check.c 117 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428442944304431443244334434443544364437443844394440444144424443444444454446444744484449445044514452445344544455445644574458445944604461446244634464446544664467446844694470447144724473447444754476447744784479448044814482448344844485448644874488448944904491449244934494449544964497449844994500450145024503450445054506450745084509451045114512451345144515451645174518451945204521452245234524452545264527452845294530453145324533453445354536453745384539454045414542454345444545454645474548454945504551455245534554455545564557455845594560456145624563456445654566456745684569457045714572457345744575457645774578457945804581458245834584458545864587458845894590459145924593459445954596459745984599460046014602460346044605460646074608460946104611461246134614461546164617461846194620462146224623462446254626462746284629463046314632463346344635463646374638463946404641464246434644464546464647464846494650465146524653465446554656465746584659466046614662466346644665466646674668466946704671467246734674467546764677467846794680468146824683468446854686468746884689469046914692469346944695469646974698469947004701470247034704470547064707470847094710471147124713471447154716471747184719472047214722472347244725472647274728472947304731473247334734473547364737473847394740474147424743474447454746474747484749475047514752475347544755475647574758475947604761476247634764476547664767476847694770477147724773477447754776477747784779478047814782478347844785478647874788478947904791479247934794479547964797479847994800480148024803480448054806480748084809481048114812481348144815481648174818481948204821482248234824482548264827482848294830483148324833483448354836483748384839484048414842484348444845484648474848484948504851485248534854485548564857485848594860486148624863486448654866486748684869487048714872487348744875487648774878487948804881488248834884488548864887488848894890489148924893489448954896489748984899490049014902490349044905490649074908490949104911491249134914491549164917491849194920492149224923492449254926492749284929493049314932493349344935493649374938493949404941494249434944494549464947494849494950495149524953495449554956495749584959496049614962496349644965496649674968496949704971497249734974497549764977497849794980498149824983498449854986498749884989499049914992499349944995499649974998499950005001500250035004500550065007500850095010501150125013501450155016501750185019502050215022502350245025502650275028502950305031503250335034503550365037503850395040504150425043504450455046504750485049505050515052505350545055505650575058505950605061506250635064506550665067506850695070507150725073507450755076507750785079508050815082508350845085508650875088508950905091509250935094509550965097509850995100510151025103510451055106510751085109511051115112511351145115511651175118511951205121512251235124512551265127512851295130513151325133513451355136513751385139514051415142514351445145514651475148514951505151515251535154
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /*
  3. * Copyright (C) 2015-2017 Josh Poimboeuf <jpoimboe@redhat.com>
  4. */
  5. #define _GNU_SOURCE /* memmem() */
  6. #include <fnmatch.h>
  7. #include <string.h>
  8. #include <stdlib.h>
  9. #include <inttypes.h>
  10. #include <sys/mman.h>
  11. #include <objtool/builtin.h>
  12. #include <objtool/cfi.h>
  13. #include <objtool/arch.h>
  14. #include <objtool/disas.h>
  15. #include <objtool/check.h>
  16. #include <objtool/special.h>
  17. #include <objtool/trace.h>
  18. #include <objtool/warn.h>
  19. #include <objtool/checksum.h>
  20. #include <objtool/util.h>
  21. #include <linux/objtool_types.h>
  22. #include <linux/hashtable.h>
  23. #include <linux/kernel.h>
  24. #include <linux/static_call_types.h>
  25. #include <linux/string.h>
  26. static unsigned long nr_cfi, nr_cfi_reused, nr_cfi_cache;
  27. static struct cfi_init_state initial_func_cfi;
  28. static struct cfi_state init_cfi;
  29. static struct cfi_state func_cfi;
  30. static struct cfi_state force_undefined_cfi;
  31. struct disas_context *objtool_disas_ctx;
  32. size_t sym_name_max_len;
  33. struct instruction *find_insn(struct objtool_file *file,
  34. struct section *sec, unsigned long offset)
  35. {
  36. struct instruction *insn;
  37. hash_for_each_possible(file->insn_hash, insn, hash, sec_offset_hash(sec, offset)) {
  38. if (insn->sec == sec && insn->offset == offset)
  39. return insn;
  40. }
  41. return NULL;
  42. }
  43. struct instruction *next_insn_same_sec(struct objtool_file *file,
  44. struct instruction *insn)
  45. {
  46. if (insn->idx == INSN_CHUNK_MAX)
  47. return find_insn(file, insn->sec, insn->offset + insn->len);
  48. insn++;
  49. if (!insn->len)
  50. return NULL;
  51. return insn;
  52. }
  53. static struct instruction *next_insn_same_func(struct objtool_file *file,
  54. struct instruction *insn)
  55. {
  56. struct instruction *next = next_insn_same_sec(file, insn);
  57. struct symbol *func = insn_func(insn);
  58. if (!func)
  59. return NULL;
  60. if (next && insn_func(next) == func)
  61. return next;
  62. /* Check if we're already in the subfunction: */
  63. if (func == func->cfunc)
  64. return NULL;
  65. /* Move to the subfunction: */
  66. return find_insn(file, func->cfunc->sec, func->cfunc->offset);
  67. }
  68. static struct instruction *prev_insn_same_sec(struct objtool_file *file,
  69. struct instruction *insn)
  70. {
  71. if (insn->idx == 0) {
  72. if (insn->prev_len)
  73. return find_insn(file, insn->sec, insn->offset - insn->prev_len);
  74. return NULL;
  75. }
  76. return insn - 1;
  77. }
  78. static struct instruction *prev_insn_same_sym(struct objtool_file *file,
  79. struct instruction *insn)
  80. {
  81. struct instruction *prev = prev_insn_same_sec(file, insn);
  82. if (prev && insn_func(prev) == insn_func(insn))
  83. return prev;
  84. return NULL;
  85. }
  86. #define for_each_insn(file, insn) \
  87. for (struct section *__sec, *__fake = (struct section *)1; \
  88. __fake; __fake = NULL) \
  89. for_each_sec(file->elf, __sec) \
  90. sec_for_each_insn(file, __sec, insn)
  91. #define func_for_each_insn(file, func, insn) \
  92. for (insn = find_insn(file, func->sec, func->offset); \
  93. insn; \
  94. insn = next_insn_same_func(file, insn))
  95. #define sym_for_each_insn(file, sym, insn) \
  96. for (insn = find_insn(file, sym->sec, sym->offset); \
  97. insn && insn->offset < sym->offset + sym->len; \
  98. insn = next_insn_same_sec(file, insn))
  99. #define sym_for_each_insn_continue_reverse(file, sym, insn) \
  100. for (insn = prev_insn_same_sec(file, insn); \
  101. insn && insn->offset >= sym->offset; \
  102. insn = prev_insn_same_sec(file, insn))
  103. #define sec_for_each_insn_from(file, insn) \
  104. for (; insn; insn = next_insn_same_sec(file, insn))
  105. #define sec_for_each_insn_continue(file, insn) \
  106. for (insn = next_insn_same_sec(file, insn); insn; \
  107. insn = next_insn_same_sec(file, insn))
  108. static inline struct reloc *insn_jump_table(struct instruction *insn)
  109. {
  110. if (insn->type == INSN_JUMP_DYNAMIC ||
  111. insn->type == INSN_CALL_DYNAMIC)
  112. return insn->_jump_table;
  113. return NULL;
  114. }
  115. static inline unsigned long insn_jump_table_size(struct instruction *insn)
  116. {
  117. if (insn->type == INSN_JUMP_DYNAMIC ||
  118. insn->type == INSN_CALL_DYNAMIC)
  119. return insn->_jump_table_size;
  120. return 0;
  121. }
  122. static bool is_jump_table_jump(struct instruction *insn)
  123. {
  124. struct alt_group *alt_group = insn->alt_group;
  125. if (insn_jump_table(insn))
  126. return true;
  127. /* Retpoline alternative for a jump table? */
  128. return alt_group && alt_group->orig_group &&
  129. insn_jump_table(alt_group->orig_group->first_insn);
  130. }
  131. static bool is_sibling_call(struct instruction *insn)
  132. {
  133. /*
  134. * Assume only STT_FUNC calls have jump-tables.
  135. */
  136. if (insn_func(insn)) {
  137. /* An indirect jump is either a sibling call or a jump to a table. */
  138. if (insn->type == INSN_JUMP_DYNAMIC)
  139. return !is_jump_table_jump(insn);
  140. }
  141. /* add_jump_destinations() sets insn_call_dest(insn) for sibling calls. */
  142. return (is_static_jump(insn) && insn_call_dest(insn));
  143. }
  144. /*
  145. * Checks if a function is a Rust "noreturn" one.
  146. */
  147. static bool is_rust_noreturn(const struct symbol *func)
  148. {
  149. /*
  150. * If it does not start with "_R", then it is not a Rust symbol.
  151. */
  152. if (strncmp(func->name, "_R", 2))
  153. return false;
  154. /*
  155. * These are just heuristics -- we do not control the precise symbol
  156. * name, due to the crate disambiguators (which depend on the compiler)
  157. * as well as changes to the source code itself between versions (since
  158. * these come from the Rust standard library).
  159. */
  160. return str_ends_with(func->name, "_4core3num20from_str_radix_panic") ||
  161. str_ends_with(func->name, "_4core3num22from_ascii_radix_panic") ||
  162. str_ends_with(func->name, "_4core5sliceSp15copy_from_slice17len_mismatch_fail") ||
  163. str_ends_with(func->name, "_4core6option13expect_failed") ||
  164. str_ends_with(func->name, "_4core6option13unwrap_failed") ||
  165. str_ends_with(func->name, "_4core6result13unwrap_failed") ||
  166. str_ends_with(func->name, "_4core9panicking5panic") ||
  167. str_ends_with(func->name, "_4core9panicking9panic_fmt") ||
  168. str_ends_with(func->name, "_4core9panicking14panic_explicit") ||
  169. str_ends_with(func->name, "_4core9panicking14panic_nounwind") ||
  170. str_ends_with(func->name, "_4core9panicking18panic_bounds_check") ||
  171. str_ends_with(func->name, "_4core9panicking18panic_nounwind_fmt") ||
  172. str_ends_with(func->name, "_4core9panicking19assert_failed_inner") ||
  173. str_ends_with(func->name, "_4core9panicking30panic_null_pointer_dereference") ||
  174. str_ends_with(func->name, "_4core9panicking36panic_misaligned_pointer_dereference") ||
  175. str_ends_with(func->name, "_7___rustc17rust_begin_unwind") ||
  176. strstr(func->name, "_4core9panicking13assert_failed") ||
  177. strstr(func->name, "_4core9panicking11panic_const24panic_const_") ||
  178. (strstr(func->name, "_4core5slice5index") &&
  179. strstr(func->name, "slice_") &&
  180. str_ends_with(func->name, "_fail"));
  181. }
  182. /*
  183. * This checks to see if the given function is a "noreturn" function.
  184. *
  185. * For global functions which are outside the scope of this object file, we
  186. * have to keep a manual list of them.
  187. *
  188. * For local functions, we have to detect them manually by simply looking for
  189. * the lack of a return instruction.
  190. */
  191. static bool __dead_end_function(struct objtool_file *file, struct symbol *func,
  192. int recursion)
  193. {
  194. int i;
  195. struct instruction *insn;
  196. bool empty = true;
  197. #define NORETURN(func) __stringify(func),
  198. static const char * const global_noreturns[] = {
  199. #include "noreturns.h"
  200. };
  201. #undef NORETURN
  202. if (!func)
  203. return false;
  204. if (!is_local_sym(func)) {
  205. if (is_rust_noreturn(func))
  206. return true;
  207. for (i = 0; i < ARRAY_SIZE(global_noreturns); i++)
  208. if (!strcmp(func->name, global_noreturns[i]))
  209. return true;
  210. }
  211. if (is_weak_sym(func))
  212. return false;
  213. if (!func->len)
  214. return false;
  215. insn = find_insn(file, func->sec, func->offset);
  216. if (!insn || !insn_func(insn))
  217. return false;
  218. func_for_each_insn(file, func, insn) {
  219. empty = false;
  220. if (insn->type == INSN_RETURN)
  221. return false;
  222. }
  223. if (empty)
  224. return false;
  225. /*
  226. * A function can have a sibling call instead of a return. In that
  227. * case, the function's dead-end status depends on whether the target
  228. * of the sibling call returns.
  229. */
  230. func_for_each_insn(file, func, insn) {
  231. if (is_sibling_call(insn)) {
  232. struct instruction *dest = insn->jump_dest;
  233. if (!dest)
  234. /* sibling call to another file */
  235. return false;
  236. /* local sibling call */
  237. if (recursion == 5) {
  238. /*
  239. * Infinite recursion: two functions have
  240. * sibling calls to each other. This is a very
  241. * rare case. It means they aren't dead ends.
  242. */
  243. return false;
  244. }
  245. return __dead_end_function(file, insn_func(dest), recursion+1);
  246. }
  247. }
  248. return true;
  249. }
  250. static bool dead_end_function(struct objtool_file *file, struct symbol *func)
  251. {
  252. return __dead_end_function(file, func, 0);
  253. }
  254. static void init_cfi_state(struct cfi_state *cfi)
  255. {
  256. int i;
  257. for (i = 0; i < CFI_NUM_REGS; i++) {
  258. cfi->regs[i].base = CFI_UNDEFINED;
  259. cfi->vals[i].base = CFI_UNDEFINED;
  260. }
  261. cfi->cfa.base = CFI_UNDEFINED;
  262. cfi->drap_reg = CFI_UNDEFINED;
  263. cfi->drap_offset = -1;
  264. }
  265. static void init_insn_state(struct objtool_file *file, struct insn_state *state,
  266. struct section *sec)
  267. {
  268. memset(state, 0, sizeof(*state));
  269. init_cfi_state(&state->cfi);
  270. if (opts.noinstr && sec)
  271. state->noinstr = sec->noinstr;
  272. }
  273. static struct cfi_state *cfi_alloc(void)
  274. {
  275. struct cfi_state *cfi = calloc(1, sizeof(struct cfi_state));
  276. if (!cfi) {
  277. ERROR_GLIBC("calloc");
  278. exit(1);
  279. }
  280. nr_cfi++;
  281. return cfi;
  282. }
  283. static int cfi_bits;
  284. static struct hlist_head *cfi_hash;
  285. static inline bool cficmp(struct cfi_state *cfi1, struct cfi_state *cfi2)
  286. {
  287. return memcmp((void *)cfi1 + sizeof(cfi1->hash),
  288. (void *)cfi2 + sizeof(cfi2->hash),
  289. sizeof(struct cfi_state) - sizeof(struct hlist_node));
  290. }
  291. static inline u32 cfi_key(struct cfi_state *cfi)
  292. {
  293. return jhash((void *)cfi + sizeof(cfi->hash),
  294. sizeof(*cfi) - sizeof(cfi->hash), 0);
  295. }
  296. static struct cfi_state *cfi_hash_find_or_add(struct cfi_state *cfi)
  297. {
  298. struct hlist_head *head = &cfi_hash[hash_min(cfi_key(cfi), cfi_bits)];
  299. struct cfi_state *obj;
  300. hlist_for_each_entry(obj, head, hash) {
  301. if (!cficmp(cfi, obj)) {
  302. nr_cfi_cache++;
  303. return obj;
  304. }
  305. }
  306. obj = cfi_alloc();
  307. *obj = *cfi;
  308. hlist_add_head(&obj->hash, head);
  309. return obj;
  310. }
  311. static void cfi_hash_add(struct cfi_state *cfi)
  312. {
  313. struct hlist_head *head = &cfi_hash[hash_min(cfi_key(cfi), cfi_bits)];
  314. hlist_add_head(&cfi->hash, head);
  315. }
  316. static void *cfi_hash_alloc(unsigned long size)
  317. {
  318. cfi_bits = max(10, ilog2(size));
  319. cfi_hash = mmap(NULL, sizeof(struct hlist_head) << cfi_bits,
  320. PROT_READ|PROT_WRITE,
  321. MAP_PRIVATE|MAP_ANON, -1, 0);
  322. if (cfi_hash == (void *)-1L) {
  323. ERROR_GLIBC("mmap fail cfi_hash");
  324. cfi_hash = NULL;
  325. } else if (opts.stats) {
  326. printf("cfi_bits: %d\n", cfi_bits);
  327. }
  328. return cfi_hash;
  329. }
  330. static unsigned long nr_insns;
  331. static unsigned long nr_insns_visited;
  332. /*
  333. * Call the arch-specific instruction decoder for all the instructions and add
  334. * them to the global instruction list.
  335. */
  336. static int decode_instructions(struct objtool_file *file)
  337. {
  338. struct section *sec;
  339. struct symbol *func;
  340. unsigned long offset;
  341. struct instruction *insn;
  342. for_each_sec(file->elf, sec) {
  343. struct instruction *insns = NULL;
  344. u8 prev_len = 0;
  345. u8 idx = 0;
  346. if (!is_text_sec(sec))
  347. continue;
  348. if (strcmp(sec->name, ".altinstr_replacement") &&
  349. strcmp(sec->name, ".altinstr_aux") &&
  350. strncmp(sec->name, ".discard.", 9))
  351. sec->text = true;
  352. if (!strcmp(sec->name, ".noinstr.text") ||
  353. !strcmp(sec->name, ".entry.text") ||
  354. !strcmp(sec->name, ".cpuidle.text") ||
  355. !strncmp(sec->name, ".text..__x86.", 13))
  356. sec->noinstr = true;
  357. /*
  358. * .init.text code is ran before userspace and thus doesn't
  359. * strictly need retpolines, except for modules which are
  360. * loaded late, they very much do need retpoline in their
  361. * .init.text
  362. */
  363. if (!strcmp(sec->name, ".init.text") && !opts.module)
  364. sec->init = true;
  365. for (offset = 0; offset < sec_size(sec); offset += insn->len) {
  366. if (!insns || idx == INSN_CHUNK_MAX) {
  367. insns = calloc(INSN_CHUNK_SIZE, sizeof(*insn));
  368. if (!insns) {
  369. ERROR_GLIBC("calloc");
  370. return -1;
  371. }
  372. idx = 0;
  373. } else {
  374. idx++;
  375. }
  376. insn = &insns[idx];
  377. insn->idx = idx;
  378. INIT_LIST_HEAD(&insn->call_node);
  379. insn->sec = sec;
  380. insn->offset = offset;
  381. insn->prev_len = prev_len;
  382. if (arch_decode_instruction(file, sec, offset, sec_size(sec) - offset, insn))
  383. return -1;
  384. prev_len = insn->len;
  385. /*
  386. * By default, "ud2" is a dead end unless otherwise
  387. * annotated, because GCC 7 inserts it for certain
  388. * divide-by-zero cases.
  389. */
  390. if (insn->type == INSN_BUG)
  391. insn->dead_end = true;
  392. hash_add(file->insn_hash, &insn->hash, sec_offset_hash(sec, insn->offset));
  393. nr_insns++;
  394. }
  395. sec_for_each_sym(sec, func) {
  396. if (!is_notype_sym(func) && !is_func_sym(func))
  397. continue;
  398. if (func->offset == sec_size(sec)) {
  399. /* Heuristic: likely an "end" symbol */
  400. if (is_notype_sym(func))
  401. continue;
  402. ERROR("%s(): STT_FUNC at end of section", func->name);
  403. return -1;
  404. }
  405. if (func->embedded_insn || func->alias != func)
  406. continue;
  407. if (!find_insn(file, sec, func->offset)) {
  408. ERROR("%s(): can't find starting instruction", func->name);
  409. return -1;
  410. }
  411. sym_for_each_insn(file, func, insn) {
  412. insn->sym = func;
  413. if (is_func_sym(func) &&
  414. insn->type == INSN_ENDBR &&
  415. list_empty(&insn->call_node)) {
  416. if (insn->offset == func->offset) {
  417. list_add_tail(&insn->call_node, &file->endbr_list);
  418. file->nr_endbr++;
  419. } else {
  420. file->nr_endbr_int++;
  421. }
  422. }
  423. }
  424. }
  425. }
  426. if (opts.stats)
  427. printf("nr_insns: %lu\n", nr_insns);
  428. return 0;
  429. }
  430. /*
  431. * Known pv_ops*[] arrays.
  432. */
  433. static struct {
  434. const char *name;
  435. int idx_off;
  436. } pv_ops_tables[] = {
  437. { .name = "pv_ops", },
  438. { .name = "pv_ops_lock", },
  439. { .name = NULL, .idx_off = -1 }
  440. };
  441. /*
  442. * Get index offset for a pv_ops* array.
  443. */
  444. int pv_ops_idx_off(const char *symname)
  445. {
  446. int idx;
  447. for (idx = 0; pv_ops_tables[idx].name; idx++) {
  448. if (!strcmp(symname, pv_ops_tables[idx].name))
  449. break;
  450. }
  451. return pv_ops_tables[idx].idx_off;
  452. }
  453. /*
  454. * Read a pv_ops*[] .data table to find the static initialized values.
