cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

module.c (12400B)

      1// SPDX-License-Identifier: GPL-2.0-or-later
      2/*
      3 *
      4 *  Copyright (C) 2017 Zihao Yu
      5 */
      6
      7#include <linux/elf.h>
      8#include <linux/err.h>
      9#include <linux/errno.h>
     10#include <linux/moduleloader.h>
     11#include <linux/vmalloc.h>
     12#include <linux/sizes.h>
     13#include <linux/pgtable.h>
     14#include <asm/alternative.h>
     15#include <asm/sections.h>
     16
     17/*
     18 * The auipc+jalr instruction pair can reach any PC-relative offset
     19 * in the range [-2^31 - 2^11, 2^31 - 2^11)
     20 */
     21static bool riscv_insn_valid_32bit_offset(ptrdiff_t val)
     22{
     23#ifdef CONFIG_32BIT
     24	return true;
     25#else
     26	return (-(1L << 31) - (1L << 11)) <= val && val < ((1L << 31) - (1L << 11));
     27#endif
     28}
     29
     30static int apply_r_riscv_32_rela(struct module *me, u32 *location, Elf_Addr v)
     31{
     32	if (v != (u32)v) {
     33		pr_err("%s: value %016llx out of range for 32-bit field\n",
     34		       me->name, (long long)v);
     35		return -EINVAL;
     36	}
     37	*location = v;
     38	return 0;
     39}
     40
     41static int apply_r_riscv_64_rela(struct module *me, u32 *location, Elf_Addr v)
     42{
     43	*(u64 *)location = v;
     44	return 0;
     45}
     46
     47static int apply_r_riscv_branch_rela(struct module *me, u32 *location,
     48				     Elf_Addr v)
     49{
     50	ptrdiff_t offset = (void *)v - (void *)location;
     51	u32 imm12 = (offset & 0x1000) << (31 - 12);
     52	u32 imm11 = (offset & 0x800) >> (11 - 7);
     53	u32 imm10_5 = (offset & 0x7e0) << (30 - 10);
     54	u32 imm4_1 = (offset & 0x1e) << (11 - 4);
     55
     56	*location = (*location & 0x1fff07f) | imm12 | imm11 | imm10_5 | imm4_1;
     57	return 0;
     58}
     59
     60static int apply_r_riscv_jal_rela(struct module *me, u32 *location,
     61				  Elf_Addr v)
     62{
     63	ptrdiff_t offset = (void *)v - (void *)location;
     64	u32 imm20 = (offset & 0x100000) << (31 - 20);
     65	u32 imm19_12 = (offset & 0xff000);
     66	u32 imm11 = (offset & 0x800) << (20 - 11);
     67	u32 imm10_1 = (offset & 0x7fe) << (30 - 10);
     68
     69	*location = (*location & 0xfff) | imm20 | imm19_12 | imm11 | imm10_1;
     70	return 0;
     71}
     72
     73static int apply_r_riscv_rvc_branch_rela(struct module *me, u32 *location,
     74					 Elf_Addr v)
     75{
     76	ptrdiff_t offset = (void *)v - (void *)location;
     77	u16 imm8 = (offset & 0x100) << (12 - 8);
     78	u16 imm7_6 = (offset & 0xc0) >> (6 - 5);
     79	u16 imm5 = (offset & 0x20) >> (5 - 2);
     80	u16 imm4_3 = (offset & 0x18) << (12 - 5);
     81	u16 imm2_1 = (offset & 0x6) << (12 - 10);
     82
     83	*(u16 *)location = (*(u16 *)location & 0xe383) |
     84		    imm8 | imm7_6 | imm5 | imm4_3 | imm2_1;
     85	return 0;
     86}
     87
     88static int apply_r_riscv_rvc_jump_rela(struct module *me, u32 *location,
     89				       Elf_Addr v)
     90{
     91	ptrdiff_t offset = (void *)v - (void *)location;
