[PATCH 04/29] x86/livepatch: Validate __fentry__ location
From: Peter Zijlstra
Date: Fri Feb 18 2022 - 12:16:31 EST
Currently livepatch assumes __fentry__ lives at func+0, which is most
likely untrue with IBT on. Override the weak klp_get_ftrace_location()
function with an arch specific version that's IBT aware.
Also make the weak fallback verify the location is an actual ftrace
location as a sanity check.
Suggested-by: Miroslav Benes <mbenes@xxxxxxx>
Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
---
arch/x86/include/asm/livepatch.h | 9 +++++++++
kernel/livepatch/patch.c | 2 +-
2 files changed, 10 insertions(+), 1 deletion(-)
--- a/arch/x86/include/asm/livepatch.h
+++ b/arch/x86/include/asm/livepatch.h
@@ -17,4 +17,13 @@ static inline void klp_arch_set_pc(struc
ftrace_instruction_pointer_set(fregs, ip);
}
+#define klp_get_ftrace_location klp_get_ftrace_location
+static inline unsigned long klp_get_ftrace_location(unsigned long faddr)
+{
+ unsigned long addr = ftrace_location(faddr);
+ if (!addr && IS_ENABLED(CONFIG_X86_IBT))
+ addr = ftrace_location(faddr + 4);
+ return addr;
+}
+
#endif /* _ASM_X86_LIVEPATCH_H */
--- a/kernel/livepatch/patch.c
+++ b/kernel/livepatch/patch.c
@@ -133,7 +133,7 @@ static void notrace klp_ftrace_handler(u
#ifndef klp_get_ftrace_location
static unsigned long klp_get_ftrace_location(unsigned long faddr)
{
- return faddr;
+ return ftrace_location(faddr);
}
#endif