  455. */
  456. static int add_pv_ops(struct objtool_file *file, int pv_ops_idx)
  457. {
  458. struct symbol *sym, *func;
  459. unsigned long off, end;
  460. struct reloc *reloc;
  461. int idx, idx_off;
  462. const char *symname;
  463. symname = pv_ops_tables[pv_ops_idx].name;
  464. sym = find_symbol_by_name(file->elf, symname);
  465. if (!sym) {
  466. ERROR("Unknown pv_ops array %s", symname);
  467. return -1;
  468. }
  469. off = sym->offset;
  470. end = off + sym->len;
  471. idx_off = pv_ops_tables[pv_ops_idx].idx_off;
  472. if (idx_off < 0) {
  473. ERROR("pv_ops array %s has unknown index offset", symname);
  474. return -1;
  475. }
  476. for (;;) {
  477. reloc = find_reloc_by_dest_range(file->elf, sym->sec, off, end - off);
  478. if (!reloc)
  479. break;
  480. idx = (reloc_offset(reloc) - sym->offset) / sizeof(unsigned long);
  481. func = reloc->sym;
  482. if (is_sec_sym(func))
  483. func = find_symbol_by_offset(reloc->sym->sec,
  484. reloc_addend(reloc));
  485. if (!func) {
  486. ERROR_FUNC(reloc->sym->sec, reloc_addend(reloc),
  487. "can't find func at %s[%d]", symname, idx);
  488. return -1;
  489. }
  490. if (objtool_pv_add(file, idx + idx_off, func))
  491. return -1;
  492. off = reloc_offset(reloc) + 1;
  493. if (off > end)
  494. break;
  495. }
  496. return 0;
  497. }
  498. /*
  499. * Allocate and initialize file->pv_ops[].
  500. */
  501. static int init_pv_ops(struct objtool_file *file)
  502. {
  503. struct symbol *sym;
  504. int idx, nr;
  505. if (!opts.noinstr)
  506. return 0;
  507. file->pv_ops = NULL;
  508. nr = 0;
  509. for (idx = 0; pv_ops_tables[idx].name; idx++) {
  510. sym = find_symbol_by_name(file->elf, pv_ops_tables[idx].name);
  511. if (!sym) {
  512. pv_ops_tables[idx].idx_off = -1;
  513. continue;
  514. }
  515. pv_ops_tables[idx].idx_off = nr;
  516. nr += sym->len / sizeof(unsigned long);
  517. }
  518. if (nr == 0)
  519. return 0;
  520. file->pv_ops = calloc(nr, sizeof(struct pv_state));
  521. if (!file->pv_ops) {
  522. ERROR_GLIBC("calloc");
  523. return -1;
  524. }
  525. for (idx = 0; idx < nr; idx++)
  526. INIT_LIST_HEAD(&file->pv_ops[idx].targets);
  527. for (idx = 0; pv_ops_tables[idx].name; idx++) {
  528. if (pv_ops_tables[idx].idx_off < 0)
  529. continue;
  530. if (add_pv_ops(file, idx))
  531. return -1;
  532. }
  533. return 0;
  534. }
  535. static bool is_livepatch_module(struct objtool_file *file)
  536. {
  537. struct section *sec;
  538. if (!opts.module)
  539. return false;
  540. sec = find_section_by_name(file->elf, ".modinfo");
  541. if (!sec)
  542. return false;
  543. return memmem(sec->data->d_buf, sec_size(sec), "\0livepatch=Y", 12);
  544. }
  545. static int create_static_call_sections(struct objtool_file *file)
  546. {
  547. struct static_call_site *site;
  548. struct section *sec;
  549. struct instruction *insn;
  550. struct symbol *key_sym;
  551. char *key_name, *tmp;
  552. int idx;
  553. sec = find_section_by_name(file->elf, ".static_call_sites");
  554. if (sec) {
  555. /*
  556. * Livepatch modules may have already extracted the static call
  557. * site entries to take advantage of vmlinux static call
  558. * privileges.
  559. */
  560. if (!file->klp)
  561. WARN("file already has .static_call_sites section, skipping");
  562. return 0;
  563. }
  564. if (list_empty(&file->static_call_list))
  565. return 0;
  566. idx = 0;
  567. list_for_each_entry(insn, &file->static_call_list, call_node)
  568. idx++;
  569. sec = elf_create_section_pair(file->elf, ".static_call_sites",
  570. sizeof(*site), idx, idx * 2);
  571. if (!sec)
  572. return -1;
  573. /* Allow modules to modify the low bits of static_call_site::key */
  574. sec->sh.sh_flags |= SHF_WRITE;
  575. idx = 0;
  576. list_for_each_entry(insn, &file->static_call_list, call_node) {
  577. /* populate reloc for 'addr' */
  578. if (!elf_init_reloc_text_sym(file->elf, sec,
  579. idx * sizeof(*site), idx * 2,
  580. insn->sec, insn->offset))
  581. return -1;
  582. /* find key symbol */
  583. key_name = strdup(insn_call_dest(insn)->name);
  584. if (!key_name) {
  585. ERROR_GLIBC("strdup");
  586. return -1;
  587. }
  588. if (strncmp(key_name, STATIC_CALL_TRAMP_PREFIX_STR,
  589. STATIC_CALL_TRAMP_PREFIX_LEN)) {
  590. ERROR("static_call: trampoline name malformed: %s", key_name);
  591. return -1;
  592. }
  593. tmp = key_name + STATIC_CALL_TRAMP_PREFIX_LEN - STATIC_CALL_KEY_PREFIX_LEN;
  594. memcpy(tmp, STATIC_CALL_KEY_PREFIX_STR, STATIC_CALL_KEY_PREFIX_LEN);
  595. key_sym = find_symbol_by_name(file->elf, tmp);
  596. if (!key_sym) {
  597. if (!opts.module) {
  598. ERROR("static_call: can't find static_call_key symbol: %s", tmp);
  599. return -1;
  600. }
  601. /*
  602. * For modules(), the key might not be exported, which
  603. * means the module can make static calls but isn't
  604. * allowed to change them.
  605. *
  606. * In that case we temporarily set the key to be the
  607. * trampoline address. This is fixed up in
  608. * static_call_add_module().
  609. */
  610. key_sym = insn_call_dest(insn);
  611. }
  612. /* populate reloc for 'key' */
  613. if (!elf_init_reloc_data_sym(file->elf, sec,
  614. idx * sizeof(*site) + 4,
  615. (idx * 2) + 1, key_sym,
  616. is_sibling_call(insn) * STATIC_CALL_SITE_TAIL))
  617. return -1;
  618. idx++;
  619. }
  620. return 0;
  621. }
  622. static int create_retpoline_sites_sections(struct objtool_file *file)
  623. {
  624. struct instruction *insn;
  625. struct section *sec;
  626. int idx;
  627. sec = find_section_by_name(file->elf, ".retpoline_sites");
  628. if (sec) {
  629. WARN("file already has .retpoline_sites, skipping");
  630. return 0;
  631. }
  632. idx = 0;
  633. list_for_each_entry(insn, &file->retpoline_call_list, call_node)
  634. idx++;
  635. if (!idx)
  636. return 0;
  637. sec = elf_create_section_pair(file->elf, ".retpoline_sites",
  638. sizeof(int), idx, idx);
  639. if (!sec)
  640. return -1;
  641. idx = 0;
  642. list_for_each_entry(insn, &file->retpoline_call_list, call_node) {
  643. if (!elf_init_reloc_text_sym(file->elf, sec,
  644. idx * sizeof(int), idx,
  645. insn->sec, insn->offset))
  646. return -1;
  647. idx++;
  648. }
  649. return 0;
  650. }
  651. static int create_return_sites_sections(struct objtool_file *file)
  652. {
  653. struct instruction *insn;
  654. struct section *sec;
  655. int idx;
  656. sec = find_section_by_name(file->elf, ".return_sites");
  657. if (sec) {
  658. WARN("file already has .return_sites, skipping");
  659. return 0;
  660. }
  661. idx = 0;
  662. list_for_each_entry(insn, &file->return_thunk_list, call_node)
  663. idx++;
  664. if (!idx)
  665. return 0;
  666. sec = elf_create_section_pair(file->elf, ".return_sites",
  667. sizeof(int), idx, idx);
  668. if (!sec)
  669. return -1;
  670. idx = 0;
  671. list_for_each_entry(insn, &file->return_thunk_list, call_node) {
  672. if (!elf_init_reloc_text_sym(file->elf, sec,
  673. idx * sizeof(int), idx,
  674. insn->sec, insn->offset))
  675. return -1;
  676. idx++;
  677. }
  678. return 0;
  679. }
  680. static int create_ibt_endbr_seal_sections(struct objtool_file *file)
  681. {
  682. struct instruction *insn;
  683. struct section *sec;
  684. int idx;
  685. sec = find_section_by_name(file->elf, ".ibt_endbr_seal");
  686. if (sec) {
  687. WARN("file already has .ibt_endbr_seal, skipping");
  688. return 0;
  689. }
  690. idx = 0;
  691. list_for_each_entry(insn, &file->endbr_list, call_node)
  692. idx++;
  693. if (opts.stats) {
  694. printf("ibt: ENDBR at function start: %d\n", file->nr_endbr);
  695. printf("ibt: ENDBR inside functions: %d\n", file->nr_endbr_int);
  696. printf("ibt: superfluous ENDBR: %d\n", idx);
  697. }
  698. if (!idx)
  699. return 0;
  700. sec = elf_create_section_pair(file->elf, ".ibt_endbr_seal",
  701. sizeof(int), idx, idx);
  702. if (!sec)
  703. return -1;
  704. idx = 0;
  705. list_for_each_entry(insn, &file->endbr_list, call_node) {
  706. int *site = (int *)sec->data->d_buf + idx;
  707. struct symbol *sym = insn->sym;
  708. *site = 0;
  709. if (opts.module && sym && is_func_sym(sym) &&
  710. insn->offset == sym->offset &&
  711. (!strcmp(sym->name, "init_module") ||
  712. !strcmp(sym->name, "cleanup_module"))) {
  713. ERROR("%s(): Magic init_module() function name is deprecated, use module_init(fn) instead",
  714. sym->name);
  715. return -1;
  716. }
  717. if (!elf_init_reloc_text_sym(file->elf, sec,
  718. idx * sizeof(int), idx,
  719. insn->sec, insn->offset))
  720. return -1;
  721. idx++;
  722. }
  723. return 0;
  724. }
  725. static int create_cfi_sections(struct objtool_file *file)
  726. {
  727. struct section *sec;
  728. struct symbol *sym;
  729. int idx;
  730. sec = find_section_by_name(file->elf, ".cfi_sites");
  731. if (sec) {
  732. WARN("file already has .cfi_sites section, skipping");
  733. return 0;
  734. }
  735. idx = 0;
  736. for_each_sym(file->elf, sym) {
  737. if (!is_func_sym(sym))
  738. continue;
  739. if (strncmp(sym->name, "__cfi_", 6))
  740. continue;
  741. idx++;
  742. }
  743. sec = elf_create_section_pair(file->elf, ".cfi_sites",
  744. sizeof(unsigned int), idx, idx);
  745. if (!sec)
  746. return -1;
  747. idx = 0;
  748. for_each_sym(file->elf, sym) {
  749. if (!is_func_sym(sym))
  750. continue;
  751. if (strncmp(sym->name, "__cfi_", 6))
  752. continue;
  753. if (!elf_init_reloc_text_sym(file->elf, sec,
  754. idx * sizeof(unsigned int), idx,
  755. sym->sec, sym->offset))
  756. return -1;
  757. idx++;
  758. }
  759. return 0;
  760. }
  761. static int create_mcount_loc_sections(struct objtool_file *file)
  762. {
  763. size_t addr_size = elf_addr_size(file->elf);
  764. struct instruction *insn;
  765. struct section *sec;
  766. int idx;
  767. sec = find_section_by_name(file->elf, "__mcount_loc");
  768. if (sec) {
  769. /*
  770. * Livepatch modules have already extracted their __mcount_loc
  771. * entries to cover the !CONFIG_FTRACE_MCOUNT_USE_OBJTOOL case.
  772. */
  773. if (!file->klp)
  774. WARN("file already has __mcount_loc section, skipping");
  775. return 0;
  776. }
  777. if (list_empty(&file->mcount_loc_list))
  778. return 0;
  779. idx = 0;
  780. list_for_each_entry(insn, &file->mcount_loc_list, call_node)
  781. idx++;
  782. sec = elf_create_section_pair(file->elf, "__mcount_loc", addr_size,
  783. idx, idx);
  784. if (!sec)
  785. return -1;
  786. sec->sh.sh_addralign = addr_size;
  787. idx = 0;
  788. list_for_each_entry(insn, &file->mcount_loc_list, call_node) {
  789. struct reloc *reloc;
  790. reloc = elf_init_reloc_text_sym(file->elf, sec, idx * addr_size, idx,
  791. insn->sec, insn->offset);
  792. if (!reloc)
  793. return -1;
  794. set_reloc_type(file->elf, reloc, addr_size == 8 ? R_ABS64 : R_ABS32);
  795. idx++;
  796. }
  797. return 0;
  798. }
  799. static int create_direct_call_sections(struct objtool_file *file)
  800. {
  801. struct instruction *insn;
  802. struct section *sec;
  803. int idx;
  804. sec = find_section_by_name(file->elf, ".call_sites");
  805. if (sec) {
  806. WARN("file already has .call_sites section, skipping");
  807. return 0;
  808. }
  809. if (list_empty(&file->call_list))
  810. return 0;
  811. idx = 0;
  812. list_for_each_entry(insn, &file->call_list, call_node)
  813. idx++;
  814. sec = elf_create_section_pair(file->elf, ".call_sites",
  815. sizeof(unsigned int), idx, idx);
  816. if (!sec)
  817. return -1;
  818. idx = 0;
  819. list_for_each_entry(insn, &file->call_list, call_node) {
  820. if (!elf_init_reloc_text_sym(file->elf, sec,
  821. idx * sizeof(unsigned int), idx,
  822. insn->sec, insn->offset))
  823. return -1;
  824. idx++;
  825. }
  826. return 0;
  827. }
  828. #ifdef BUILD_KLP
  829. static int create_sym_checksum_section(struct objtool_file *file)
  830. {
  831. struct section *sec;
  832. struct symbol *sym;
  833. unsigned int idx = 0;
  834. struct sym_checksum *checksum;
  835. size_t entsize = sizeof(struct sym_checksum);
  836. sec = find_section_by_name(file->elf, ".discard.sym_checksum");
  837. if (sec) {
  838. if (!opts.dryrun)
  839. WARN("file already has .discard.sym_checksum section, skipping");
  840. return 0;
  841. }
  842. for_each_sym(file->elf, sym)
  843. if (sym->csum.checksum)
  844. idx++;
  845. if (!idx)
  846. return 0;
  847. sec = elf_create_section_pair(file->elf, ".discard.sym_checksum", entsize,
  848. idx, idx);
  849. if (!sec)
  850. return -1;
  851. idx = 0;
  852. for_each_sym(file->elf, sym) {
  853. if (!sym->csum.checksum)
  854. continue;
  855. if (!elf_init_reloc(file->elf, sec->rsec, idx, idx * entsize,
  856. sym, 0, R_TEXT64))
  857. return -1;
  858. checksum = (struct sym_checksum *)sec->data->d_buf + idx;
  859. checksum->addr = 0; /* reloc */
  860. checksum->checksum = sym->csum.checksum;
  861. mark_sec_changed(file->elf, sec, true);
  862. idx++;
  863. }
  864. return 0;
  865. }
  866. #else
  867. static int create_sym_checksum_section(struct objtool_file *file) { return -EINVAL; }
  868. #endif
  869. /*
  870. * Warnings shouldn't be reported for ignored functions.
  871. */
  872. static int add_ignores(struct objtool_file *file)
  873. {
  874. struct section *rsec;
  875. struct symbol *func;
  876. struct reloc *reloc;
  877. rsec = find_section_by_name(file->elf, ".rela.discard.func_stack_frame_non_standard");
  878. if (!rsec)
  879. return 0;
  880. for_each_reloc(rsec, reloc) {
  881. switch (reloc->sym->type) {
  882. case STT_FUNC:
  883. func = reloc->sym;
  884. break;
  885. case STT_SECTION:
  886. func = find_func_by_offset(reloc->sym->sec, reloc_addend(reloc));
  887. if (!func)
  888. continue;
  889. break;
  890. default:
  891. ERROR("unexpected relocation symbol type in %s: %d",
  892. rsec->name, reloc->sym->type);
  893. return -1;
  894. }
  895. func->ignore = true;
  896. if (func->cfunc)
  897. func->cfunc->ignore = true;
  898. }
  899. return 0;
  900. }
  901. /*
  902. * This is a whitelist of functions that is allowed to be called with AC set.
  903. * The list is meant to be minimal and only contains compiler instrumentation
  904. * ABI and a few functions used to implement *_{to,from}_user() functions.
  905. *
  906. * These functions must not directly change AC, but may PUSHF/POPF.
  907. */
  908. static const char *uaccess_safe_builtin[] = {
  909. /* KASAN */
  910. "kasan_report",
  911. "kasan_check_range",
  912. /* KASAN out-of-line */
  913. "__asan_loadN_noabort",
  914. "__asan_load1_noabort",
  915. "__asan_load2_noabort",
  916. "__asan_load4_noabort",
  917. "__asan_load8_noabort",
  918. "__asan_load16_noabort",
  919. "__asan_storeN_noabort",
  920. "__asan_store1_noabort",
  921. "__asan_store2_noabort",
  922. "__asan_store4_noabort",
  923. "__asan_store8_noabort",
  924. "__asan_store16_noabort",
  925. "__kasan_check_read",
  926. "__kasan_check_write",
  927. /* KASAN in-line */
  928. "__asan_report_load_n_noabort",
  929. "__asan_report_load1_noabort",
  930. "__asan_report_load2_noabort",
  931. "__asan_report_load4_noabort",
  932. "__asan_report_load8_noabort",
  933. "__asan_report_load16_noabort",
  934. "__asan_report_store_n_noabort",
  935. "__asan_report_store1_noabort",
  936. "__asan_report_store2_noabort",
  937. "__asan_report_store4_noabort",
  938. "__asan_report_store8_noabort",
  939. "__asan_report_store16_noabort",
  940. /* KCSAN */
  941. "__kcsan_check_access",
  942. "__kcsan_mb",
  943. "__kcsan_wmb",
  944. "__kcsan_rmb",
  945. "__kcsan_release",
  946. "kcsan_found_watchpoint",
  947. "kcsan_setup_watchpoint",
  948. "kcsan_check_scoped_accesses",
  949. "kcsan_disable_current",
  950. "kcsan_enable_current_nowarn",
  951. /* KCSAN/TSAN */
  952. "__tsan_func_entry",
  953. "__tsan_func_exit",
  954. "__tsan_read_range",
  955. "__tsan_write_range",
  956. "__tsan_read1",
  957. "__tsan_read2",
  958. "__tsan_read4",
  959. "__tsan_read8",
  960. "__tsan_read16",
  961. "__tsan_write1",
  962. "__tsan_write2",
  963. "__tsan_write4",
  964. "__tsan_write8",
  965. "__tsan_write16",
  966. "__tsan_read_write1",
  967. "__tsan_read_write2",
  968. "__tsan_read_write4",
  969. "__tsan_read_write8",
  970. "__tsan_read_write16",
  971. "__tsan_volatile_read1",
  972. "__tsan_volatile_read2",
  973. "__tsan_volatile_read4",
  974. "__tsan_volatile_read8",
  975. "__tsan_volatile_read16",
  976. "__tsan_volatile_write1",
  977. "__tsan_volatile_write2",
  978. "__tsan_volatile_write4",
  979. "__tsan_volatile_write8",
  980. "__tsan_volatile_write16",
  981. "__tsan_atomic8_load",
  982. "__tsan_atomic16_load",
  983. "__tsan_atomic32_load",
  984. "__tsan_atomic64_load",
  985. "__tsan_atomic8_store",
  986. "__tsan_atomic16_store",
  987. "__tsan_atomic32_store",
  988. "__tsan_atomic64_store",
  989. "__tsan_atomic8_exchange",
  990. "__tsan_atomic16_exchange",
  991. "__tsan_atomic32_exchange",
  992. "__tsan_atomic64_exchange",
  993. "__tsan_atomic8_fetch_add",
  994. "__tsan_atomic16_fetch_add",
  995. "__tsan_atomic32_fetch_add",
  996. "__tsan_atomic64_fetch_add",
  997. "__tsan_atomic8_fetch_sub",
  998. "__tsan_atomic16_fetch_sub",
  999. "__tsan_atomic32_fetch_sub",
  1000. "__tsan_atomic64_fetch_sub",
  1001. "__tsan_atomic8_fetch_and",
  1002. "__tsan_atomic16_fetch_and",
  1003. "__tsan_atomic32_fetch_and",
  1004. "__tsan_atomic64_fetch_and",
  1005. "__tsan_atomic8_fetch_or",
  1006. "__tsan_atomic16_fetch_or",
  1007. "__tsan_atomic32_fetch_or",
  1008. "__tsan_atomic64_fetch_or",
  1009. "__tsan_atomic8_fetch_xor",
  1010. "__tsan_atomic16_fetch_xor",
  1011. "__tsan_atomic32_fetch_xor",
  1012. "__tsan_atomic64_fetch_xor",
  1013. "__tsan_atomic8_fetch_nand",
  1014. "__tsan_atomic16_fetch_nand",
  1015. "__tsan_atomic32_fetch_nand",
  1016. "__tsan_atomic64_fetch_nand",
  1017. "__tsan_atomic8_compare_exchange_strong",
  1018. "__tsan_atomic16_compare_exchange_strong",
  1019. "__tsan_atomic32_compare_exchange_strong",
  1020. "__tsan_atomic64_compare_exchange_strong",
  1021. "__tsan_atomic8_compare_exchange_weak",
  1022. "__tsan_atomic16_compare_exchange_weak",
  1023. "__tsan_atomic32_compare_exchange_weak",
  1024. "__tsan_atomic64_compare_exchange_weak",
  1025. "__tsan_atomic8_compare_exchange_val",
  1026. "__tsan_atomic16_compare_exchange_val",
  1027. "__tsan_atomic32_compare_exchange_val",
  1028. "__tsan_atomic64_compare_exchange_val",
  1029. "__tsan_atomic_thread_fence",
  1030. "__tsan_atomic_signal_fence",
  1031. "__tsan_unaligned_read16",
  1032. "__tsan_unaligned_write16",
  1033. /* KCOV */
  1034. "write_comp_data",
  1035. "check_kcov_mode",
  1036. "__sanitizer_cov_trace_pc",
  1037. "__sanitizer_cov_trace_const_cmp1",
  1038. "__sanitizer_cov_trace_const_cmp2",
  1039. "__sanitizer_cov_trace_const_cmp4",
  1040. "__sanitizer_cov_trace_const_cmp8",
  1041. "__sanitizer_cov_trace_cmp1",
  1042. "__sanitizer_cov_trace_cmp2",
  1043. "__sanitizer_cov_trace_cmp4",
  1044. "__sanitizer_cov_trace_cmp8",
  1045. "__sanitizer_cov_trace_switch",
  1046. /* KMSAN */
  1047. "kmsan_copy_to_user",
  1048. "kmsan_disable_current",
  1049. "kmsan_enable_current",
  1050. "kmsan_report",
  1051. "kmsan_unpoison_entry_regs",
  1052. "kmsan_unpoison_memory",
  1053. "__msan_chain_origin",
  1054. "__msan_get_context_state",
  1055. "__msan_instrument_asm_store",
  1056. "__msan_metadata_ptr_for_load_1",
  1057. "__msan_metadata_ptr_for_load_2",
  1058. "__msan_metadata_ptr_for_load_4",
  1059. "__msan_metadata_ptr_for_load_8",
  1060. "__msan_metadata_ptr_for_load_n",
  1061. "__msan_metadata_ptr_for_store_1",
  1062. "__msan_metadata_ptr_for_store_2",
  1063. "__msan_metadata_ptr_for_store_4",
  1064. "__msan_metadata_ptr_for_store_8",
  1065. "__msan_metadata_ptr_for_store_n",
  1066. "__msan_poison_alloca",
  1067. "__msan_warning",
  1068. /* UBSAN */
  1069. "ubsan_type_mismatch_common",
  1070. "__ubsan_handle_type_mismatch",
  1071. "__ubsan_handle_type_mismatch_v1",
  1072. "__ubsan_handle_shift_out_of_bounds",
  1073. "__ubsan_handle_load_invalid_value",
  1074. /* KSTACK_ERASE */
  1075. "__sanitizer_cov_stack_depth",
  1076. /* TRACE_BRANCH_PROFILING */
  1077. "ftrace_likely_update",
  1078. /* STACKPROTECTOR */
  1079. "__stack_chk_fail",
  1080. /* misc */
  1081. "csum_partial_copy_generic",
  1082. "copy_mc_fragile",
  1083. "copy_mc_fragile_handle_tail",
  1084. "copy_mc_enhanced_fast_string",
  1085. "rep_stos_alternative",
  1086. "rep_movs_alternative",
  1087. "__copy_user_nocache",
  1088. NULL
  1089. };
  1090. static void add_uaccess_safe(struct objtool_file *file)
  1091. {
  1092. struct symbol *func;
  1093. const char **name;
  1094. if (!opts.uaccess)
  1095. return;
  1096. for (name = uaccess_safe_builtin; *name; name++) {
  1097. func = find_symbol_by_name(file->elf, *name);
  1098. if (!func)
  1099. continue;
  1100. func->uaccess_safe = true;
  1101. }
  1102. }
  1103. /*
  1104. * Symbols that replace INSN_CALL_DYNAMIC, every (tail) call to such a symbol
  1105. * will be added to the .retpoline_sites section.
