xref: /openbmc/linux/arch/arm64/kernel/module.c (revision 31b90347)
1 /*
2  * AArch64 loadable module support.
3  *
4  * Copyright (C) 2012 ARM Limited
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License version 2 as
8  * published by the Free Software Foundation.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
17  *
18  * Author: Will Deacon <will.deacon@arm.com>
19  */
20 
21 #include <linux/bitops.h>
22 #include <linux/elf.h>
23 #include <linux/gfp.h>
24 #include <linux/kernel.h>
25 #include <linux/mm.h>
26 #include <linux/moduleloader.h>
27 #include <linux/vmalloc.h>
28 
29 void *module_alloc(unsigned long size)
30 {
31 	return __vmalloc_node_range(size, 1, MODULES_VADDR, MODULES_END,
32 				    GFP_KERNEL, PAGE_KERNEL_EXEC, NUMA_NO_NODE,
33 				    __builtin_return_address(0));
34 }
35 
36 enum aarch64_reloc_op {
37 	RELOC_OP_NONE,
38 	RELOC_OP_ABS,
39 	RELOC_OP_PREL,
40 	RELOC_OP_PAGE,
41 };
42 
43 static u64 do_reloc(enum aarch64_reloc_op reloc_op, void *place, u64 val)
44 {
45 	switch (reloc_op) {
46 	case RELOC_OP_ABS:
47 		return val;
48 	case RELOC_OP_PREL:
49 		return val - (u64)place;
50 	case RELOC_OP_PAGE:
51 		return (val & ~0xfff) - ((u64)place & ~0xfff);
52 	case RELOC_OP_NONE:
53 		return 0;
54 	}
55 
56 	pr_err("do_reloc: unknown relocation operation %d\n", reloc_op);
57 	return 0;
58 }
59 
60 static int reloc_data(enum aarch64_reloc_op op, void *place, u64 val, int len)
61 {
62 	u64 imm_mask = (1 << len) - 1;
63 	s64 sval = do_reloc(op, place, val);
64 
65 	switch (len) {
66 	case 16:
67 		*(s16 *)place = sval;
68 		break;
69 	case 32:
70 		*(s32 *)place = sval;
71 		break;
72 	case 64:
73 		*(s64 *)place = sval;
74 		break;
75 	default:
76 		pr_err("Invalid length (%d) for data relocation\n", len);
77 		return 0;
78 	}
79 
80 	/*
81 	 * Extract the upper value bits (including the sign bit) and
82 	 * shift them to bit 0.
83 	 */
84 	sval = (s64)(sval & ~(imm_mask >> 1)) >> (len - 1);
85 
86 	/*
87 	 * Overflow has occurred if the value is not representable in
88 	 * len bits (i.e the bottom len bits are not sign-extended and
89 	 * the top bits are not all zero).
90 	 */
91 	if ((u64)(sval + 1) > 2)
92 		return -ERANGE;
93 
94 	return 0;
95 }
96 
97 enum aarch64_imm_type {
98 	INSN_IMM_MOVNZ,
99 	INSN_IMM_MOVK,
100 	INSN_IMM_ADR,
101 	INSN_IMM_26,
102 	INSN_IMM_19,
103 	INSN_IMM_16,
104 	INSN_IMM_14,
105 	INSN_IMM_12,
106 	INSN_IMM_9,
107 };
108 
109 static u32 encode_insn_immediate(enum aarch64_imm_type type, u32 insn, u64 imm)
110 {
111 	u32 immlo, immhi, lomask, himask, mask;
112 	int shift;
113 
114 	/* The instruction stream is always little endian. */
115 	insn = le32_to_cpu(insn);
116 
117 	switch (type) {
118 	case INSN_IMM_MOVNZ:
119 		/*
120 		 * For signed MOVW relocations, we have to manipulate the
121 		 * instruction encoding depending on whether or not the
122 		 * immediate is less than zero.
123 		 */
124 		insn &= ~(3 << 29);
125 		if ((s64)imm >= 0) {
126 			/* >=0: Set the instruction to MOVZ (opcode 10b). */
127 			insn |= 2 << 29;
128 		} else {
129 			/*
130 			 * <0: Set the instruction to MOVN (opcode 00b).
131 			 *     Since we've masked the opcode already, we
132 			 *     don't need to do anything other than
133 			 *     inverting the new immediate field.
