From nobody Thu Apr 2 15:35:59 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 660DC331A77; Tue, 10 Feb 2026 21:50:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770760225; cv=none; b=BZ/gAD5XOaT6raaOxc8m6MBLkm/EOY7pmXVDm182T84xQiGPKed2AutyeGXeMMGexXbiW5H6bIKUUG7bGqiHooZF33GPFhefOrV5QyDxC2h9KHutdNifM95tLbF6CqtqZ0d2asbNlBf6fpZ9DL3iUkFPwO1ArpQOaJMewTAYQzk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770760225; c=relaxed/simple; bh=GCdZzB5jOwIigRKxnokYUOrUQZmwGrjeqH3KSVdeWcM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JJcIidNPR8IRfQAA2QFdztVhvAO5WCA6vjCV48Vrpg5M4x4OhXabHVhUHuWiKZjwlJv4U3llX7ou2VY9ZHR1ARqWMNr2Tq+vLzZZdfnNAAdFLZRJQ6EAAOO/NfCx3jp0GSR0O+y8YZWlsexYjVypqw7EJ9Gx8vwZpNIgpRWrIqk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=H9AS1rhl; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="H9AS1rhl" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0993AC19424; Tue, 10 Feb 2026 21:50:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1770760225; bh=GCdZzB5jOwIigRKxnokYUOrUQZmwGrjeqH3KSVdeWcM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=H9AS1rhl7whcug+CpWtm08FxawKqCaY9jmu8G6doSUkfDiwgy6OWtGENj+foBNwwk 7hqXAFxwGu5UMxUAU9JjRJZN7HPjOuKmTf+VKK1xDKolE7x8kesAfuWItGceMpk6QF GDk+yn5b/OatHsfDkWzlTgCnkCp52tSrR1A3L9A4JlKA7yb5a6rLJf7rt2itKqSzEx 148ZrA6NnhDpDkEJb/e7BYlRzPL1GnQ5cTWbfcqukJxs9SD1wsiDb0RtPQj/PmZExG GC16g+WKtnxeG6Uk6WNNZFEd/J1G/D5MeibKCh8OaW737LnpVlc5xEcsED/b+3HNIS HiFrL2qqmBfCw== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Peter Zijlstra , live-patching@vger.kernel.org, Song Liu , Joe Lawrence Subject: [PATCH 1/3] objtool/klp: Fix detection of corrupt static branch/call entries Date: Tue, 10 Feb 2026 13:50:09 -0800 Message-ID: <124ad747b751df0df1725eff89de8332e3fb26d6.1770759954.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Patching a function which references a static key living in a kernel module is unsupported due to ordering issues inherent to late module patching: 1) Load a livepatch module which has a __jump_table entry which needs a klp reloc to reference static key K which lives in module M. 2) The __jump_table klp reloc does *not* get resolved because module M is not yet loaded. 3) jump_label_add_module() corrupts memory (or causes a panic) when dereferencing the uninitialized pointer to key K. validate_special_section_klp_reloc() intends to prevent that from ever happening by catching it at build time. However, it incorrectly assumes the special section entry's reloc symbol references have already been converted from section symbols to object symbols, causing the validation to miss corruption in extracted static branch/call table entries. Make sure the references have been properly converted before doing the validation. Fixes: dd590d4d57eb ("objtool/klp: Introduce klp diff subcommand for diffin= g object files") Reported-by: Song Liu Signed-off-by: Josh Poimboeuf --- tools/objtool/klp-diff.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tools/objtool/klp-diff.c b/tools/objtool/klp-diff.c index 9f1f4011eb9c..d94632e80955 100644 --- a/tools/objtool/klp-diff.c +++ b/tools/objtool/klp-diff.c @@ -1364,6 +1364,9 @@ static int validate_special_section_klp_reloc(struct = elfs *e, struct symbol *sym const char *sym_modname; struct export *export; =20 + if (convert_reloc_sym(e->patched, reloc)) + continue; + /* Static branch/call keys are always STT_OBJECT */ if (reloc->sym->type !