  1106. */
  1107. __weak bool arch_is_retpoline(struct symbol *sym)
  1108. {
  1109. return false;
  1110. }
  1111. /*
  1112. * Symbols that replace INSN_RETURN, every (tail) call to such a symbol
  1113. * will be added to the .return_sites section.
  1114. */
  1115. __weak bool arch_is_rethunk(struct symbol *sym)
  1116. {
  1117. return false;
  1118. }
  1119. /*
  1120. * Symbols that are embedded inside other instructions, because sometimes crazy
  1121. * code exists. These are mostly ignored for validation purposes.
  1122. */
  1123. __weak bool arch_is_embedded_insn(struct symbol *sym)
  1124. {
  1125. return false;
  1126. }
  1127. static struct reloc *insn_reloc(struct objtool_file *file, struct instruction *insn)
  1128. {
  1129. struct reloc *reloc;
  1130. if (insn->no_reloc)
  1131. return NULL;
  1132. if (!file)
  1133. return NULL;
  1134. reloc = find_reloc_by_dest_range(file->elf, insn->sec,
  1135. insn->offset, insn->len);
  1136. if (!reloc) {
  1137. insn->no_reloc = 1;
  1138. return NULL;
  1139. }
  1140. return reloc;
  1141. }
  1142. static void remove_insn_ops(struct instruction *insn)
  1143. {
  1144. struct stack_op *op, *next;
  1145. for (op = insn->stack_ops; op; op = next) {
  1146. next = op->next;
  1147. free(op);
  1148. }
  1149. insn->stack_ops = NULL;
  1150. }
  1151. static int annotate_call_site(struct objtool_file *file,
  1152. struct instruction *insn, bool sibling)
  1153. {
  1154. struct reloc *reloc = insn_reloc(file, insn);
  1155. struct symbol *sym = insn_call_dest(insn);
  1156. if (!sym)
  1157. sym = reloc->sym;
  1158. if (sym->static_call_tramp) {
  1159. list_add_tail(&insn->call_node, &file->static_call_list);
  1160. return 0;
  1161. }
  1162. if (sym->retpoline_thunk) {
  1163. list_add_tail(&insn->call_node, &file->retpoline_call_list);
  1164. return 0;
  1165. }
  1166. /*
  1167. * Many compilers cannot disable KCOV or sanitizer calls with a function
  1168. * attribute so they need a little help, NOP out any such calls from
  1169. * noinstr text.
  1170. */
  1171. if (opts.hack_noinstr && insn->sec->noinstr && sym->profiling_func) {
  1172. if (reloc)
  1173. set_reloc_type(file->elf, reloc, R_NONE);
  1174. if (elf_write_insn(file->elf, insn->sec,
  1175. insn->offset, insn->len,
  1176. sibling ? arch_ret_insn(insn->len)
  1177. : arch_nop_insn(insn->len))) {
  1178. return -1;
  1179. }
  1180. insn->type = sibling ? INSN_RETURN : INSN_NOP;
  1181. if (sibling) {
  1182. /*
  1183. * We've replaced the tail-call JMP insn by two new
  1184. * insn: RET; INT3, except we only have a single struct
  1185. * insn here. Mark it retpoline_safe to avoid the SLS
  1186. * warning, instead of adding another insn.
  1187. */
  1188. insn->retpoline_safe = true;
  1189. }
  1190. return 0;
  1191. }
  1192. if (opts.mcount && sym->fentry) {
  1193. if (sibling)
  1194. WARN_INSN(insn, "tail call to __fentry__ !?!?");
  1195. if (opts.mnop) {
  1196. if (reloc)
  1197. set_reloc_type(file->elf, reloc, R_NONE);
  1198. if (elf_write_insn(file->elf, insn->sec,
  1199. insn->offset, insn->len,
  1200. arch_nop_insn(insn->len))) {
  1201. return -1;
  1202. }
  1203. insn->type = INSN_NOP;
  1204. }
  1205. list_add_tail(&insn->call_node, &file->mcount_loc_list);
  1206. return 0;
  1207. }
  1208. if (insn->type == INSN_CALL && !insn->sec->init &&
  1209. !insn->_call_dest->embedded_insn)
  1210. list_add_tail(&insn->call_node, &file->call_list);
  1211. if (!sibling && dead_end_function(file, sym))
  1212. insn->dead_end = true;
  1213. return 0;
  1214. }
  1215. static int add_call_dest(struct objtool_file *file, struct instruction *insn,
  1216. struct symbol *dest, bool sibling)
  1217. {
  1218. insn->_call_dest = dest;
  1219. if (!dest)
  1220. return 0;
  1221. /*
  1222. * Whatever stack impact regular CALLs have, should be undone
  1223. * by the RETURN of the called function.
  1224. *
  1225. * Annotated intra-function calls retain the stack_ops but
  1226. * are converted to JUMP, see read_intra_function_calls().
  1227. */
  1228. remove_insn_ops(insn);
  1229. return annotate_call_site(file, insn, sibling);
  1230. }
  1231. static int add_retpoline_call(struct objtool_file *file, struct instruction *insn)
  1232. {
  1233. /*
  1234. * Retpoline calls/jumps are really dynamic calls/jumps in disguise,
  1235. * so convert them accordingly.
  1236. */
  1237. switch (insn->type) {
  1238. case INSN_CALL:
  1239. insn->type = INSN_CALL_DYNAMIC;
  1240. break;
  1241. case INSN_JUMP_UNCONDITIONAL:
  1242. insn->type = INSN_JUMP_DYNAMIC;
  1243. break;
  1244. case INSN_JUMP_CONDITIONAL:
  1245. insn->type = INSN_JUMP_DYNAMIC_CONDITIONAL;
  1246. break;
  1247. default:
  1248. return 0;
  1249. }
  1250. insn->retpoline_safe = true;
  1251. /*
  1252. * Whatever stack impact regular CALLs have, should be undone
  1253. * by the RETURN of the called function.
  1254. *
  1255. * Annotated intra-function calls retain the stack_ops but
  1256. * are converted to JUMP, see read_intra_function_calls().
  1257. */
  1258. remove_insn_ops(insn);
  1259. return annotate_call_site(file, insn, false);
  1260. }
  1261. static void add_return_call(struct objtool_file *file, struct instruction *insn, bool add)
  1262. {
  1263. /*
  1264. * Return thunk tail calls are really just returns in disguise,
  1265. * so convert them accordingly.
  1266. */
  1267. insn->type = INSN_RETURN;
  1268. insn->retpoline_safe = true;
  1269. if (add)
  1270. list_add_tail(&insn->call_node, &file->return_thunk_list);
  1271. }
  1272. static bool is_first_func_insn(struct objtool_file *file,
  1273. struct instruction *insn)
  1274. {
  1275. struct symbol *func = insn_func(insn);
  1276. if (!func)
  1277. return false;
  1278. if (insn->offset == func->offset)
  1279. return true;
  1280. /* Allow direct CALL/JMP past ENDBR */
  1281. if (opts.ibt) {
  1282. struct instruction *prev = prev_insn_same_sym(file, insn);
  1283. if (prev && prev->type == INSN_ENDBR &&
  1284. insn->offset == func->offset + prev->len)
  1285. return true;
  1286. }
  1287. return false;
  1288. }
  1289. /*
  1290. * Find the destination instructions for all jumps.
  1291. */
  1292. static int add_jump_destinations(struct objtool_file *file)
  1293. {
  1294. struct instruction *insn;
  1295. struct reloc *reloc;
  1296. for_each_insn(file, insn) {
  1297. struct symbol *func = insn_func(insn);
  1298. struct instruction *dest_insn;
  1299. struct section *dest_sec;
  1300. struct symbol *dest_sym;
  1301. unsigned long dest_off;
  1302. if (!is_static_jump(insn))
  1303. continue;
  1304. if (insn->jump_dest) {
  1305. /*
  1306. * handle_group_alt() may have previously set
  1307. * 'jump_dest' for some alternatives.
  1308. */
  1309. continue;
  1310. }
  1311. reloc = insn_reloc(file, insn);
  1312. if (!reloc) {
  1313. dest_sec = insn->sec;
  1314. dest_off = arch_jump_destination(insn);
  1315. dest_sym = dest_sec->sym;
  1316. } else {
  1317. dest_sym = reloc->sym;
  1318. if (is_undef_sym(dest_sym)) {
  1319. if (dest_sym->retpoline_thunk) {
  1320. if (add_retpoline_call(file, insn))
  1321. return -1;
  1322. continue;
  1323. }
  1324. if (dest_sym->return_thunk) {
  1325. add_return_call(file, insn, true);
  1326. continue;
  1327. }
  1328. /* External symbol */
  1329. if (func) {
  1330. /* External sibling call */
  1331. if (add_call_dest(file, insn, dest_sym, true))
  1332. return -1;
  1333. continue;
  1334. }
  1335. /* Non-func asm code jumping to external symbol */
  1336. continue;
  1337. }
  1338. dest_sec = dest_sym->sec;
  1339. dest_off = dest_sym->offset + arch_insn_adjusted_addend(insn, reloc);
  1340. }
  1341. dest_insn = find_insn(file, dest_sec, dest_off);
  1342. if (!dest_insn) {
  1343. struct symbol *sym = find_symbol_by_offset(dest_sec, dest_off);
  1344. /*
  1345. * retbleed_untrain_ret() jumps to
  1346. * __x86_return_thunk(), but objtool can't find
  1347. * the thunk's starting RET instruction,
  1348. * because the RET is also in the middle of
  1349. * another instruction. Objtool only knows
  1350. * about the outer instruction.
  1351. */
  1352. if (sym && sym->embedded_insn) {
  1353. add_return_call(file, insn, false);
  1354. continue;
  1355. }
  1356. /*
  1357. * GCOV/KCOV dead code can jump to the end of
  1358. * the function/section.
  1359. */
  1360. if (file->ignore_unreachables && func &&
  1361. dest_sec == insn->sec &&
  1362. dest_off == func->offset + func->len)
  1363. continue;
  1364. ERROR_INSN(insn, "can't find jump dest instruction at %s",
  1365. offstr(dest_sec, dest_off));
  1366. return -1;
  1367. }
  1368. if (!dest_sym || is_sec_sym(dest_sym)) {
  1369. dest_sym = dest_insn->sym;
  1370. if (!dest_sym)
  1371. goto set_jump_dest;
  1372. }
  1373. if (dest_sym->retpoline_thunk && dest_insn->offset == dest_sym->offset) {
  1374. if (add_retpoline_call(file, insn))
  1375. return -1;
  1376. continue;
  1377. }
  1378. if (dest_sym->return_thunk && dest_insn->offset == dest_sym->offset) {
  1379. add_return_call(file, insn, true);
  1380. continue;
  1381. }
  1382. if (!insn->sym || insn->sym->pfunc == dest_sym->pfunc)
  1383. goto set_jump_dest;
  1384. /*
  1385. * Internal cross-function jump.
  1386. */
  1387. if (is_first_func_insn(file, dest_insn)) {
  1388. /* Internal sibling call */
  1389. if (add_call_dest(file, insn, dest_sym, true))
  1390. return -1;
  1391. continue;
  1392. }
  1393. set_jump_dest:
  1394. insn->jump_dest = dest_insn;
  1395. }
  1396. return 0;
  1397. }
  1398. static struct symbol *find_call_destination(struct section *sec, unsigned long offset)
  1399. {
  1400. struct symbol *call_dest;
  1401. call_dest = find_func_by_offset(sec, offset);
  1402. if (!call_dest)
  1403. call_dest = find_symbol_by_offset(sec, offset);
  1404. return call_dest;
  1405. }
  1406. /*
  1407. * Find the destination instructions for all calls.
  1408. */
  1409. static int add_call_destinations(struct objtool_file *file)
  1410. {
  1411. struct instruction *insn;
  1412. unsigned long dest_off;
  1413. struct symbol *dest;
  1414. struct reloc *reloc;
  1415. for_each_insn(file, insn) {
  1416. struct symbol *func = insn_func(insn);
  1417. if (insn->type != INSN_CALL)
  1418. continue;
  1419. reloc = insn_reloc(file, insn);
  1420. if (!reloc) {
  1421. dest_off = arch_jump_destination(insn);
  1422. dest = find_call_destination(insn->sec, dest_off);
  1423. if (add_call_dest(file, insn, dest, false))
  1424. return -1;
  1425. if (func && func->ignore)
  1426. continue;
  1427. if (!insn_call_dest(insn)) {
  1428. ERROR_INSN(insn, "unannotated intra-function call");
  1429. return -1;
  1430. }
  1431. if (func && !is_func_sym(insn_call_dest(insn))) {
  1432. ERROR_INSN(insn, "unsupported call to non-function");
  1433. return -1;
  1434. }
  1435. } else if (is_sec_sym(reloc->sym)) {
  1436. dest_off = arch_insn_adjusted_addend(insn, reloc);
  1437. dest = find_call_destination(reloc->sym->sec, dest_off);
  1438. if (!dest) {
  1439. ERROR_INSN(insn, "can't find call dest symbol at %s+0x%lx",
  1440. reloc->sym->sec->name, dest_off);
  1441. return -1;
  1442. }
  1443. if (add_call_dest(file, insn, dest, false))
  1444. return -1;
  1445. } else if (reloc->sym->retpoline_thunk) {
  1446. if (add_retpoline_call(file, insn))
  1447. return -1;
  1448. } else {
  1449. if (add_call_dest(file, insn, reloc->sym, false))
  1450. return -1;
  1451. }
  1452. }
  1453. return 0;
  1454. }
  1455. /*
  1456. * The .alternatives section requires some extra special care over and above
  1457. * other special sections because alternatives are patched in place.
  1458. */
  1459. static int handle_group_alt(struct objtool_file *file,
  1460. struct special_alt *special_alt,
  1461. struct instruction *orig_insn,
  1462. struct instruction **new_insn)
  1463. {
  1464. struct instruction *last_new_insn = NULL, *insn, *nop = NULL;
  1465. struct alt_group *orig_alt_group, *new_alt_group;
  1466. unsigned long dest_off;
  1467. orig_alt_group = orig_insn->alt_group;
  1468. if (!orig_alt_group) {
  1469. struct instruction *last_orig_insn = NULL;
  1470. orig_alt_group = calloc(1, sizeof(*orig_alt_group));
  1471. if (!orig_alt_group) {
  1472. ERROR_GLIBC("calloc");
  1473. return -1;
  1474. }
  1475. orig_alt_group->cfi = calloc(special_alt->orig_len,
  1476. sizeof(struct cfi_state *));
  1477. if (!orig_alt_group->cfi) {
  1478. ERROR_GLIBC("calloc");
  1479. return -1;
  1480. }
  1481. insn = orig_insn;
  1482. sec_for_each_insn_from(file, insn) {
  1483. if (insn->offset >= special_alt->orig_off + special_alt->orig_len)
  1484. break;
  1485. insn->alt_group = orig_alt_group;
  1486. last_orig_insn = insn;
  1487. }
  1488. orig_alt_group->orig_group = NULL;
  1489. orig_alt_group->first_insn = orig_insn;
  1490. orig_alt_group->last_insn = last_orig_insn;
  1491. orig_alt_group->nop = NULL;
  1492. orig_alt_group->ignore = orig_insn->ignore_alts;
  1493. orig_alt_group->feature = 0;
  1494. } else {
  1495. if (orig_alt_group->last_insn->offset + orig_alt_group->last_insn->len -
  1496. orig_alt_group->first_insn->offset != special_alt->orig_len) {
  1497. ERROR_INSN(orig_insn, "weirdly overlapping alternative! %ld != %d",
  1498. orig_alt_group->last_insn->offset +
  1499. orig_alt_group->last_insn->len -
  1500. orig_alt_group->first_insn->offset,
  1501. special_alt->orig_len);
  1502. return -1;
  1503. }
  1504. }
  1505. new_alt_group = calloc(1, sizeof(*new_alt_group));
  1506. if (!new_alt_group) {
  1507. ERROR_GLIBC("calloc");
  1508. return -1;
  1509. }
  1510. if (special_alt->new_len < special_alt->orig_len) {
  1511. /*
  1512. * Insert a fake nop at the end to make the replacement
  1513. * alt_group the same size as the original. This is needed to
  1514. * allow propagate_alt_cfi() to do its magic. When the last
  1515. * instruction affects the stack, the instruction after it (the
  1516. * nop) will propagate the new state to the shared CFI array.
  1517. */
  1518. nop = calloc(1, sizeof(*nop));
  1519. if (!nop) {
  1520. ERROR_GLIBC("calloc");
  1521. return -1;
  1522. }
  1523. memset(nop, 0, sizeof(*nop));
  1524. nop->sec = special_alt->new_sec;
  1525. nop->offset = special_alt->new_off + special_alt->new_len;
  1526. nop->len = special_alt->orig_len - special_alt->new_len;
  1527. nop->type = INSN_NOP;
  1528. nop->sym = orig_insn->sym;
  1529. nop->alt_group = new_alt_group;
  1530. nop->fake = 1;
  1531. }
  1532. if (!special_alt->new_len) {
  1533. *new_insn = nop;
  1534. goto end;
  1535. }
  1536. insn = *new_insn;
  1537. sec_for_each_insn_from(file, insn) {
  1538. struct reloc *alt_reloc;
  1539. if (insn->offset >= special_alt->new_off + special_alt->new_len)
  1540. break;
  1541. last_new_insn = insn;
  1542. insn->sym = orig_insn->sym;
  1543. insn->alt_group = new_alt_group;
  1544. /*
  1545. * Since alternative replacement code is copy/pasted by the
  1546. * kernel after applying relocations, generally such code can't
  1547. * have relative-address relocation references to outside the
  1548. * .altinstr_replacement section, unless the arch's
  1549. * alternatives code can adjust the relative offsets
  1550. * accordingly.
