Currently an allyesconfig build [gcc-4.9.1] can generate the following:
WARNING: vmlinux.o(.text.unlikely+0x3864): Section mismatch in
reference from the function cpumask_empty.constprop.3() to the
variable .init.data:nmi_ipi_mask
which comes from the cpumask_empty usage in arch/x86/kernel/nmi_selftest.c.
Normally we would not see a symbol entry for cpumask_empty since it is:
static inline bool cpumask_empty(const struct cpumask *srcp)
however in this case, the variant of the symbol gets emitted when GCC does
constant propagation optimization.
Fix things up so that any locally optimized constprop variants don't warn
when accessing variables that live in the __init sections.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Currently the match() function supports a leading * to match any
prefix and a trailing * to match any suffix. However there currently
is not a combination of both that can be used to target matches of
whole families of functions that share a common substring.
Here we expand the *foo and foo* match to also support *foo* with
the goal of targeting compiler generated symbol names that contain
strings like ".constprop." and ".isra."
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Trying to match the SHT_NUL section isn't useful and causes build failures
on parisc and mn10300 since the addition of section strict white-listing
and __ex_table sanitizing.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Reported-by: Guenter Roeck <linux@roeck-us.net>
Fixes: 050e57fd59 ("modpost: add strict white-listing when referencing....")
Fixes: 52dc0595d5 ("modpost: handle relocations mismatch in __ex_table.")
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
As Guenter pointed out, we were never really calculating the extable entry
size because the pointer arithmetic was simply wrong. We want to check
we're handling the second relocation in __ex_table to infer an entry size,
but we were using (void*) pointers instead of Elf_Rel[a]* ones.
This fixes the problem by moving that check in the caller (since we can
deal with different types of relocations) and add is_second_extable_reloc()
to make the whole thing more readable.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Reported-by: Guenter Roeck <linux@roeck-us.net>
CC: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
As Guenter pointed out, we want to assert that extable_entry_size has been
discovered and not the other way around. Moreover, this sanity check is
only valid when we're not dealing with the first relocation in __ex_table,
since we have not discovered the extable entry size at that point.
This was leading to a divide-by-zero on some architectures and make the
build fail.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Reported-by: Guenter Roeck <linux@roeck-us.net>
CC: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
52dc0595d5 introduced OTHER_TEXT_SECTIONS for identifying what
sections could validly have __ex_table entries. Unfortunately, it
wasn't tested with -ffunction-sections, which some architectures
use.
Reported-by: kbuild test robot <fengguang.wu@intel.com>
Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
32-bit and 64-bit ARM use these sections to store executable code, so
they must be whitelisted in modpost's table of valid text sections.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
struct section_check is used as a generic way of describing what
relocations are authorized/forbidden when running modpost. This commit
tries to describe how each field is used.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (Fixed "mist"ake)
__ex_table is a simple table section where each entry is a pair of
addresses - the first address is an address which can fault in kernel
space, and the second address points to where the kernel should jump to
when handling that fault. This is how copy_from_user() does not crash the
kernel if userspace gives a borked pointer for example.
If one of these addresses point to a non-executable section, something is
seriously wrong since it either means the kernel will never fault from
there or it will not be able to jump to there. As both cases are serious
enough, we simply error out in these cases so the build fails and the
developper has to fix the issue.
In case the section is executable, but it isn't referenced in our list of
authorized sections to point to from __ex_table, we just dump a warning
giving more information about it. We do this in case the new section is
executable but isn't supposed to be executed by the kernel. This happened
with .altinstr_replacement, which is executable but is only used to copy
instructions from - we should never have our instruction pointer pointing
in .altinstr_replacement. Admitedly, a proper fix in that case would be to
just set .altinstr_replacement NX, but we need to warn about future cases
like this.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (added long casts)
This will be useful when we want to have special handlers which need to go
through more hops to print useful information to the user.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
sched.text and .kprobes.text should behave exactly like .text with regards
to how we should warn about referencing sections which might get discarded
at runtime.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Prints a warning when a section references a section outside a strict
white-list. This will be useful to print a warning if __ex_table
references a non-executable section.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Pull arm64 updates from Catalin Marinas:
- eBPF JIT compiler for arm64
- CPU suspend backend for PSCI (firmware interface) with standard idle
states defined in DT (generic idle driver to be merged via a
different tree)
- Support for CONFIG_DEBUG_SET_MODULE_RONX
- Support for unmapped cpu-release-addr (outside kernel linear mapping)
- set_arch_dma_coherent_ops() implemented and bus notifiers removed
- EFI_STUB improvements when base of DRAM is occupied
- Typos in KGDB macros
- Clean-up to (partially) allow kernel building with LLVM
- Other clean-ups (extern keyword, phys_addr_t usage)
* tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (51 commits)
arm64: Remove unneeded extern keyword
ARM64: make of_device_ids const
arm64: Use phys_addr_t type for physical address
aarch64: filter $x from kallsyms
arm64: Use DMA_ERROR_CODE to denote failed allocation
arm64: Fix typos in KGDB macros
arm64: insn: Add return statements after BUG_ON()
arm64: debug: don't re-enable debug exceptions on return from el1_dbg
Revert "arm64: dmi: Add SMBIOS/DMI support"
arm64: Implement set_arch_dma_coherent_ops() to replace bus notifiers
of: amba: use of_dma_configure for AMBA devices
arm64: dmi: Add SMBIOS/DMI support
arm64: Correct ftrace calls to aarch64_insn_gen_branch_imm()
arm64:mm: initialize max_mapnr using function set_max_mapnr
setup: Move unmask of async interrupts after possible earlycon setup
arm64: LLVMLinux: Fix inline arm64 assembly for use with clang
arm64: pageattr: Correctly adjust unaligned start addresses
net: bpf: arm64: fix module memory leak when JIT image build fails
arm64: add PSCI CPU_SUSPEND based cpu_suspend support
arm64: kernel: introduce cpu_init_idle CPU operation
...
