linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] objtool: check that module init/exit function is an indirect call target
@ 2023-01-18 10:52 Michal Kubecek
  2023-01-21  9:57 ` [tip: objtool/core] objtool: Check " tip-bot2 for Michal Kubecek
  2023-01-26  3:33 ` [PATCH] objtool: check " Josh Poimboeuf
  0 siblings, 2 replies; 3+ messages in thread
From: Michal Kubecek @ 2023-01-18 10:52 UTC (permalink / raw)
  To: Josh Poimboeuf, Peter Zijlstra; +Cc: linux-kernel

Some out-of-tree modules still do not use module_init() / module_exit()
macros and simply create functions with magic names init_module() and
cleanup_module() instead. As a result, these functions are not recognized
as indirect call targets by objtool and such module fails to load into an
IBT enabled kernel.

This old way is not even documented any more but it is cleaner to issue
a warning than to let the module fail on load without obvious reason.

Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
---
 tools/objtool/Documentation/objtool.txt | 8 ++++++++
 tools/objtool/check.c                   | 7 +++++++
 2 files changed, 15 insertions(+)

diff --git a/tools/objtool/Documentation/objtool.txt b/tools/objtool/Documentation/objtool.txt
index 8a671902a187..8e53fc6735ef 100644
--- a/tools/objtool/Documentation/objtool.txt
+++ b/tools/objtool/Documentation/objtool.txt
@@ -410,6 +410,14 @@ the objtool maintainers.
    can remove this warning by putting the ANNOTATE_INTRA_FUNCTION_CALL
    directive right before the call.
 
+12. file.o: warning: func(): not an indirect call target
+
+   This means that objtool is running with --ibt and a function expected
+   to be an indirect call target is not. In particular, this happens for
+   init_module() or cleanup_module() if a module relies on these special
+   names and does not use module_init() / module_exit() macros to create
+   them.
+
 
 If the error doesn't seem to make sense, it could be a bug in objtool.
 Feel free to ask the objtool maintainer for help.
diff --git a/tools/objtool/check.c b/tools/objtool/check.c
index 4b7c8b33069e..0afa4f0ffa67 100644
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -854,8 +854,15 @@ static int create_ibt_endbr_seal_sections(struct objtool_file *file)
 	list_for_each_entry(insn, &file->endbr_list, call_node) {
 
 		int *site = (int *)sec->data->d_buf + idx;
+		struct symbol *sym = insn->sym;
 		*site = 0;
 
+		if (opts.module && sym && sym->type == STT_FUNC &&
+		    insn->offset == sym->offset &&
+		    (!strcmp(sym->name, "init_module") ||
+		     !strcmp(sym->name, "cleanup_module")))
+			WARN("%s(): not an indirect call target", sym->name);
+
 		if (elf_add_reloc_to_insn(file->elf, sec,
 					  idx * sizeof(int),
 					  R_X86_64_PC32,
-- 
2.38.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [tip: objtool/core] objtool: Check that module init/exit function is an indirect call target
  2023-01-18 10:52 [PATCH] objtool: check that module init/exit function is an indirect call target Michal Kubecek
@ 2023-01-21  9:57 ` tip-bot2 for Michal Kubecek
  2023-01-26  3:33 ` [PATCH] objtool: check " Josh Poimboeuf
  1 sibling, 0 replies; 3+ messages in thread
From: tip-bot2 for Michal Kubecek @ 2023-01-21  9:57 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: Michal Kubecek, Peter Zijlstra (Intel), x86, linux-kernel

The following commit has been merged into the objtool/core branch of tip:

Commit-ID:     03d7a1053cf72372be22b43faada5bca12ff183d
Gitweb:        https://git.kernel.org/tip/03d7a1053cf72372be22b43faada5bca12ff183d
Author:        Michal Kubecek <mkubecek@suse.cz>
AuthorDate:    Wed, 18 Jan 2023 11:52:15 +01:00
Committer:     Peter Zijlstra <peterz@infradead.org>
CommitterDate: Sat, 21 Jan 2023 10:50:18 +01:00

objtool: Check that module init/exit function is an indirect call target

Some out-of-tree modules still do not use module_init() / module_exit()
macros and simply create functions with magic names init_module() and
cleanup_module() instead. As a result, these functions are not recognized
as indirect call targets by objtool and such module fails to load into an
IBT enabled kernel.