  1551. */
  1552. alt_reloc = insn_reloc(file, insn);
  1553. if (alt_reloc && arch_pc_relative_reloc(alt_reloc) &&
  1554. !arch_support_alt_relocation(special_alt, insn, alt_reloc)) {
  1555. ERROR_INSN(insn, "unsupported relocation in alternatives section");
  1556. return -1;
  1557. }
  1558. if (!is_static_jump(insn))
  1559. continue;
  1560. if (!insn->immediate)
  1561. continue;
  1562. dest_off = arch_jump_destination(insn);
  1563. if (dest_off == special_alt->new_off + special_alt->new_len) {
  1564. insn->jump_dest = next_insn_same_sec(file, orig_alt_group->last_insn);
  1565. if (!insn->jump_dest) {
  1566. ERROR_INSN(insn, "can't find alternative jump destination");
  1567. return -1;
  1568. }
  1569. }
  1570. }
  1571. if (!last_new_insn) {
  1572. ERROR_FUNC(special_alt->new_sec, special_alt->new_off,
  1573. "can't find last new alternative instruction");
  1574. return -1;
  1575. }
  1576. end:
  1577. new_alt_group->orig_group = orig_alt_group;
  1578. new_alt_group->first_insn = *new_insn;
  1579. new_alt_group->last_insn = last_new_insn;
  1580. new_alt_group->nop = nop;
  1581. new_alt_group->ignore = (*new_insn)->ignore_alts;
  1582. new_alt_group->cfi = orig_alt_group->cfi;
  1583. new_alt_group->feature = special_alt->feature;
  1584. return 0;
  1585. }
  1586. /*
  1587. * A jump table entry can either convert a nop to a jump or a jump to a nop.
  1588. * If the original instruction is a jump, make the alt entry an effective nop
  1589. * by just skipping the original instruction.
  1590. */
  1591. static int handle_jump_alt(struct objtool_file *file,
  1592. struct special_alt *special_alt,
  1593. struct instruction *orig_insn,
  1594. struct instruction **new_insn)
  1595. {
  1596. if (orig_insn->type != INSN_JUMP_UNCONDITIONAL &&
  1597. orig_insn->type != INSN_NOP) {
  1598. ERROR_INSN(orig_insn, "unsupported instruction at jump label");
  1599. return -1;
  1600. }
  1601. if (opts.hack_jump_label && special_alt->key_addend & 2) {
  1602. struct reloc *reloc = insn_reloc(file, orig_insn);
  1603. if (reloc)
  1604. set_reloc_type(file->elf, reloc, R_NONE);
  1605. if (elf_write_insn(file->elf, orig_insn->sec,
  1606. orig_insn->offset, orig_insn->len,
  1607. arch_nop_insn(orig_insn->len))) {
  1608. return -1;
  1609. }
  1610. orig_insn->type = INSN_NOP;
  1611. }
  1612. if (orig_insn->type == INSN_NOP) {
  1613. if (orig_insn->len == 2)
  1614. file->jl_nop_short++;
  1615. else
  1616. file->jl_nop_long++;
  1617. return 0;
  1618. }
  1619. if (orig_insn->len == 2)
  1620. file->jl_short++;
  1621. else
  1622. file->jl_long++;
  1623. *new_insn = next_insn_same_sec(file, orig_insn);
  1624. return 0;
  1625. }
  1626. /*
  1627. * Read all the special sections which have alternate instructions which can be
  1628. * patched in or redirected to at runtime. Each instruction having alternate
  1629. * instruction(s) has them added to its insn->alts list, which will be
  1630. * traversed in validate_branch().
  1631. */
  1632. static int add_special_section_alts(struct objtool_file *file)
  1633. {
  1634. struct list_head special_alts;
  1635. struct instruction *orig_insn, *new_insn;
  1636. struct special_alt *special_alt, *tmp;
  1637. enum alternative_type alt_type;
  1638. struct alternative *alt;
  1639. struct alternative *a;
  1640. if (special_get_alts(file->elf, &special_alts))
  1641. return -1;
  1642. list_for_each_entry_safe(special_alt, tmp, &special_alts, list) {
  1643. orig_insn = find_insn(file, special_alt->orig_sec,
  1644. special_alt->orig_off);
  1645. if (!orig_insn) {
  1646. ERROR_FUNC(special_alt->orig_sec, special_alt->orig_off,
  1647. "special: can't find orig instruction");
  1648. return -1;
  1649. }
  1650. new_insn = NULL;
  1651. if (!special_alt->group || special_alt->new_len) {
  1652. new_insn = find_insn(file, special_alt->new_sec,
  1653. special_alt->new_off);
  1654. if (!new_insn) {
  1655. ERROR_FUNC(special_alt->new_sec, special_alt->new_off,
  1656. "special: can't find new instruction");
  1657. return -1;
  1658. }
  1659. }
  1660. if (special_alt->group) {
  1661. if (!special_alt->orig_len) {
  1662. ERROR_INSN(orig_insn, "empty alternative entry");
  1663. continue;
  1664. }
  1665. if (handle_group_alt(file, special_alt, orig_insn, &new_insn))
  1666. return -1;
  1667. alt_type = ALT_TYPE_INSTRUCTIONS;
  1668. } else if (special_alt->jump_or_nop) {
  1669. if (handle_jump_alt(file, special_alt, orig_insn, &new_insn))
  1670. return -1;
  1671. alt_type = ALT_TYPE_JUMP_TABLE;
  1672. } else {
  1673. alt_type = ALT_TYPE_EX_TABLE;
  1674. }
  1675. alt = calloc(1, sizeof(*alt));
  1676. if (!alt) {
  1677. ERROR_GLIBC("calloc");
  1678. return -1;
  1679. }
  1680. alt->insn = new_insn;
  1681. alt->type = alt_type;
  1682. alt->next = NULL;
  1683. /*
  1684. * Store alternatives in the same order they have been
  1685. * defined.
  1686. */
  1687. if (!orig_insn->alts) {
  1688. orig_insn->alts = alt;
  1689. } else {
  1690. for (a = orig_insn->alts; a->next; a = a->next)
  1691. ;
  1692. a->next = alt;
  1693. }
  1694. list_del(&special_alt->list);
  1695. free(special_alt);
  1696. }
  1697. if (opts.stats) {
  1698. printf("jl\\\tNOP\tJMP\n");
  1699. printf("short:\t%ld\t%ld\n", file->jl_nop_short, file->jl_short);
  1700. printf("long:\t%ld\t%ld\n", file->jl_nop_long, file->jl_long);
  1701. }
  1702. return 0;
  1703. }
  1704. __weak unsigned long arch_jump_table_sym_offset(struct reloc *reloc, struct reloc *table)
  1705. {
  1706. return reloc->sym->offset + reloc_addend(reloc);
  1707. }
  1708. static int add_jump_table(struct objtool_file *file, struct instruction *insn)
  1709. {
  1710. unsigned long table_size = insn_jump_table_size(insn);
  1711. struct symbol *pfunc = insn_func(insn)->pfunc;
  1712. struct reloc *table = insn_jump_table(insn);
  1713. struct instruction *dest_insn;
  1714. unsigned int prev_offset = 0;
  1715. struct reloc *reloc = table;
  1716. struct alternative *alt;
  1717. unsigned long sym_offset;
  1718. /*
  1719. * Each @reloc is a switch table relocation which points to the target
  1720. * instruction.
  1721. */
  1722. for_each_reloc_from(table->sec, reloc) {
  1723. /* Check for the end of the table: */
  1724. if (table_size && reloc_offset(reloc) - reloc_offset(table) >= table_size)
  1725. break;
  1726. if (reloc != table && is_jump_table(reloc))
  1727. break;
  1728. /* Make sure the table entries are consecutive: */
  1729. if (prev_offset && reloc_offset(reloc) != prev_offset + arch_reloc_size(reloc))
  1730. break;
  1731. sym_offset = arch_jump_table_sym_offset(reloc, table);
  1732. /* Detect function pointers from contiguous objects: */
  1733. if (reloc->sym->sec == pfunc->sec && sym_offset == pfunc->offset)
  1734. break;
  1735. /*
  1736. * Clang sometimes leaves dangling unused jump table entries
  1737. * which point to the end of the function. Ignore them.
  1738. */
  1739. if (reloc->sym->sec == pfunc->sec &&
  1740. sym_offset == pfunc->offset + pfunc->len)
  1741. goto next;
  1742. dest_insn = find_insn(file, reloc->sym->sec, sym_offset);
  1743. if (!dest_insn)
  1744. break;
  1745. /* Make sure the destination is in the same function: */
  1746. if (!insn_func(dest_insn) || insn_func(dest_insn)->pfunc != pfunc)
  1747. break;
  1748. alt = calloc(1, sizeof(*alt));
  1749. if (!alt) {
  1750. ERROR_GLIBC("calloc");
  1751. return -1;
  1752. }
  1753. alt->insn = dest_insn;
  1754. alt->next = insn->alts;
  1755. insn->alts = alt;
  1756. next:
  1757. prev_offset = reloc_offset(reloc);
  1758. }
  1759. if (!prev_offset) {
  1760. ERROR_INSN(insn, "can't find switch jump table");
  1761. return -1;
  1762. }
  1763. return 0;
  1764. }
  1765. /*
  1766. * find_jump_table() - Given a dynamic jump, find the switch jump table
  1767. * associated with it.
  1768. */
  1769. static void find_jump_table(struct objtool_file *file, struct symbol *func,
  1770. struct instruction *insn)
  1771. {
  1772. struct reloc *table_reloc;
  1773. struct instruction *dest_insn, *orig_insn = insn;
  1774. unsigned long table_size;
  1775. unsigned long sym_offset;
  1776. /*
  1777. * Backward search using the @first_jump_src links, these help avoid
  1778. * much of the 'in between' code. Which avoids us getting confused by
  1779. * it.
  1780. */
  1781. for (;
  1782. insn && insn_func(insn) && insn_func(insn)->pfunc == func;
  1783. insn = insn->first_jump_src ?: prev_insn_same_sym(file, insn)) {
  1784. if (insn != orig_insn && insn->type == INSN_JUMP_DYNAMIC)
  1785. break;
  1786. /* allow small jumps within the range */
  1787. if (insn->type == INSN_JUMP_UNCONDITIONAL &&
  1788. insn->jump_dest &&
  1789. (insn->jump_dest->offset <= insn->offset ||
  1790. insn->jump_dest->offset > orig_insn->offset))
  1791. break;
  1792. table_reloc = arch_find_switch_table(file, insn, &table_size);
  1793. if (!table_reloc)
  1794. continue;
  1795. sym_offset = table_reloc->sym->offset + reloc_addend(table_reloc);
  1796. dest_insn = find_insn(file, table_reloc->sym->sec, sym_offset);
  1797. if (!dest_insn || !insn_func(dest_insn) || insn_func(dest_insn)->pfunc != func)
  1798. continue;
  1799. set_jump_table(table_reloc);
  1800. orig_insn->_jump_table = table_reloc;
  1801. orig_insn->_jump_table_size = table_size;
  1802. break;
  1803. }
  1804. }
  1805. /*
  1806. * First pass: Mark the head of each jump table so that in the next pass,
  1807. * we know when a given jump table ends and the next one starts.
  1808. */
  1809. static void mark_func_jump_tables(struct objtool_file *file,
  1810. struct symbol *func)
  1811. {
  1812. struct instruction *insn, *last = NULL;
  1813. func_for_each_insn(file, func, insn) {
  1814. if (!last)
  1815. last = insn;
  1816. /*
  1817. * Store back-pointers for forward jumps such
  1818. * that find_jump_table() can back-track using those and
  1819. * avoid some potentially confusing code.
  1820. */
  1821. if (insn->jump_dest &&
  1822. insn->jump_dest->offset > insn->offset &&
  1823. !insn->jump_dest->first_jump_src) {
  1824. insn->jump_dest->first_jump_src = insn;
  1825. last = insn->jump_dest;
  1826. }
  1827. if (insn->type != INSN_JUMP_DYNAMIC)
  1828. continue;
  1829. find_jump_table(file, func, insn);
  1830. }
  1831. }
  1832. static int add_func_jump_tables(struct objtool_file *file,
  1833. struct symbol *func)
  1834. {
  1835. struct instruction *insn;
  1836. func_for_each_insn(file, func, insn) {
  1837. if (!insn_jump_table(insn))
  1838. continue;
  1839. if (add_jump_table(file, insn))
  1840. return -1;
  1841. }
  1842. return 0;
  1843. }
  1844. /*
  1845. * For some switch statements, gcc generates a jump table in the .rodata
  1846. * section which contains a list of addresses within the function to jump to.
  1847. * This finds these jump tables and adds them to the insn->alts lists.
  1848. */
  1849. static int add_jump_table_alts(struct objtool_file *file)
  1850. {
  1851. struct symbol *func;
  1852. if (!file->rodata)
  1853. return 0;
  1854. for_each_sym(file->elf, func) {
  1855. if (!is_func_sym(func) || func->alias != func)
  1856. continue;
  1857. mark_func_jump_tables(file, func);
  1858. if (add_func_jump_tables(file, func))
  1859. return -1;
  1860. }
  1861. return 0;
  1862. }
  1863. static void set_func_state(struct cfi_state *state)
  1864. {
  1865. state->cfa = initial_func_cfi.cfa;
  1866. memcpy(&state->regs, &initial_func_cfi.regs,
  1867. CFI_NUM_REGS * sizeof(struct cfi_reg));
  1868. state->stack_size = initial_func_cfi.cfa.offset;
  1869. state->type = UNWIND_HINT_TYPE_CALL;
  1870. }
  1871. static int read_unwind_hints(struct objtool_file *file)
  1872. {
  1873. struct cfi_state cfi = init_cfi;
  1874. struct section *sec;
  1875. struct unwind_hint *hint;
  1876. struct instruction *insn;
  1877. struct reloc *reloc;
  1878. unsigned long offset;
  1879. int i;
  1880. sec = find_section_by_name(file->elf, ".discard.unwind_hints");
  1881. if (!sec)
  1882. return 0;
  1883. if (!sec->rsec) {
  1884. ERROR("missing .rela.discard.unwind_hints section");
  1885. return -1;
  1886. }
  1887. if (sec_size(sec) % sizeof(struct unwind_hint)) {
  1888. ERROR("struct unwind_hint size mismatch");
  1889. return -1;
  1890. }
  1891. file->hints = true;
  1892. for (i = 0; i < sec_size(sec) / sizeof(struct unwind_hint); i++) {
  1893. hint = (struct unwind_hint *)sec->data->d_buf + i;
  1894. reloc = find_reloc_by_dest(file->elf, sec, i * sizeof(*hint));
  1895. if (!reloc) {
  1896. ERROR("can't find reloc for unwind_hints[%d]", i);
  1897. return -1;
  1898. }
  1899. offset = reloc->sym->offset + reloc_addend(reloc);
  1900. insn = find_insn(file, reloc->sym->sec, offset);
  1901. if (!insn) {
  1902. ERROR("can't find insn for unwind_hints[%d]", i);
  1903. return -1;
  1904. }
  1905. insn->hint = true;
  1906. if (hint->type == UNWIND_HINT_TYPE_UNDEFINED) {
  1907. insn->cfi = &force_undefined_cfi;
  1908. continue;
  1909. }
  1910. if (hint->type == UNWIND_HINT_TYPE_SAVE) {
  1911. insn->hint = false;
  1912. insn->save = true;
  1913. continue;
  1914. }
  1915. if (hint->type == UNWIND_HINT_TYPE_RESTORE) {
  1916. insn->restore = true;
  1917. continue;
  1918. }
  1919. if (hint->type == UNWIND_HINT_TYPE_REGS_PARTIAL) {
  1920. struct symbol *sym = find_symbol_by_offset(insn->sec, insn->offset);
  1921. if (sym && is_global_sym(sym)) {
  1922. if (opts.ibt && insn->type != INSN_ENDBR && !insn->noendbr) {
  1923. ERROR_INSN(insn, "UNWIND_HINT_IRET_REGS without ENDBR");
  1924. return -1;
  1925. }
  1926. }
  1927. }
  1928. if (hint->type == UNWIND_HINT_TYPE_FUNC) {
  1929. insn->cfi = &func_cfi;
  1930. continue;
  1931. }
  1932. if (insn->cfi)
  1933. cfi = *(insn->cfi);
  1934. if (arch_decode_hint_reg(hint->sp_reg, &cfi.cfa.base)) {
  1935. ERROR_INSN(insn, "unsupported unwind_hint sp base reg %d", hint->sp_reg);
  1936. return -1;
  1937. }
  1938. cfi.cfa.offset = bswap_if_needed(file->elf, hint->sp_offset);
  1939. cfi.type = hint->type;
  1940. cfi.signal = hint->signal;
  1941. insn->cfi = cfi_hash_find_or_add(&cfi);
  1942. }
  1943. return 0;
  1944. }
  1945. static int read_annotate(struct objtool_file *file,
  1946. int (*func)(struct objtool_file *file, int type, struct instruction *insn))
  1947. {
  1948. struct section *sec;
  1949. struct instruction *insn;
  1950. struct reloc *reloc;
  1951. uint64_t offset;
  1952. int type;
  1953. sec = find_section_by_name(file->elf, ".discard.annotate_insn");
  1954. if (!sec)
  1955. return 0;
  1956. if (!sec->rsec)
  1957. return 0;
  1958. if (sec->sh.sh_entsize != 8) {
  1959. static bool warned = false;
  1960. if (!warned && opts.verbose) {
  1961. WARN("%s: dodgy linker, sh_entsize != 8", sec->name);
  1962. warned = true;
  1963. }
  1964. sec->sh.sh_entsize = 8;
  1965. }
  1966. if (sec_num_entries(sec) != sec_num_entries(sec->rsec)) {
  1967. ERROR("bad .discard.annotate_insn section: missing relocs");
  1968. return -1;
  1969. }
  1970. for_each_reloc(sec->rsec, reloc) {
  1971. type = annotype(file->elf, sec, reloc);
  1972. offset = reloc->sym->offset + reloc_addend(reloc);
  1973. insn = find_insn(file, reloc->sym->sec, offset);
  1974. if (!insn) {
  1975. ERROR("bad .discard.annotate_insn entry: %d of type %d", reloc_idx(reloc), type);
  1976. return -1;
  1977. }
  1978. if (func(file, type, insn))
  1979. return -1;
  1980. }
  1981. return 0;
  1982. }
  1983. static int __annotate_early(struct objtool_file *file, int type, struct instruction *insn)
  1984. {
  1985. switch (type) {
  1986. /* Must be before add_special_section_alts() */
  1987. case ANNOTYPE_IGNORE_ALTS:
  1988. insn->ignore_alts = true;
  1989. break;
  1990. /*
  1991. * Must be before read_unwind_hints() since that needs insn->noendbr.
  1992. */
  1993. case ANNOTYPE_NOENDBR:
  1994. insn->noendbr = 1;
  1995. break;
  1996. default:
  1997. break;
  1998. }
  1999. return 0;
  2000. }
  2001. static int __annotate_ifc(struct objtool_file *file, int type, struct instruction *insn)
  2002. {
  2003. unsigned long dest_off;
  2004. if (type != ANNOTYPE_INTRA_FUNCTION_CALL)
  2005. return 0;
  2006. if (insn->type != INSN_CALL) {
  2007. ERROR_INSN(insn, "intra_function_call not a direct call");
  2008. return -1;
  2009. }
  2010. /*
  2011. * Treat intra-function CALLs as JMPs, but with a stack_op.
  2012. * See add_call_destinations(), which strips stack_ops from
  2013. * normal CALLs.
  2014. */
  2015. insn->type = INSN_JUMP_UNCONDITIONAL;
  2016. dest_off = arch_jump_destination(insn);
  2017. insn->jump_dest = find_insn(file, insn->sec, dest_off);
  2018. if (!insn->jump_dest) {
  2019. ERROR_INSN(insn, "can't find call dest at %s+0x%lx",
  2020. insn->sec->name, dest_off);
  2021. return -1;
  2022. }
  2023. return 0;
  2024. }
  2025. static int __annotate_late(struct objtool_file *file, int type, struct instruction *insn)
  2026. {
  2027. struct symbol *sym;
  2028. switch (type) {
  2029. case ANNOTYPE_NOENDBR:
  2030. /* early */
  2031. break;
  2032. case ANNOTYPE_RETPOLINE_SAFE:
  2033. if (insn->type != INSN_JUMP_DYNAMIC &&
  2034. insn->type != INSN_CALL_DYNAMIC &&
  2035. insn->type != INSN_RETURN &&
  2036. insn->type != INSN_NOP) {
  2037. ERROR_INSN(insn, "retpoline_safe hint not an indirect jump/call/ret/nop");
  2038. return -1;
  2039. }
  2040. insn->retpoline_safe = true;
  2041. break;
  2042. case ANNOTYPE_INSTR_BEGIN:
  2043. insn->instr++;
  2044. break;
  2045. case ANNOTYPE_INSTR_END:
  2046. insn->instr--;
  2047. break;
  2048. case ANNOTYPE_UNRET_BEGIN:
  2049. insn->unret = 1;
  2050. break;
  2051. case ANNOTYPE_IGNORE_ALTS:
  2052. /* early */
  2053. break;
  2054. case ANNOTYPE_INTRA_FUNCTION_CALL:
  2055. /* ifc */
  2056. break;
  2057. case ANNOTYPE_REACHABLE:
  2058. insn->dead_end = false;
  2059. break;
  2060. case ANNOTYPE_NOCFI:
  2061. sym = insn->sym;
  2062. if (!sym) {
  2063. ERROR_INSN(insn, "dodgy NOCFI annotation");
  2064. return -1;
  2065. }
  2066. insn->sym->nocfi = 1;
  2067. break;
  2068. default:
  2069. ERROR_INSN(insn, "Unknown annotation type: %d", type);
  2070. return -1;
  2071. }
  2072. return 0;
  2073. }
  2074. /*
  2075. * Return true if name matches an instrumentation function, where calls to that
  2076. * function from noinstr code can safely be removed, but compilers won't do so.
  2077. */
  2078. static bool is_profiling_func(const char *name)
  2079. {
  2080. /*
  2081. * Many compilers cannot disable KCOV with a function attribute.
