tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

powerpc/module_64: Fix livepatching for RO modules

Livepatching a loaded module involves applying relocations through
apply_relocate_add(), which attempts to write to read-only memory when
CONFIG_STRICT_MODULE_RWX=y. Work around this by performing these
writes through the text poke area by using patch_instruction().

R_PPC_REL24 is the only relocation type generated by the kpatch-build
userspace tool or klp-convert kernel tree that I observed applying a
relocation to a post-init module.

A more comprehensive solution is planned, but using patch_instruction()
for R_PPC_REL24 on should serve as a sufficient fix.

This does have a performance impact, I observed ~15% overhead in
module_load() on POWER8 bare metal with checksum verification off.

Fixes: c35717c71e98 ("powerpc: Set ARCH_HAS_STRICT_MODULE_RWX")
Cc: stable@vger.kernel.org # v5.14+
Reported-by: Joe Lawrence <joe.lawrence@redhat.com>
Signed-off-by: Russell Currey <ruscur@russell.cc>
Tested-by: Joe Lawrence <joe.lawrence@redhat.com>
[mpe: Check return codes from patch_instruction()]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20211214121248.777249-1-mpe@ellerman.id.au

authored by Russell Currey and committed by Michael Ellerman 8734b41b 3dc709e5

+34 -8
unified split
+34 -8
arch/powerpc/kernel/module_64.c
··· 422 422 const char *name) 423 423 { 424 424 long reladdr; 425 + func_desc_t desc; 426 + int i; 425 427 426 428 if (is_mprofile_ftrace_call(name)) 427 429 return create_ftrace_stub(entry, addr, me); 428 430 429 - memcpy(entry->jump, ppc64_stub_insns, sizeof(ppc64_stub_insns)); 431 + for (i = 0; i < sizeof(ppc64_stub_insns) / sizeof(u32); i++) { 432 + if (patch_instruction(&entry->jump[i], 433 + ppc_inst(ppc64_stub_insns[i]))) 434 + return 0; 435 + } 430 436 431 437 /* Stub uses address relative to r2. */ 432 438 reladdr = (unsigned long)entry - my_r2(sechdrs, me); ··· 443 437 } 444 438 pr_debug("Stub %p get data from reladdr %li\n", entry, reladdr); 445 439 446 - entry->jump[0] |= PPC_HA(reladdr); 447 - entry->jump[1] |= PPC_LO(reladdr); 448 - entry->funcdata = func_desc(addr); 449 - entry->magic = STUB_MAGIC; 440 + if (patch_instruction(&entry->jump[0], 441 + ppc_inst(entry->jump[0] | PPC_HA(reladdr)))) 442 + return 0; 443 + 444 + if (patch_instruction(&entry->jump[1], 445 + ppc_inst(entry->jump[1] | PPC_LO(reladdr)))) 446 + return 0; 447 + 448 + // func_desc_t is 8 bytes if ABIv2, else 16 bytes 449 + desc = func_desc(addr); 450 + for (i = 0; i < sizeof(func_desc_t) / sizeof(u32); i++) { 451 + if (patch_instruction(((u32 *)&entry->funcdata) + i, 452 + ppc_inst(((u32 *)(&desc))[i]))) 453 + return 0; 454 + } 455 + 456 + if (patch_instruction(&entry->magic, ppc_inst(STUB_MAGIC))) 457 + return 0; 450 458 451 459 return 1; 452 460 } ··· 515 495 me->name, *instruction, instruction); 516 496 return 0; 517 497 } 498 + 518 499 /* ld r2,R2_STACK_OFFSET(r1) */ 519 - *instruction = PPC_INST_LD_TOC; 500 + if (patch_instruction(instruction, ppc_inst(PPC_INST_LD_TOC))) 501 + return 0; 502 + 520 503 return 1; 521 504 } 522 505 ··· 659 636 } 660 637 661 638 /* Only replace bits 2 through 26 */ 662 - *(uint32_t *)location 663 - = (*(uint32_t *)location & ~0x03fffffc) 639 + value = (*(uint32_t *)location & ~0x03fffffc) 664 640 | (value & 0x03fffffc); 641 + 642 + if (patch_instruction((u32 *)location, ppc_inst(value))) 643 + return -EFAULT; 644 + 665 645 break; 666 646 667 647 case R_PPC64_REL64: