lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.2.00.1102110838430.14920@xanadu.home>
Date:	Fri, 11 Feb 2011 08:51:34 -0500 (EST)
From:	Nicolas Pitre <nicolas.pitre@...aro.org>
To:	Dave Martin <dave.martin@...aro.org>
cc:	Russell King - ARM Linux <linux@....linux.org.uk>,
	Sachin Verma <imschnvrm@...il.com>,
	Rabin Vincent <rabin@....in>,
	Alexander Holler <holler@...oftware.de>,
	lkml <linux-kernel@...r.kernel.org>,
	linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>,
	catalin.marinas@....com
Subject: Re: ARM: relocation out of range (when loading a module)

On Fri, 11 Feb 2011, Dave Martin wrote:

> On Thu, Feb 10, 2011 at 7:41 PM, Nicolas Pitre <nicolas.pitre@...aro.org> wrote:
> > On Thu, 10 Feb 2011, Russell King - ARM Linux wrote:
> >
> >> On Thu, Jan 27, 2011 at 12:43:54AM -0500, Nicolas Pitre wrote:
> >> > The MMU-less kernel should still favor allocations close to the kernel
> >> > text for modules, and anything else away from the kernel going
> >> > downwards.
> >> >
> >> > Otherwise a veneer should be created by the module symbol resolver such
> >> > that if the branch distance to reach, say, printk is too large, then the
> >> > following code would have to be dynamically generated right next to the
> >> > module:
> >> >
> >> >     ldr     pc, [pc, #-4]
> >> >     .word   <far_away_symbol>
> >> >
> >> > Then, in your module, you patch the branch relocation for printk so that
> >> > it branches to the code above instead, and then store the address of
> >> > printk at the location represented by the .word directive.
> >>
> >> What you're suggesting is what we used to do with the old user-space
> >> module tools, which would've been nice to carry forwards to the new
> >> module code.  I never found a way to do it.
> >>
> >> The problems:
> >> 1. Where do you create those veneers?
> >> 2. How many veneers do you allocate space for?
> >> 3. How do you determine that you need a veneer?
> >>
> >> While you can say "next to the module" for (1), you can only do that at
> >> the point in time when the space for the module is allocated, and you
> >> need to know at that point how much space you require.
> >
> > You would have to guess of course.  Having a guess of 1/2 the module
> > size should be pretty safe.  So allocating 3/2 the space in
> > module_alloc(), and then suffice to free the unused portion in
> > module_finalize().
> >
> >> For (2), you could always allocate space for one veneer per symbol present
> >> in the module, but that's very wasteful.
> >>
> >> (3) is almost impossible to know ahead of time as you don't have the
> >> relocations, realistically you have to allocate one veneer per symbol,
> >> and as you don't know whether it's a data or code symbol, you'll have
> >> to allocate one veneer for every symbol in a module.
> >
> > I don't think you may know the number of symbols in advance either
> > anyway.
> 
> You could probably cook up a good upper bound based on the size of the
> kernel and the number of symbols in the module: i.e., assume that
> every undefined symbol in the module needs to be fixed up to point at
> the most distant symbol in the kernel.

Sure... It is just that the memory allocation is currently done before 
the number of symbols in the module is known.  Changing that would 
require non trivial changes in the generic module loading code which 
potentially would affect all architectures, and therefore I don't think 
we want to go there.

The other solution would be to determine the number of objects in need 
of a veneer in apply_relocate(), allocate a replacement area for the 
module, copy everything over, and then create the veneers close to the 
module.  But 1) the second allocation may fail, and 2) this will change 
the distance from the kernel potentially requiring more veneers than 
initially determined, and 3) the generic module code might still have 
pointer references into the old allocation area (didn't check but that 
can be expected).  That's just too messy.

> For people with normal-sized kernels, this bound will probably work
> out as zero most of the time (i.e., the current situation).  For
> people with big kernels, or when many modules are already loaded, it
> may work out at 100% -- but that's the price to pay for guaranteed
> preallocation of the space required for the veneers.  And anyway, you
> may really need a substantial chunk of those veneers in such cases.

I still think that compiling modules with -mlong-calls, and making that 
conditional on a kernel config option so only those who need it will 
have it, is the simplest solution.  Nothing in the kernel code would 
need to be changed.


Nicolas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