1. 30 Jun, 2017 1 commit
  2. 07 Mar, 2017 1 commit
    • Josh Poimboeuf's avatar
      objtool: Fix another GCC jump table detection issue · 5c51f4ae
      Josh Poimboeuf authored
      Arnd Bergmann reported a (false positive) objtool warning:
      
        drivers/infiniband/sw/rxe/rxe_resp.o: warning: objtool: rxe_responder()+0xfe: sibling call from callable instruction with changed frame pointer
      
      The issue is in find_switch_table().  It tries to find a switch
      statement's jump table by walking backwards from an indirect jump
      instruction, looking for a relocation to the .rodata section.  In this
      case it stopped walking prematurely: the first .rodata relocation it
      encountered was for a variable (resp_state_name) instead of a jump
      table, so it just assumed there wasn't a jump table.
      
      The fix is to ignore any .rodata relocation which refers to an ELF
      object symbol.  This works because the jump tables are anonymous and
      have no symbols associated with them.
      Reported-by: default avatarArnd Bergmann <arnd@arndb.de>
      Tested-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Fixes: 3732710f ("objtool: Improve rare switch jump table pattern detection")
      Link: http://lkml.kernel.org/r/20170302225723.3ndbsnl4hkqbne7a@trebleSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      5c51f4ae
  3. 13 Jul, 2016 1 commit
  4. 09 Mar, 2016 2 commits
    • Josh Poimboeuf's avatar
      objtool: Add several performance improvements · 042ba73f
      Josh Poimboeuf authored
      Use hash tables for instruction and rela lookups (and keep the linked
      lists around for sequential access).
      
      Also cache the section struct for the "__func_stack_frame_non_standard"
      section.
      
      With this change, "objtool check net/wireless/nl80211.o" goes from:
      
        real	0m1.168s
        user	0m1.163s
        sys	0m0.005s
      
      to:
      
        real	0m0.059s
        user	0m0.042s
        sys	0m0.017s
      
      for a 20x speedup.
      
      With the same object, it should be noted that the memory heap usage grew
      from 8MB to 62MB.  Reducing the memory usage is on the TODO list.
      Reported-by: default avatarIngo Molnar <mingo@kernel.org>
      Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@infradead.org>
      Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
      Cc: Bernd Petrovitsch <bernd@petrovitsch.priv.at>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Chris J Arges <chris.j.arges@canonical.com>
      Cc: Jiri Slaby <jslaby@suse.cz>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michal Marek <mmarek@suse.cz>
      Cc: Namhyung Kim <namhyung@gmail.com>
      Cc: Pedro Alves <palves@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: live-patching@vger.kernel.org
      Link: http://lkml.kernel.org/r/dd0d8e1449506cfa7701b4e7ba73577077c44253.1457502970.git.jpoimboe@redhat.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      042ba73f
    • Josh Poimboeuf's avatar
      objtool: Rename some variables and functions · a196e171
      Josh Poimboeuf authored
      Rename some list heads to distinguish them from hash node heads, which
      are added later in the patch series.
      
      Also rename the get_*() functions to add_*(), which is more descriptive:
      they "add" data to the objtool_file struct.
      
      Also rename rodata_rela and text_rela to be clearer:
      - text_rela refers to a rela entry in .rela.text.
      - rodata_rela refers to a rela entry in .rela.rodata.
      Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@infradead.org>
      Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
      Cc: Bernd Petrovitsch <bernd@petrovitsch.priv.at>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Chris J Arges <chris.j.arges@canonical.com>
      Cc: Jiri Slaby <jslaby@suse.cz>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michal Marek <mmarek@suse.cz>
      Cc: Namhyung Kim <namhyung@gmail.com>
      Cc: Pedro Alves <palves@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: live-patching@vger.kernel.org
      Link: http://lkml.kernel.org/r/ee0eca2bba8482aa45758958c5586c00a7b71e62.1457502970.git.jpoimboe@redhat.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      a196e171
  5. 29 Feb, 2016 1 commit
    • Josh Poimboeuf's avatar
      objtool: Add tool to perform compile-time stack metadata validation · 442f04c3
      Josh Poimboeuf authored
      This adds a host tool named objtool which has a "check" subcommand which
      analyzes .o files to ensure the validity of stack metadata.  It enforces
      a set of rules on asm code and C inline assembly code so that stack
      traces can be reliable.
      
      For each function, it recursively follows all possible code paths and
      validates the correct frame pointer state at each instruction.
      
      It also follows code paths involving kernel special sections, like
      .altinstructions, __jump_table, and __ex_table, which can add
      alternative execution paths to a given instruction (or set of
      instructions).  Similarly, it knows how to follow switch statements, for
      which gcc sometimes uses jump tables.
      
      Here are some of the benefits of validating stack metadata:
      
      a) More reliable stack traces for frame pointer enabled kernels
      
         Frame pointers are used for debugging purposes.  They allow runtime
         code and debug tools to be able to walk the stack to determine the
         chain of function call sites that led to the currently executing
         code.
      
         For some architectures, frame pointers are enabled by
         CONFIG_FRAME_POINTER.  For some other architectures they may be
         required by the ABI (sometimes referred to as "backchain pointers").
      
         For C code, gcc automatically generates instructions for setting up
         frame pointers when the -fno-omit-frame-pointer option is used.
      
         But for asm code, the frame setup instructions have to be written by
         hand, which most people don't do.  So the end result is that
         CONFIG_FRAME_POINTER is honored for C code but not for most asm code.
      
