Rust BPF: Rustc/LLVM creating invalid relocations #3108
Comments
|
As noted earlier there are no known instances where these relocations are being referenced at run-time. Failing due to these bad relocations causes otherwise functional programs to not load. Therefore these bad relocations will be ignored |
|
Found a use-case that recreates this issue. In libstd's panic! macro the file, line, and column are passed as a triple. The triple is stored in the |
* build(deps): bump bytemuck_derive from 1.7.1 to 1.8.0 Bumps [bytemuck_derive](https://github.com/Lokathor/bytemuck) from 1.7.1 to 1.8.0. - [Changelog](https://github.com/Lokathor/bytemuck/blob/main/changelog.md) - [Commits](Lokathor/bytemuck@bytemuck_derive-v1.7.1...bytemuck_derive-v1.8.0) --- updated-dependencies: - dependency-name: bytemuck_derive dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update all Cargo files --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Problem
When building Rust modules w/ BPF there are
R_BPF_64_RELATIVErelocations that cannot be relocated.R_BPF_64_RELATIVErelocations refer to 64-bit virtual memory accesses that need to be "fixed-up" when the module is loaded to reflect the actual physical address they were loaded at. The vast majority of the relocations seem reasonable but there are a few that are not. Test cases performed on the Rust module have not executed the code used by these relocations and therefore it may be code that should have been optimized away is not actually part of the flow. More investigation required.R_BPF_64_RELATIVErelocation entries contain a virtual address of the instruction that needs to be fixed up. During run-time the relocated instruction will attempt to read/write memory from/to 64-bit address. The existing instructions imm field contains the virtual address of the memory it will be accessing. To process aR_BPF_64_RELATIVErelocation the loader locates the instruction being fixed-up, reads the virtual memory address from the instruction'simmfield, converts that virtual address into a physical address, and writes the physical address back into the instruction'simmfield. Checks are made during this process to ensure that the virtual address in theimmfield points to a valid and loadable section in the ELF. In the case of the invalid relocations, theimmfield in the instruction is zero but the ELF contains no valid virtual address of zero. The best we could do is interpret it as a raw file offset but that would point the ELF header. Maybe that is what is intended but unlikely and highly irregular. More investigation needs to be done to determine where these invalid relocations are being generated, what original rust source code they are tied to, and why the imm fields are zero.Proposed Solution
The text was updated successfully, but these errors were encountered: