Re: [PATCH] powerpc/module_64: Fix livepatching for RO modules

[Joe Lawrence <joe.lawrence@redhat.com>]

On 11/23/21 3:15 AM, Russell Currey wrote:
> Livepatching a loaded module involves applying relocations through
> apply_relocate_add(), which attempts to write to read-only memory when
> CONFIG_STRICT_MODULE_RWX=y.  Work around this by performing these
> writes through the text poke area by using patch_instruction().
> 
> R_PPC_REL24 is the only relocation type generated by the kpatch-build
> userspace tool or klp-convert kernel tree that I observed applying a
> relocation to a post-init module.
> 
> A more comprehensive solution is planned, but using patch_instruction()
> for R_PPC_REL24 on should serve as a sufficient fix.
> 
> This does have a performance impact, I observed ~15% overhead in
> module_load() on POWER8 bare metal with checksum verification off.
> 
> Fixes: c35717c71e98 ("powerpc: Set ARCH_HAS_STRICT_MODULE_RWX")
> Cc: stable@vger.kernel.org # v5.14+
> Reported-by: Joe Lawrence <joe.lawrence@redhat.com>
> Signed-off-by: Russell Currey <ruscur@russell.cc>
> ---
> Intended to be a minimal fix that can go to stable.
> 
>  arch/powerpc/kernel/module_64.c | 30 ++++++++++++++++++++++--------
>  1 file changed, 22 insertions(+), 8 deletions(-)
> 
> diff --git a/arch/powerpc/kernel/module_64.c b/arch/powerpc/kernel/module_64.c
> index 6baa676e7cb6..c25ef36c3ef4 100644
> --- a/arch/powerpc/kernel/module_64.c
> +++ b/arch/powerpc/kernel/module_64.c
> @@ -422,11 +422,16 @@ static inline int create_stub(const Elf64_Shdr *sechdrs,
>  			      const char *name)
>  {
>  	long reladdr;
> +	func_desc_t desc;
> +	int i;
>  
>  	if (is_mprofile_ftrace_call(name))
>  		return create_ftrace_stub(entry, addr, me);
>  
> -	memcpy(entry->jump, ppc64_stub_insns, sizeof(ppc64_stub_insns));
> +	for (i = 0; i < sizeof(ppc64_stub_insns) / sizeof(u32); i++) {
> +		patch_instruction(&entry->jump[i],
> +				  ppc_inst(ppc64_stub_insns[i]));
> +	}
>  
>  	/* Stub uses address relative to r2. */
>  	reladdr = (unsigned long)entry - my_r2(sechdrs, me);
> @@ -437,10 +442,19 @@ static inline int create_stub(const Elf64_Shdr *sechdrs,
>  	}
>  	pr_debug("Stub %p get data from reladdr %li\n", entry, reladdr);
>  
> -	entry->jump[0] |= PPC_HA(reladdr);
> -	entry->jump[1] |= PPC_LO(reladdr);
> -	entry->funcdata = func_desc(addr);
> -	entry->magic = STUB_MAGIC;
> +	patch_instruction(&entry->jump[0],
> +			  ppc_inst(entry->jump[0] | PPC_HA(reladdr)));
> +	patch_instruction(&entry->jump[1],
> +			  ppc_inst(entry->jump[1] | PPC_LO(reladdr)));
> +
> +	// func_desc_t is 8 bytes if ABIv2, else 16 bytes
> +	desc = func_desc(addr);
> +	for (i = 0; i < sizeof(func_desc_t) / sizeof(u32); i++) {
> +		patch_instruction(((u32 *)&entry->funcdata) + i,
> +				  ppc_inst(((u32 *)(&desc))[i]));
> +	}
> +
> +	patch_instruction(&entry->magic, ppc_inst(STUB_MAGIC));
>  
>  	return 1;
>  }
> @@ -496,7 +510,7 @@ static int restore_r2(const char *name, u32 *instruction, struct module *me)
>  		return 0;
>  	}
>  	/* ld r2,R2_STACK_OFFSET(r1) */
> -	*instruction = PPC_INST_LD_TOC;
> +	patch_instruction(instruction, ppc_inst(PPC_INST_LD_TOC));
>  	return 1;
>  }
>  
> @@ -636,9 +650,9 @@ int apply_relocate_add(Elf64_Shdr *sechdrs,
>  			}
>  
>  			/* Only replace bits 2 through 26 */
> -			*(uint32_t *)location
> -				= (*(uint32_t *)location & ~0x03fffffc)
> +			value = (*(uint32_t *)location & ~0x03fffffc)
>  				| (value & 0x03fffffc);
> +			patch_instruction((u32 *)location, ppc_inst(value));
>  			break;
>  
>  		case R_PPC64_REL64:
> 

[[ cc += livepatching list ]]

Hi Russell,

Thanks for writing a minimal fix for stable / backporting.  As I
mentioned on the github issue [1], this avoided the crashes I reported
here and over on kpatch github [2].  I wasn't sure if this is the final
version for stable, but feel free to add my:

Tested-by: Joe Lawrence <joe.lawrence@redhat.com>

[1] https://github.com/linuxppc/issues/issues/375
[2] https://github.com/dynup/kpatch/issues/1228

-- 
Joe