134 			 */
135 			imm = ~imm;
136 		}
137 	case INSN_IMM_MOVK:
138 		mask = BIT(16) - 1;
139 		shift = 5;
140 		break;
141 	case INSN_IMM_ADR:
142 		lomask = 0x3;
143 		himask = 0x7ffff;
144 		immlo = imm & lomask;
145 		imm >>= 2;
146 		immhi = imm & himask;
147 		imm = (immlo << 24) | (immhi);
148 		mask = (lomask << 24) | (himask);
149 		shift = 5;
150 		break;
151 	case INSN_IMM_26:
152 		mask = BIT(26) - 1;
153 		shift = 0;
154 		break;
155 	case INSN_IMM_19:
156 		mask = BIT(19) - 1;
157 		shift = 5;
158 		break;
159 	case INSN_IMM_16:
160 		mask = BIT(16) - 1;
161 		shift = 5;
162 		break;
163 	case INSN_IMM_14:
164 		mask = BIT(14) - 1;
165 		shift = 5;
166 		break;
167 	case INSN_IMM_12:
168 		mask = BIT(12) - 1;
169 		shift = 10;
170 		break;
171 	case INSN_IMM_9:
172 		mask = BIT(9) - 1;
173 		shift = 12;
174 		break;
175 	default:
176 		pr_err("encode_insn_immediate: unknown immediate encoding %d\n",
177 			type);
178 		return 0;
179 	}
180 
181 	/* Update the immediate field. */
182 	insn &= ~(mask << shift);
183 	insn |= (imm & mask) << shift;
184 
185 	return cpu_to_le32(insn);
186 }
187 
188 static int reloc_insn_movw(enum aarch64_reloc_op op, void *place, u64 val,
189 			   int lsb, enum aarch64_imm_type imm_type)
190 {
191 	u64 imm, limit = 0;
192 	s64 sval;
193 	u32 insn = *(u32 *)place;
194 
195 	sval = do_reloc(op, place, val);
196 	sval >>= lsb;
197 	imm = sval & 0xffff;
198 
199 	/* Update the instruction with the new encoding. */
200 	*(u32 *)place = encode_insn_immediate(imm_type, insn, imm);
201 
202 	/* Shift out the immediate field. */
203 	sval >>= 16;
204 
205 	/*
206 	 * For unsigned immediates, the overflow check is straightforward.
207 	 * For signed immediates, the sign bit is actually the bit past the
208 	 * most significant bit of the field.
209 	 * The INSN_IMM_16 immediate type is unsigned.
210 	 */
211 	if (imm_type != INSN_IMM_16) {
212 		sval++;
213 		limit++;
214 	}
215 
216 	/* Check the upper bits depending on the sign of the immediate. */
217 	if ((u64)sval > limit)
218 		return -ERANGE;
219 
220 	return 0;
221 }
222 
223 static int reloc_insn_imm(enum aarch64_reloc_op op, void *place, u64 val,
224 			  int lsb, int len, enum aarch64_imm_type imm_type)
225 {
226 	u64 imm, imm_mask;
227 	s64 sval;
228 	u32 insn = *(u32 *)place;
229 
230 	/* Calculate the relocation value. */
231 	sval = do_reloc(op, place, val);
232 	sval >>= lsb;
233 
234 	/* Extract the value bits and shift them to bit 0. */
235 	imm_mask = (BIT(lsb + len) - 1) >> lsb;
236 	imm = sval & imm_mask;
237 
238 	/* Update the instruction's immediate field. */
239 	*(u32 *)place = encode_insn_immediate(imm_type, insn, imm);
240 
241 	/*
242 	 * Extract the upper value bits (including the sign bit) and
243 	 * shift them to bit 0.
244 	 */
245 	sval = (s64)(sval & ~(imm_mask >> 1)) >> (len - 1);
246 
247 	/*
248 	 * Overflow has occurred if the upper bits are not all equal to
249 	 * the sign bit of the value.
