmail.com> Cc: Steven Rostedt (Google) <rostedt@goodmis.org> Cc: Suren Baghdasaryan <surenb@google.com> Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Uladzislau Rezki (Sony) <urezki@gmail.com> Cc: Vineet Gupta <vgupta@kernel.org> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
130 lines
3.8 KiB
C
130 lines
3.8 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef _LINUX_MODULELOADER_H
|
|
#define _LINUX_MODULELOADER_H
|
|
/* The stuff needed for archs to support modules. */
|
|
|
|
#include <linux/module.h>
|
|
#include <linux/elf.h>
|
|
|
|
/* These may be implemented by architectures that need to hook into the
|
|
* module loader code. Architectures that don't need to do anything special
|
|
* can just rely on the 'weak' default hooks defined in kernel/module.c.
|
|
* Note, however, that at least one of apply_relocate or apply_relocate_add
|
|
* must be implemented by each architecture.
|
|
*/
|
|
|
|
/* arch may override to do additional checking of ELF header architecture */
|
|
bool module_elf_check_arch(Elf_Ehdr *hdr);
|
|
|
|
/* Adjust arch-specific sections. Return 0 on success. */
|
|
int module_frob_arch_sections(Elf_Ehdr *hdr,
|
|
Elf_Shdr *sechdrs,
|
|
char *secstrings,
|
|
struct module *mod);
|
|
|
|
/* Additional bytes needed by arch in front of individual sections */
|
|
unsigned int arch_mod_section_prepend(struct module *mod, unsigned int section);
|
|
|
|
/* Determines if the section name is an init section (that is only used during
|
|
* module loading).
|
|
*/
|
|
bool module_init_section(const char *name);
|
|
|
|
/* Determines if the section name is an exit section (that is only used during
|
|
* module unloading)
|
|
*/
|
|
bool module_exit_section(const char *name);
|
|
|
|
/* Describes whether within_module_init() will consider this an init section
|
|
* or not. This behaviour changes with CONFIG_MODULE_UNLOAD.
|
|
*/
|
|
bool module_init_layout_section(const char *sname);
|
|
|
|
/*
|
|
* Apply the given relocation to the (simplified) ELF. Return -error
|
|
* or 0.
|
|
*/
|
|
#ifdef CONFIG_MODULES_USE_ELF_REL
|
|
int apply_relocate(Elf_Shdr *sechdrs,
|
|
const char *strtab,
|
|
unsigned int symindex,
|
|
unsigned int relsec,
|
|
struct module *mod);
|
|
#else
|
|
static inline int apply_relocate(Elf_Shdr *sechdrs,
|
|
const char *strtab,
|
|
unsigned int symindex,
|
|
unsigned int relsec,
|
|
struct module *me)
|
|
{
|
|
printk(KERN_ERR "module %s: REL relocation unsupported\n",
|
|
module_name(me));
|
|
return -ENOEXEC;
|
|
}
|
|
#endif
|
|
|
|
/*
|
|
* Apply the given add relocation to the (simplified) ELF. Return
|
|
* -error or 0
|
|
*/
|
|
#ifdef CONFIG_MODULES_USE_ELF_RELA
|
|
int apply_relocate_add(Elf_Shdr *sechdrs,
|
|
const char *strtab,
|
|
unsigned int symindex,
|
|
unsigned int relsec,
|
|
struct module *mod);
|
|
#ifdef CONFIG_LIVEPATCH
|
|
/*
|
|
* Some architectures (namely x86_64 and ppc64) perform sanity checks when
|
|
* applying relocations. If a patched module gets unloaded and then later
|
|
* reloaded (and re-patched), klp re-applies relocations to the replacement
|
|
* function(s). Any leftover relocations from the previous loading of the
|
|
* patched module might trigger the sanity checks.
|
|
*
|
|
* To prevent that, when unloading a patched module, clear out any relocations
|
|
* that might trigger arch-specific sanity checks on a future module reload.
|
|
*/
|
|
void clear_relocate_add(Elf_Shdr *sechdrs,
|
|
const char *strtab,
|
|
unsigned int symindex,
|
|
unsigned int relsec,
|
|
struct module *me);
|
|
#endif
|
|
#else
|
|
static inline int apply_relocate_add(Elf_Shdr *sechdrs,
|
|
const char *strtab,
|
|
unsigned int symindex,
|
|
unsigned int relsec,
|
|
struct module *me)
|
|
{
|
|
printk(KERN_ERR "module %s: REL relocation unsupported\n",
|
|
module_name(me));
|
|
return -ENOEXEC;
|
|
}
|
|
#endif
|
|
|
|
/* Any final processing of module before access. Return -error or 0. */
|
|
int module_finalize(const Elf_Ehdr *hdr,
|
|
const Elf_Shdr *sechdrs,
|
|
struct module *mod);
|
|
|
|
int module_post_finalize(const Elf_Ehdr *hdr,
|
|
const Elf_Shdr *sechdrs,
|
|
struct module *mod);
|
|
|
|
#ifdef CONFIG_MODULES
|
|
void flush_module_init_free_work(void);
|
|
#else
|
|
static inline void flush_module_init_free_work(void)
|
|
{
|
|
}
|
|
#endif
|
|
|
|
/* Any cleanup needed when module leaves. */
|
|
void module_arch_cleanup(struct module *mod);
|
|
|
|
/* Any cleanup before freeing mod->module_init */
|
|
void module_arch_freeing_init(struct module *mod);
|
|
|
|
#endif
|