Fix dpcpu and vnet panics with complex types at the end of the section.

Apply a linker script when linking i386 kernel modules to apply padding
to a set_pcpu or set_vnet section.  The padding value is kind-of random
and is used to catch modules not compiled with the linker-script, so
possibly still having problems leading to kernel panics.

This is needed as the code generated on certain architectures for
non-simple-types, e.g., an array can generate an absolute relocation
on the edge (just outside) the section and thus will not be properly
relocated. Adding the padding to the end of the section will ensure
that even absolute relocations of complex types will be inside the
section, if they are the last object in there and hence relocation will
work properly and avoid panics such as observed with carp.ko or ipsec.ko.

There is a rather lengthy discussion of various options to apply in
the mentioned PRs and their depends/blocks, and the review.
There seems no best solution working across multiple toolchains and
multiple version of them, so I took the liberty of taking one,
as currently our users (and our CI system) are hitting this on
just i386 and we need some solution.  I wish we would have a proper
fix rather than another "hack".

Also backout r340009 which manually, temporarily fixed CARP before 12.0-R
"by chance" after a lead-up of various other link-elf.c and related fixes.

PR:			230857,238012
With suggestions from:	arichardson (originally last year)
Tested by:		lwhsu
Event:			Waterloo Hackathon 2019
Reported by:		lwhsu, olivier
MFC after:		6 weeks
Differential Revision:	https://reviews.freebsd.org/D17512
This commit is contained in:
bz 2019-06-08 17:44:42 +00:00
parent 1bbb27fcde
commit 24f298a9c6
6 changed files with 106 additions and 16 deletions

View File

@ -31,6 +31,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 13.x IS SLOW:
disable the most expensive debugging functionality run disable the most expensive debugging functionality run
"ln -s 'abort:false,junk:false' /etc/malloc.conf".) "ln -s 'abort:false,junk:false' /etc/malloc.conf".)
20190608:
A fix was applied to i386 kernel modules to avoid panics with
dpcpu or vnet. Users need to recompile i386 kernel modules
having pcpu or vnet sections or they will refuse to load.
20190513: 20190513:
User-wired pages now have their own counter, User-wired pages now have their own counter,
vm.stats.vm.v_user_wire_count. The vm.max_wired sysctl was renamed vm.stats.vm.v_user_wire_count. The vm.max_wired sysctl was renamed

View File

@ -242,7 +242,13 @@ ${KMOD}.kld: ${OBJS}
.else .else
${FULLPROG}: ${OBJS} ${FULLPROG}: ${OBJS}
.endif .endif
.if !defined(FIRMWS) && (${MACHINE_CPUARCH} == "i386")
${LD} -m ${LD_EMULATION} ${_LDFLAGS} -r \
-T ${SYSDIR}/conf/ldscript.set_padding \
-d -o ${.TARGET} ${OBJS}
.else
${LD} -m ${LD_EMULATION} ${_LDFLAGS} -r -d -o ${.TARGET} ${OBJS} ${LD} -m ${LD_EMULATION} ${_LDFLAGS} -r -d -o ${.TARGET} ${OBJS}
.endif
.if ${MK_CTF} != "no" .if ${MK_CTF} != "no"
${CTFMERGE} ${CTFFLAGS} -o ${.TARGET} ${OBJS} ${CTFMERGE} ${CTFFLAGS} -o ${.TARGET} ${OBJS}
.endif .endif

View File

@ -0,0 +1,46 @@
/*-
* SPDX-License-Identifier: BSD-2-Clause
*
* Copyright (c) 2018 Bjoern A. Zeeb
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
SECTIONS
{
set_pcpu :
{
*(set_pcpu)
LONG(0x90909090) ;
}
}
SECTIONS
{
set_vnet :
{
*(set_vnet)
LONG(0x90909090) ;
}
}
/* end */

