forked from rrcarlosr/Jetpack
147 lines
4.9 KiB
Bash
Executable File
147 lines
4.9 KiB
Bash
Executable File
#! /bin/bash
|
|
# (c) 2015, Quentin Casasnovas <quentin.casasnovas@oracle.com>
|
|
|
|
obj=$1
|
|
|
|
file ${obj} | grep -q ELF || (echo "${obj} is not and ELF file." 1>&2 ; exit 0)
|
|
|
|
# Bail out early if there isn't an __ex_table section in this object file.
|
|
objdump -hj __ex_table ${obj} 2> /dev/null > /dev/null
|
|
[ $? -ne 0 ] && exit 0
|
|
|
|
white_list=.text,.fixup
|
|
|
|
suspicious_relocs=$(objdump -rj __ex_table ${obj} | tail -n +6 |
|
|
grep -v $(eval echo -e{${white_list}}) | awk '{print $3}')
|
|
|
|
# No suspicious relocs in __ex_table, jobs a good'un
|
|
[ -z "${suspicious_relocs}" ] && exit 0
|
|
|
|
|
|
# After this point, something is seriously wrong since we just found out we
|
|
# have some relocations in __ex_table which point to sections which aren't
|
|
# white listed. If you're adding a new section in the Linux kernel, and
|
|
# you're expecting this section to contain code which can fault (i.e. the
|
|
# __ex_table relocation to your new section is expected), simply add your
|
|
# new section to the white_list variable above. If not, you're probably
|
|
# doing something wrong and the rest of this code is just trying to print
|
|
# you more information about it.
|
|
|
|
function find_section_offset_from_symbol()
|
|
{
|
|
eval $(objdump -t ${obj} | grep ${1} | sed 's/\([0-9a-f]\+\) .\{7\} \([^ \t]\+\).*/section="\2"; section_offset="0x\1" /')
|
|
|
|
# addr2line takes addresses in hexadecimal...
|
|
section_offset=$(printf "0x%016x" $(( ${section_offset} + $2 )) )
|
|
}
|
|
|
|
function find_symbol_and_offset_from_reloc()
|
|
{
|
|
# Extract symbol and offset from the objdump output
|
|
eval $(echo $reloc | sed 's/\([^+]\+\)+\?\(0x[0-9a-f]\+\)\?/symbol="\1"; symbol_offset="\2"/')
|
|
|
|
# When the relocation points to the begining of a symbol or section, it
|
|
# won't print the offset since it is zero.
|
|
if [ -z "${symbol_offset}" ]; then
|
|
symbol_offset=0x0
|
|
fi
|
|
}
|
|
|
|
function find_alt_replacement_target()
|
|
{
|
|
# The target of the .altinstr_replacement is the relocation just before
|
|
# the .altinstr_replacement one.
|
|
eval $(objdump -rj .altinstructions ${obj} | grep -B1 "${section}+${section_offset}" | head -n1 | awk '{print $3}' |
|
|
sed 's/\([^+]\+\)+\(0x[0-9a-f]\+\)/alt_target_section="\1"; alt_target_offset="\2"/')
|
|
}
|
|
|
|
function handle_alt_replacement_reloc()
|
|
{
|
|
# This will define alt_target_section and alt_target_section_offset
|
|
find_alt_replacement_target ${section} ${section_offset}
|
|
|
|
echo "Error: found a reference to .altinstr_replacement in __ex_table:"
|
|
addr2line -fip -j ${alt_target_section} -e ${obj} ${alt_target_offset} | awk '{print "\t" $0}'
|
|
|
|
error=true
|
|
}
|
|
|
|
function is_executable_section()
|
|
{
|
|
objdump -hwj ${section} ${obj} | grep -q CODE
|
|
return $?
|
|
}
|
|
|
|
function handle_suspicious_generic_reloc()
|
|
{
|
|
if is_executable_section ${section}; then
|
|
# We've got a relocation to a non white listed _executable_
|
|
# section, print a warning so the developper adds the section to
|
|
# the white list or fix his code. We try to pretty-print the file
|
|
# and line number where that relocation was added.
|
|
echo "Warning: found a reference to section \"${section}\" in __ex_table:"
|
|
addr2line -fip -j ${section} -e ${obj} ${section_offset} | awk '{print "\t" $0}'
|
|
else
|
|
# Something is definitively wrong here since we've got a relocation
|
|
# to a non-executable section, there's no way this would ever be
|
|
# running in the kernel.
|
|
echo "Error: found a reference to non-executable section \"${section}\" in __ex_table at offset ${section_offset}"
|
|
error=true
|
|
fi
|
|
}
|
|
|
|
function handle_suspicious_reloc()
|
|
{
|
|
case "${section}" in
|
|
".altinstr_replacement")
|
|
handle_alt_replacement_reloc ${section} ${section_offset}
|
|
;;
|
|
*)
|
|
handle_suspicious_generic_reloc ${section} ${section_offset}
|
|
;;
|
|
esac
|
|
}
|
|
|
|
function diagnose()
|
|
{
|
|
|
|
for reloc in ${suspicious_relocs}; do
|
|
# Let's find out where the target of the relocation in __ex_table
|
|
# is, this will define ${symbol} and ${symbol_offset}
|
|
find_symbol_and_offset_from_reloc ${reloc}
|
|
|
|
# When there's a global symbol at the place of the relocation,
|
|
# objdump will use it instead of giving us a section+offset, so
|
|
# let's find out which section is this symbol in and the total
|
|
# offset withing that section.
|
|
find_section_offset_from_symbol ${symbol} ${symbol_offset}
|
|
|
|
# In this case objdump was presenting us with a reloc to a symbol
|
|
# rather than a section. Now that we've got the actual section,
|
|
# we can skip it if it's in the white_list.
|
|
if [ -z "$( echo $section | grep -v $(eval echo -e{${white_list}}))" ]; then
|
|
continue;
|
|
fi
|
|
|
|
# Will either print a warning if the relocation happens to be in a
|
|
# section we do not know but has executable bit set, or error out.
|
|
handle_suspicious_reloc
|
|
done
|
|
}
|
|
|
|
function check_debug_info() {
|
|
objdump -hj .debug_info ${obj} 2> /dev/null > /dev/null ||
|
|
echo -e "${obj} does not contain debug information, the addr2line output will be limited.\n" \
|
|
"Recompile ${obj} with CONFIG_DEBUG_INFO to get a more useful output."
|
|
}
|
|
|
|
check_debug_info
|
|
|
|
diagnose
|
|
|
|
if [ "${error}" ]; then
|
|
exit 1
|
|
fi
|
|
|
|
exit 0
|