From: Josh Poimboeuf Date: Tue, 28 Apr 2026 04:15:52 +0000 (-0700) Subject: objtool/klp: Fix kCFI prefix finding/cloning X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=f7ceffd21a8a59ba1e92078750eef86e628dea80;p=thirdparty%2Fkernel%2Flinux.git objtool/klp: Fix kCFI prefix finding/cloning With CFI+CALL_PADDING, Clang places .Ltmp labels at the start of the NOP padding (offset 5) between the __cfi_ prefix and the function entry point. get_func_prefix() only checks the immediately previous symbol, so the intervening .Ltmp label causes it to miss the __cfi_ prefix symbol. This results in klp-diff not cloning the kCFI type hash into the livepatch module, causing a CFI failure at module load when calling callback functions through indirect calls: CFI failure at __klp_enable_patch+0xab/0x140 (target: pre_patch_callback+0x0/0x80 [livepatch_combined]; expected type: 0xde073954) Instead of walking backward through the section's symbol list, just use find_func_containing() for the byte before the function. This works now that __cfi_ symbols are being grown by objtool to fill the padding. Acked-by: Song Liu Signed-off-by: Josh Poimboeuf --- diff --git a/tools/objtool/include/objtool/elf.h b/tools/objtool/include/objtool/elf.h index 305183f30a333..fccf72cbd343b 100644 --- a/tools/objtool/include/objtool/elf.h +++ b/tools/objtool/include/objtool/elf.h @@ -539,10 +539,10 @@ static inline struct symbol *get_func_prefix(struct symbol *func) { struct symbol *prev; - if (!is_func_sym(func)) + if (!is_func_sym(func) || !func->offset) return NULL; - prev = sec_prev_sym(func); + prev = find_func_containing(func->sec, func->offset - 1); if (prev && is_prefix_func(prev)) return prev;