     92	u16 imm11 = (offset & 0x800) << (12 - 11);
     93	u16 imm10 = (offset & 0x400) >> (10 - 8);
     94	u16 imm9_8 = (offset & 0x300) << (12 - 11);
     95	u16 imm7 = (offset & 0x80) >> (7 - 6);
     96	u16 imm6 = (offset & 0x40) << (12 - 11);
     97	u16 imm5 = (offset & 0x20) >> (5 - 2);
     98	u16 imm4 = (offset & 0x10) << (12 - 5);
     99	u16 imm3_1 = (offset & 0xe) << (12 - 10);
    100
    101	*(u16 *)location = (*(u16 *)location & 0xe003) |
    102		    imm11 | imm10 | imm9_8 | imm7 | imm6 | imm5 | imm4 | imm3_1;
    103	return 0;
    104}
    105
    106static int apply_r_riscv_pcrel_hi20_rela(struct module *me, u32 *location,
    107					 Elf_Addr v)
    108{
    109	ptrdiff_t offset = (void *)v - (void *)location;
    110	s32 hi20;
    111
    112	if (!riscv_insn_valid_32bit_offset(offset)) {
    113		pr_err(
    114		  "%s: target %016llx can not be addressed by the 32-bit offset from PC = %p\n",
    115		  me->name, (long long)v, location);
    116		return -EINVAL;
    117	}
    118
    119	hi20 = (offset + 0x800) & 0xfffff000;
    120	*location = (*location & 0xfff) | hi20;
    121	return 0;
    122}
    123
    124static int apply_r_riscv_pcrel_lo12_i_rela(struct module *me, u32 *location,
    125					   Elf_Addr v)
    126{
    127	/*
    128	 * v is the lo12 value to fill. It is calculated before calling this
    129	 * handler.
    130	 */
    131	*location = (*location & 0xfffff) | ((v & 0xfff) << 20);
    132	return 0;
    133}
    134
    135static int apply_r_riscv_pcrel_lo12_s_rela(struct module *me, u32 *location,
    136					   Elf_Addr v)
    137{
    138	/*
    139	 * v is the lo12 value to fill. It is calculated before calling this
    140	 * handler.
    141	 */
    142	u32 imm11_5 = (v & 0xfe0) << (31 - 11);
    143	u32 imm4_0 = (v & 0x1f) << (11 - 4);
    144
    145	*location = (*location & 0x1fff07f) | imm11_5 | imm4_0;
    146	return 0;
    147}
    148
    149static int apply_r_riscv_hi20_rela(struct module *me, u32 *location,
    150				   Elf_Addr v)
    151{
    152	s32 hi20;
    153
    154	if (IS_ENABLED(CONFIG_CMODEL_MEDLOW)) {
    155		pr_err(
    156		  "%s: target %016llx can not be addressed by the 32-bit offset from PC = %p\n",
    157		  me->name, (long long)v, location);
    158		return -EINVAL;
    159	}
    160
    161	hi20 = ((s32)v + 0x800) & 0xfffff000;
    162	*location = (*location & 0xfff) | hi20;
    163	return 0;
    164}
    165
    166static int apply_r_riscv_lo12_i_rela(struct module *me, u32 *location,
    167				     Elf_Addr v)
    168{
    169	/* Skip medlow checking because of filtering by HI20 already */
    170	s32 hi20 = ((s32)v + 0x800) & 0xfffff000;
    171	s32 lo12 = ((s32)v - hi20);
    172	*location = (*location & 0xfffff) | ((lo12 & 0xfff) << 20);
    173	return 0;
    174}
    175
    176static int apply_r_riscv_lo12_s_rela(struct module *me, u32 *location,
    177				     Elf_Addr v)
    178{
    179	/* Skip medlow checking because of filtering by HI20 already */
    180	s32 hi20 = ((s32)v + 0x800) & 0xfffff000;
    181	s32 lo12 = ((s32)v - hi20);
    182	u32 imm11_5 = (lo12 & 0xfe0) << (31 - 11);
    183	u32 imm4_0 = (lo12 & 0x1f) << (11 - 4);
    184	*location = (*location & 0x1fff07f) | imm11_5 | imm4_0;
    185	return 0;
    186}
    187
    188static int apply_r_riscv_got_hi20_rela(struct module *me, u32 *location,
    189				       Elf_Addr v)
    190{
    191	ptrdiff_t offset = (void *)v - (void *)location;
    192	s32 hi20;
    193
    194	/* Always emit the got entry */
    195	if (IS_ENABLED(CONFIG_MODULE_SECTIONS)) {
    196		offset = module_emit_got_entry(me, v);
    197		offset = (void *)offset - (void *)location;
    198	} else {
    199		pr_err(
    200		  "%s: can not generate the GOT entry for symbol = %016llx from PC = %p\n",
    201		  me->name, (long long)v, location);
    202		return -EINVAL;
    203	}
    204
    205	hi20 = (offset + 0x800) & 0xfffff000;
    206	*location = (*location & 0xfff) | hi20;
    207	return 0;
    208}
    209
    210static int apply_r_riscv_call_plt_rela(struct module *me, u32 *location,
    211				       Elf_Addr v)
    212{
    213	ptrdiff_t offset = (void *)v - (void *)location;
    214	u32 hi20, lo12;
    215
    216	if (!riscv_insn_valid_32bit_offset(offset)) {
    217		/* Only emit the plt entry if offset over 32-bit range */
    218		if (IS_ENABLED(CONFIG_MODULE_SECTIONS)) {
    219			offset = module_emit_plt_entry(me, v);
    220			offset = (void *)offset - (void *)location;
    221		} else {
    222			pr_err(
    223			  "%s: target %016llx can not be addressed by the 32-bit offset from PC = %p\n",
    224			  me->name, (long long)v, location);
    225			return -EINVAL;
    226		}
    227	}
    228
    229	hi20 = (offset + 0x800) & 0xfffff000;
    230	lo12 = (offset - hi20) & 0xfff;
    231	*location = (*location & 0xfff) | hi20;
    232	*(location + 1) = (*(location + 1) & 0xfffff) | (lo12 << 20);
    233	return 0;
    234}
    235
    236static int apply_r_riscv_call_rela(struct module *me, u32 *location,
    237				   Elf_Addr v)
    238{
    239	ptrdiff_t offset = (void *)v - (void *)location;
    240	u32 hi20, lo12;
    241
    242	if (!riscv_insn_valid_32bit_offset(offset)) {
    243		pr_err(
    244		  "%s: target %016llx can not be addressed by the 32-bit offset from PC = %p\n",
    245		  me->name, (long long)v, location);
    246		return -EINVAL;
    247	}
    248
    249	hi20 = (offset + 0x800) & 0xfffff000;
    250	lo12 = (offset - hi20) & 0xfff;
    251	*location = (*location & 0xfff) | hi20;
    252	*(location + 1) = (*(location + 1) & 0xfffff) | (lo12 << 20);
    253	return 0;
    254}
    255
    256static int apply_r_riscv_relax_rela(struct module *me, u32 *location,
    257				    Elf_Addr v)
    258{
    259	return 0;
    260}
    261
    262static int apply_r_riscv_align_rela(struct module *me, u32 *location,
    263				    Elf_Addr v)
    264{
    265	pr_err(
    266	  "%s: The unexpected relocation type 'R_RISCV_ALIGN' from PC = %p\n",
    267	  me->name, location);
    268	return -EINVAL;
    269}
    270
    271static int apply_r_riscv_add32_rela(struct module *me, u32 *location,
    272				    Elf_Addr v)
    273{
    274	*(u32 *)location += (u32)v;
    275	return 0;
    276}
    277