View File

@ -615,10 +615,14 @@ parse_dynamic(elf_file_t ef)
return (0); return (0);
} }
#define LS_PADDING 0x90909090
static int static int
parse_dpcpu(elf_file_t ef) parse_dpcpu(elf_file_t ef)
{ {
int error, size; int error, size;
#if defined(__i386__)
uint32_t pad;
#endif
ef->pcpu_start = 0; ef->pcpu_start = 0;
ef->pcpu_stop = 0; ef->pcpu_stop = 0;
@ -631,6 +635,26 @@ parse_dpcpu(elf_file_t ef)
/* Empty set? */ /* Empty set? */
if (size < 1) if (size < 1)
return (0); return (0);
#if defined(__i386__)
/* In case we do find __start/stop_set_ symbols double-check. */
if (size < 4) {
uprintf("Kernel module '%s' must be recompiled with "
"linker script\n", ef->lf.pathname);
return (ENOEXEC);
}
/* Padding from linker-script correct? */
pad = *(uint32_t *)((uintptr_t)ef->pcpu_stop - sizeof(pad));
if (pad != LS_PADDING) {
uprintf("Kernel module '%s' must be recompiled with "
"linker script, invalid padding %#04x (%#04x)\n",
ef->lf.pathname, pad, LS_PADDING);
return (ENOEXEC);
}
/* If we only have valid padding, nothing to do. */
if (size == 4)
return (0);
#endif
/* /*
* Allocate space in the primary pcpu area. Copy in our * Allocate space in the primary pcpu area. Copy in our
* initialization from the data section and then initialize * initialization from the data section and then initialize
@ -656,6 +680,9 @@ static int
parse_vnet(elf_file_t ef) parse_vnet(elf_file_t ef)
{ {
int error, size; int error, size;
#if defined(__i386__)
uint32_t pad;
#endif
ef->vnet_start = 0; ef->vnet_start = 0;
ef->vnet_stop = 0; ef->vnet_stop = 0;
@ -668,6 +695,26 @@ parse_vnet(elf_file_t ef)
/* Empty set? */ /* Empty set? */
if (size < 1) if (size < 1)
return (0); return (0);
#if defined(__i386__)
/* In case we do find __start/stop_set_ symbols double-check. */
if (size < 4) {
uprintf("Kernel module '%s' must be recompiled with "
"linker script\n", ef->lf.pathname);
return (ENOEXEC);
}
/* Padding from linker-script correct? */
pad = *(uint32_t *)((uintptr_t)ef->vnet_stop - sizeof(pad));
if (pad != LS_PADDING) {
uprintf("Kernel module '%s' must be recompiled with "
"linker script, invalid padding %#04x (%#04x)\n",
ef->lf.pathname, pad, LS_PADDING);
return (ENOEXEC);
}
/* If we only have valid padding, nothing to do. */
if (size == 4)
return (0);
#endif
/* /*
* Allocate space in the primary vnet area. Copy in our * Allocate space in the primary vnet area. Copy in our
* initialization from the data section and then initialize * initialization from the data section and then initialize
@ -688,6 +735,7 @@ parse_vnet(elf_file_t ef)
return (0); return (0);
} }
#endif #endif
#undef LS_PADDING
static int static int
link_elf_link_preload(linker_class_t cls, link_elf_link_preload(linker_class_t cls,

View File

@ -2180,21 +2180,6 @@ static struct protosw in6_carp_protosw = {
}; };
#endif #endif
#ifdef VIMAGE
#if defined(__i386__)
/*
* XXX This is a hack to work around an absolute relocation outside
* set_vnet by one (on the stop symbol) for carpstats. Add a dummy variable
* to the end of the file in the hope that the linker will just keep the
* order (as it seems to do at the moment). It is understood to be fragile.
* See PR 230857 for a longer discussion of the problem and the referenced
* review for possible alternate solutions. Each is a hack; we just need
* the least intrusive one for the next release.
*/
VNET_DEFINE(char, carp_zzz) = 0xde;
#endif
#endif
static void static void
carp_mod_cleanup(void) carp_mod_cleanup(void)
{ {

View File

@ -60,7 +60,7 @@
* in the range 5 to 9. * in the range 5 to 9.
*/ */
#undef __FreeBSD_version #undef __FreeBSD_version
#define __FreeBSD_version 1300030 /* Master, propagated to newvers */ #define __FreeBSD_version 1300031 /* Master, propagated to newvers */
/* /*
* __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,