  2082. */
  2083. if (!strncmp(name, "__sanitizer_cov_", 16))
  2084. return true;
  2085. return false;
  2086. }
  2087. static int classify_symbols(struct objtool_file *file)
  2088. {
  2089. struct symbol *func;
  2090. size_t len;
  2091. for_each_sym(file->elf, func) {
  2092. if (is_notype_sym(func) && strstarts(func->name, ".L"))
  2093. func->local_label = true;
  2094. if (!is_global_sym(func))
  2095. continue;
  2096. if (!strncmp(func->name, STATIC_CALL_TRAMP_PREFIX_STR,
  2097. strlen(STATIC_CALL_TRAMP_PREFIX_STR)))
  2098. func->static_call_tramp = true;
  2099. if (arch_is_retpoline(func))
  2100. func->retpoline_thunk = true;
  2101. if (arch_is_rethunk(func))
  2102. func->return_thunk = true;
  2103. if (arch_is_embedded_insn(func))
  2104. func->embedded_insn = true;
  2105. if (arch_ftrace_match(func->name))
  2106. func->fentry = true;
  2107. if (is_profiling_func(func->name))
  2108. func->profiling_func = true;
  2109. len = strlen(func->name);
  2110. if (len > sym_name_max_len)
  2111. sym_name_max_len = len;
  2112. }
  2113. return 0;
  2114. }
  2115. static void mark_rodata(struct objtool_file *file)
  2116. {
  2117. struct section *sec;
  2118. bool found = false;
  2119. /*
  2120. * Search for the following rodata sections, each of which can
  2121. * potentially contain jump tables:
  2122. *
  2123. * - .rodata: can contain GCC switch tables
  2124. * - .rodata.<func>: same, if -fdata-sections is being used
  2125. * - .data.rel.ro.c_jump_table: contains C annotated jump tables
  2126. *
  2127. * .rodata.str1.* sections are ignored; they don't contain jump tables.
  2128. */
  2129. for_each_sec(file->elf, sec) {
  2130. if ((!strncmp(sec->name, ".rodata", 7) &&
  2131. !strstr(sec->name, ".str1.")) ||
  2132. !strncmp(sec->name, ".data.rel.ro", 12)) {
  2133. sec->rodata = true;
  2134. found = true;
  2135. }
  2136. }
  2137. file->rodata = found;
  2138. }
  2139. static void mark_holes(struct objtool_file *file)
  2140. {
  2141. struct instruction *insn;
  2142. bool in_hole = false;
  2143. if (!opts.link)
  2144. return;
  2145. /*
  2146. * Whole archive runs might encounter dead code from weak symbols.
  2147. * This is where the linker will have dropped the weak symbol in
  2148. * favour of a regular symbol, but leaves the code in place.
  2149. */
  2150. for_each_insn(file, insn) {
  2151. if (insn->sym || !find_symbol_hole_containing(insn->sec, insn->offset)) {
  2152. in_hole = false;
  2153. continue;
  2154. }
  2155. /* Skip function padding and pfx code */
  2156. if (!in_hole && insn->type == INSN_NOP)
  2157. continue;
  2158. in_hole = true;
  2159. insn->hole = 1;
  2160. /*
  2161. * If this hole jumps to a .cold function, mark it ignore.
  2162. */
  2163. if (insn->jump_dest) {
  2164. struct symbol *dest_func = insn_func(insn->jump_dest);
  2165. if (dest_func && dest_func->cold)
  2166. dest_func->ignore = true;
  2167. }
  2168. }
  2169. }
  2170. static bool validate_branch_enabled(void)
  2171. {
  2172. return opts.stackval ||
  2173. opts.orc ||
  2174. opts.uaccess ||
  2175. opts.checksum;
  2176. }
  2177. static int decode_sections(struct objtool_file *file)
  2178. {
  2179. file->klp = is_livepatch_module(file);
  2180. mark_rodata(file);
  2181. if (init_pv_ops(file))
  2182. return -1;
  2183. /*
  2184. * Must be before add_{jump_call}_destination.
  2185. */
  2186. if (classify_symbols(file))
  2187. return -1;
  2188. if (decode_instructions(file))
  2189. return -1;
  2190. if (add_ignores(file))
  2191. return -1;
  2192. add_uaccess_safe(file);
  2193. if (read_annotate(file, __annotate_early))
  2194. return -1;
  2195. /*
  2196. * Must be before add_jump_destinations(), which depends on 'func'
  2197. * being set for alternatives, to enable proper sibling call detection.
  2198. */
  2199. if (validate_branch_enabled() || opts.noinstr || opts.hack_jump_label || opts.disas) {
  2200. if (add_special_section_alts(file))
  2201. return -1;
  2202. }
  2203. if (add_jump_destinations(file))
  2204. return -1;
  2205. /*
  2206. * Must be before add_call_destination(); it changes INSN_CALL to
  2207. * INSN_JUMP.
  2208. */
  2209. if (read_annotate(file, __annotate_ifc))
  2210. return -1;
  2211. if (add_call_destinations(file))
  2212. return -1;
  2213. if (add_jump_table_alts(file))
  2214. return -1;
  2215. if (read_unwind_hints(file))
  2216. return -1;
  2217. /* Must be after add_jump_destinations() */
  2218. mark_holes(file);
  2219. /*
  2220. * Must be after add_call_destinations() such that it can override
  2221. * dead_end_function() marks.
  2222. */
  2223. if (read_annotate(file, __annotate_late))
  2224. return -1;
  2225. return 0;
  2226. }
  2227. static bool is_special_call(struct instruction *insn)
  2228. {
  2229. if (insn->type == INSN_CALL) {
  2230. struct symbol *dest = insn_call_dest(insn);
  2231. if (!dest)
  2232. return false;
  2233. if (dest->fentry || dest->embedded_insn)
  2234. return true;
  2235. }
  2236. return false;
  2237. }
  2238. static bool has_modified_stack_frame(struct instruction *insn, struct insn_state *state)
  2239. {
  2240. struct cfi_state *cfi = &state->cfi;
  2241. int i;
  2242. if (cfi->cfa.base != initial_func_cfi.cfa.base || cfi->drap)
  2243. return true;
  2244. if (cfi->cfa.offset != initial_func_cfi.cfa.offset)
  2245. return true;
  2246. if (cfi->stack_size != initial_func_cfi.cfa.offset)
  2247. return true;
  2248. for (i = 0; i < CFI_NUM_REGS; i++) {
  2249. if (cfi->regs[i].base != initial_func_cfi.regs[i].base ||
  2250. cfi->regs[i].offset != initial_func_cfi.regs[i].offset)
  2251. return true;
  2252. }
  2253. return false;
  2254. }
  2255. static bool check_reg_frame_pos(const struct cfi_reg *reg,
  2256. int expected_offset)
  2257. {
  2258. return reg->base == CFI_CFA &&
  2259. reg->offset == expected_offset;
  2260. }
  2261. static bool has_valid_stack_frame(struct insn_state *state)
  2262. {
  2263. struct cfi_state *cfi = &state->cfi;
  2264. if (cfi->cfa.base == CFI_BP &&
  2265. check_reg_frame_pos(&cfi->regs[CFI_BP], -cfi->cfa.offset) &&
  2266. check_reg_frame_pos(&cfi->regs[CFI_RA], -cfi->cfa.offset + 8))
  2267. return true;
  2268. if (cfi->drap && cfi->regs[CFI_BP].base == CFI_BP)
  2269. return true;
  2270. return false;
  2271. }
  2272. static int update_cfi_state_regs(struct instruction *insn,
  2273. struct cfi_state *cfi,
  2274. struct stack_op *op)
  2275. {
  2276. struct cfi_reg *cfa = &cfi->cfa;
  2277. if (cfa->base != CFI_SP && cfa->base != CFI_SP_INDIRECT)
  2278. return 0;
  2279. /* push */
  2280. if (op->dest.type == OP_DEST_PUSH || op->dest.type == OP_DEST_PUSHF)
  2281. cfa->offset += 8;
  2282. /* pop */
  2283. if (op->src.type == OP_SRC_POP || op->src.type == OP_SRC_POPF)
  2284. cfa->offset -= 8;
  2285. /* add immediate to sp */
  2286. if (op->dest.type == OP_DEST_REG && op->src.type == OP_SRC_ADD &&
  2287. op->dest.reg == CFI_SP && op->src.reg == CFI_SP)
  2288. cfa->offset -= op->src.offset;
  2289. return 0;
  2290. }
  2291. static void save_reg(struct cfi_state *cfi, unsigned char reg, int base, int offset)
  2292. {
  2293. if (arch_callee_saved_reg(reg) &&
  2294. cfi->regs[reg].base == CFI_UNDEFINED) {
  2295. cfi->regs[reg].base = base;
  2296. cfi->regs[reg].offset = offset;
  2297. }
  2298. }
  2299. static void restore_reg(struct cfi_state *cfi, unsigned char reg)
  2300. {
  2301. cfi->regs[reg].base = initial_func_cfi.regs[reg].base;
  2302. cfi->regs[reg].offset = initial_func_cfi.regs[reg].offset;
  2303. }
  2304. /*
  2305. * A note about DRAP stack alignment:
  2306. *
  2307. * GCC has the concept of a DRAP register, which is used to help keep track of
  2308. * the stack pointer when aligning the stack. r10 or r13 is used as the DRAP
  2309. * register. The typical DRAP pattern is:
  2310. *
  2311. * 4c 8d 54 24 08 lea 0x8(%rsp),%r10
  2312. * 48 83 e4 c0 and $0xffffffffffffffc0,%rsp
  2313. * 41 ff 72 f8 pushq -0x8(%r10)
  2314. * 55 push %rbp
  2315. * 48 89 e5 mov %rsp,%rbp
  2316. * (more pushes)
  2317. * 41 52 push %r10
  2318. * ...
  2319. * 41 5a pop %r10
  2320. * (more pops)
  2321. * 5d pop %rbp
  2322. * 49 8d 62 f8 lea -0x8(%r10),%rsp
  2323. * c3 retq
  2324. *
  2325. * There are some variations in the epilogues, like:
  2326. *
  2327. * 5b pop %rbx
  2328. * 41 5a pop %r10
  2329. * 41 5c pop %r12
  2330. * 41 5d pop %r13
  2331. * 41 5e pop %r14
  2332. * c9 leaveq
  2333. * 49 8d 62 f8 lea -0x8(%r10),%rsp
  2334. * c3 retq
  2335. *
  2336. * and:
  2337. *
  2338. * 4c 8b 55 e8 mov -0x18(%rbp),%r10
  2339. * 48 8b 5d e0 mov -0x20(%rbp),%rbx
  2340. * 4c 8b 65 f0 mov -0x10(%rbp),%r12
  2341. * 4c 8b 6d f8 mov -0x8(%rbp),%r13
  2342. * c9 leaveq
  2343. * 49 8d 62 f8 lea -0x8(%r10),%rsp
  2344. * c3 retq
  2345. *
  2346. * Sometimes r13 is used as the DRAP register, in which case it's saved and
  2347. * restored beforehand:
  2348. *
  2349. * 41 55 push %r13
  2350. * 4c 8d 6c 24 10 lea 0x10(%rsp),%r13
  2351. * 48 83 e4 f0 and $0xfffffffffffffff0,%rsp
  2352. * ...
  2353. * 49 8d 65 f0 lea -0x10(%r13),%rsp
  2354. * 41 5d pop %r13
  2355. * c3 retq
  2356. */
  2357. static int update_cfi_state(struct instruction *insn,
  2358. struct instruction *next_insn,
  2359. struct cfi_state *cfi, struct stack_op *op)
  2360. {
  2361. struct cfi_reg *cfa = &cfi->cfa;
  2362. struct cfi_reg *regs = cfi->regs;
  2363. /* ignore UNWIND_HINT_UNDEFINED regions */
  2364. if (cfi->force_undefined)
  2365. return 0;
  2366. /* stack operations don't make sense with an undefined CFA */
  2367. if (cfa->base == CFI_UNDEFINED) {
  2368. if (insn_func(insn)) {
  2369. WARN_INSN(insn, "undefined stack state");
  2370. return 1;
  2371. }
  2372. return 0;
  2373. }
  2374. if (cfi->type == UNWIND_HINT_TYPE_REGS ||
  2375. cfi->type == UNWIND_HINT_TYPE_REGS_PARTIAL)
  2376. return update_cfi_state_regs(insn, cfi, op);
  2377. switch (op->dest.type) {
  2378. case OP_DEST_REG:
  2379. switch (op->src.type) {
  2380. case OP_SRC_REG:
  2381. if (op->src.reg == CFI_SP && op->dest.reg == CFI_BP &&
  2382. cfa->base == CFI_SP &&
  2383. check_reg_frame_pos(&regs[CFI_BP], -cfa->offset)) {
  2384. /* mov %rsp, %rbp */
  2385. cfa->base = op->dest.reg;
  2386. cfi->bp_scratch = false;
  2387. }
  2388. else if (op->src.reg == CFI_SP &&
  2389. op->dest.reg == CFI_BP && cfi->drap) {
  2390. /* drap: mov %rsp, %rbp */
  2391. regs[CFI_BP].base = CFI_BP;
  2392. regs[CFI_BP].offset = -cfi->stack_size;
  2393. cfi->bp_scratch = false;
  2394. }
  2395. else if (op->src.reg == CFI_SP && cfa->base == CFI_SP) {
  2396. /*
  2397. * mov %rsp, %reg
  2398. *
  2399. * This is needed for the rare case where GCC
  2400. * does:
  2401. *
  2402. * mov %rsp, %rax
  2403. * ...
  2404. * mov %rax, %rsp
  2405. */
  2406. cfi->vals[op->dest.reg].base = CFI_CFA;
  2407. cfi->vals[op->dest.reg].offset = -cfi->stack_size;
  2408. }
  2409. else if (op->src.reg == CFI_BP && op->dest.reg == CFI_SP &&
  2410. (cfa->base == CFI_BP || cfa->base == cfi->drap_reg)) {
  2411. /*
  2412. * mov %rbp, %rsp
  2413. *
  2414. * Restore the original stack pointer (Clang).
  2415. */
  2416. cfi->stack_size = -cfi->regs[CFI_BP].offset;
  2417. }
  2418. else if (op->dest.reg == cfa->base) {
  2419. /* mov %reg, %rsp */
  2420. if (cfa->base == CFI_SP &&
  2421. cfi->vals[op->src.reg].base == CFI_CFA) {
  2422. /*
  2423. * This is needed for the rare case
  2424. * where GCC does something dumb like:
  2425. *
  2426. * lea 0x8(%rsp), %rcx
  2427. * ...
  2428. * mov %rcx, %rsp
  2429. */
  2430. cfa->offset = -cfi->vals[op->src.reg].offset;
  2431. cfi->stack_size = cfa->offset;
  2432. } else if (cfa->base == CFI_SP &&
  2433. cfi->vals[op->src.reg].base == CFI_SP_INDIRECT &&
  2434. cfi->vals[op->src.reg].offset == cfa->offset) {
  2435. /*
  2436. * Stack swizzle:
  2437. *
  2438. * 1: mov %rsp, (%[tos])
  2439. * 2: mov %[tos], %rsp
  2440. * ...
  2441. * 3: pop %rsp
  2442. *
  2443. * Where:
  2444. *
  2445. * 1 - places a pointer to the previous
  2446. * stack at the Top-of-Stack of the
  2447. * new stack.
  2448. *
  2449. * 2 - switches to the new stack.
  2450. *
  2451. * 3 - pops the Top-of-Stack to restore
  2452. * the original stack.
  2453. *
  2454. * Note: we set base to SP_INDIRECT
  2455. * here and preserve offset. Therefore
  2456. * when the unwinder reaches ToS it
  2457. * will dereference SP and then add the
  2458. * offset to find the next frame, IOW:
  2459. * (%rsp) + offset.
  2460. */
  2461. cfa->base = CFI_SP_INDIRECT;
  2462. } else {
  2463. cfa->base = CFI_UNDEFINED;
  2464. cfa->offset = 0;
  2465. }
  2466. }
  2467. else if (op->dest.reg == CFI_SP &&
  2468. cfi->vals[op->src.reg].base == CFI_SP_INDIRECT &&
  2469. cfi->vals[op->src.reg].offset == cfa->offset) {
  2470. /*
  2471. * The same stack swizzle case 2) as above. But
  2472. * because we can't change cfa->base, case 3)
  2473. * will become a regular POP. Pretend we're a
  2474. * PUSH so things don't go unbalanced.
  2475. */
  2476. cfi->stack_size += 8;
  2477. }
  2478. else if (cfi->vals[op->src.reg].base == CFI_CFA) {
  2479. /*
  2480. * Clang RSP musical chairs:
  2481. *
  2482. * mov %rsp, %rdx [handled above]
  2483. * ...
  2484. * mov %rdx, %rbx [handled here]
  2485. * ...
  2486. * mov %rbx, %rsp [handled above]
  2487. */
  2488. cfi->vals[op->dest.reg].base = CFI_CFA;
  2489. cfi->vals[op->dest.reg].offset = cfi->vals[op->src.reg].offset;
  2490. }
  2491. break;
  2492. case OP_SRC_ADD:
  2493. if (op->dest.reg == CFI_SP && op->src.reg == CFI_SP) {
  2494. /* add imm, %rsp */
  2495. cfi->stack_size -= op->src.offset;
  2496. if (cfa->base == CFI_SP)
  2497. cfa->offset -= op->src.offset;
  2498. break;
  2499. }
  2500. if (op->dest.reg == CFI_BP && op->src.reg == CFI_SP &&
  2501. insn->sym->frame_pointer) {
  2502. /* addi.d fp,sp,imm on LoongArch */
  2503. if (cfa->base == CFI_SP && cfa->offset == op->src.offset) {
  2504. cfa->base = CFI_BP;
  2505. cfa->offset = 0;
  2506. }
  2507. break;
  2508. }
  2509. if (op->dest.reg == CFI_SP && op->src.reg == CFI_BP) {
  2510. /* addi.d sp,fp,imm on LoongArch */
  2511. if (cfa->base == CFI_BP && cfa->offset == 0) {
  2512. if (insn->sym->frame_pointer) {
  2513. cfa->base = CFI_SP;
  2514. cfa->offset = -op->src.offset;
  2515. }
  2516. } else {
  2517. /* lea disp(%rbp), %rsp */
  2518. cfi->stack_size = -(op->src.offset + regs[CFI_BP].offset);
  2519. }
  2520. break;
  2521. }
  2522. if (op->src.reg == CFI_SP && cfa->base == CFI_SP) {
  2523. /* drap: lea disp(%rsp), %drap */
  2524. cfi->drap_reg = op->dest.reg;
  2525. /*
  2526. * lea disp(%rsp), %reg
  2527. *
  2528. * This is needed for the rare case where GCC
  2529. * does something dumb like:
  2530. *
  2531. * lea 0x8(%rsp), %rcx
  2532. * ...
  2533. * mov %rcx, %rsp
  2534. */
  2535. cfi->vals[op->dest.reg].base = CFI_CFA;
  2536. cfi->vals[op->dest.reg].offset = \
  2537. -cfi->stack_size + op->src.offset;
  2538. break;
  2539. }
  2540. if (cfi->drap && op->dest.reg == CFI_SP &&
  2541. op->src.reg == cfi->drap_reg) {
  2542. /* drap: lea disp(%drap), %rsp */
  2543. cfa->base = CFI_SP;
  2544. cfa->offset = cfi->stack_size = -op->src.offset;
  2545. cfi->drap_reg = CFI_UNDEFINED;
  2546. cfi->drap = false;
  2547. break;
  2548. }
  2549. if (op->dest.reg == cfi->cfa.base && !(next_insn && next_insn->hint)) {
  2550. WARN_INSN(insn, "unsupported stack register modification");
  2551. return -1;
  2552. }
  2553. break;
  2554. case OP_SRC_AND:
  2555. if (op->dest.reg != CFI_SP ||
  2556. (cfi->drap_reg != CFI_UNDEFINED && cfa->base != CFI_SP) ||
  2557. (cfi->drap_reg == CFI_UNDEFINED && cfa->base != CFI_BP)) {
  2558. WARN_INSN(insn, "unsupported stack pointer realignment");
  2559. return -1;
  2560. }
  2561. if (cfi->drap_reg != CFI_UNDEFINED) {
  2562. /* drap: and imm, %rsp */
  2563. cfa->base = cfi->drap_reg;
  2564. cfa->offset = cfi->stack_size = 0;
  2565. cfi->drap = true;
  2566. }
  2567. /*
  2568. * Older versions of GCC (4.8ish) realign the stack
  2569. * without DRAP, with a frame pointer.
  2570. */
  2571. break;
  2572. case OP_SRC_POP:
  2573. case OP_SRC_POPF:
  2574. if (op->dest.reg == CFI_SP && cfa->base == CFI_SP_INDIRECT) {
  2575. /* pop %rsp; # restore from a stack swizzle */
  2576. cfa->base = CFI_SP;
  2577. break;
  2578. }
  2579. if (!cfi->drap && op->dest.reg == cfa->base) {
  2580. /* pop %rbp */
  2581. cfa->base = CFI_SP;
  2582. }
  2583. if (cfi->drap && cfa->base == CFI_BP_INDIRECT &&
  2584. op->dest.reg == cfi->drap_reg &&
  2585. cfi->drap_offset == -cfi->stack_size) {
  2586. /* drap: pop %drap */
  2587. cfa->base = cfi->drap_reg;
  2588. cfa->offset = 0;
  2589. cfi->drap_offset = -1;
  2590. } else if (cfi->stack_size == -regs[op->dest.reg].offset) {
  2591. /* pop %reg */
  2592. restore_reg(cfi, op->dest.reg);
  2593. }
  2594. cfi->stack_size -= 8;
  2595. if (cfa->base == CFI_SP)
  2596. cfa->offset -= 8;
  2597. break;
  2598. case OP_SRC_REG_INDIRECT:
  2599. if (!cfi->drap && op->dest.reg == cfa->base &&
  2600. op->dest.reg == CFI_BP) {
  2601. /* mov disp(%rsp), %rbp */
  2602. cfa->base = CFI_SP;
  2603. cfa->offset = cfi->stack_size;
  2604. }
  2605. if (cfi->drap && op->src.reg == CFI_BP &&
  2606. op->src.offset == cfi->drap_offset) {
  2607. /* drap: mov disp(%rbp), %drap */
  2608. cfa->base = cfi->drap_reg;
  2609. cfa->offset = 0;
  2610. cfi->drap_offset = -1;
  2611. }
  2612. if (cfi->drap && op->src.reg == CFI_BP &&
  2613. op->src.offset == regs[op->dest.reg].offset) {
  2614. /* drap: mov disp(%rbp), %reg */
  2615. restore_reg(cfi, op->dest.reg);
  2616. } else if (op->src.reg == cfa->base &&
  2617. op->src.offset == regs[op->dest.reg].offset + cfa->offset) {
  2618. /* mov disp(%rbp), %reg */
  2619. /* mov disp(%rsp), %reg */
  2620. restore_reg(cfi, op->dest.reg);
  2621. } else if (op->src.reg == CFI_SP &&
  2622. op->src.offset == regs[op->dest.reg].offset + cfi->stack_size) {
  2623. /* mov disp(%rsp), %reg */
  2624. restore_reg(cfi, op->dest.reg);
  2625. }
  2626. break;
  2627. default:
  2628. WARN_INSN(insn, "unknown stack-related instruction");
  2629. return -1;
  2630. }
  2631. break;
  2632. case OP_DEST_PUSH:
  2633. case OP_DEST_PUSHF:
  2634. cfi->stack_size += 8;
  2635. if (cfa->base == CFI_SP)
  2636. cfa->offset += 8;
  2637. if (op->src.type != OP_SRC_REG)
  2638. break;
  2639. if (cfi->drap) {
  2640. if (op->src.reg == cfa->base && op->src.reg == cfi->drap_reg) {
  2641. /* drap: push %drap */
  2642. cfa->base = CFI_BP_INDIRECT;
  2643. cfa->offset = -cfi->stack_size;
  2644. /* save drap so we know when to restore it */
  2645. cfi->drap_offset = -cfi->stack_size;
  2646. } else if (op->src.reg == CFI_BP && cfa->base == cfi->drap_reg) {
  2647. /* drap: push %rbp */
  2648. cfi->stack_size = 0;
  2649. } else {
  2650. /* drap: push %reg */
  2651. save_reg(cfi, op->src.reg, CFI_BP, -cfi->stack_size);
  2652. }
  2653. } else {
  2654. /* push %reg */
  2655. save_reg(cfi, op->src.reg, CFI_CFA, -cfi->stack_size);
  2656. }
  2657. /* detect when asm code uses rbp as a scratch register */
  2658. if (opts.stackval && insn_func(insn) && op->src.reg == CFI_BP &&
  2659. cfa->base != CFI_BP)
  2660. cfi->bp_scratch = true;
  2661. break;
  2662. case OP_DEST_REG_INDIRECT:
  2663. if (cfi->drap) {
  2664. if (op->src.reg == cfa->base && op->src.reg == cfi->drap_reg) {
  2665. /* drap: mov %drap, disp(%rbp) */
  2666. cfa->base = CFI_BP_INDIRECT;
  2667. cfa->offset = op->dest.offset;
  2668. /* save drap offset so we know when to restore it */
  2669. cfi->drap_offset = op->dest.offset;
  2670. } else {
  2671. /* drap: mov reg, disp(%rbp) */
  2672. save_reg(cfi, op->src.reg, CFI_BP, op->dest.offset);
  2673. }
  2674. } else if (op->dest.reg == cfa->base) {
  2675. /* mov reg, disp(%rbp) */
  2676. /* mov reg, disp(%rsp) */
  2677. save_reg(cfi, op->src.reg, CFI_CFA,
  2678. op->dest.offset - cfi->cfa.offset);
  2679. } else if (op->dest.reg == CFI_SP) {
  2680. /* mov reg, disp(%rsp) */
  2681. save_reg(cfi, op->src.reg, CFI_CFA,
  2682. op->dest.offset - cfi->stack_size);
  2683. } else if (op->src.reg == CFI_SP && op->dest.offset == 0) {
  2684. /* mov %rsp, (%reg); # setup a stack swizzle. */
  2685. cfi->vals[op->dest.reg].base = CFI_SP_INDIRECT;
  2686. cfi->vals[op->dest.reg].offset = cfa->offset;
  2687. }
  2688. break;
  2689. case OP_DEST_MEM:
  2690. if (op->src.type != OP_SRC_POP && op->src.type != OP_SRC_POPF) {
  2691. WARN_INSN(insn, "unknown stack-related memory operation");
  2692. return -1;
  2693. }
  2694. /* pop mem */
  2695. cfi->stack_size -= 8;
  2696. if (cfa->base == CFI_SP)
  2697. cfa->offset -= 8;
  2698. break;
  2699. default:
  2700. WARN_INSN(insn, "unknown stack-related instruction");
  2701. return -1;
  2702. }
  2703. return 0;
  2704. }
  2705. /*
  2706. * The stack layouts of alternatives instructions can sometimes diverge when
  2707. * they have stack modifications. That's fine as long as the potential stack
  2708. * layouts don't conflict at any given potential instruction boundary.
  2709. *
  2710. * Flatten the CFIs of the different alternative code streams (both original
  2711. * and replacement) into a single shared CFI array which can be used to detect
  2712. * conflicts and nicely feed a linear array of ORC entries to the unwinder.
  2713. */
  2714. static int propagate_alt_cfi(struct objtool_file *file, struct instruction *insn)
  2715. {
  2716. struct cfi_state **alt_cfi;
  2717. int group_off;
  2718. if (!insn->alt_group)
  2719. return 0;
  2720. if (!insn->cfi) {
  2721. WARN("CFI missing");
  2722. return -1;
  2723. }
  2724. alt_cfi = insn->alt_group->cfi;
  2725. group_off = insn->offset - insn->alt_group->first_insn->offset;
  2726. if (!alt_cfi[group_off]) {
  2727. alt_cfi[group_off] = insn->cfi;
  2728. } else {
  2729. if (cficmp(alt_cfi[group_off], insn->cfi)) {
  2730. struct alt_group *orig_group = insn->alt_group->orig_group ?: insn->alt_group;
  2731. struct instruction *orig = orig_group->first_insn;
  2732. WARN_INSN(orig, "stack layout conflict in alternatives: %s",
  2733. offstr(insn->sec, insn->offset));
  2734. return -1;
  2735. }
  2736. }
  2737. return 0;
  2738. }
  2739. static int noinline handle_insn_ops(struct instruction *insn,
  2740. struct instruction *next_insn,
  2741. struct insn_state *state)
  2742. {
  2743. struct insn_state prev_state __maybe_unused = *state;
  2744. struct stack_op *op;
  2745. int ret = 0;
  2746. for (op = insn->stack_ops; op; op = op->next) {
  2747. ret = update_cfi_state(insn, next_insn, &state->cfi, op);
  2748. if (ret)
  2749. goto done;
  2750. if (!opts.uaccess || !insn->alt_group)
  2751. continue;
  2752. if (op->dest.type == OP_DEST_PUSHF) {
  2753. if (!state->uaccess_stack) {
  2754. state->uaccess_stack = 1;
  2755. } else if (state->uaccess_stack >> 31) {
  2756. WARN_INSN(insn, "PUSHF stack exhausted");
  2757. ret = 1;
  2758. goto done;
  2759. }
  2760. state->uaccess_stack <<= 1;
  2761. state->uaccess_stack |= state->uaccess;
  2762. }
  2763. if (op->src.type == OP_SRC_POPF) {
  2764. if (state->uaccess_stack) {
  2765. state->uaccess = state->uaccess_stack & 1;
  2766. state->uaccess_stack >>= 1;
  2767. if (state->uaccess_stack == 1)
  2768. state->uaccess_stack = 0;
  2769. }
  2770. }
  2771. }
  2772. done:
  2773. TRACE_INSN_STATE(insn, &prev_state, state);
  2774. return ret;
  2775. }
  2776. static bool insn_cfi_match(struct instruction *insn, struct cfi_state *cfi2)
  2777. {
  2778. struct cfi_state *cfi1 = insn->cfi;
  2779. int i;
  2780. if (!cfi1) {
  2781. WARN("CFI missing");
  2782. return false;
  2783. }
  2784. if (memcmp(&cfi1->cfa, &cfi2->cfa, sizeof(cfi1->cfa))) {
  2785. WARN_INSN(insn, "stack state mismatch: cfa1=%d%+d cfa2=%d%+d",
  2786. cfi1->cfa.base, cfi1->cfa.offset,
  2787. cfi2->cfa.base, cfi2->cfa.offset);
  2788. return false;
  2789. }
  2790. if (memcmp(&cfi1->regs, &cfi2->regs, sizeof(cfi1->regs))) {
  2791. for (i = 0; i < CFI_NUM_REGS; i++) {
  2792. if (!memcmp(&cfi1->regs[i], &cfi2->regs[i], sizeof(struct cfi_reg)))
  2793. continue;
  2794. WARN_INSN(insn, "stack state mismatch: reg1[%d]=%d%+d reg2[%d]=%d%+d",
  2795. i, cfi1->regs[i].base, cfi1->regs[i].offset,
  2796. i, cfi2->regs[i].base, cfi2->regs[i].offset);
  2797. }
  2798. return false;
  2799. }
  2800. if (cfi1->type != cfi2->type) {
  2801. WARN_INSN(insn, "stack state mismatch: type1=%d type2=%d",
  2802. cfi1->type, cfi2->type);
  2803. return false;
  2804. }
  2805. if (cfi1->drap != cfi2->drap ||
  2806. (cfi1->drap && cfi1->drap_reg != cfi2->drap_reg) ||
  2807. (cfi1->drap && cfi1->drap_offset != cfi2->drap_offset)) {
  2808. WARN_INSN(insn, "stack state mismatch: drap1=%d(%d,%d) drap2=%d(%d,%d)",
  2809. cfi1->drap, cfi1->drap_reg, cfi1->drap_offset,
  2810. cfi2->drap, cfi2->drap_reg, cfi2->drap_offset);
  2811. return false;
  2812. }
  2813. return true;
  2814. }
  2815. static inline bool func_uaccess_safe(struct symbol *func)
  2816. {
  2817. if (func)
  2818. return func->uaccess_safe;
  2819. return false;
  2820. }
  2821. static inline const char *call_dest_name(struct instruction *insn)
  2822. {
  2823. static char pvname[19];
  2824. struct reloc *reloc;
  2825. int idx;
  2826. if (insn_call_dest(insn))
  2827. return insn_call_dest(insn)->name;
  2828. reloc = insn_reloc(NULL, insn);
  2829. if (reloc && !strcmp(reloc->sym->name, "pv_ops")) {
  2830. idx = (reloc_addend(reloc) / sizeof(void *));
  2831. snprintf(pvname, sizeof(pvname), "pv_ops[%d]", idx);
  2832. return pvname;
  2833. }
  2834. return "{dynamic}";
  2835. }
  2836. static bool pv_call_dest(struct objtool_file *file, struct instruction *insn)
  2837. {
  2838. struct symbol *target;
  2839. struct reloc *reloc;
  2840. int idx;
  2841. reloc = insn_reloc(file, insn);
  2842. if (!reloc || strcmp(reloc->sym->name, "pv_ops"))
  2843. return false;
  2844. idx = arch_insn_adjusted_addend(insn, reloc) / sizeof(void *);
  2845. if (file->pv_ops[idx].clean)
  2846. return true;
  2847. file->pv_ops[idx].clean = true;
  2848. list_for_each_entry(target, &file->pv_ops[idx].targets, pv_target) {
  2849. if (!target->sec->noinstr) {
  2850. WARN("pv_ops[%d]: %s", idx, target->name);
  2851. file->pv_ops[idx].clean = false;
  2852. }
  2853. }
  2854. return file->pv_ops[idx].clean;
  2855. }
  2856. static inline bool noinstr_call_dest(struct objtool_file *file,
  2857. struct instruction *insn,
  2858. struct symbol *func)
  2859. {
  2860. /*
  2861. * We can't deal with indirect function calls at present;
  2862. * assume they're instrumented.
  2863. */
  2864. if (!func) {
  2865. if (file->pv_ops)
  2866. return pv_call_dest(file, insn);
  2867. return false;
  2868. }
  2869. /*
  2870. * If the symbol is from a noinstr section; we good.
  2871. */
  2872. if (func->sec->noinstr)
  2873. return true;
  2874. /*
  2875. * If the symbol is a static_call trampoline, we can't tell.
  2876. */
  2877. if (func->static_call_tramp)
  2878. return true;
  2879. /*
  2880. * The __ubsan_handle_*() calls are like WARN(), they only happen when
  2881. * something 'BAD' happened. At the risk of taking the machine down,
  2882. * let them proceed to get the message out.
  2883. */
  2884. if (!strncmp(func->name, "__ubsan_handle_", 15))
  2885. return true;
  2886. return false;
  2887. }
  2888. static int validate_call(struct objtool_file *file,
  2889. struct instruction *insn,
  2890. struct insn_state *state)
  2891. {
  2892. if (state->noinstr && state->instr <= 0 &&
  2893. !noinstr_call_dest(file, insn, insn_call_dest(insn))) {
  2894. WARN_INSN(insn, "call to %s() leaves .noinstr.text section", call_dest_name(insn));
  2895. return 1;
  2896. }
  2897. if (state->uaccess && !func_uaccess_safe(insn_call_dest(insn))) {
  2898. WARN_INSN(insn, "call to %s() with UACCESS enabled", call_dest_name(insn));
  2899. return 1;
  2900. }
  2901. if (state->df) {
  2902. WARN_INSN(insn, "call to %s() with DF set", call_dest_name(insn));
  2903. return 1;
  2904. }
  2905. return 0;
  2906. }
  2907. static int validate_sibling_call(struct objtool_file *file,
  2908. struct instruction *insn,
  2909. struct insn_state *state)
  2910. {
  2911. if (insn_func(insn) && has_modified_stack_frame(insn, state)) {
  2912. WARN_INSN(insn, "sibling call from callable instruction with modified stack frame");
  2913. return 1;
  2914. }
  2915. return validate_call(file, insn, state);
  2916. }
  2917. static int validate_return(struct symbol *func, struct instruction *insn, struct insn_state *state)
  2918. {
  2919. if (state->noinstr && state->instr > 0) {
  2920. WARN_INSN(insn, "return with instrumentation enabled");
  2921. return 1;
  2922. }
  2923. if (state->uaccess && !func_uaccess_safe(func)) {
  2924. WARN_INSN(insn, "return with UACCESS enabled");
  2925. return 1;
  2926. }
  2927. if (!state->uaccess && func_uaccess_safe(func)) {
  2928. WARN_INSN(insn, "return with UACCESS disabled from a UACCESS-safe function");
  2929. return 1;
  2930. }
  2931. if (state->df) {
  2932. WARN_INSN(insn, "return with DF set");
  2933. return 1;
  2934. }
  2935. if (func && has_modified_stack_frame(insn, state)) {
  2936. WARN_INSN(insn, "return with modified stack frame");
  2937. return 1;
  2938. }
  2939. if (state->cfi.bp_scratch) {
  2940. WARN_INSN(insn, "BP used as a scratch register");
  2941. return 1;
  2942. }
  2943. return 0;
  2944. }
  2945. static struct instruction *next_insn_to_validate(struct objtool_file *file,
  2946. struct instruction *insn)
  2947. {
  2948. struct alt_group *alt_group = insn->alt_group;
  2949. /*
  2950. * Simulate the fact that alternatives are patched in-place. When the
  2951. * end of a replacement alt_group is reached, redirect objtool flow to
  2952. * the end of the original alt_group.
  2953. *
  2954. * insn->alts->insn -> alt_group->first_insn
  2955. * ...
  2956. * alt_group->last_insn
  2957. * [alt_group->nop] -> next(orig_group->last_insn)
  2958. */
  2959. if (alt_group) {
  2960. if (alt_group->nop) {
  2961. /* ->nop implies ->orig_group */
  2962. if (insn == alt_group->last_insn)
  2963. return alt_group->nop;
  2964. if (insn == alt_group->nop)
  2965. goto next_orig;
  2966. }
  2967. if (insn == alt_group->last_insn && alt_group->orig_group)
  2968. goto next_orig;
  2969. }
  2970. return next_insn_same_sec(file, insn);
  2971. next_orig:
  2972. return next_insn_same_sec(file, alt_group->orig_group->last_insn);
  2973. }
  2974. static bool skip_alt_group(struct instruction *insn)
  2975. {
  2976. struct instruction *alt_insn = insn->alts ? insn->alts->insn : NULL;
  2977. if (!insn->alt_group)
  2978. return false;
  2979. /* ANNOTATE_IGNORE_ALTERNATIVE */
  2980. if (insn->alt_group->ignore) {
  2981. TRACE_ALT(insn, "alt group ignored");
  2982. return true;
  2983. }
  2984. /*
  2985. * For NOP patched with CLAC/STAC, only follow the latter to avoid
  2986. * impossible code paths combining patched CLAC with unpatched STAC
  2987. * or vice versa.
  2988. *
  2989. * ANNOTATE_IGNORE_ALTERNATIVE could have been used here, but Linus
  2990. * requested not to do that to avoid hurting .s file readability
  2991. * around CLAC/STAC alternative sites.
  2992. */
  2993. if (!alt_insn)
  2994. return false;
  2995. /* Don't override ASM_{CLAC,STAC}_UNSAFE */
  2996. if (alt_insn->alt_group && alt_insn->alt_group->ignore)
  2997. return false;
  2998. return alt_insn->type == INSN_CLAC || alt_insn->type == INSN_STAC;
  2999. }
  3000. static int checksum_debug_init(struct objtool_file *file)
  3001. {
  3002. char *dup, *s;
  3003. if (!opts.debug_checksum)
  3004. return 0;
  3005. dup = strdup(opts.debug_checksum);
  3006. if (!dup) {
  3007. ERROR_GLIBC("strdup");
  3008. return -1;
  3009. }
  3010. s = dup;
  3011. while (*s) {
  3012. struct symbol *func;
  3013. char *comma;
  3014. comma = strchr(s, ',');
  3015. if (comma)
  3016. *comma = '\0';
  3017. func = find_symbol_by_name(file->elf, s);
  3018. if (!func || !is_func_sym(func))
  3019. WARN("--debug-checksum: can't find '%s'", s);
  3020. else
  3021. func->debug_checksum = 1;
  3022. if (!comma)
  3023. break;
  3024. s = comma + 1;
  3025. }
  3026. free(dup);
  3027. return 0;
  3028. }
  3029. static void checksum_update_insn(struct objtool_file *file, struct symbol *func,
  3030. struct instruction *insn)
  3031. {
  3032. struct reloc *reloc = insn_reloc(file, insn);
  3033. unsigned long offset;
  3034. struct symbol *sym;
  3035. if (insn->fake)
  3036. return;
  3037. checksum_update(func, insn, insn->sec->data->d_buf + insn->offset, insn->len);
  3038. if (!reloc) {
  3039. struct symbol *call_dest = insn_call_dest(insn);
  3040. if (call_dest)
  3041. checksum_update(func, insn, call_dest->demangled_name,
  3042. strlen(call_dest->demangled_name));
  3043. return;
  3044. }
  3045. sym = reloc->sym;
  3046. offset = arch_insn_adjusted_addend(insn, reloc);
  3047. if (is_string_sec(sym->sec)) {
  3048. char *str;
  3049. str = sym->sec->data->d_buf + sym->offset + offset;
  3050. checksum_update(func, insn, str, strlen(str));
  3051. return;
  3052. }
  3053. if (is_sec_sym(sym)) {
  3054. sym = find_symbol_containing(reloc->sym->sec, offset);
  3055. if (!sym)
  3056. return;
  3057. offset -= sym->offset;
  3058. }
  3059. checksum_update(func, insn, sym->demangled_name, strlen(sym->demangled_name));
  3060. checksum_update(func, insn, &offset, sizeof(offset));
  3061. }
  3062. static int validate_branch(struct objtool_file *file, struct symbol *func,
  3063. struct instruction *insn, struct insn_state state);
  3064. static int do_validate_branch(struct objtool_file *file, struct symbol *func,
  3065. struct instruction *insn, struct insn_state *state);
  3066. static int validate_insn(struct objtool_file *file, struct symbol *func,
  3067. struct instruction *insn, struct insn_state *statep,
  3068. struct instruction *prev_insn, struct instruction *next_insn,
  3069. bool *dead_end)
  3070. {
  3071. char *alt_name __maybe_unused = NULL;
  3072. struct alternative *alt;
  3073. u8 visited;
  3074. int ret;
  3075. /*
  3076. * Any returns before the end of this function are effectively dead
  3077. * ends, i.e. validate_branch() has reached the end of the branch.