250 	 */
251 	if ((u64)(sval + 1) >= 2)
252 		return -ERANGE;
253 
254 	return 0;
255 }
256 
257 int apply_relocate_add(Elf64_Shdr *sechdrs,
258 		       const char *strtab,
259 		       unsigned int symindex,
260 		       unsigned int relsec,
261 		       struct module *me)
262 {
263 	unsigned int i;
264 	int ovf;
265 	bool overflow_check;
266 	Elf64_Sym *sym;
267 	void *loc;
268 	u64 val;
269 	Elf64_Rela *rel = (void *)sechdrs[relsec].sh_addr;
270 
271 	for (i = 0; i < sechdrs[relsec].sh_size / sizeof(*rel); i++) {
272 		/* loc corresponds to P in the AArch64 ELF document. */
273 		loc = (void *)sechdrs[sechdrs[relsec].sh_info].sh_addr
274 			+ rel[i].r_offset;
275 
276 		/* sym is the ELF symbol we're referring to. */
277 		sym = (Elf64_Sym *)sechdrs[symindex].sh_addr
278 			+ ELF64_R_SYM(rel[i].r_info);
279 
280 		/* val corresponds to (S + A) in the AArch64 ELF document. */
281 		val = sym->st_value + rel[i].r_addend;
282 
283 		/* Check for overflow by default. */
284 		overflow_check = true;
285 
286 		/* Perform the static relocation. */
287 		switch (ELF64_R_TYPE(rel[i].r_info)) {
288 		/* Null relocations. */
289 		case R_ARM_NONE:
290 		case R_AARCH64_NONE:
291 			ovf = 0;
292 			break;
293 
294 		/* Data relocations. */
295 		case R_AARCH64_ABS64:
296 			overflow_check = false;
297 			ovf = reloc_data(RELOC_OP_ABS, loc, val, 64);
298 			break;
299 		case R_AARCH64_ABS32:
300 			ovf = reloc_data(RELOC_OP_ABS, loc, val, 32);
301 			break;
302 		case R_AARCH64_ABS16:
303 			ovf = reloc_data(RELOC_OP_ABS, loc, val, 16);
304 			break;
305 		case R_AARCH64_PREL64:
306 			overflow_check = false;
307 			ovf = reloc_data(RELOC_OP_PREL, loc, val, 64);
308 			break;
309 		case R_AARCH64_PREL32:
310 			ovf = reloc_data(RELOC_OP_PREL, loc, val, 32);
311 			break;
312 		case R_AARCH64_PREL16:
313 			ovf = reloc_data(RELOC_OP_PREL, loc, val, 16);
314 			break;
315 
316 		/* MOVW instruction relocations. */
317 		case R_AARCH64_MOVW_UABS_G0_NC:
318 			overflow_check = false;
319 		case R_AARCH64_MOVW_UABS_G0:
320 			ovf = reloc_insn_movw(RELOC_OP_ABS, loc, val, 0,
321 					      INSN_IMM_16);
322 			break;
323 		case R_AARCH64_MOVW_UABS_G1_NC:
324 			overflow_check = false;
325 		case R_AARCH64_MOVW_UABS_G1:
326 			ovf = reloc_insn_movw(RELOC_OP_ABS, loc, val, 16,
327 					      INSN_IMM_16);
328 			break;
329 		case R_AARCH64_MOVW_UABS_G2_NC:
330 			overflow_check = false;
331 		case R_AARCH64_MOVW_UABS_G2:
332 			ovf = reloc_insn_movw(RELOC_OP_ABS, loc, val, 32,
333 					      INSN_IMM_16);
334 			break;
335 		case R_AARCH64_MOVW_UABS_G3:
336 			/* We're using the top bits so we can't overflow. */
337 			overflow_check = false;
338 			ovf = reloc_insn_movw(RELOC_OP_ABS, loc, val, 48,
339 					      INSN_IMM_16);
340 			break;
341 		case R_AARCH64_MOVW_SABS_G0:
342 			ovf = reloc_insn_movw(RELOC_OP_ABS, loc, val, 0,
343 					      INSN_IMM_MOVNZ);
344 			break;
345 		case R_AARCH64_MOVW_SABS_G1:
346 			ovf = reloc_insn_movw(RELOC_OP_ABS, loc, val, 16,
347 					      INSN_IMM_MOVNZ);
348 			break;
349 		case R_AARCH64_MOVW_SABS_G2:
350 			ovf = reloc_insn_movw(RELOC_OP_ABS, loc, val, 32,
351 					      INSN_IMM_MOVNZ);
352 			break;
353 		case R_AARCH64_MOVW_PREL_G0_NC:
354 			overflow_check = false;
355 			ovf = reloc_insn_movw(RELOC_OP_PREL, loc, val, 0,
356 					      INSN_IMM_MOVK);