This old way is not even documented any more but it is cleaner to issue
a warning than to let the module fail on load without obvious reason.

Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20230118105215.B9DA960514@lion.mk-sys.cz
---
 tools/objtool/Documentation/objtool.txt | 8 ++++++++
 tools/objtool/check.c                   | 7 +++++++
 2 files changed, 15 insertions(+)

diff --git a/tools/objtool/Documentation/objtool.txt b/tools/objtool/Documentation/objtool.txt
index 8a67190..8e53fc6 100644
--- a/tools/objtool/Documentation/objtool.txt
+++ b/tools/objtool/Documentation/objtool.txt
@@ -410,6 +410,14 @@ the objtool maintainers.
    can remove this warning by putting the ANNOTATE_INTRA_FUNCTION_CALL
    directive right before the call.
 
+12. file.o: warning: func(): not an indirect call target
+
+   This means that objtool is running with --ibt and a function expected
+   to be an indirect call target is not. In particular, this happens for
+   init_module() or cleanup_module() if a module relies on these special
+   names and does not use module_init() / module_exit() macros to create
+   them.
+
 
 If the error doesn't seem to make sense, it could be a bug in objtool.
 Feel free to ask the objtool maintainer for help.
diff --git a/tools/objtool/check.c b/tools/objtool/check.c
index cab1a16..7c40bd5 100644
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -847,8 +847,15 @@ static int create_ibt_endbr_seal_sections(struct objtool_file *file)
 	list_for_each_entry(insn, &file->endbr_list, call_node) {
 
 		int *site = (int *)sec->data->d_buf + idx;
+		struct symbol *sym = insn->sym;
 		*site = 0;
 
+		if (opts.module && sym && sym->type == STT_FUNC &&
+		    insn->offset == sym->offset &&
+		    (!strcmp(sym->name, "init_module") ||
+		     !strcmp(sym->name, "cleanup_module")))
+			WARN("%s(): not an indirect call target", sym->name);
+
 		if (elf_add_reloc_to_insn(file->elf, sec,
 					  idx * sizeof(int),
 					  R_X86_64_PC32,

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] objtool: check that module init/exit function is an indirect call target
  2023-01-18 10:52 [PATCH] objtool: check that module init/exit function is an indirect call target Michal Kubecek
  2023-01-21  9:57 ` [tip: objtool/core] objtool: Check " tip-bot2 for Michal Kubecek
@ 2023-01-26  3:33 ` Josh Poimboeuf
  1 sibling, 0 replies; 3+ messages in thread
From: Josh Poimboeuf @ 2023-01-26  3:33 UTC (permalink / raw)
  To: Michal Kubecek; +Cc: Peter Zijlstra, linux-kernel

On Wed, Jan 18, 2023 at 11:52:15AM +0100, Michal Kubecek wrote:
> Some out-of-tree modules still do not use module_init() / module_exit()
> macros and simply create functions with magic names init_module() and
> cleanup_module() instead. As a result, these functions are not recognized
> as indirect call targets by objtool and such module fails to load into an
> IBT enabled kernel.

I'm struggling to understand why a manually created init_module()
wouldn't create the ENDBR.  Does it only happen when init_module() is
declared static?

-- 
Josh

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-01-26  3:33 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-18 10:52 [PATCH] objtool: check that module init/exit function is an indirect call target Michal Kubecek
2023-01-21  9:57 ` [tip: objtool/core] objtool: Check " tip-bot2 for Michal Kubecek
2023-01-26  3:33 ` [PATCH] objtool: check " Josh Poimboeuf

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).