  3078. */
  3079. *dead_end = true;
  3080. visited = VISITED_BRANCH << statep->uaccess;
  3081. if (insn->visited & VISITED_BRANCH_MASK) {
  3082. if (!insn->hint && !insn_cfi_match(insn, &statep->cfi))
  3083. return 1;
  3084. if (insn->visited & visited) {
  3085. TRACE_INSN(insn, "already visited");
  3086. return 0;
  3087. }
  3088. } else {
  3089. nr_insns_visited++;
  3090. }
  3091. if (statep->noinstr)
  3092. statep->instr += insn->instr;
  3093. if (insn->hint) {
  3094. if (insn->restore) {
  3095. struct instruction *save_insn, *i;
  3096. i = insn;
  3097. save_insn = NULL;
  3098. sym_for_each_insn_continue_reverse(file, func, i) {
  3099. if (i->save) {
  3100. save_insn = i;
  3101. break;
  3102. }
  3103. }
  3104. if (!save_insn) {
  3105. WARN_INSN(insn, "no corresponding CFI save for CFI restore");
  3106. return 1;
  3107. }
  3108. if (!save_insn->visited) {
  3109. /*
  3110. * If the restore hint insn is at the
  3111. * beginning of a basic block and was
  3112. * branched to from elsewhere, and the
  3113. * save insn hasn't been visited yet,
  3114. * defer following this branch for now.
  3115. * It will be seen later via the
  3116. * straight-line path.
  3117. */
  3118. if (!prev_insn) {
  3119. TRACE_INSN(insn, "defer restore");
  3120. return 0;
  3121. }
  3122. WARN_INSN(insn, "objtool isn't smart enough to handle this CFI save/restore combo");
  3123. return 1;
  3124. }
  3125. insn->cfi = save_insn->cfi;
  3126. nr_cfi_reused++;
  3127. }
  3128. statep->cfi = *insn->cfi;
  3129. } else {
  3130. /* XXX track if we actually changed statep->cfi */
  3131. if (prev_insn && !cficmp(prev_insn->cfi, &statep->cfi)) {
  3132. insn->cfi = prev_insn->cfi;
  3133. nr_cfi_reused++;
  3134. } else {
  3135. insn->cfi = cfi_hash_find_or_add(&statep->cfi);
  3136. }
  3137. }
  3138. insn->visited |= visited;
  3139. if (propagate_alt_cfi(file, insn))
  3140. return 1;
  3141. if (insn->alts) {
  3142. for (alt = insn->alts; alt; alt = alt->next) {
  3143. TRACE_ALT_BEGIN(insn, alt, alt_name);
  3144. ret = validate_branch(file, func, alt->insn, *statep);
  3145. TRACE_ALT_END(insn, alt, alt_name);
  3146. if (ret) {
  3147. BT_INSN(insn, "(alt)");
  3148. return ret;
  3149. }
  3150. }
  3151. TRACE_ALT_INFO_NOADDR(insn, "/ ", "DEFAULT");
  3152. }
  3153. if (skip_alt_group(insn))
  3154. return 0;
  3155. if (handle_insn_ops(insn, next_insn, statep))
  3156. return 1;
  3157. switch (insn->type) {
  3158. case INSN_RETURN:
  3159. TRACE_INSN(insn, "return");
  3160. return validate_return(func, insn, statep);
  3161. case INSN_CALL:
  3162. case INSN_CALL_DYNAMIC:
  3163. if (insn->type == INSN_CALL)
  3164. TRACE_INSN(insn, "call");
  3165. else
  3166. TRACE_INSN(insn, "indirect call");
  3167. ret = validate_call(file, insn, statep);
  3168. if (ret)
  3169. return ret;
  3170. if (opts.stackval && func && !is_special_call(insn) &&
  3171. !has_valid_stack_frame(statep)) {
  3172. WARN_INSN(insn, "call without frame pointer save/setup");
  3173. return 1;
  3174. }
  3175. break;
  3176. case INSN_JUMP_CONDITIONAL:
  3177. case INSN_JUMP_UNCONDITIONAL:
  3178. if (is_sibling_call(insn)) {
  3179. TRACE_INSN(insn, "sibling call");
  3180. ret = validate_sibling_call(file, insn, statep);
  3181. if (ret)
  3182. return ret;
  3183. } else if (insn->jump_dest) {
  3184. if (insn->type == INSN_JUMP_UNCONDITIONAL)
  3185. TRACE_INSN(insn, "unconditional jump");
  3186. else
  3187. TRACE_INSN(insn, "jump taken");
  3188. ret = validate_branch(file, func, insn->jump_dest, *statep);
  3189. if (ret) {
  3190. BT_INSN(insn, "(branch)");
  3191. return ret;
  3192. }
  3193. }
  3194. if (insn->type == INSN_JUMP_UNCONDITIONAL)
  3195. return 0;
  3196. TRACE_INSN(insn, "jump not taken");
  3197. break;
  3198. case INSN_JUMP_DYNAMIC:
  3199. case INSN_JUMP_DYNAMIC_CONDITIONAL:
  3200. TRACE_INSN(insn, "indirect jump");
  3201. if (is_sibling_call(insn)) {
  3202. ret = validate_sibling_call(file, insn, statep);
  3203. if (ret)
  3204. return ret;
  3205. }
  3206. if (insn->type == INSN_JUMP_DYNAMIC)
  3207. return 0;
  3208. break;
  3209. case INSN_SYSCALL:
  3210. TRACE_INSN(insn, "syscall");
  3211. if (func && (!next_insn || !next_insn->hint)) {
  3212. WARN_INSN(insn, "unsupported instruction in callable function");
  3213. return 1;
  3214. }
  3215. break;
  3216. case INSN_SYSRET:
  3217. TRACE_INSN(insn, "sysret");
  3218. if (func && (!next_insn || !next_insn->hint)) {
  3219. WARN_INSN(insn, "unsupported instruction in callable function");
  3220. return 1;
  3221. }
  3222. return 0;
  3223. case INSN_STAC:
  3224. TRACE_INSN(insn, "stac");
  3225. if (!opts.uaccess)
  3226. break;
  3227. if (statep->uaccess) {
  3228. WARN_INSN(insn, "recursive UACCESS enable");
  3229. return 1;
  3230. }
  3231. statep->uaccess = true;
  3232. break;
  3233. case INSN_CLAC:
  3234. TRACE_INSN(insn, "clac");
  3235. if (!opts.uaccess)
  3236. break;
  3237. if (!statep->uaccess && func) {
  3238. WARN_INSN(insn, "redundant UACCESS disable");
  3239. return 1;
  3240. }
  3241. if (func_uaccess_safe(func) && !statep->uaccess_stack) {
  3242. WARN_INSN(insn, "UACCESS-safe disables UACCESS");
  3243. return 1;
  3244. }
  3245. statep->uaccess = false;
  3246. break;
  3247. case INSN_STD:
  3248. TRACE_INSN(insn, "std");
  3249. if (statep->df) {
  3250. WARN_INSN(insn, "recursive STD");
  3251. return 1;
  3252. }
  3253. statep->df = true;
  3254. break;
  3255. case INSN_CLD:
  3256. TRACE_INSN(insn, "cld");
  3257. if (!statep->df && func) {
  3258. WARN_INSN(insn, "redundant CLD");
  3259. return 1;
  3260. }
  3261. statep->df = false;
  3262. break;
  3263. default:
  3264. break;
  3265. }
  3266. if (insn->dead_end)
  3267. TRACE_INSN(insn, "dead end");
  3268. *dead_end = insn->dead_end;
  3269. return 0;
  3270. }
  3271. /*
  3272. * Follow the branch starting at the given instruction, and recursively follow
  3273. * any other branches (jumps). Meanwhile, track the frame pointer state at
  3274. * each instruction and validate all the rules described in
  3275. * tools/objtool/Documentation/objtool.txt.
  3276. */
  3277. static int do_validate_branch(struct objtool_file *file, struct symbol *func,
  3278. struct instruction *insn, struct insn_state *state)
  3279. {
  3280. struct instruction *next_insn, *prev_insn = NULL;
  3281. bool dead_end;
  3282. int ret;
  3283. if (func && func->ignore)
  3284. return 0;
  3285. do {
  3286. insn->trace = 0;
  3287. next_insn = next_insn_to_validate(file, insn);
  3288. if (opts.checksum && func && insn->sec)
  3289. checksum_update_insn(file, func, insn);
  3290. if (func && insn_func(insn) && func != insn_func(insn)->pfunc) {
  3291. /* Ignore KCFI type preambles, which always fall through */
  3292. if (is_prefix_func(func))
  3293. return 0;
  3294. if (file->ignore_unreachables)
  3295. return 0;
  3296. WARN("%s() falls through to next function %s()",
  3297. func->name, insn_func(insn)->name);
  3298. func->warned = 1;
  3299. return 1;
  3300. }
  3301. ret = validate_insn(file, func, insn, state, prev_insn, next_insn,
  3302. &dead_end);
  3303. if (!insn->trace) {
  3304. if (ret)
  3305. TRACE_INSN(insn, "warning (%d)", ret);
  3306. else
  3307. TRACE_INSN(insn, NULL);
  3308. }
  3309. if (!dead_end && !next_insn) {
  3310. if (state->cfi.cfa.base == CFI_UNDEFINED)
  3311. return 0;
  3312. if (file->ignore_unreachables)
  3313. return 0;
  3314. WARN("%s%sunexpected end of section %s",
  3315. func ? func->name : "", func ? "(): " : "",
  3316. insn->sec->name);
  3317. return 1;
  3318. }
  3319. prev_insn = insn;
  3320. insn = next_insn;
  3321. } while (!dead_end);
  3322. return ret;
  3323. }
  3324. static int validate_branch(struct objtool_file *file, struct symbol *func,
  3325. struct instruction *insn, struct insn_state state)
  3326. {
  3327. int ret;
  3328. trace_depth_inc();
  3329. ret = do_validate_branch(file, func, insn, &state);
  3330. trace_depth_dec();
  3331. return ret;
  3332. }
  3333. static int validate_unwind_hint(struct objtool_file *file,
  3334. struct instruction *insn,
  3335. struct insn_state *state)
  3336. {
  3337. if (insn->hint && !insn->visited) {
  3338. struct symbol *func = insn_func(insn);
  3339. int ret;
  3340. if (opts.checksum)
  3341. checksum_init(func);
  3342. ret = validate_branch(file, func, insn, *state);
  3343. if (ret)
  3344. BT_INSN(insn, "<=== (hint)");
  3345. return ret;
  3346. }
  3347. return 0;
  3348. }
  3349. static int validate_unwind_hints(struct objtool_file *file, struct section *sec)
  3350. {
  3351. struct instruction *insn;
  3352. struct insn_state state;
  3353. int warnings = 0;
  3354. if (!file->hints)
  3355. return 0;
  3356. init_insn_state(file, &state, sec);
  3357. if (sec) {
  3358. sec_for_each_insn(file, sec, insn)
  3359. warnings += validate_unwind_hint(file, insn, &state);
  3360. } else {
  3361. for_each_insn(file, insn)
  3362. warnings += validate_unwind_hint(file, insn, &state);
  3363. }
  3364. return warnings;
  3365. }
  3366. /*
  3367. * Validate rethunk entry constraint: must untrain RET before the first RET.
  3368. *
  3369. * Follow every branch (intra-function) and ensure VALIDATE_UNRET_END comes
  3370. * before an actual RET instruction.
  3371. */
  3372. static int validate_unret(struct objtool_file *file, struct instruction *insn)
  3373. {
  3374. struct instruction *next, *dest;
  3375. int ret;
  3376. for (;;) {
  3377. next = next_insn_to_validate(file, insn);
  3378. if (insn->visited & VISITED_UNRET)
  3379. return 0;
  3380. insn->visited |= VISITED_UNRET;
  3381. if (insn->alts) {
  3382. struct alternative *alt;
  3383. for (alt = insn->alts; alt; alt = alt->next) {
  3384. ret = validate_unret(file, alt->insn);
  3385. if (ret) {
  3386. BT_INSN(insn, "(alt)");
  3387. return ret;
  3388. }
  3389. }
  3390. }
  3391. switch (insn->type) {
  3392. case INSN_CALL_DYNAMIC:
  3393. case INSN_JUMP_DYNAMIC:
  3394. case INSN_JUMP_DYNAMIC_CONDITIONAL:
  3395. WARN_INSN(insn, "early indirect call");
  3396. return 1;
  3397. case INSN_JUMP_UNCONDITIONAL:
  3398. case INSN_JUMP_CONDITIONAL:
  3399. if (!is_sibling_call(insn)) {
  3400. if (!insn->jump_dest) {
  3401. WARN_INSN(insn, "unresolved jump target after linking?!?");
  3402. return 1;
  3403. }
  3404. ret = validate_unret(file, insn->jump_dest);
  3405. if (ret) {
  3406. BT_INSN(insn, "(branch%s)",
  3407. insn->type == INSN_JUMP_CONDITIONAL ? "-cond" : "");
  3408. return ret;
  3409. }
  3410. if (insn->type == INSN_JUMP_UNCONDITIONAL)
  3411. return 0;
  3412. break;
  3413. }
  3414. /* fallthrough */
  3415. case INSN_CALL:
  3416. dest = find_insn(file, insn_call_dest(insn)->sec,
  3417. insn_call_dest(insn)->offset);
  3418. if (!dest) {
  3419. WARN("Unresolved function after linking!?: %s",
  3420. insn_call_dest(insn)->name);
  3421. return 1;
  3422. }
  3423. ret = validate_unret(file, dest);
  3424. if (ret) {
  3425. BT_INSN(insn, "(call)");
  3426. return ret;
  3427. }
  3428. /*
  3429. * If a call returns without error, it must have seen UNTRAIN_RET.
  3430. * Therefore any non-error return is a success.
  3431. */
  3432. return 0;
  3433. case INSN_RETURN:
  3434. WARN_INSN(insn, "RET before UNTRAIN");
  3435. return 1;
  3436. case INSN_SYSCALL:
  3437. break;
  3438. case INSN_SYSRET:
  3439. return 0;
  3440. case INSN_NOP:
  3441. if (insn->retpoline_safe)
  3442. return 0;
  3443. break;
  3444. default:
  3445. break;
  3446. }
  3447. if (insn->dead_end)
  3448. return 0;
  3449. if (!next) {
  3450. WARN_INSN(insn, "teh end!");
  3451. return 1;
  3452. }
  3453. insn = next;
  3454. }
  3455. return 0;
  3456. }
  3457. /*
  3458. * Validate that all branches starting at VALIDATE_UNRET_BEGIN encounter
  3459. * VALIDATE_UNRET_END before RET.
  3460. */
  3461. static int validate_unrets(struct objtool_file *file)
  3462. {
  3463. struct instruction *insn;
  3464. int warnings = 0;
  3465. for_each_insn(file, insn) {
  3466. if (!insn->unret)
  3467. continue;
  3468. warnings += validate_unret(file, insn);
  3469. }
  3470. return warnings;
  3471. }
  3472. static int validate_retpoline(struct objtool_file *file)
  3473. {
  3474. struct instruction *insn;
  3475. int warnings = 0;
  3476. for_each_insn(file, insn) {
  3477. if (insn->type != INSN_JUMP_DYNAMIC &&
  3478. insn->type != INSN_CALL_DYNAMIC &&
  3479. insn->type != INSN_RETURN)
  3480. continue;
  3481. if (insn->retpoline_safe)
  3482. continue;
  3483. if (insn->sec->init)
  3484. continue;
  3485. if (insn->type == INSN_RETURN) {
  3486. if (opts.rethunk) {
  3487. WARN_INSN(insn, "'naked' return found in MITIGATION_RETHUNK build");
  3488. warnings++;
  3489. }
  3490. continue;
  3491. }
  3492. WARN_INSN(insn, "indirect %s found in MITIGATION_RETPOLINE build",
  3493. insn->type == INSN_JUMP_DYNAMIC ? "jump" : "call");
  3494. warnings++;
  3495. }
  3496. if (!opts.cfi)
  3497. return warnings;
  3498. /*
  3499. * kCFI call sites look like:
  3500. *
  3501. * movl $(-0x12345678), %r10d
  3502. * addl -4(%r11), %r10d
  3503. * jz 1f
  3504. * ud2
  3505. * 1: cs call __x86_indirect_thunk_r11
  3506. *
  3507. * Verify all indirect calls are kCFI adorned by checking for the
  3508. * UD2. Notably, doing __nocfi calls to regular (cfi) functions is
  3509. * broken.
  3510. */
  3511. list_for_each_entry(insn, &file->retpoline_call_list, call_node) {
  3512. struct symbol *sym = insn->sym;
  3513. if (sym && (sym->type == STT_NOTYPE ||
  3514. sym->type == STT_FUNC) && !sym->nocfi) {
  3515. struct instruction *prev =
  3516. prev_insn_same_sym(file, insn);
  3517. if (!prev || prev->type != INSN_BUG) {
  3518. WARN_INSN(insn, "no-cfi indirect call!");
  3519. warnings++;
  3520. }
  3521. }
  3522. }
  3523. return warnings;
  3524. }
  3525. static bool is_kasan_insn(struct instruction *insn)
  3526. {
  3527. return (insn->type == INSN_CALL &&
  3528. !strcmp(insn_call_dest(insn)->name, "__asan_handle_no_return"));
  3529. }
  3530. static bool is_ubsan_insn(struct instruction *insn)
  3531. {
  3532. return (insn->type == INSN_CALL &&
  3533. !strcmp(insn_call_dest(insn)->name,
  3534. "__ubsan_handle_builtin_unreachable"));
  3535. }
  3536. static bool ignore_unreachable_insn(struct objtool_file *file, struct instruction *insn)
  3537. {
  3538. struct symbol *func = insn_func(insn);
  3539. struct instruction *prev_insn;
  3540. int i;
  3541. if (insn->type == INSN_NOP || insn->type == INSN_TRAP ||
  3542. insn->hole || (func && func->ignore))
  3543. return true;
  3544. /*
  3545. * Ignore alternative replacement instructions. This can happen
  3546. * when a whitelisted function uses one of the ALTERNATIVE macros.
  3547. */
  3548. if (!strcmp(insn->sec->name, ".altinstr_replacement") ||
  3549. !strcmp(insn->sec->name, ".altinstr_aux"))
  3550. return true;
  3551. if (!func)
  3552. return false;
  3553. if (func->static_call_tramp)
  3554. return true;
  3555. /*
  3556. * CONFIG_UBSAN_TRAP inserts a UD2 when it sees
  3557. * __builtin_unreachable(). The BUG() macro has an unreachable() after
  3558. * the UD2, which causes GCC's undefined trap logic to emit another UD2
  3559. * (or occasionally a JMP to UD2).
  3560. *
  3561. * It may also insert a UD2 after calling a __noreturn function.
  3562. */
  3563. prev_insn = prev_insn_same_sec(file, insn);
  3564. if (prev_insn && prev_insn->dead_end &&
  3565. (insn->type == INSN_BUG ||
  3566. (insn->type == INSN_JUMP_UNCONDITIONAL &&
  3567. insn->jump_dest && insn->jump_dest->type == INSN_BUG)))
  3568. return true;
  3569. /*
  3570. * Check if this (or a subsequent) instruction is related to
  3571. * CONFIG_UBSAN or CONFIG_KASAN.
  3572. *
  3573. * End the search at 5 instructions to avoid going into the weeds.
  3574. */
  3575. for (i = 0; i < 5; i++) {
  3576. if (is_kasan_insn(insn) || is_ubsan_insn(insn))
  3577. return true;
  3578. if (insn->type == INSN_JUMP_UNCONDITIONAL) {
  3579. if (insn->jump_dest &&
  3580. insn_func(insn->jump_dest) == func) {
  3581. insn = insn->jump_dest;
  3582. continue;
  3583. }
  3584. break;
  3585. }
  3586. if (insn->offset + insn->len >= func->offset + func->len)
  3587. break;
  3588. insn = next_insn_same_sec(file, insn);
  3589. }
  3590. return false;
  3591. }
  3592. /*
  3593. * For FineIBT or kCFI, a certain number of bytes preceding the function may be
  3594. * NOPs. Those NOPs may be rewritten at runtime and executed, so give them a
  3595. * proper function name: __pfx_<func>.
  3596. *
  3597. * The NOPs may not exist for the following cases:
  3598. *
  3599. * - compiler cloned functions (*.cold, *.part0, etc)
  3600. * - asm functions created with inline asm or without SYM_FUNC_START()
  3601. *
  3602. * Also, the function may already have a prefix from a previous objtool run
  3603. * (livepatch extracted functions, or manually running objtool multiple times).
  3604. *
  3605. * So return 0 if the NOPs are missing or the function already has a prefix
  3606. * symbol.
  3607. */
  3608. static int create_prefix_symbol(struct objtool_file *file, struct symbol *func)
  3609. {
  3610. struct instruction *insn, *prev;
  3611. char name[SYM_NAME_LEN];
  3612. struct cfi_state *cfi;
  3613. if (!is_func_sym(func) || is_prefix_func(func) ||
  3614. func->cold || func->static_call_tramp)
  3615. return 0;
  3616. if ((strlen(func->name) + sizeof("__pfx_") > SYM_NAME_LEN)) {
  3617. WARN("%s: symbol name too long, can't create __pfx_ symbol",
  3618. func->name);
  3619. return 0;
  3620. }
  3621. if (snprintf_check(name, SYM_NAME_LEN, "__pfx_%s", func->name))
  3622. return -1;
  3623. if (file->klp) {
  3624. struct symbol *pfx;
  3625. pfx = find_symbol_by_offset(func->sec, func->offset - opts.prefix);
  3626. if (pfx && is_prefix_func(pfx) && !strcmp(pfx->name, name))
  3627. return 0;
  3628. }
  3629. insn = find_insn(file, func->sec, func->offset);
  3630. if (!insn) {
  3631. WARN("%s: can't find starting instruction", func->name);
  3632. return -1;
  3633. }
  3634. for (prev = prev_insn_same_sec(file, insn);
  3635. prev;
  3636. prev = prev_insn_same_sec(file, prev)) {
  3637. u64 offset;
  3638. if (prev->type != INSN_NOP)
  3639. return 0;
  3640. offset = func->offset - prev->offset;
  3641. if (offset > opts.prefix)
  3642. return 0;
  3643. if (offset < opts.prefix)
  3644. continue;
  3645. if (!elf_create_symbol(file->elf, name, func->sec,
  3646. GELF_ST_BIND(func->sym.st_info),
  3647. GELF_ST_TYPE(func->sym.st_info),
  3648. prev->offset, opts.prefix))
  3649. return -1;
  3650. break;
  3651. }
  3652. if (!prev)
  3653. return 0;
  3654. if (!insn->cfi) {
  3655. /*
  3656. * This can happen if stack validation isn't enabled or the
  3657. * function is annotated with STACK_FRAME_NON_STANDARD.
