1 /* 2 * This program is free software; you can redistribute it and/or modify 3 * it under the terms of the GNU General Public License as published by 4 * the Free Software Foundation; either version 2 of the License, or 5 * (at your option) any later version. 6 * 7 * This program is distributed in the hope that it will be useful, 8 * but WITHOUT ANY WARRANTY; without even the implied warranty of 9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 10 * GNU General Public License for more details. 11 * 12 * You should have received a copy of the GNU General Public License 13 * along with this program; if not, write to the Free Software 14 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 15 * 16 * Copyright (C) 2001 Rusty Russell. 17 * Copyright (C) 2003, 2004 Ralf Baechle (ralf@linux-mips.org) 18 * Copyright (C) 2005 Thiemo Seufer 19 */ 20 21 #undef DEBUG 22 23 #include <linux/extable.h> 24 #include <linux/moduleloader.h> 25 #include <linux/elf.h> 26 #include <linux/mm.h> 27 #include <linux/numa.h> 28 #include <linux/vmalloc.h> 29 #include <linux/slab.h> 30 #include <linux/fs.h> 31 #include <linux/string.h> 32 #include <linux/kernel.h> 33 #include <linux/spinlock.h> 34 #include <linux/jump_label.h> 35 36 #include <asm/pgtable.h> /* MODULE_START */ 37 38 struct mips_hi16 { 39 struct mips_hi16 *next; 40 Elf_Addr *addr; 41 Elf_Addr value; 42 }; 43 44 static LIST_HEAD(dbe_list); 45 static DEFINE_SPINLOCK(dbe_lock); 46 47 #ifdef MODULE_START 48 void *module_alloc(unsigned long size) 49 { 50 return __vmalloc_node_range(size, 1, MODULE_START, MODULE_END, 51 GFP_KERNEL, PAGE_KERNEL, 0, NUMA_NO_NODE, 52 __builtin_return_address(0)); 53 } 54 #endif 55 56 static int apply_r_mips_none(struct module *me, u32 *location, 57 u32 base, Elf_Addr v, bool rela) 58 { 59 return 0; 60 } 61 62 static int apply_r_mips_32(struct module *me, u32 *location, 63 u32 base, Elf_Addr v, bool rela) 64 { 65 *location = base + v; 66 67 return 0; 68 } 69 70 static int apply_r_mips_26(struct module *me, u32 *location, 71 u32 base, Elf_Addr v, bool rela) 72 { 73 if (v % 4) { 74 pr_err("module %s: dangerous R_MIPS_26 relocation\n", 75 me->name); 76 return -ENOEXEC; 77 } 78 79 if ((v & 0xf0000000) != (((unsigned long)location + 4) & 0xf0000000)) { 80 pr_err("module %s: relocation overflow\n", 81 me->name); 82 return -ENOEXEC; 83 } 84 85 *location = (*location & ~0x03ffffff) | 86 ((base + (v >> 2)) & 0x03ffffff); 87 88 return 0; 89 } 90 91 static int apply_r_mips_hi16(struct module *me, u32 *location, 92 u32 base, Elf_Addr v, bool rela) 93 { 94 struct mips_hi16 *n; 95 96 if (rela) { 97 *location = (*location & 0xffff0000) | 98 ((((long long) v + 0x8000LL) >> 16) & 0xffff); 99 return 0; 100 } 101 102 /* 103 * We cannot relocate this one now because we don't know the value of 104 * the carry we need to add. Save the information, and let LO16 do the 105 * actual relocation. 106 */ 107 n = kmalloc(sizeof *n, GFP_KERNEL); 108 if (!n) 109 return -ENOMEM; 110 111 n->addr = (Elf_Addr *)location; 112 n->value = v; 113 n->next = me->arch.r_mips_hi16_list; 114 me->arch.r_mips_hi16_list = n; 115 116 return 0; 117 } 118 119 static void free_relocation_chain(struct mips_hi16 *l) 120 { 121 struct mips_hi16 *next; 122 123 while (l) { 124 next = l->next; 125 kfree(l); 126 l = next; 127 } 128 } 129 130 static int apply_r_mips_lo16(struct module *me, u32 *location, 131 u32 base, Elf_Addr v, bool rela) 132 { 133 unsigned long insnlo = base; 134 struct mips_hi16 *l; 135 Elf_Addr val, vallo; 136 137 if (rela) { 138 *location = (*location & 0xffff0000) | (v & 0xffff); 139 return 0; 140 } 141 142 /* Sign extend the addend we extract from the lo insn. */ 143 vallo = ((insnlo & 0xffff) ^ 0x8000) - 0x8000; 144 145 if (me->arch.r_mips_hi16_list != NULL) { 146 l = me->arch.r_mips_hi16_list; 147 while (l != NULL) { 148 struct mips_hi16 *next; 149 unsigned long insn; 150 151 /* 152 * The value for the HI16 had best be the same. 153 */ 154 if (v != l->value) 155 goto out_danger; 156 157 /* 158 * Do the HI16 relocation. Note that we actually don't 159 * need to know anything about the LO16 itself, except 160 * where to find the low 16 bits of the addend needed 161 * by the LO16. 162 */ 163 insn = *l->addr; 164 val = ((insn & 0xffff) << 16) + vallo; 165 val += v; 166 167 /* 168 * Account for the sign extension that will happen in 169 * the low bits. 170 */ 171 val = ((val >> 16) + ((val & 0x8000) != 0)) & 0xffff; 172 173 insn = (insn & ~0xffff) | val; 174 *l->addr = insn; 175 176 next = l->next; 177 kfree(l); 178 l = next; 179 } 180 181 me->arch.r_mips_hi16_list = NULL; 182 } 183 184 /* 185 * Ok, we're done with the HI16 relocs. Now deal with the LO16. 186 */ 187 val = v + vallo; 188 insnlo = (insnlo & ~0xffff) | (val & 0xffff); 189 *location = insnlo; 190 191 return 0; 192 193 out_danger: 194 free_relocation_chain(l); 195 me->arch.r_mips_hi16_list = NULL; 196 197 pr_err("module %s: dangerous R_MIPS_LO16 relocation\n", me->name); 198 199 return -ENOEXEC; 200 } 201 202 static int apply_r_mips_pc(struct module *me, u32 *location, u32 base, 203 Elf_Addr v, unsigned int bits) 204 { 205 unsigned long mask = GENMASK(bits - 1, 0); 206 unsigned long se_bits; 207 long offset; 208 209 if (v % 4) { 210 pr_err("module %s: dangerous R_MIPS_PC%u relocation\n", 211 me->name, bits); 212 return -ENOEXEC; 213 } 214 215 /* retrieve & sign extend implicit addend if any */ 216 offset = base & mask; 217 offset |= (offset & BIT(bits - 1)) ? ~mask : 0; 218 219 offset += ((long)v - (long)location) >> 2; 220 221 /* check the sign bit onwards are identical - ie. we didn't overflow */ 222 se_bits = (offset & BIT(bits - 1)) ? ~0ul : 0; 223 if ((offset & ~mask) != (se_bits & ~mask)) { 224 pr_err("module %s: relocation overflow\n", me->name); 225 return -ENOEXEC; 226 } 227 228 *location = (*location & ~mask) | (offset & mask); 229 230 return 0; 231 } 232 233 static int apply_r_mips_pc16(struct module *me, u32 *location, 234 u32 base, Elf_Addr v, bool rela) 235 { 236 return apply_r_mips_pc(me, location, base, v, 16); 237 } 238 239 static int apply_r_mips_pc21(struct module *me, u32 *location, 240 u32 base, Elf_Addr v, bool rela) 241 { 242 return apply_r_mips_pc(me, location, base, v, 21); 243 } 244 245 static int apply_r_mips_pc26(struct module *me, u32 *location, 246 u32 base, Elf_Addr v, bool rela) 247 { 248 return apply_r_mips_pc(me, location, base, v, 26); 249 } 250 251 static int apply_r_mips_64(struct module *me, u32 *location, 252 u32 base, Elf_Addr v, bool rela) 253 { 254 if (WARN_ON(!rela)) 255 return -EINVAL; 256 257 *(Elf_Addr *)location = v; 258 259 return 0; 260 } 261 262 static int apply_r_mips_higher(struct module *me, u32 *location, 263 u32 base, Elf_Addr v, bool rela) 264 { 265 if (WARN_ON(!rela)) 266 return -EINVAL; 267 268 *location = (*location & 0xffff0000) | 269 ((((long long)v + 0x80008000LL) >> 32) & 0xffff); 270 271 return 0; 272 } 273 274 static int apply_r_mips_highest(struct module *me, u32 *location, 275 u32 base, Elf_Addr v, bool rela) 276 { 277 if (WARN_ON(!rela)) 278 return -EINVAL; 279 280 *location = (*location & 0xffff0000) | 281 ((((long long)v + 0x800080008000LL) >> 48) & 0xffff); 282 283 return 0; 284 } 285 286 /** 287 * reloc_handler() - Apply a particular relocation to a module 288 * @me: the module to apply the reloc to 289 * @location: the address at which the reloc is to be applied 290 * @base: the existing value at location for REL-style; 0 for RELA-style 291 * @v: the value of the reloc, with addend for RELA-style 292 * 293 * Each implemented reloc_handler function applies a particular type of 294 * relocation to the module @me. Relocs that may be found in either REL or RELA 295 * variants can be handled by making use of the @base & @v parameters which are 296 * set to values which abstract the difference away from the particular reloc 297 * implementations. 298 * 299 * Return: 0 upon success, else -ERRNO 300 */ 301 typedef int (*reloc_handler)(struct module *me, u32 *location, 302 u32 base, Elf_Addr v, bool rela); 303 304 /* The handlers for known reloc types */ 305 static reloc_handler reloc_handlers[] = { 306 [R_MIPS_NONE] = apply_r_mips_none, 307 [R_MIPS_32] = apply_r_mips_32, 308 [R_MIPS_26] = apply_r_mips_26, 309 [R_MIPS_HI16] = apply_r_mips_hi16, 310 [R_MIPS_LO16] = apply_r_mips_lo16, 311 [R_MIPS_PC16] = apply_r_mips_pc16, 312 [R_MIPS_64] = apply_r_mips_64, 313 [R_MIPS_HIGHER] = apply_r_mips_higher, 314 [R_MIPS_HIGHEST] = apply_r_mips_highest, 315 [R_MIPS_PC21_S2] = apply_r_mips_pc21, 316 [R_MIPS_PC26_S2] = apply_r_mips_pc26, 317 }; 318 319 static int __apply_relocate(Elf_Shdr *sechdrs, const char *strtab, 320 unsigned int symindex, unsigned int relsec, 321 struct module *me, bool rela) 322 { 323 union { 324 Elf_Mips_Rel *rel; 325 Elf_Mips_Rela *rela; 326 } r; 327 reloc_handler handler; 328 Elf_Sym *sym; 329 u32 *location, base; 330 unsigned int i, type; 331 Elf_Addr v; 332 int err = 0; 333 size_t reloc_sz; 334 335 pr_debug("Applying relocate section %u to %u\n", relsec, 336 sechdrs[relsec].sh_info); 337 338 r.rel = (void *)sechdrs[relsec].sh_addr; 339 reloc_sz = rela ? sizeof(*r.rela) : sizeof(*r.rel); 340 me->arch.r_mips_hi16_list = NULL; 341 for (i = 0; i < sechdrs[relsec].sh_size / reloc_sz; i++) { 342 /* This is where to make the change */ 343 location = (void *)sechdrs[sechdrs[relsec].sh_info].sh_addr 344 + r.rel->r_offset; 345 /* This is the symbol it is referring to */ 346 sym = (Elf_Sym *)sechdrs[symindex].sh_addr 347 + ELF_MIPS_R_SYM(*r.rel); 348 if (sym->st_value >= -MAX_ERRNO) { 349 /* Ignore unresolved weak symbol */ 350 if (ELF_ST_BIND(sym->st_info) == STB_WEAK) 351 continue; 352 pr_warn("%s: Unknown symbol %s\n", 353 me->name, strtab + sym->st_name); 354 err = -ENOENT; 355 goto