    278static int apply_r_riscv_add64_rela(struct module *me, u32 *location,
    279				    Elf_Addr v)
    280{
    281	*(u64 *)location += (u64)v;
    282	return 0;
    283}
    284
    285static int apply_r_riscv_sub32_rela(struct module *me, u32 *location,
    286				    Elf_Addr v)
    287{
    288	*(u32 *)location -= (u32)v;
    289	return 0;
    290}
    291
    292static int apply_r_riscv_sub64_rela(struct module *me, u32 *location,
    293				    Elf_Addr v)
    294{
    295	*(u64 *)location -= (u64)v;
    296	return 0;
    297}
    298
    299static int (*reloc_handlers_rela[]) (struct module *me, u32 *location,
    300				Elf_Addr v) = {
    301	[R_RISCV_32]			= apply_r_riscv_32_rela,
    302	[R_RISCV_64]			= apply_r_riscv_64_rela,
    303	[R_RISCV_BRANCH]		= apply_r_riscv_branch_rela,
    304	[R_RISCV_JAL]			= apply_r_riscv_jal_rela,
    305	[R_RISCV_RVC_BRANCH]		= apply_r_riscv_rvc_branch_rela,
    306	[R_RISCV_RVC_JUMP]		= apply_r_riscv_rvc_jump_rela,
    307	[R_RISCV_PCREL_HI20]		= apply_r_riscv_pcrel_hi20_rela,
    308	[R_RISCV_PCREL_LO12_I]		= apply_r_riscv_pcrel_lo12_i_rela,
    309	[R_RISCV_PCREL_LO12_S]		= apply_r_riscv_pcrel_lo12_s_rela,
    310	[R_RISCV_HI20]			= apply_r_riscv_hi20_rela,
    311	[R_RISCV_LO12_I]		= apply_r_riscv_lo12_i_rela,
    312	[R_RISCV_LO12_S]		= apply_r_riscv_lo12_s_rela,
    313	[R_RISCV_GOT_HI20]		= apply_r_riscv_got_hi20_rela,
    314	[R_RISCV_CALL_PLT]		= apply_r_riscv_call_plt_rela,
    315	[R_RISCV_CALL]			= apply_r_riscv_call_rela,
    316	[R_RISCV_RELAX]			= apply_r_riscv_relax_rela,
    317	[R_RISCV_ALIGN]			= apply_r_riscv_align_rela,
    318	[R_RISCV_ADD32]			= apply_r_riscv_add32_rela,
    319	[R_RISCV_ADD64]			= apply_r_riscv_add64_rela,
    320	[R_RISCV_SUB32]			= apply_r_riscv_sub32_rela,
    321	[R_RISCV_SUB64]			= apply_r_riscv_sub64_rela,
    322};
    323
    324int apply_relocate_add(Elf_Shdr *sechdrs, const char *strtab,
    325		       unsigned int symindex, unsigned int relsec,
    326		       struct module *me)
    327{
    328	Elf_Rela *rel = (void *) sechdrs[relsec].sh_addr;
    329	int (*handler)(struct module *me, u32 *location, Elf_Addr v);
    330	Elf_Sym *sym;
    331	u32 *location;
    332	unsigned int i, type;
    333	Elf_Addr v;
    334	int res;
    335
    336	pr_debug("Applying relocate section %u to %u\n", relsec,
    337	       sechdrs[relsec].sh_info);
    338
    339	for (i = 0; i < sechdrs[relsec].sh_size / sizeof(*rel); i++) {
    340		/* This is where to make the change */
    341		location = (void *)sechdrs[sechdrs[relsec].sh_info].sh_addr
    342			+ rel[i].r_offset;
    343		/* This is the symbol it is referring to */
    344		sym = (Elf_Sym *)sechdrs[symindex].sh_addr
    345			+ ELF_RISCV_R_SYM(rel[i].r_info);
    346		if (IS_ERR_VALUE(sym->st_value)) {
    347			/* Ignore unresolved weak symbol */
    348			if (ELF_ST_BIND(sym->st_info) == STB_WEAK)
    349				continue;
    350			pr_warn("%s: Unknown symbol %s\n",
    351				me->name, strtab + sym->st_name);
    352			return -ENOENT;
    353		}
    354
    355		type = ELF_RISCV_R_TYPE(rel[i].r_info);
    356
    357		if (type < ARRAY_SIZE(reloc_handlers_rela))