  3658. */
  3659. return 0;
  3660. }
  3661. /* Propagate insn->cfi to the prefix code */
  3662. cfi = cfi_hash_find_or_add(insn->cfi);
  3663. for (; prev != insn; prev = next_insn_same_sec(file, prev))
  3664. prev->cfi = cfi;
  3665. return 0;
  3666. }
  3667. static int create_prefix_symbols(struct objtool_file *file)
  3668. {
  3669. struct section *sec;
  3670. struct symbol *func;
  3671. for_each_sec(file->elf, sec) {
  3672. if (!is_text_sec(sec))
  3673. continue;
  3674. sec_for_each_sym(sec, func) {
  3675. if (create_prefix_symbol(file, func))
  3676. return -1;
  3677. }
  3678. }
  3679. return 0;
  3680. }
  3681. static int validate_symbol(struct objtool_file *file, struct section *sec,
  3682. struct symbol *sym, struct insn_state *state)
  3683. {
  3684. struct instruction *insn;
  3685. struct symbol *func;
  3686. int ret;
  3687. if (!sym->len) {
  3688. WARN("%s() is missing an ELF size annotation", sym->name);
  3689. return 1;
  3690. }
  3691. if (sym->pfunc != sym || sym->alias != sym)
  3692. return 0;
  3693. insn = find_insn(file, sec, sym->offset);
  3694. if (!insn || insn->visited)
  3695. return 0;
  3696. if (opts.uaccess)
  3697. state->uaccess = sym->uaccess_safe;
  3698. func = insn_func(insn);
  3699. if (opts.checksum)
  3700. checksum_init(func);
  3701. if (opts.trace && !fnmatch(opts.trace, sym->name, 0)) {
  3702. trace_enable();
  3703. TRACE("%s: validation begin\n", sym->name);
  3704. }
  3705. ret = validate_branch(file, func, insn, *state);
  3706. if (ret)
  3707. BT_INSN(insn, "<=== (sym)");
  3708. TRACE("%s: validation %s\n\n", sym->name, ret ? "failed" : "end");
  3709. trace_disable();
  3710. if (opts.checksum)
  3711. checksum_finish(func);
  3712. return ret;
  3713. }
  3714. static int validate_section(struct objtool_file *file, struct section *sec)
  3715. {
  3716. struct insn_state state;
  3717. struct symbol *func;
  3718. int warnings = 0;
  3719. sec_for_each_sym(sec, func) {
  3720. if (!is_func_sym(func))
  3721. continue;
  3722. init_insn_state(file, &state, sec);
  3723. set_func_state(&state.cfi);
  3724. warnings += validate_symbol(file, sec, func, &state);
  3725. }
  3726. return warnings;
  3727. }
  3728. static int validate_noinstr_sections(struct objtool_file *file)
  3729. {
  3730. struct section *sec;
  3731. int warnings = 0;
  3732. sec = find_section_by_name(file->elf, ".noinstr.text");
  3733. if (sec) {
  3734. warnings += validate_section(file, sec);
  3735. warnings += validate_unwind_hints(file, sec);
  3736. }
  3737. sec = find_section_by_name(file->elf, ".entry.text");
  3738. if (sec) {
  3739. warnings += validate_section(file, sec);
  3740. warnings += validate_unwind_hints(file, sec);
  3741. }
  3742. sec = find_section_by_name(file->elf, ".cpuidle.text");
  3743. if (sec) {
  3744. warnings += validate_section(file, sec);
  3745. warnings += validate_unwind_hints(file, sec);
  3746. }
  3747. return warnings;
  3748. }
  3749. static int validate_functions(struct objtool_file *file)
  3750. {
  3751. struct section *sec;
  3752. int warnings = 0;
  3753. for_each_sec(file->elf, sec) {
  3754. if (!is_text_sec(sec))
  3755. continue;
  3756. warnings += validate_section(file, sec);
  3757. }
  3758. return warnings;
  3759. }
  3760. static void mark_endbr_used(struct instruction *insn)
  3761. {
  3762. if (!list_empty(&insn->call_node))
  3763. list_del_init(&insn->call_node);
  3764. }
  3765. static bool noendbr_range(struct objtool_file *file, struct instruction *insn)
  3766. {
  3767. struct symbol *sym = find_symbol_containing(insn->sec, insn->offset-1);
  3768. struct instruction *first;
  3769. if (!sym)
  3770. return false;
  3771. first = find_insn(file, sym->sec, sym->offset);
  3772. if (!first)
  3773. return false;
  3774. if (first->type != INSN_ENDBR && !first->noendbr)
  3775. return false;
  3776. return insn->offset == sym->offset + sym->len;
  3777. }
  3778. static int __validate_ibt_insn(struct objtool_file *file, struct instruction *insn,
  3779. struct instruction *dest)
  3780. {
  3781. if (dest->type == INSN_ENDBR) {
  3782. mark_endbr_used(dest);
  3783. return 0;
  3784. }
  3785. if (insn_func(dest) && insn_func(insn) &&
  3786. insn_func(dest)->pfunc == insn_func(insn)->pfunc) {
  3787. /*
  3788. * Anything from->to self is either _THIS_IP_ or
  3789. * IRET-to-self.
  3790. *
  3791. * There is no sane way to annotate _THIS_IP_ since the
  3792. * compiler treats the relocation as a constant and is
  3793. * happy to fold in offsets, skewing any annotation we
  3794. * do, leading to vast amounts of false-positives.
  3795. *
  3796. * There's also compiler generated _THIS_IP_ through
  3797. * KCOV and such which we have no hope of annotating.
  3798. *
  3799. * As such, blanket accept self-references without
  3800. * issue.
  3801. */
  3802. return 0;
  3803. }
  3804. /*
  3805. * Accept anything ANNOTATE_NOENDBR.
  3806. */
  3807. if (dest->noendbr)
  3808. return 0;
  3809. /*
  3810. * Accept if this is the instruction after a symbol
  3811. * that is (no)endbr -- typical code-range usage.
  3812. */
  3813. if (noendbr_range(file, dest))
  3814. return 0;
  3815. WARN_INSN(insn, "relocation to !ENDBR: %s", offstr(dest->sec, dest->offset));
  3816. return 1;
  3817. }
  3818. static int validate_ibt_insn(struct objtool_file *file, struct instruction *insn)
  3819. {
  3820. struct instruction *dest;
  3821. struct reloc *reloc;
  3822. unsigned long off;
  3823. int warnings = 0;
  3824. /*
  3825. * Looking for function pointer load relocations. Ignore
  3826. * direct/indirect branches:
  3827. */
  3828. switch (insn->type) {
  3829. case INSN_CALL:
  3830. case INSN_CALL_DYNAMIC:
  3831. case INSN_JUMP_CONDITIONAL:
  3832. case INSN_JUMP_UNCONDITIONAL:
  3833. case INSN_JUMP_DYNAMIC:
  3834. case INSN_JUMP_DYNAMIC_CONDITIONAL:
  3835. case INSN_RETURN:
  3836. case INSN_NOP:
  3837. return 0;
  3838. case INSN_LEA_RIP:
  3839. if (!insn_reloc(file, insn)) {
  3840. /* local function pointer reference without reloc */
  3841. off = arch_jump_destination(insn);
  3842. dest = find_insn(file, insn->sec, off);
  3843. if (!dest) {
  3844. WARN_INSN(insn, "corrupt function pointer reference");
  3845. return 1;
  3846. }
  3847. return __validate_ibt_insn(file, insn, dest);
  3848. }
  3849. break;
  3850. default:
  3851. break;
  3852. }
  3853. for (reloc = insn_reloc(file, insn);
  3854. reloc;
  3855. reloc = find_reloc_by_dest_range(file->elf, insn->sec,
  3856. reloc_offset(reloc) + 1,
  3857. (insn->offset + insn->len) - (reloc_offset(reloc) + 1))) {
  3858. off = reloc->sym->offset + arch_insn_adjusted_addend(insn, reloc);
  3859. dest = find_insn(file, reloc->sym->sec, off);
  3860. if (!dest)
  3861. continue;
  3862. warnings += __validate_ibt_insn(file, insn, dest);
  3863. }
  3864. return warnings;
  3865. }
  3866. static int validate_ibt_data_reloc(struct objtool_file *file,
  3867. struct reloc *reloc)
  3868. {
  3869. struct instruction *dest;
  3870. dest = find_insn(file, reloc->sym->sec,
  3871. reloc->sym->offset + reloc_addend(reloc));
  3872. if (!dest)
  3873. return 0;
  3874. if (dest->type == INSN_ENDBR) {
  3875. mark_endbr_used(dest);
  3876. return 0;
  3877. }
  3878. if (dest->noendbr)
  3879. return 0;
  3880. WARN_FUNC(reloc->sec->base, reloc_offset(reloc),
  3881. "data relocation to !ENDBR: %s", offstr(dest->sec, dest->offset));
  3882. return 1;
  3883. }
  3884. /*
  3885. * Validate IBT rules and remove used ENDBR instructions from the seal list.
  3886. * Unused ENDBR instructions will be annotated for sealing (i.e., replaced with
  3887. * NOPs) later, in create_ibt_endbr_seal_sections().
  3888. */
  3889. static int validate_ibt(struct objtool_file *file)
  3890. {
  3891. struct section *sec;
  3892. struct reloc *reloc;
  3893. struct instruction *insn;
  3894. int warnings = 0;
  3895. for_each_insn(file, insn)
  3896. warnings += validate_ibt_insn(file, insn);
  3897. for_each_sec(file->elf, sec) {
  3898. /* Already done by validate_ibt_insn() */
  3899. if (is_text_sec(sec))
  3900. continue;
  3901. if (!sec->rsec)
  3902. continue;
  3903. /*
  3904. * These sections can reference text addresses, but not with
  3905. * the intent to indirect branch to them.
  3906. */
  3907. if ((!strncmp(sec->name, ".discard", 8) &&
  3908. strcmp(sec->name, ".discard.ibt_endbr_noseal")) ||
  3909. !strncmp(sec->name, ".debug", 6) ||
  3910. !strcmp(sec->name, ".altinstructions") ||
  3911. !strcmp(sec->name, ".ibt_endbr_seal") ||
  3912. !strcmp(sec->name, ".kcfi_traps") ||
  3913. !strcmp(sec->name, ".orc_unwind_ip") ||
  3914. !strcmp(sec->name, ".retpoline_sites") ||
  3915. !strcmp(sec->name, ".smp_locks") ||
  3916. !strcmp(sec->name, ".static_call_sites") ||
  3917. !strcmp(sec->name, "_error_injection_whitelist") ||
  3918. !strcmp(sec->name, "_kprobe_blacklist") ||
  3919. !strcmp(sec->name, "__bug_table") ||
  3920. !strcmp(sec->name, "__ex_table") ||
  3921. !strcmp(sec->name, "__jump_table") ||
  3922. !strcmp(sec->name, ".init.klp_funcs") ||
  3923. !strcmp(sec->name, "__mcount_loc") ||
  3924. !strcmp(sec->name, ".llvm.call-graph-profile") ||
  3925. !strcmp(sec->name, ".llvm_bb_addr_map") ||
  3926. !strcmp(sec->name, "__tracepoints") ||
  3927. !strcmp(sec->name, ".return_sites") ||
  3928. !strcmp(sec->name, ".call_sites") ||
  3929. !strcmp(sec->name, "__patchable_function_entries"))
  3930. continue;
  3931. for_each_reloc(sec->rsec, reloc)
  3932. warnings += validate_ibt_data_reloc(file, reloc);
  3933. }
  3934. return warnings;
  3935. }
  3936. static int validate_sls(struct objtool_file *file)
  3937. {
  3938. struct instruction *insn, *next_insn;
  3939. int warnings = 0;
  3940. for_each_insn(file, insn) {
  3941. next_insn = next_insn_same_sec(file, insn);
  3942. if (insn->retpoline_safe)
  3943. continue;
  3944. switch (insn->type) {
  3945. case INSN_RETURN:
  3946. if (!next_insn || next_insn->type != INSN_TRAP) {
  3947. WARN_INSN(insn, "missing int3 after ret");
  3948. warnings++;
  3949. }
  3950. break;
  3951. case INSN_JUMP_DYNAMIC:
  3952. if (!next_insn || next_insn->type != INSN_TRAP) {
  3953. WARN_INSN(insn, "missing int3 after indirect jump");
  3954. warnings++;
  3955. }
  3956. break;
  3957. default:
  3958. break;
  3959. }
  3960. }
  3961. return warnings;
  3962. }
  3963. static int validate_reachable_instructions(struct objtool_file *file)
  3964. {
  3965. struct instruction *insn, *prev_insn;
  3966. struct symbol *call_dest;
  3967. int warnings = 0;
  3968. if (file->ignore_unreachables)
  3969. return 0;
  3970. for_each_insn(file, insn) {
  3971. if (insn->visited || ignore_unreachable_insn(file, insn))
  3972. continue;
  3973. prev_insn = prev_insn_same_sec(file, insn);
  3974. if (prev_insn && prev_insn->dead_end) {
  3975. call_dest = insn_call_dest(prev_insn);
  3976. if (call_dest) {
  3977. WARN_INSN(insn, "%s() missing __noreturn in .c/.h or NORETURN() in noreturns.h",
  3978. call_dest->name);
  3979. warnings++;
  3980. continue;
  3981. }
  3982. }
  3983. WARN_INSN(insn, "unreachable instruction");
  3984. warnings++;
  3985. }
  3986. return warnings;
  3987. }
  3988. __weak bool arch_absolute_reloc(struct elf *elf, struct reloc *reloc)
  3989. {
  3990. unsigned int type = reloc_type(reloc);
  3991. size_t sz = elf_addr_size(elf);
  3992. return (sz == 8) ? (type == R_ABS64) : (type == R_ABS32);
  3993. }
  3994. static int check_abs_references(struct objtool_file *file)
  3995. {
  3996. struct section *sec;
  3997. struct reloc *reloc;
  3998. int ret = 0;
  3999. for_each_sec(file->elf, sec) {
  4000. /* absolute references in non-loadable sections are fine */
  4001. if (!(sec->sh.sh_flags & SHF_ALLOC))
  4002. continue;
  4003. /* section must have an associated .rela section */
  4004. if (!sec->rsec)
  4005. continue;
  4006. /*
  4007. * Special case for compiler generated metadata that is not
  4008. * consumed until after boot.
  4009. */
  4010. if (!strcmp(sec->name, "__patchable_function_entries"))
  4011. continue;
  4012. for_each_reloc(sec->rsec, reloc) {
  4013. if (arch_absolute_reloc(file->elf, reloc)) {
  4014. WARN("section %s has absolute relocation at offset 0x%llx",
  4015. sec->name, (unsigned long long)reloc_offset(reloc));
  4016. ret++;
  4017. }
  4018. }
  4019. }
  4020. return ret;
  4021. }
  4022. struct insn_chunk {
  4023. void *addr;
  4024. struct insn_chunk *next;
  4025. };
  4026. /*
  4027. * Reduce peak RSS usage by freeing insns memory before writing the ELF file,
  4028. * which can trigger more allocations for .debug_* sections whose data hasn't
  4029. * been read yet.
  4030. */
  4031. static void free_insns(struct objtool_file *file)
  4032. {
  4033. struct instruction *insn;
  4034. struct insn_chunk *chunks = NULL, *chunk;
  4035. for_each_insn(file, insn) {
  4036. if (!insn->idx) {
  4037. chunk = malloc(sizeof(*chunk));
  4038. chunk->addr = insn;
  4039. chunk->next = chunks;
  4040. chunks = chunk;
  4041. }
  4042. }
  4043. for (chunk = chunks; chunk; chunk = chunk->next)
  4044. free(chunk->addr);
  4045. }
  4046. const char *objtool_disas_insn(struct instruction *insn)
  4047. {
  4048. struct disas_context *dctx = objtool_disas_ctx;
  4049. if (!dctx)
  4050. return "";
  4051. disas_insn(dctx, insn);
  4052. return disas_result(dctx);
  4053. }
  4054. int check(struct objtool_file *file)
  4055. {
  4056. struct disas_context *disas_ctx = NULL;
  4057. int ret = 0, warnings = 0;
  4058. /*
  4059. * Create a disassembly context if we might disassemble any
  4060. * instruction or function.
  4061. */
  4062. if (opts.verbose || opts.backtrace || opts.trace || opts.disas) {
  4063. disas_ctx = disas_context_create(file);
  4064. if (!disas_ctx) {
  4065. opts.disas = false;
  4066. opts.trace = false;
  4067. }
  4068. objtool_disas_ctx = disas_ctx;
  4069. }
  4070. arch_initial_func_cfi_state(&initial_func_cfi);
  4071. init_cfi_state(&init_cfi);
  4072. init_cfi_state(&func_cfi);
  4073. set_func_state(&func_cfi);
  4074. init_cfi_state(&force_undefined_cfi);
  4075. force_undefined_cfi.force_undefined = true;
  4076. if (!cfi_hash_alloc(1UL << (file->elf->symbol_bits - 3))) {
  4077. ret = -1;
  4078. goto out;
  4079. }
  4080. cfi_hash_add(&init_cfi);
  4081. cfi_hash_add(&func_cfi);
  4082. ret = checksum_debug_init(file);
  4083. if (ret)
  4084. goto out;
  4085. ret = decode_sections(file);
  4086. if (ret)
  4087. goto out;
  4088. if (!nr_insns)
  4089. goto out;
  4090. if (opts.retpoline)
  4091. warnings += validate_retpoline(file);
  4092. if (validate_branch_enabled()) {
  4093. int w = 0;
  4094. w += validate_functions(file);
  4095. w += validate_unwind_hints(file, NULL);
  4096. if (!w)
  4097. w += validate_reachable_instructions(file);
  4098. warnings += w;
  4099. } else if (opts.noinstr) {
  4100. warnings += validate_noinstr_sections(file);
  4101. }
  4102. if (opts.unret) {
  4103. /*
  4104. * Must be after validate_branch() and friends, it plays
  4105. * further games with insn->visited.
  4106. */
  4107. warnings += validate_unrets(file);
  4108. }
  4109. if (opts.ibt)
  4110. warnings += validate_ibt(file);
  4111. if (opts.sls)
  4112. warnings += validate_sls(file);
  4113. if (opts.static_call) {
  4114. ret = create_static_call_sections(file);
  4115. if (ret)
  4116. goto out;
  4117. }
  4118. if (opts.retpoline) {
  4119. ret = create_retpoline_sites_sections(file);
  4120. if (ret)
  4121. goto out;
  4122. }
  4123. if (opts.cfi) {
  4124. ret = create_cfi_sections(file);
  4125. if (ret)
  4126. goto out;
  4127. }
  4128. if (opts.rethunk) {
  4129. ret = create_return_sites_sections(file);
  4130. if (ret)
  4131. goto out;
  4132. if (opts.hack_skylake) {
  4133. ret = create_direct_call_sections(file);
  4134. if (ret)
  4135. goto out;
  4136. }
  4137. }
  4138. if (opts.mcount) {
  4139. ret = create_mcount_loc_sections(file);
  4140. if (ret)
  4141. goto out;
  4142. }
  4143. if (opts.prefix) {
  4144. ret = create_prefix_symbols(file);
  4145. if (ret)
  4146. goto out;
  4147. }
  4148. if (opts.ibt) {
  4149. ret = create_ibt_endbr_seal_sections(file);
  4150. if (ret)
  4151. goto out;
  4152. }
  4153. if (opts.noabs)
  4154. warnings += check_abs_references(file);
  4155. if (opts.checksum) {
  4156. ret = create_sym_checksum_section(file);
  4157. if (ret)
  4158. goto out;
  4159. }
  4160. if (opts.orc && nr_insns) {
  4161. ret = orc_create(file);
  4162. if (ret)
  4163. goto out;
  4164. }
  4165. if (opts.stats) {
  4166. printf("nr_insns_visited: %ld\n", nr_insns_visited);
  4167. printf("nr_cfi: %ld\n", nr_cfi);
  4168. printf("nr_cfi_reused: %ld\n", nr_cfi_reused);
  4169. printf("nr_cfi_cache: %ld\n", nr_cfi_cache);
  4170. }
  4171. out:
  4172. if (ret || warnings) {
  4173. if (opts.werror && warnings)
  4174. ret = 1;
  4175. if (opts.verbose) {
  4176. if (opts.werror && warnings)
  4177. WARN("%d warning(s) upgraded to errors", warnings);
  4178. disas_warned_funcs(disas_ctx);
  4179. }
  4180. }
  4181. if (opts.disas)
  4182. disas_funcs(disas_ctx);
  4183. if (disas_ctx) {
  4184. disas_context_destroy(disas_ctx);
  4185. objtool_disas_ctx = NULL;
  4186. }
  4187. free_insns(file);
  4188. if (!ret && !warnings)
  4189. return 0;
  4190. if (opts.backup && make_backup())
  4191. return 1;
  4192. return ret;
  4193. }