Skip to content

Commit a36dd35

Browse files
douzzerdouzzer
committed
linuxkm: rename FIPS container segments from foo.wolfcrypt to foo_wolfcrypt to avoid getting rearranged by kernel scripts/module.lds klp/kpatch clauses expected in kernel 6.19.
1 parent 2bbc3a0 commit a36dd35

3 files changed

Lines changed: 23 additions & 23 deletions

File tree

linuxkm/Kbuild

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -215,16 +215,16 @@ RENAME_PIE_TEXT_AND_DATA_SECTIONS := \
215215
fi; \
216216
cd "$(obj)" || exit $$?; \
217217
for file in $(WOLFCRYPT_PIE_FILES); do \
218-
$(OBJCOPY) --rename-section .text=.text.wolfcrypt \
219-
--rename-section .text.unlikely=.text.wolfcrypt \
220-
--rename-section .rodata=.rodata.wolfcrypt \
221-
--rename-section .rodata.str1.1=.rodata.wolfcrypt \
222-
--rename-section .rodata.str1.8=.rodata.wolfcrypt \
223-
--rename-section .rodata.cst16=.rodata.wolfcrypt \
224-
--rename-section .rodata.cst32=.rodata.wolfcrypt \
225-
--rename-section .data=.data.wolfcrypt \
226-
--rename-section .data.rel.local=.data.wolfcrypt \
227-
--rename-section .bss=.bss.wolfcrypt "$$file" || exit $$?; \
218+
$(OBJCOPY) --rename-section .text=.text_wolfcrypt \
219+
--rename-section .text.unlikely=.text_wolfcrypt \
220+
--rename-section .rodata=.rodata_wolfcrypt \
221+
--rename-section .rodata.str1.1=.rodata_wolfcrypt \
222+
--rename-section .rodata.str1.8=.rodata_wolfcrypt \
223+
--rename-section .rodata.cst16=.rodata_wolfcrypt \
224+
--rename-section .rodata.cst32=.rodata_wolfcrypt \
225+
--rename-section .data=.data_wolfcrypt \
226+
--rename-section .data.rel.local=.data_wolfcrypt \
227+
--rename-section .bss=.bss_wolfcrypt "$$file" || exit $$?; \
228228
done; \
229229
[ "$(KERNEL_ARCH_X86)" != "yes" ] || \
230230
{ $(READELF) --sections --syms --wide $(WOLFCRYPT_PIE_FILES) | \
@@ -253,12 +253,12 @@ RENAME_PIE_TEXT_AND_DATA_SECTIONS := \
253253
if (phase == 1) { \
254254
if (match($$0, "^ *\\[ *([0-9]+)\\] +([^ ]+) ", a)) {\
255255
switch (a[2]) { \
256-
case ".text.wolfcrypt": \
256+
case ".text_wolfcrypt": \
257257
{ \
258258
wolfcrypt_text_sections[a[1]] = a[2]; \
259259
next; \
260260
} \
261-
case /^\.(data|rodata|bss)\.wolfcrypt$$/: \
261+
case /^\.(data|rodata|bss)_wolfcrypt$$/: \
262262
{ \
263263
wolfcrypt_data_sections[a[1]] = a[2]; \
264264
next; \
@@ -301,7 +301,7 @@ RENAME_PIE_TEXT_AND_DATA_SECTIONS := \
301301
}}'; } || \
302302
{ echo 'Error: symbol(s) missed by containerization.' >&2; exit 1; }; \
303303
if [[ "$(quiet)" != "silent_" ]]; then \
304-
echo ' wolfCrypt .{text,data,rodata} sections containerized to .{text,data,rodata}.wolfcrypt'; \
304+
echo ' wolfCrypt .{text,data,rodata,bss} sections containerized to .{text,data,rodata}_wolfcrypt'; \
305305
fi
306306
endif
307307

linuxkm/Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ GENERATE_RELOC_TAB := $(READELF) --wide -r libwolfssl.ko | \
107107
printf("%s\n ", \
108108
"const unsigned int wc_linuxkm_pie_reloc_tab[] = { "); \
109109
} \
110-
/^Relocation section '\''\.rela\.text\.wolfcrypt'\''/ { \
110+
/^Relocation section '\''\.rela\.text_wolfcrypt'\''/ { \
111111
p=1; \
112112
next; \
113113
} \
@@ -171,7 +171,7 @@ module-update-fips-hash: libwolfssl.ko
171171
@if test -z '$(FIPS_HASH)'; then echo ' $$FIPS_HASH is unset' >&2; exit 1; fi
172172
@if [[ ! '$(FIPS_HASH)' =~ [0-9a-fA-F]{64} ]]; then echo ' $$FIPS_HASH is malformed' >&2; exit 1; fi
173173
@readarray -t rodata_segment < <($(READELF) --wide --sections libwolfssl.ko | \
174-
sed -E -n 's/^[[:space:]]*\[[[:space:]]*([0-9]+)\][[:space:]]+\.rodata\.wolfcrypt[[:space:]]+PROGBITS[[:space:]]+[0-9a-fA-F]+[[:space:]]+([0-9a-fA-F]+)[[:space:]].*$$/\1\n\2/p'); \
174+
sed -E -n 's/^[[:space:]]*\[[[:space:]]*([0-9]+)\][[:space:]]+\.rodata_wolfcrypt[[:space:]]+PROGBITS[[:space:]]+[0-9a-fA-F]+[[:space:]]+([0-9a-fA-F]+)[[:space:]].*$$/\1\n\2/p'); \
175175
if [[ $${#rodata_segment[@]} != 2 ]]; then echo ' unexpected rodata_segment.' >&2; exit 1; fi; \
176176
readarray -t verifyCore_attrs < <($(READELF) --wide --symbols libwolfssl.ko | \
177177
sed -E -n 's/^[[:space:]]*[0-9]+: ([0-9a-fA-F]+)[[:space:]]+([0-9]+)[[:space:]]+OBJECT[[:space:]]+[A-Z]+[[:space:]]+[A-Z]+[[:space:]]+'"$${rodata_segment[0]}"'[[:space:]]+verifyCore$$/\1\n\2/p'); \

linuxkm/wolfcrypt.lds

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,29 +1,29 @@
11
SECTIONS {
22
. = ALIGN(4096);
3-
.text.wolfcrypt : {
3+
.text_wolfcrypt : {
44
__wc_text_start = .;
5-
*(.text.wolfcrypt)
5+
*(.text_wolfcrypt)
66
. = ALIGN(4096);
77
__wc_text_end = .;
88
}
99
. = ALIGN(4096);
10-
.rodata.wolfcrypt : {
10+
.rodata_wolfcrypt : {
1111
__wc_rodata_start = .;
12-
*(.rodata.wolfcrypt)
12+
*(.rodata_wolfcrypt)
1313
. = ALIGN(4096);
1414
__wc_rodata_end = .;
1515
}
1616
. = ALIGN(4096);
17-
.data.wolfcrypt : {
17+
.data_wolfcrypt : {
1818
__wc_rwdata_start = .;
19-
*(.data.wolfcrypt)
19+
*(.data_wolfcrypt)
2020
. = ALIGN(4096);
2121
__wc_rwdata_end = .;
2222
}
2323
. = ALIGN(4096);
24-
.bss.wolfcrypt : {
24+
.bss_wolfcrypt : {
2525
__wc_bss_start = .;
26-
*(.bss.wolfcrypt)
26+
*(.bss_wolfcrypt)
2727
. = ALIGN(4096);
2828
__wc_bss_end = .;
2929
}

0 commit comments

Comments
 (0)