builtin-check.c 8.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /*
  3. * Copyright (C) 2015-2017 Josh Poimboeuf <jpoimboe@redhat.com>
  4. */
  5. #include <subcmd/parse-options.h>
  6. #include <string.h>
  7. #include <stdlib.h>
  8. #include <fcntl.h>
  9. #include <unistd.h>
  10. #include <errno.h>
  11. #include <sys/stat.h>
  12. #include <sys/sendfile.h>
  13. #include <objtool/builtin.h>
  14. #include <objtool/objtool.h>
  15. #include <objtool/warn.h>
  16. #define ORIG_SUFFIX ".orig"
  17. int orig_argc;
  18. static char **orig_argv;
  19. const char *objname;
  20. struct opts opts;
  21. static const char * const check_usage[] = {
  22. "objtool <actions> [<options>] file.o",
  23. NULL,
  24. };
  25. static const char * const env_usage[] = {
  26. "OBJTOOL_ARGS=\"<options>\"",
  27. NULL,
  28. };
  29. static int parse_dump(const struct option *opt, const char *str, int unset)
  30. {
  31. if (!str || !strcmp(str, "orc")) {
  32. opts.dump_orc = true;
  33. return 0;
  34. }
  35. return -1;
  36. }
  37. static int parse_hacks(const struct option *opt, const char *str, int unset)
  38. {
  39. bool found = false;
  40. /*
  41. * Use strstr() as a lazy method of checking for comma-separated
  42. * options.
  43. *
  44. * No string provided == enable all options.
  45. */
  46. if (!str || strstr(str, "jump_label")) {
  47. opts.hack_jump_label = true;
  48. found = true;
  49. }
  50. if (!str || strstr(str, "noinstr")) {
  51. opts.hack_noinstr = true;
  52. found = true;
  53. }
  54. if (!str || strstr(str, "skylake")) {
  55. opts.hack_skylake = true;
  56. found = true;
  57. }
  58. return found ? 0 : -1;
  59. }
  60. static const struct option check_options[] = {
  61. OPT_GROUP("Actions:"),
  62. OPT_BOOLEAN(0, "checksum", &opts.checksum, "generate per-function checksums"),
  63. OPT_BOOLEAN(0, "cfi", &opts.cfi, "annotate kernel control flow integrity (kCFI) function preambles"),
  64. OPT_STRING_OPTARG('d', "disas", &opts.disas, "function-pattern", "disassemble functions", "*"),
  65. OPT_CALLBACK_OPTARG('h', "hacks", NULL, NULL, "jump_label,noinstr,skylake", "patch toolchain bugs/limitations", parse_hacks),
  66. OPT_BOOLEAN('i', "ibt", &opts.ibt, "validate and annotate IBT"),
  67. OPT_BOOLEAN('m', "mcount", &opts.mcount, "annotate mcount/fentry calls for ftrace"),
  68. OPT_BOOLEAN(0, "noabs", &opts.noabs, "reject absolute references in allocatable sections"),
  69. OPT_BOOLEAN('n', "noinstr", &opts.noinstr, "validate noinstr rules"),
  70. OPT_BOOLEAN(0, "orc", &opts.orc, "generate ORC metadata"),
  71. OPT_BOOLEAN('r', "retpoline", &opts.retpoline, "validate and annotate retpoline usage"),
  72. OPT_BOOLEAN(0, "rethunk", &opts.rethunk, "validate and annotate rethunk usage"),
  73. OPT_BOOLEAN(0, "unret", &opts.unret, "validate entry unret placement"),
  74. OPT_INTEGER(0, "prefix", &opts.prefix, "generate prefix symbols"),
  75. OPT_BOOLEAN('l', "sls", &opts.sls, "validate straight-line-speculation mitigations"),
  76. OPT_BOOLEAN('s', "stackval", &opts.stackval, "validate frame pointer rules"),
  77. OPT_BOOLEAN('t', "static-call", &opts.static_call, "annotate static calls"),
  78. OPT_BOOLEAN('u', "uaccess", &opts.uaccess, "validate uaccess rules for SMAP"),
  79. OPT_CALLBACK_OPTARG(0, "dump", NULL, NULL, "orc", "dump metadata", parse_dump),
  80. OPT_GROUP("Options:"),
  81. OPT_BOOLEAN(0, "backtrace", &opts.backtrace, "unwind on error"),
  82. OPT_BOOLEAN(0, "backup", &opts.backup, "create backup (.orig) file on warning/error"),
  83. OPT_STRING(0, "debug-checksum", &opts.debug_checksum, "funcs", "enable checksum debug output"),
  84. OPT_BOOLEAN(0, "dry-run", &opts.dryrun, "don't write modifications"),
  85. OPT_BOOLEAN(0, "link", &opts.link, "object is a linked object"),
  86. OPT_BOOLEAN(0, "module", &opts.module, "object is part of a kernel module"),
  87. OPT_BOOLEAN(0, "mnop", &opts.mnop, "nop out mcount call sites"),
  88. OPT_BOOLEAN(0, "no-unreachable", &opts.no_unreachable, "skip 'unreachable instruction' warnings"),
  89. OPT_STRING('o', "output", &opts.output, "file", "output file name"),
  90. OPT_BOOLEAN(0, "sec-address", &opts.sec_address, "print section addresses in warnings"),
  91. OPT_BOOLEAN(0, "stats", &opts.stats, "print statistics"),
  92. OPT_STRING(0, "trace", &opts.trace, "func", "trace function validation"),
  93. OPT_BOOLEAN('v', "verbose", &opts.verbose, "verbose warnings"),
  94. OPT_BOOLEAN(0, "werror", &opts.werror, "return error on warnings"),
  95. OPT_BOOLEAN(0, "wide", &opts.wide, "wide output"),
  96. OPT_END(),
  97. };
  98. int cmd_parse_options(int argc, const char **argv, const char * const usage[])
  99. {
  100. const char *envv[16] = { };
  101. char *env;
  102. int envc;
  103. env = getenv("OBJTOOL_ARGS");
  104. if (env) {
  105. envv[0] = "OBJTOOL_ARGS";
  106. for (envc = 1; envc < ARRAY_SIZE(envv); ) {
  107. envv[envc++] = env;
  108. env = strchr(env, ' ');
  109. if (!env)
  110. break;
  111. *env = '\0';
  112. env++;
  113. }
  114. parse_options(envc, envv, check_options, env_usage, 0);
  115. }
  116. env = getenv("OBJTOOL_VERBOSE");
  117. if (env && !strcmp(env, "1"))
  118. opts.verbose = true;
  119. argc = parse_options(argc, argv, check_options, usage, 0);
  120. if (argc != 1)
  121. usage_with_options(usage, check_options);
  122. return argc;
  123. }
  124. static bool opts_valid(void)
  125. {
  126. if (opts.mnop && !opts.mcount) {
  127. ERROR("--mnop requires --mcount");
  128. return false;
  129. }
  130. if (opts.noinstr && !opts.link) {
  131. ERROR("--noinstr requires --link");
  132. return false;
  133. }
  134. if (opts.ibt && !opts.link) {
  135. ERROR("--ibt requires --link");
  136. return false;
  137. }
  138. if (opts.unret && !opts.link) {
  139. ERROR("--unret requires --link");
  140. return false;
  141. }
  142. #ifndef BUILD_KLP
  143. if (opts.checksum) {
  144. ERROR("--checksum not supported; install xxhash-devel/libxxhash-dev (version >= 0.8) and recompile");
  145. return false;
  146. }
  147. #endif
  148. if (opts.debug_checksum && !opts.checksum) {
  149. ERROR("--debug-checksum requires --checksum");
  150. return false;
  151. }
  152. if (opts.checksum ||
  153. opts.disas ||
  154. opts.hack_jump_label ||
  155. opts.hack_noinstr ||
  156. opts.ibt ||
  157. opts.mcount ||
  158. opts.noabs ||
  159. opts.noinstr ||
  160. opts.orc ||
  161. opts.retpoline ||
  162. opts.rethunk ||
  163. opts.sls ||
  164. opts.stackval ||
  165. opts.static_call ||
  166. opts.uaccess) {
  167. if (opts.dump_orc) {
  168. ERROR("--dump can't be combined with other actions");
  169. return false;
  170. }
  171. return true;
  172. }
  173. if (opts.dump_orc)
  174. return true;
  175. ERROR("At least one action required");
