Loading...
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 | #! /bin/bash # SPDX-License-Identifier: GPL-2.0 # (c) 2015, Quentin Casasnovas <quentin.casasnovas@oracle.com> obj=$1 file ${obj} | grep -q ELF || (echo "${obj} is not an ELF file." 1>&2 ; exit 0) # Bail out early if there isn't an __ex_table section in this object file. objdump -hj __ex_table ${obj} 2> /dev/null > /dev/null [ $? -ne 0 ] && exit 0 white_list=.text,.fixup suspicious_relocs=$(objdump -rj __ex_table ${obj} | tail -n +6 | grep -v $(eval echo -e{${white_list}}) | awk '{print $3}') # No suspicious relocs in __ex_table, jobs a good'un [ -z "${suspicious_relocs}" ] && exit 0 # After this point, something is seriously wrong since we just found out we # have some relocations in __ex_table which point to sections which aren't # white listed. If you're adding a new section in the Linux kernel, and # you're expecting this section to contain code which can fault (i.e. the # __ex_table relocation to your new section is expected), simply add your # new section to the white_list variable above. If not, you're probably # doing something wrong and the rest of this code is just trying to print # you more information about it. function find_section_offset_from_symbol() { eval $(objdump -t ${obj} | grep ${1} | sed 's/\([0-9a-f]\+\) .\{7\} \([^ \t]\+\).*/section="\2"; section_offset="0x\1" /') # addr2line takes addresses in hexadecimal... section_offset=$(printf "0x%016x" $(( ${section_offset} + $2 )) ) } function find_symbol_and_offset_from_reloc() { # Extract symbol and offset from the objdump output eval $(echo $reloc | sed 's/\([^+]\+\)+\?\(0x[0-9a-f]\+\)\?/symbol="\1"; symbol_offset="\2"/') # When the relocation points to the begining of a symbol or section, it # won't print the offset since it is zero. if [ -z "${symbol_offset}" ]; then symbol_offset=0x0 fi } function find_alt_replacement_target() { # The target of the .altinstr_replacement is the relocation just before # the .altinstr_replacement one. eval $(objdump -rj .altinstructions ${obj} | grep -B1 "${section}+${section_offset}" | head -n1 | awk '{print $3}' | sed 's/\([^+]\+\)+\(0x[0-9a-f]\+\)/alt_target_section="\1"; alt_target_offset="\2"/') } function handle_alt_replacement_reloc() { # This will define alt_target_section and alt_target_section_offset find_alt_replacement_target ${section} ${section_offset} echo "Error: found a reference to .altinstr_replacement in __ex_table:" addr2line -fip -j ${alt_target_section} -e ${obj} ${alt_target_offset} | awk '{print "\t" $0}' error=true } function is_executable_section() { objdump -hwj ${section} ${obj} | grep -q CODE return $? } function handle_suspicious_generic_reloc() { if is_executable_section ${section}; then # We've got a relocation to a non white listed _executable_ # section, print a warning so the developper adds the section to # the white list or fix his code. We try to pretty-print the file # and line number where that relocation was added. echo "Warning: found a reference to section \"${section}\" in __ex_table:" addr2line -fip -j ${section} -e ${obj} ${section_offset} | awk '{print "\t" $0}' else # Something is definitively wrong here since we've got a relocation # to a non-executable section, there's no way this would ever be # running in the kernel. echo "Error: found a reference to non-executable section \"${section}\" in __ex_table at offset ${section_offset}" error=true fi } function handle_suspicious_reloc() { case "${section}" in ".altinstr_replacement") handle_alt_replacement_reloc ${section} ${section_offset} ;; *) handle_suspicious_generic_reloc ${section} ${section_offset} ;; esac } function diagnose() { for reloc in ${suspicious_relocs}; do # Let's find out where the target of the relocation in __ex_table # is, this will define ${symbol} and ${symbol_offset} find_symbol_and_offset_from_reloc ${reloc} # When there's a global symbol at the place of the relocation, # objdump will use it instead of giving us a section+offset, so # let's find out which section is this symbol in and the total # offset withing that section. find_section_offset_from_symbol ${symbol} ${symbol_offset} # In this case objdump was presenting us with a reloc to a symbol # rather than a section. Now that we've got the actual section, # we can skip it if it's in the white_list. if [ -z "$( echo $section | grep -v $(eval echo -e{${white_list}}))" ]; then continue; fi # Will either print a warning if the relocation happens to be in a # section we do not know but has executable bit set, or error out. handle_suspicious_reloc done } function check_debug_info() { objdump -hj .debug_info ${obj} 2> /dev/null > /dev/null || echo -e "${obj} does not contain debug information, the addr2line output will be limited.\n" \ "Recompile ${obj} with CONFIG_DEBUG_INFO to get a more useful output." } check_debug_info diagnose if [ "${error}" ]; then exit 1 fi exit 0 |