xtensa: Ensure xtensa_elf_relocate() never produces bad code

[serhiy-katsyuba-intel]

Summary

On Xtensa platforms, xtensa_elf_relocate() is used to patch L32R (and CALLn?) instructions at runtime when linking loadable LLEXT modules. The L32R instruction loads a literal value into a register. L32R requires the literal address to be within the range -262141 to -4 relative to the instruction address.

The current version of xtensa_elf_relocate() does not perform any check to verify that the literal address satisfies the -262141 to -4 range requirement. If xtensa_elf_relocate() is called with a bad literal address — for example, as a result of a bug in linking an LLEXT loadable module, such as a bad linker script (literals section placed after the section with L32R or positioned very far away) or linking with bad section addresses supplied via the command line — xtensa_elf_relocate() silently patches L32R with the wrong address, resulting in weird behavior and hard-to-debug problems.

Describe the solution you'd like

It would be beneficial to extend the xtensa_elf_relocate() implementation to check if the supplied literal address is within the -262141 to -4 range. If it is not, the function should report an error and fail without producing bad code.

Alternatives

No response

Additional Context

No response

[github-actions]

Hi @serhiy-katsyuba-intel! We appreciate you submitting your first issue for our open-source project. 🌟

Even though I'm a bot, I can assure you that the whole community is genuinely grateful for your time and effort. 🤖💙

[serhiy-katsyuba-intel]

Adding @lyakh for notifications/comments.