On Tue, Mar 17, 2015 at 01:40:02PM +0100, Quentin Casasnovas wrote: > __ex_table is a simple table section where each entry is a pair of > addresses - the first address is an address which can fault in kernel > space, and the second address points to where the kernel should jump to > when handling that fault. This is how copy_from_user() does not crash the > kernel if userspace gives a borked pointer for example. > > If one of these addresses point to a non-executable section, something is > seriously wrong since it either means the kernel will never fault from > there or it will not be able to jump to there. As both cases are serious > enough, we simply error out in these cases so the build fails and the > developper has to fix the issue. > > In case the section is executable, but it isn't referenced in our list of > authorized sections to point to from __ex_table, we just dump a warning > giving more information about it. We do this in case the new section is > executable but isn't supposed to be executed by the kernel. This happened > with .altinstr_replacement, which is executable but is only used to copy > instructions from - we should never have our instruction pointer pointing > in .altinstr_replacement. Admitedly, a proper fix in that case would be to > just set .altinstr_replacement NX, but we need to warn about future cases > like this. > > Signed-off-by: Quentin Casasnovas <quentin.casasno...@oracle.com> > --- > scripts/mod/modpost.c | 141 > ++++++++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 141 insertions(+)
This causes a bunch of mismatch warnings on 32-bit and 64-bit ARM because there are two additional sections, .text.fixup and .exception.text that store executable code. I've attached a patch to fix those, but feel free to squash that into the original commit if that's still possible. Also adding Rusty since he applied this to the modules-next tree. Thierry
From f5199120caafa0056cb18808ffe15af41bb102f3 Mon Sep 17 00:00:00 2001 From: Thierry Reding <tred...@nvidia.com> Date: Tue, 14 Apr 2015 13:59:07 +0200 Subject: [PATCH] modpost: Whitelist .text.fixup and .exception.text 32-bit and 64-bit ARM use these sections to store executable code, so they must be whitelisted in modpost's table of valid text sections. Signed-off-by: Thierry Reding <tred...@nvidia.com> --- scripts/mod/modpost.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index cbd53e08769d..6a925f200b25 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -876,7 +876,7 @@ static void check_section(const char *modname, struct elf_info *elf, #define TEXT_SECTIONS ".text", ".text.unlikely", ".sched.text", \ ".kprobes.text" #define OTHER_TEXT_SECTIONS ".ref.text", ".head.text", ".spinlock.text", \ - ".fixup", ".entry.text" + ".fixup", ".entry.text", ".text.fixup", ".exception.text" #define INIT_SECTIONS ".init.*" #define MEM_INIT_SECTIONS ".meminit.*" -- 2.3.5
pgpY9DwdQGgD7.pgp
Description: PGP signature