diff options
| author | Peter Zijlstra <peterz@infradead.org> | 2025-11-26 10:55:17 +0100 |
|---|---|---|
| committer | Peter Zijlstra <peterz@infradead.org> | 2025-11-27 09:32:47 +0100 |
| commit | d62e4f2b9542d25d183f068033558e87e81a00a8 (patch) | |
| tree | 5c44911816cba32ed0a96bc0282f1ca650c75b87 /lib | |
| parent | 860238af7a3348225de228dc0f33a7d631638333 (diff) | |
x86/bug: Fix BUG_FORMAT vs KASLR
Encoding a relative NULL pointer doesn't work for KASLR, when the
whole kernel image gets shifted, the __bug_table and the target string
get shifted by the same amount and the relative offset is preserved.
However when the target is an absolute 0 value and the __bug_table
gets moved about, the end result in a pointer equivalent to
kaslr_offset(), not NULL.
Notably, this will generate SHN_UNDEF relocations, and Ard would
really like to not have those at all.
Use the empty string to denote no-string.
Suggested-by: Linus Torvalds <torvalds@linuxfoundation.org>
Cc: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/bug.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/lib/bug.c b/lib/bug.c index 581a66b88c5c..edd9041f89f3 100644 --- a/lib/bug.c +++ b/lib/bug.c @@ -144,7 +144,17 @@ static const char *bug_get_format(struct bug_entry *bug) const char *format = NULL; #ifdef HAVE_ARCH_BUG_FORMAT #ifdef CONFIG_GENERIC_BUG_RELATIVE_POINTERS - format = (const char *)&bug->format_disp + bug->format_disp; + /* + * Allow an architecture to: + * - relative encode NULL (difficult vs KASLR); + * - use a literal 0 (there are no valid objects inside + * the __bug_table itself to refer to after all); + * - use an empty string. + */ + if (bug->format_disp) + format = (const char *)&bug->format_disp + bug->format_disp; + if (format && format[0] == '\0') + format = NULL; #else format = bug->format; #endif |