  176. return false;
  177. }
  178. static int copy_file(const char *src, const char *dst)
  179. {
  180. size_t to_copy, copied;
  181. int dst_fd, src_fd;
  182. struct stat stat;
  183. off_t offset = 0;
  184. src_fd = open(src, O_RDONLY);
  185. if (src_fd == -1) {
  186. ERROR("can't open %s for reading: %s", src, strerror(errno));
  187. return 1;
  188. }
  189. dst_fd = open(dst, O_WRONLY | O_CREAT | O_TRUNC, 0400);
  190. if (dst_fd == -1) {
  191. ERROR("can't open %s for writing: %s", dst, strerror(errno));
  192. return 1;
  193. }
  194. if (fstat(src_fd, &stat) == -1) {
  195. ERROR_GLIBC("fstat");
  196. return 1;
  197. }
  198. if (fchmod(dst_fd, stat.st_mode) == -1) {
  199. ERROR_GLIBC("fchmod");
  200. return 1;
  201. }
  202. for (to_copy = stat.st_size; to_copy > 0; to_copy -= copied) {
  203. copied = sendfile(dst_fd, src_fd, &offset, to_copy);
  204. if (copied == -1) {
  205. ERROR_GLIBC("sendfile");
  206. return 1;
  207. }
  208. }
  209. close(dst_fd);
  210. close(src_fd);
  211. return 0;
  212. }
  213. static void save_argv(int argc, const char **argv)
  214. {
  215. orig_argv = calloc(argc, sizeof(char *));
  216. if (!orig_argv) {
  217. ERROR_GLIBC("calloc");
  218. exit(1);
  219. }
  220. for (int i = 0; i < argc; i++) {
  221. orig_argv[i] = strdup(argv[i]);
  222. if (!orig_argv[i]) {
  223. ERROR_GLIBC("strdup(%s)", argv[i]);
  224. exit(1);
  225. }
  226. }
  227. }
  228. int make_backup(void)
  229. {
  230. char *backup;
  231. /*
  232. * Make a backup before kbuild deletes the file so the error
  233. * can be recreated without recompiling or relinking.
  234. */
  235. backup = malloc(strlen(objname) + strlen(ORIG_SUFFIX) + 1);
  236. if (!backup) {
  237. ERROR_GLIBC("malloc");
  238. return 1;
  239. }
  240. strcpy(backup, objname);
  241. strcat(backup, ORIG_SUFFIX);
  242. if (copy_file(objname, backup))
  243. return 1;
  244. /*
  245. * Print the cmdline args to make it easier to recreate.
  246. */
  247. fprintf(stderr, "%s", orig_argv[0]);
  248. for (int i = 1; i < orig_argc; i++) {
  249. char *arg = orig_argv[i];
  250. /* Modify the printed args to use the backup */
  251. if (!opts.output && !strcmp(arg, objname))
  252. fprintf(stderr, " %s -o %s", backup, objname);
  253. else
  254. fprintf(stderr, " %s", arg);
  255. }
  256. fprintf(stderr, "\n");
  257. return 0;
  258. }
  259. int objtool_run(int argc, const char **argv)
  260. {
  261. struct objtool_file *file;
  262. int ret = 0;
  263. orig_argc = argc;
  264. save_argv(argc, argv);
  265. cmd_parse_options(argc, argv, check_usage);
  266. if (!opts_valid())
  267. return 1;
  268. objname = argv[0];
  269. if (opts.dump_orc)
  270. return orc_dump(objname);
  271. if (!opts.dryrun && opts.output) {
  272. /* copy original .o file to output file */
  273. if (copy_file(objname, opts.output))
  274. return 1;
  275. /* from here on, work directly on the output file */
  276. objname = opts.output;
  277. }
  278. file = objtool_open_read(objname);
  279. if (!file)
  280. return 1;
  281. if (!opts.link && has_multiple_files(file->elf)) {
  282. ERROR("Linked object requires --link");
  283. return 1;
  284. }
  285. ret = check(file);
  286. if (ret)
  287. return ret;
  288. if (!opts.dryrun && file->elf->changed && elf_write(file->elf))
  289. return 1;
  290. return elf_close(file->elf);
  291. }