bpf: fix false overflow in eBPF ELF backend linker

When performing DISP{16,32} relocations, the eBPF ELF backend linker needs to convert the relocation from an address into a signed number of 64-bit words (minus one) to jump. Because of this unsigned-to-signed conversion, special care needs to be taken when dividing to ensure the sign bits remain correct. Otherwise, a false relocation overflow error can be triggered. bfd/ChangeLog 2020-08-07 David Faust <david.faust@oracle.com> * elf64-bpf.c (bpf_elf_relocate_section): Ensure signed division for DISP16 and DISP32 relocations. ld/ChangeLog 2020-08-07 David Faust <david.faust@oracle.com> * testsuite/ld-bpf/call-3.s: New file. * testsuite/ld-bpf/call-3.d: Likewise.
2020-08-12 15:42:24 +02:00 · 2020-08-12 15:42:24 +02:00 · 9fdc8d9659
parent 9478b1cc94
commit 9fdc8d9659
3 changed files with 15 additions and 4 deletions
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@ -3,6 +3,11 @@
 	* po/ru.po: Updated Russian translation.
 	* po/sr.po: Updated Serbian translation.

+2020-08-07  David Faust  <david.faust@oracle.com>
+
+	* elf64-bpf.c (bpf_elf_relocate_section): Ensure signed division for
+	DISP16 and DISP32 relocations.
+
 2020-08-05  David Faust  <david.faust@oracle.com>

 	* elf64-bpf.c (bpf_elf_generic_reloc): New function.
--- a/bfd/elf64-bpf.c
+++ b/bfd/elf64-bpf.c
@ -442,10 +442,11 @@ bpf_elf_relocate_section (bfd *output_bfd ATTRIBUTE_UNUSED,
        case R_BPF_INSN_DISP32:
          {
            /* Make the relocation PC-relative, and change its unit to
-               64-bit words.  */
-            relocation -= sec_addr (input_section) + rel->r_offset;
-            /* Make it 64-bit words.  */
-            relocation = relocation / 8;
+               64-bit words.  Note we need *signed* arithmetic
+               here.  */
+            relocation = ((bfd_signed_vma) relocation
+			  - (sec_addr (input_section) + rel->r_offset));
+            relocation = (bfd_signed_vma) relocation / 8;
            
            /* Get the addend from the instruction and apply it.  */
            addend = bfd_get (howto->bitsize, input_bfd,
--- a/ld/ChangeLog
+++ b/ld/ChangeLog
@ -1,3 +1,8 @@
+2020-08-07  David Faust  <david.faust@oracle.com>
+
+	* testsuite/ld-bpf/call-3.s: New file.
+	* testsuite/ld-bpf/call-3.d: Likewise.
+
 2020-08-05  David Faust  <david.faust@oracle.com>

 	* testsuite/ld-bpf/call-2.s: New file.