mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-18 09:44:18 +08:00
d4c3e6e1b1
Implement arch_klp_init_object_loaded() for x86, which applies alternatives/paravirt patches. This fixes the order in which relocations and alternatives/paravirt patches are applied. Previously, if a patch module had alternatives or paravirt patches, these were applied first by the module loader before livepatch can apply per-object relocations. The (buggy) sequence of events was: (1) Load patch module (2) Apply alternatives and paravirt patches to patch module * Note that these are applied to the new functions in the patch module (3) Apply per-object relocations to patch module when target module loads. * This clobbers what was written in step 2 This lead to crashes and corruption in general, since livepatch would overwrite or step on previously applied alternative/paravirt patches. The correct sequence of events should be: (1) Load patch module (2) Apply per-object relocations to patch module (3) Apply alternatives and paravirt patches to patch module This is fixed by delaying paravirt/alternatives patching until after relocations are applied. Any .altinstructions or .parainstructions sections are prefixed with ".klp.arch.${objname}" and applied in arch_klp_init_object_loaded(). Signed-off-by: Jessica Yu <jeyu@redhat.com> Acked-by: Miroslav Benes <mbenes@suse.cz> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
66 lines
1.9 KiB
C
66 lines
1.9 KiB
C
/*
|
|
* livepatch.c - x86-specific Kernel Live Patching Core
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version 2
|
|
* of the License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include <linux/module.h>
|
|
#include <linux/kallsyms.h>
|
|
#include <linux/livepatch.h>
|
|
#include <asm/text-patching.h>
|
|
|
|
/* Apply per-object alternatives. Based on x86 module_finalize() */
|
|
void arch_klp_init_object_loaded(struct klp_patch *patch,
|
|
struct klp_object *obj)
|
|
{
|
|
int cnt;
|
|
struct klp_modinfo *info;
|
|
Elf_Shdr *s, *alt = NULL, *para = NULL;
|
|
void *aseg, *pseg;
|
|
const char *objname;
|
|
char sec_objname[MODULE_NAME_LEN];
|
|
char secname[KSYM_NAME_LEN];
|
|
|
|
info = patch->mod->klp_info;
|
|
objname = obj->name ? obj->name : "vmlinux";
|
|
|
|
/* See livepatch core code for BUILD_BUG_ON() explanation */
|
|
BUILD_BUG_ON(MODULE_NAME_LEN < 56 || KSYM_NAME_LEN != 128);
|
|
|
|
for (s = info->sechdrs; s < info->sechdrs + info->hdr.e_shnum; s++) {
|
|
/* Apply per-object .klp.arch sections */
|
|
cnt = sscanf(info->secstrings + s->sh_name,
|
|
".klp.arch.%55[^.].%127s",
|
|
sec_objname, secname);
|
|
if (cnt != 2)
|
|
continue;
|
|
if (strcmp(sec_objname, objname))
|
|
continue;
|
|
if (!strcmp(".altinstructions", secname))
|
|
alt = s;
|
|
if (!strcmp(".parainstructions", secname))
|
|
para = s;
|
|
}
|
|
|
|
if (alt) {
|
|
aseg = (void *) alt->sh_addr;
|
|
apply_alternatives(aseg, aseg + alt->sh_size);
|
|
}
|
|
|
|
if (para) {
|
|
pseg = (void *) para->sh_addr;
|
|
apply_paravirt(pseg, pseg + para->sh_size);
|
|
}
|
|
}
|