=3D STT_OBJECT) { =20 --=20 2.53.0 From nobody Thu Apr 2 15:35:59 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C5F2D33893D; Tue, 10 Feb 2026 21:50:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770760225; cv=none; b=D6xE4E+RutbJFd89GOa5cTb1FrTUv8P7GaZbF40R0NM1IxYUd2OZvtZzbaeV2Ktk4OXiqsXS368W/oxHSJ9CT6PbuxPRoelH7Oy4COicNilFyTXd9haVJJ4MjjjyNYaoMngVEnisYOGOLXDvUtFbvos1RM4I0TsJ8OLe7oygTHA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770760225; c=relaxed/simple; bh=kCFGPObFBu8qXIKo6upQhx1VBMY7BjzgFVXVj1l9Ivs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=gNgRgN9bobTB4KwxnTwoSMdiUmXJzfB19ZjTehkcqRmFLuacAkD4+d13+pY4h+n+LyKS/Vy0NebgeYae+Z3qgZHktJ2bVuqNzDxLvUcIJnBklEvY+ef8IBoW4SpKUczSiJflidjz23eTUMS6wDjw+8VNKHAJGJDkkjLJfctMgqI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=amUSt5Tu; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="amUSt5Tu" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6743CC116C6; Tue, 10 Feb 2026 21:50:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1770760225; bh=kCFGPObFBu8qXIKo6upQhx1VBMY7BjzgFVXVj1l9Ivs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=amUSt5Tun5UdJgct+4Zk2yiFrladdHVsJu0OPqKQN4byuwkdYOw/xf06rzpZ20JgG 95ZPeSTLnwBvIBuKb/2rXqztnIFnN22BOGGyUSSOcKQCnUIf4i6Nxjm9FFRU/DvFL7 P0HbsZx5RGdBrt54bRqz28apHANKJBwSDCHRYb4XRHl+lCh+MZZkpT3q+hpiT5gAxo +wd4c3bd6z/WQFoV+y8CvrTjVIdrGNgKYpJZfcW3fNVfcmmv6GnzLB0/jCAkC4tw86 H9c5/4zPl+chlwW22Kofs7eb4CIk5EdomA23ptleuKv9NtViduvUgJckLPk4N15tH3 pCdq/8qQGU+lA== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Peter Zijlstra , live-patching@vger.kernel.org, Song Liu , Joe Lawrence Subject: [PATCH 2/3] objtool/klp: Disable unsupported pr_debug() usage Date: Tue, 10 Feb 2026 13:50:10 -0800 Message-ID: <3a7db3a5b7d4abf9b2534803a74e2e7231322738.1770759954.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of erroring out on unsupported pr_debug() (e.g., when patching a module), issue a warning and make it inert, similar to how unsupported tracepoints are currently handled. Signed-off-by: Josh Poimboeuf --- tools/objtool/klp-diff.c | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/tools/objtool/klp-diff.c b/tools/objtool/klp-diff.c index d94632e80955..9ff65b01882b 100644 --- a/tools/objtool/klp-diff.c +++ b/tools/objtool/klp-diff.c @@ -1334,18 +1334,18 @@ static bool should_keep_special_sym(struct elf *elf= , struct symbol *sym) * be applied after static branch/call init, resulting in code corruption. * * Validate a special section entry to avoid that. Note that an inert - * tracepoint is harmless enough, in that case just skip the entry and pri= nt a - * warning. Otherwise, return an error. + * tracepoint or pr_debug() is harmless enough, in that case just skip the + * entry and print a warning. Otherwise, return an error. * - * This is only a temporary limitation which will be fixed when livepatch = adds - * support for submodules: fully self-contained modules which are embedded= in - * the top-level livepatch module's data and which can be loaded on demand= when - * their corresponding to-be-patched module gets loaded. Then klp relocs = can - * be retired. + * TODO: This is only a temporary limitation which will be fixed when live= patch + * adds support for submodules: fully self-contained modules which are emb= edded + * in the top-level livepatch module's data and which can be loaded on dem= and + * when their corresponding to-be-patched module gets loaded. Then klp re= locs + * can be retired. * * Return: * -1: error: validation failed - * 1: warning: tracepoint skipped + * 1: warning: disabled tracepoint or pr_debug() * 0: success */ static int validate_special_section_klp_reloc(struct elfs *e, struct symbo= l *sym) @@ -1403,6 +1403,13 @@ static int validate_special_section_klp_reloc(struct= elfs *e, struct symbol *sym continue; } =20 + if (strstr(reloc->sym->name, "__UNIQUE_ID_ddebug_")) { + WARN("%s: disabling unsupported pr_debug()", + code_sym->name); + ret =3D 1; + continue; + } + ERROR("%s+0x%lx: unsupported static branch key %s. Use static_key_enab= led() instead", code_sym->name, code_offset, reloc->sym->name); return -1; --=20 2.53.0 From nobody Thu Apr 2 15:35:59 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3463D33987D; Tue, 10 Feb 2026 