         For stack traces based on frame pointers to be reliable, all
         functions which call other functions must first create a stack frame
         and update the frame pointer.  If a first function doesn't properly
         create a stack frame before calling a second function, the *caller*
         of the first function will be skipped on the stack trace.
      
         For example, consider the following example backtrace with frame
         pointers enabled:
      
           [<ffffffff81812584>] dump_stack+0x4b/0x63
           [<ffffffff812d6dc2>] cmdline_proc_show+0x12/0x30
           [<ffffffff8127f568>] seq_read+0x108/0x3e0
           [<ffffffff812cce62>] proc_reg_read+0x42/0x70
           [<ffffffff81256197>] __vfs_read+0x37/0x100
           [<ffffffff81256b16>] vfs_read+0x86/0x130
           [<ffffffff81257898>] SyS_read+0x58/0xd0
           [<ffffffff8181c1f2>] entry_SYSCALL_64_fastpath+0x12/0x76
      
         It correctly shows that the caller of cmdline_proc_show() is
         seq_read().
      
         If we remove the frame pointer logic from cmdline_proc_show() by
         replacing the frame pointer related instructions with nops, here's
         what it looks like instead:
      
           [<ffffffff81812584>] dump_stack+0x4b/0x63
           [<ffffffff812d6dc2>] cmdline_proc_show+0x12/0x30
           [<ffffffff812cce62>] proc_reg_read+0x42/0x70
           [<ffffffff81256197>] __vfs_read+0x37/0x100
           [<ffffffff81256b16>] vfs_read+0x86/0x130
           [<ffffffff81257898>] SyS_read+0x58/0xd0
           [<ffffffff8181c1f2>] entry_SYSCALL_64_fastpath+0x12/0x76
      
         Notice that cmdline_proc_show()'s caller, seq_read(), has been
         skipped.  Instead the stack trace seems to show that
         cmdline_proc_show() was called by proc_reg_read().
      
         The benefit of "objtool check" here is that because it ensures that
         *all* functions honor CONFIG_FRAME_POINTER, no functions will ever[*]
         be skipped on a stack trace.
      
         [*] unless an interrupt or exception has occurred at the very
             beginning of a function before the stack frame has been created,
             or at the very end of the function after the stack frame has been
             destroyed.  This is an inherent limitation of frame pointers.
      
      b) 100% reliable stack traces for DWARF enabled kernels
      
         This is not yet implemented.  For more details about what is planned,
         see tools/objtool/Documentation/stack-validation.txt.
      
      c) Higher live patching compatibility rate
      
         This is not yet implemented.  For more details about what is planned,
         see tools/objtool/Documentation/stack-validation.txt.
      
      To achieve the validation, "objtool check" enforces the following rules:
      
      1. Each callable function must be annotated as such with the ELF
         function type.  In asm code, this is typically done using the
         ENTRY/ENDPROC macros.  If objtool finds a return instruction
         outside of a function, it flags an error since that usually indicates
         callable code which should be annotated accordingly.
      
         This rule is needed so that objtool can properly identify each
         callable function in order to analyze its stack metadata.
      
      2. Conversely, each section of code which is *not* callable should *not*
         be annotated as an ELF function.  The ENDPROC macro shouldn't be used
         in this case.
      
         This rule is needed so that objtool can ignore non-callable code.
         Such code doesn't have to follow any of the other rules.
      
      3. Each callable function which calls another function must have the
         correct frame pointer logic, if required by CONFIG_FRAME_POINTER or
         the architecture's back chain rules.  This can by done in asm code
         with the FRAME_BEGIN/FRAME_END macros.
      
         This rule ensures that frame pointer based stack traces will work as
         designed.  If function A doesn't create a stack frame before calling
         function B, the _caller_ of function A will be skipped on the stack
         trace.
      
      4. Dynamic jumps and jumps to undefined symbols are only allowed if:
      
         a) the jump is part of a switch statement; or
      
         b) the jump matches sibling call semantics and the frame pointer has
            the same value it had on function entry.
      
         This rule is needed so that objtool can reliably analyze all of a
         function's code paths.  If a function jumps to code in another file,
         and it's not a sibling call, objtool has no way to follow the jump
         because it only analyzes a single file at a time.
      
      5. A callable function may not execute kernel entry/exit instructions.
         The only code which needs such instructions is kernel entry code,
         which shouldn't be be in callable functions anyway.
      
         This rule is just a sanity check to ensure that callable functions
         return normally.
      
      It currently only supports x86_64.  I tried to make the code generic so
      that support for other architectures can hopefully be plugged in
      relatively easily.
      
      On my Lenovo laptop with a i7-4810MQ 4-core/8-thread CPU, building the
      kernel with objtool checking every .o file adds about three seconds of
      total build time.  It hasn't been optimized for performance yet, so
      there are probably some opportunities for better build performance.
      Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
      Cc: Bernd Petrovitsch <bernd@petrovitsch.priv.at>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Chris J Arges <chris.j.arges@canonical.com>
      Cc: Jiri Slaby <jslaby@suse.cz>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michal Marek <mmarek@suse.cz>
      Cc: Namhyung Kim <namhyung@gmail.com>
      Cc: Pedro Alves <palves@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: live-patching@vger.kernel.org
      Link: http://lkml.kernel.org/r/f3efb173de43bd067b060de73f856567c0fa1174.1456719558.git.jpoimboe@redhat.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      442f04c3