357 			break;
358 		case R_AARCH64_MOVW_PREL_G0:
359 			ovf = reloc_insn_movw(RELOC_OP_PREL, loc, val, 0,
360 					      INSN_IMM_MOVNZ);
361 			break;
362 		case R_AARCH64_MOVW_PREL_G1_NC:
363 			overflow_check = false;
364 			ovf = reloc_insn_movw(RELOC_OP_PREL, loc, val, 16,
365 					      INSN_IMM_MOVK);
366 			break;
367 		case R_AARCH64_MOVW_PREL_G1:
368 			ovf = reloc_insn_movw(RELOC_OP_PREL, loc, val, 16,
369 					      INSN_IMM_MOVNZ);
370 			break;
371 		case R_AARCH64_MOVW_PREL_G2_NC:
372 			overflow_check = false;
373 			ovf = reloc_insn_movw(RELOC_OP_PREL, loc, val, 32,
374 					      INSN_IMM_MOVK);
375 			break;
376 		case R_AARCH64_MOVW_PREL_G2:
377 			ovf = reloc_insn_movw(RELOC_OP_PREL, loc, val, 32,
378 					      INSN_IMM_MOVNZ);
379 			break;
380 		case R_AARCH64_MOVW_PREL_G3:
381 			/* We're using the top bits so we can't overflow. */
382 			overflow_check = false;
383 			ovf = reloc_insn_movw(RELOC_OP_PREL, loc, val, 48,
384 					      INSN_IMM_MOVNZ);
385 			break;
386 
387 		/* Immediate instruction relocations. */
388 		case R_AARCH64_LD_PREL_LO19:
389 			ovf = reloc_insn_imm(RELOC_OP_PREL, loc, val, 2, 19,
390 					     INSN_IMM_19);
391 			break;
392 		case R_AARCH64_ADR_PREL_LO21:
393 			ovf = reloc_insn_imm(RELOC_OP_PREL, loc, val, 0, 21,
394 					     INSN_IMM_ADR);
395 			break;
396 		case R_AARCH64_ADR_PREL_PG_HI21_NC:
397 			overflow_check = false;
398 		case R_AARCH64_ADR_PREL_PG_HI21:
399 			ovf = reloc_insn_imm(RELOC_OP_PAGE, loc, val, 12, 21,
400 					     INSN_IMM_ADR);
401 			break;
402 		case R_AARCH64_ADD_ABS_LO12_NC:
403 		case R_AARCH64_LDST8_ABS_LO12_NC:
404 			overflow_check = false;
405 			ovf = reloc_insn_imm(RELOC_OP_ABS, loc, val, 0, 12,
406 					     INSN_IMM_12);
407 			break;
408 		case R_AARCH64_LDST16_ABS_LO12_NC:
409 			overflow_check = false;
410 			ovf = reloc_insn_imm(RELOC_OP_ABS, loc, val, 1, 11,
411 					     INSN_IMM_12);
412 			break;
413 		case R_AARCH64_LDST32_ABS_LO12_NC:
414 			overflow_check = false;
415 			ovf = reloc_insn_imm(RELOC_OP_ABS, loc, val, 2, 10,
416 					     INSN_IMM_12);
417 			break;
418 		case R_AARCH64_LDST64_ABS_LO12_NC:
419 			overflow_check = false;
420 			ovf = reloc_insn_imm(RELOC_OP_ABS, loc, val, 3, 9,
421 					     INSN_IMM_12);
422 			break;
423 		case R_AARCH64_LDST128_ABS_LO12_NC:
424 			overflow_check = false;
425 			ovf = reloc_insn_imm(RELOC_OP_ABS, loc, val, 4, 8,
426 					     INSN_IMM_12);
427 			break;
428 		case R_AARCH64_TSTBR14:
429 			ovf = reloc_insn_imm(RELOC_OP_PREL, loc, val, 2, 14,
430 					     INSN_IMM_14);
431 			break;
432 		case R_AARCH64_CONDBR19:
433 			ovf = reloc_insn_imm(RELOC_OP_PREL, loc, val, 2, 19,
434 					     INSN_IMM_19);
435 			break;
436 		case R_AARCH64_JUMP26:
437 		case R_AARCH64_CALL26:
438 			ovf = reloc_insn_imm(RELOC_OP_PREL, loc, val, 2, 26,
439 					     INSN_IMM_26);
440 			break;
441 
442 		default:
443 			pr_err("module %s: unsupported RELA relocation: %llu\n",
444 			       me->name, ELF64_R_TYPE(rel[i].r_info));
445 			return -ENOEXEC;
446 		}
447 
448 		if (overflow_check && ovf == -ERANGE)
449 			goto overflow;
450 
451 	}
452 
453 	return 0;
454 
455 overflow:
456 	pr_err("module %s: overflow in relocation type %d val %Lx\n",
457 	       me->name, (int)ELF64_R_TYPE(rel[i].r_info), val);
458 	return -ENOEXEC;
459 }
460