21:50:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770760226; cv=none; b=nYLT0vQRoipV7Z3cdB55KnOThkfrw92g5VF4AlBgDSM1AQtrPEU1372QwfGkMtbs9rJg4SJUqm9JstvpOuo+sc9L+1LKo/gUGDosTOUbLkFPLhM/oVRn8l35fGXwI/oXQoqFvOFaAfFcSG0/B3fcMX0MBUCtm9GB03sfSFZnzO0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770760226; c=relaxed/simple; bh=9EOLe2PSxvdepkarQnhpJpYsJ/R0HZPuyMwQs1cmanM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=KC89moKolJdNrhOJYOlAzIFUt/lsnANWytW1JtCKuVPt34XgA4/GQJPY7c7SZhL1YFSZDKEAAhWJdvyTmyVNMqhjC1mBqFIRaWb+Lqwupnvw6zsBYMFtcn4IvJA6jevPZgCsKg1EdmV6JxypfXIh/MLO+yDnnSb+4bz2oaDaxzM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=qNZy+SBY; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="qNZy+SBY" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C685DC2BCB5; Tue, 10 Feb 2026 21:50:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1770760226; bh=9EOLe2PSxvdepkarQnhpJpYsJ/R0HZPuyMwQs1cmanM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=qNZy+SBYiZA0PdZPDSuQCg7fHyTSPOc/VawZXC5YGYz8Vbd4bFS0yLa7IVAfd/zj3 ZaW+ZLpBpN+ISzBmDqBnivJtJZZu6cjXTBE7Aw1U6sRWT/ubv4jEvVR4JPFN1jzghR eeOuWI5aqmjefZey1DS1/xzyQkE9fGuzm6SYdYeRZyToHR9T/VO4DdgySKizcvoJp0 KWo+6vArMJAT4Cd3JiBsDaX0cvq+NfC4IH+2lDxvMtWiprr17lDktmRXIlh5tuYHNc sUcooMq+oWW9I5nfBY0EyEU0UKwCfqTUzbADsda2loke8ZDhYbJMRL7wx4bCBuxhlT dmZMYBsp05nSg== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Peter Zijlstra , live-patching@vger.kernel.org, Song Liu , Joe Lawrence Subject: [PATCH 3/3] objtool/klp: Avoid NULL pointer dereference when printing code symbol name Date: Tue, 10 Feb 2026 13:50:11 -0800 Message-ID: <64116517bc93851a98fe366ea0a4d807f4c70aab.1770759954.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Fix a hypothetical NULL pointer defereference of the 'code_sym' variable. In theory this should never happen. Signed-off-by: Josh Poimboeuf --- tools/objtool/klp-diff.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/tools/objtool/klp-diff.c b/tools/objtool/klp-diff.c index 9ff65b01882b..a3198a63c2f0 100644 --- a/tools/objtool/klp-diff.c +++ b/tools/objtool/klp-diff.c @@ -1352,7 +1352,7 @@ static int validate_special_section_klp_reloc(struct = elfs *e, struct symbol *sym { bool static_branch =3D !strcmp(sym->sec->name, "__jump_table"); bool static_call =3D !strcmp(sym->sec->name, ".static_call_sites"); - struct symbol *code_sym =3D NULL; + const char *code_sym =3D NULL; unsigned long code_offset =3D 0; struct reloc *reloc; int ret =3D 0; @@ -1372,7 +1372,7 @@ static int validate_special_section_klp_reloc(struct = elfs *e, struct symbol *sym =20 /* Save code location which can be printed below */ if (reloc->sym->type =3D=3D STT_FUNC && !code_sym) { - code_sym =3D reloc->sym; + code_sym =3D reloc->sym->name; code_offset =3D reloc_addend(reloc); } =20 @@ -1395,23 +1395,26 @@ static int validate_special_section_klp_reloc(struc= t elfs *e, struct symbol *sym if (!strcmp(sym_modname, "vmlinux")) continue; =20 + if (!code_sym) + code_sym =3D ""; + if (static_branch) { if (strstarts(reloc->sym->name, "__tracepoint_")) { WARN("%s: disabling unsupported tracepoint %s", - code_sym->name, reloc->sym->name + 13); + code_sym, reloc->sym->name + 13); ret =3D 1; continue; } =20 if (strstr(reloc->sym->name, "__UNIQUE_ID_ddebug_")) { WARN("%s: disabling unsupported pr_debug()", - code_sym->name); + code_sym); ret =3D 1; continue; } =20 ERROR("%s+0x%lx: unsupported static branch key %s. Use static_key_enab= led() instead", - code_sym->name, code_offset, reloc->sym->name); + code_sym, code_offset, reloc->sym->name); return -1; } =20 @@ -1422,7 +1425,7 @@ static int validate_special_section_klp_reloc(struct = elfs *e, struct symbol *sym } =20 ERROR("%s()+0x%lx: unsupported static call key %s. Use KLP_STATIC_CALL(= ) instead", - code_sym->name, code_offset, reloc->sym->name); + code_sym, code_offset, reloc->sym->name); return -1; } =20 --=20 2.53.0