shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-06 19:08:57 +09:00
Code Issues Packages Projects Releases Wiki Activity

ANDROID: fips140: unapply ABS32 relocations generated by KCFI

Browse Source 
KCFI generates ABS32 relocations in the .text section.  In the temporary
copy of the .text section that the FIPS integrity check is done on,
these relocations need to be unapplied for the integrity check to pass.

Example from 'llvm-readelf --relocs --wide fips140.ko':

    Relocation section '.rela.text' at offset 0x5b4a8 contains 2008 entries:
        Offset             Info             Type               Symbol's Value  Symbol's Name + Addend
    [...]
    0000000000000c80  0000092900000102 R_AARCH64_ABS32        0000000050e29065 __kcfi_typeid_pmull_ghash_update_p64 + 0
    0000000000000e08  0000092800000102 R_AARCH64_ABS32        0000000050e29065 __kcfi_typeid_pmull_ghash_update_p8 + 0

Bug: 188620248
Change-Id: I85c01641114a66b2603abce467977823469f50c8
Signed-off-by: Eric Biggers <ebiggers@google.com>
This commit is contained in:
Eric Biggers
2023-01-06 05:07:18 +00:00
committed by Matthias Männich
parent 6da26b8750
commit bfcfcce380
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
crypto/fips140-module.c
View File

@@ -291,6 +291,10 @@ static void __init unapply_text_relocations(void *section, int section_size,
switch (ELF64_R_TYPE(rela->r_info)) {
#ifdef CONFIG_ARM64
case R_AARCH64_ABS32: /* for KCFI */
*place = 0;
break;
case R_AARCH64_JUMP26:
case R_AARCH64_CALL26:
*place &= ~GENMASK(25, 0);