Similar to ARM, AArch64 is generating $x and $d syms... which isn't
terribly helpful when looking at %pF output and the like. Filter those
out in kallsyms, modpost and when looking at module symbols.
Seems simplest since none of these check EM_ARM anyway, to just add it
to the strchr used, rather than trying to make things overly
complicated.
initcall_debug improves:
dmesg_before.txt: initcall $x+0x0/0x154 [sg] returned 0 after 26331 usecs
dmesg_after.txt: initcall init_sg+0x0/0x154 [sg] returned 0 after 15461 usecs
Signed-off-by: Kyle McMartin <kyle@redhat.com>
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Avoid the variable length array (vla), just use PATH_MAX instead.
This not only makes this code clang friedly, it also leads to a
code size reduction:
text data bss dec hex filename
51765 2224 12416 66405 10365 scripts/mod/modpost.old
51677 2224 12416 66317 1030d scripts/mod/modpost.new
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Internally used symbols of modpost don't need to be externally visible;
make them static. Also constify the string arrays so they resist in the
r/o section instead of being runtime writable.
Those changes lead to a small size reduction as can be seen below:
text data bss dec hex filename
51381 2640 12416 66437 10385 scripts/mod/modpost.old
51765 2224 12416 66405 10365 scripts/mod/modpost.new
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
For several years, the pattern "foo$" has effectively been treated as
equivalent to "foo" due to a bug in the (misnamed) helper
number_prefix(). This hasn't been observed to cause any problems, so
remove the broken $ functionality and change all foo$ patterns to foo.
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
The scripts/mod/modpost.c triggers the following warning:
scripts/mod/modpost.c: In function ‘remove_dot’:
scripts/mod/modpost.c:1710:10: warning: ignoring return value of ‘strtoul’, declared with attribute warn_unused_result [-Wunused-result]
The remove_dot function that calls strtoul does not care about the
numeric value of the string that is parsed but only looks for the
end of the numeric sequence. As such, it's equivalent to just skip
over all digits.
Signed-off-by: Michal Nazarewicz <mina86@mina86.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Pull kbuild misc updates from Michal Marek:
"This is the non-critical part of kbuild for v3.16-rc1:
- make deb-pkg can do s390x and arm64
- new patterns in scripts/tags.sh
- scripts/tags.sh skips userspace tools' sources (which sometimes
have copies of kernel structures) and symlinks
- improvements to the objdiff tool
- two new coccinelle patches
- other minor fixes"
* 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
scripts: objdiff: support directories for the augument of record command
scripts: objdiff: fix a comment
scripts: objdiff: change the extension of disassembly from .o to .dis
scripts: objdiff: improve path flexibility for record command
scripts: objdiff: remove unnecessary code
scripts: objdiff: direct error messages to stderr
scripts: objdiff: get the path to .tmp_objdiff more simply
deb-pkg: Add automatic support for s390x architecture
coccicheck: Add unneeded return variable test
kbuild: Fix a typo in documentation
kbuild: trivial - use tabs for code indent where possible
kbuild: trivial - remove trailing empty lines
coccinelle: Check for missing NULL terminators in of_device_id tables
scripts/tags.sh: ignore symlink'ed source files
scripts/tags.sh: add regular expression replacement pattern for memcg
builddeb: add arm64 in the supported architectures
builddeb: use $OBJCOPY variable instead of objcopy
scripts/tags.sh: ignore code of user space tools
scripts/tags.sh: add pattern for DEFINE_HASHTABLE
.gitignore: ignore Module.symvers in all directories
Pull module updates from Rusty Russell:
"Most of this is cleaning up various driver sysfs permissions so we can
re-add the perm check (we unified the module param and sysfs checks,
but the module ones were stronger so we weakened them temporarily).
Param parsing gets documented, and also "--" now forces args to be
handed to init (and ignored by the kernel).
Module NX/RO protections get tightened: we now set them before calling
parse_args()"
* tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
module: set nx before marking module MODULE_STATE_COMING.
samples/kobject/: avoid world-writable sysfs files.
drivers/hid/hid-picolcd_fb: avoid world-writable sysfs files.
drivers/staging/speakup/: avoid world-writable sysfs files.
drivers/regulator/virtual: avoid world-writable sysfs files.
drivers/scsi/pm8001/pm8001_ctl.c: avoid world-writable sysfs files.
drivers/hid/hid-lg4ff.c: avoid world-writable sysfs files.
drivers/video/fbdev/sm501fb.c: avoid world-writable sysfs files.
drivers/mtd/devices/docg3.c: avoid world-writable sysfs files.
speakup: fix incorrect perms on speakup_acntsa.c
cpumask.h: silence warning with -Wsign-compare
Documentation: Update kernel-parameters.tx
param: hand arguments after -- straight to init
modpost: Fix resource leak in read_dump()
Function read_dump() memory maps the input via grab_file(), but fails to call
the corresponding unmap function. Add the missing call to release_file().
Detected by Coverity: CID 1192419
Signed-off-by: Christian Engelmayer <cengelma@gmx.at>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