out; 356 } 357 358 type = ELF_MIPS_R_TYPE(*r.rel); 359 if (type < ARRAY_SIZE(reloc_handlers)) 360 handler = reloc_handlers[type]; 361 else 362 handler = NULL; 363 364 if (!handler) { 365 pr_err("%s: Unknown relocation type %u\n", 366 me->name, type); 367 err = -EINVAL; 368 goto out; 369 } 370 371 if (rela) { 372 v = sym->st_value + r.rela->r_addend; 373 base = 0; 374 r.rela = &r.rela[1]; 375 } else { 376 v = sym->st_value; 377 base = *location; 378 r.rel = &r.rel[1]; 379 } 380 381 err = handler(me, location, base, v, rela); 382 if (err) 383 goto out; 384 } 385 386 out: 387 /* 388 * Normally the hi16 list should be deallocated at this point. A 389 * malformed binary however could contain a series of R_MIPS_HI16 390 * relocations not followed by a R_MIPS_LO16 relocation, or if we hit 391 * an error processing a reloc we might have gotten here before 392 * reaching the R_MIPS_LO16. In either case, free up the list and 393 * return an error. 394 */ 395 if (me->arch.r_mips_hi16_list) { 396 free_relocation_chain(me->arch.r_mips_hi16_list); 397 me->arch.r_mips_hi16_list = NULL; 398 err = err ?: -ENOEXEC; 399 } 400 401 return err; 402 } 403 404 int apply_relocate(Elf_Shdr *sechdrs, const char *strtab, 405 unsigned int symindex, unsigned int relsec, 406 struct module *me) 407 { 408 return __apply_relocate(sechdrs, strtab, symindex, relsec, me, false); 409 } 410 411 #ifdef CONFIG_MODULES_USE_ELF_RELA 412 int apply_relocate_add(Elf_Shdr *sechdrs, const char *strtab, 413 unsigned int symindex, unsigned int relsec, 414 struct module *me) 415 { 416 return __apply_relocate(sechdrs, strtab, symindex, relsec, me, true); 417 } 418 #endif /* CONFIG_MODULES_USE_ELF_RELA */ 419 420 /* Given an address, look for it in the module exception tables. */ 421 const struct exception_table_entry *search_module_dbetables(unsigned long addr) 422 { 423 unsigned long flags; 424 const struct exception_table_entry *e = NULL; 425 struct mod_arch_specific *dbe; 426 427 spin_lock_irqsave(&dbe_lock, flags); 428 list_for_each_entry(dbe, &dbe_list, dbe_list) { 429 e = search_extable(dbe->dbe_start, 430 dbe->dbe_end - dbe->dbe_start, addr); 431 if (e) 432 break; 433 } 434 spin_unlock_irqrestore(&dbe_lock, flags); 435 436 /* Now, if we found one, we are running inside it now, hence 437 we cannot unload the module, hence no refcnt needed. */ 438 return e; 439 } 440 441 /* Put in dbe list if necessary. */ 442 int module_finalize(const Elf_Ehdr *hdr, 443 const Elf_Shdr *sechdrs, 444 struct module *me) 445 { 446 const Elf_Shdr *s; 447 char *secstrings = (void *)hdr + sechdrs[hdr->e_shstrndx].sh_offset; 448 449 /* Make jump label nops. */ 450 jump_label_apply_nops(me); 451 452 INIT_LIST_HEAD(&me->arch.dbe_list); 453 for (s = sechdrs; s < sechdrs + hdr->e_shnum; s++) { 454 if (strcmp("__dbe_table", secstrings + s->sh_name) != 0) 455 continue; 456 me->arch.dbe_start = (void *)s->sh_addr; 457 me->arch.dbe_end = (void *)s->sh_addr + s->sh_size; 458 spin_lock_irq(&dbe_lock); 459 list_add(&me->arch.dbe_list, &dbe_list); 460 spin_unlock_irq(&dbe_lock); 461 } 462 return 0; 463 } 464 465 void module_arch_cleanup(struct module *mod) 466 { 467 spin_lock_irq(&dbe_lock); 468 list_del(&mod->arch.dbe_list); 469 spin_unlock_irq(&dbe_lock); 470 } 471