    358			handler = reloc_handlers_rela[type];
    359		else
    360			handler = NULL;
    361
    362		if (!handler) {
    363			pr_err("%s: Unknown relocation type %u\n",
    364			       me->name, type);
    365			return -EINVAL;
    366		}
    367
    368		v = sym->st_value + rel[i].r_addend;
    369
    370		if (type == R_RISCV_PCREL_LO12_I || type == R_RISCV_PCREL_LO12_S) {
    371			unsigned int j;
    372
    373			for (j = 0; j < sechdrs[relsec].sh_size / sizeof(*rel); j++) {
    374				unsigned long hi20_loc =
    375					sechdrs[sechdrs[relsec].sh_info].sh_addr
    376					+ rel[j].r_offset;
    377				u32 hi20_type = ELF_RISCV_R_TYPE(rel[j].r_info);
    378
    379				/* Find the corresponding HI20 relocation entry */
    380				if (hi20_loc == sym->st_value
    381				    && (hi20_type == R_RISCV_PCREL_HI20
    382					|| hi20_type == R_RISCV_GOT_HI20)) {
    383					s32 hi20, lo12;
    384					Elf_Sym *hi20_sym =
    385						(Elf_Sym *)sechdrs[symindex].sh_addr
    386						+ ELF_RISCV_R_SYM(rel[j].r_info);
    387					unsigned long hi20_sym_val =
    388						hi20_sym->st_value
    389						+ rel[j].r_addend;
    390
    391					/* Calculate lo12 */
    392					size_t offset = hi20_sym_val - hi20_loc;
    393					if (IS_ENABLED(CONFIG_MODULE_SECTIONS)
    394					    && hi20_type == R_RISCV_GOT_HI20) {
    395						offset = module_emit_got_entry(
    396							 me, hi20_sym_val);
    397						offset = offset - hi20_loc;
    398					}
    399					hi20 = (offset + 0x800) & 0xfffff000;
    400					lo12 = offset - hi20;
    401					v = lo12;
    402
    403					break;
    404				}
    405			}
    406			if (j == sechdrs[relsec].sh_size / sizeof(*rel)) {
    407				pr_err(
    408				  "%s: Can not find HI20 relocation information\n",
    409				  me->name);
    410				return -EINVAL;
    411			}
    412		}
    413
    414		res = handler(me, location, v);
    415		if (res)
    416			return res;
    417	}
    418
    419	return 0;
    420}
    421
    422#if defined(CONFIG_MMU) && defined(CONFIG_64BIT)
    423void *module_alloc(unsigned long size)
    424{
    425	return __vmalloc_node_range(size, 1, MODULES_VADDR,
    426				    MODULES_END, GFP_KERNEL,
    427				    PAGE_KERNEL, 0, NUMA_NO_NODE,
    428				    __builtin_return_address(0));
    429}
    430#endif
    431
    432static const Elf_Shdr *find_section(const Elf_Ehdr *hdr,
    433				    const Elf_Shdr *sechdrs,
    434				    const char *name)
    435{
    436	const Elf_Shdr *s, *se;
    437	const char *secstrs = (void *)hdr + sechdrs[hdr->e_shstrndx].sh_offset;
    438
    439	for (s = sechdrs, se = sechdrs + hdr->e_shnum; s < se; s++) {
    440		if (strcmp(name, secstrs + s->sh_name) == 0)
    441			return s;
    442	}
    443
    444	return NULL;
    445}
    446
    447int module_finalize(const Elf_Ehdr *hdr,
    448		    const Elf_Shdr *sechdrs,
    449		    struct module *me)
    450{
    451	const Elf_Shdr *s;
    452
    453	s = find_section(hdr, sechdrs, ".alternative");
    454	if (s)
    455		apply_module_alternatives((void *)s->sh_addr, s->sh_size);
    456
    457	return 0;
    458}