Add -std=gnu11 to CFLAGS for kpatch-build tooling. This aligns with the
kernel build and avoids confusion when older tooling may default to
earlier versions.
Closes: #1416 ("C99 code vs. gcc defaults?")
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Fix the following:
In kpatch/kpatch line 358:
break
^-- SC2317 (info): Command appears to be unreachable. Check usage (or ignore if invoked indirectly).
In kpatch-build/kpatch-build line 1424:
"$TOOLSDIR"/create-diff-object $CDO_FLAGS "orig/$i" "patched/$i" "$KOBJFILE_NAME" \
^--------^ SC2086 (info): Double quote to prevent globbing and word splitting.
In kpatch-build/kpatch-build line 1494:
MAKEVARS[$idx]=${MAKEVARS[$idx]/${KPATCH_CC_PREFIX}/}
^--^ SC2004 (style): $/${} is unnecessary on arithmetic variables.
In kpatch-build/kpatch-build line 1510:
"$TOOLSDIR"/create-klp-module $extra_flags "$TEMPDIR/patch/tmp.ko" "$TEMPDIR/patch/$MODNAME.ko" 2>&1 | logger 1
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
In test/integration/lib.sh line 119:
tdnf install -y linux-$flavor-debuginfo
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
squash
Man pages for kpatch are created via gzip which includes timestamp of original
file by default. This means the compressed file will change depending on the
time at which the repository was cloned / updated, leading to non-deterministic
builds. Pass option to disable this.
Signed-off-by: Oleksandr Hnatiuk <ohnatiuk@cisco.com>
On NixOS files are installed with mode 444 (read-only). This causes
directories in $TEMPDIR to be read-only as well, because they are
created by:
cp -LR "$DATADIR/patch" "$TEMPDIR" || die
which preserves the mode of the directory. We could do
--no-preserve=mode, but this will make people with non-coreutils cp
unhappy. Instead just chmod the files after copying.
If this patch is not applied, cleanup complains like this:
rm: cannot remove '/home/julian/.kpatch/tmp/patch/kpatch.h': Permission denied
rm: cannot remove '/home/julian/.kpatch/tmp/patch/Makefile': Permission denied
rm: cannot remove '/home/julian/.kpatch/tmp/patch/kpatch-macros.h': Permission denied
...
Signed-off-by: Julian Stecklina <julian.stecklina@cyberus-technology.de>
-mno-pic-data-is-text-relative compiler flag expects -fPIC/-fPIE flag
along with it. Since kernel commit 778666df60f0 ("s390: compile
relocatable kernel without -fPIE"), the -fPIC/-fPIE flag is missing when
creating kpatch module and this can lead to the following error:
cc1: error: ‘-mno-pic-data-is-text-relative’ cannot be used without
‘-fpic’/‘-fPIC’.
Previously kpatch-build didnt show up this issue, as the previous kernel
was built with -fPIE.
However, kpatch build could fail with kernel commit 778666df60f0 ("s390:
compile relocatable kernel without -fPIE"), where -fPIE is not included.
Hence, include it in kpatch-build for all kernels < 6.10.0
Note:
Latest s390 kernel is built with -fPIC flag.
i.e. kernel commit 00cda11d3b2e ("s390: Compile kernel with -fPIC and
link with -no-pie"). Hence, there is no need to explicitly add it again
in kpatch-build.
Signed-off-by: Sumanth Korikkar <sumanthk@linux.ibm.com>
When invoking kpatch-build through integration testing, like:
$ make PATCH_DIR="linux-6.9.0" \
KPATCH_BUILD_OPTS="--sourcedir /root/linux" \
integration-slow
results in an error as kpatch-build's `make kernelversion` adds
directory information to its output:
make[2]: Entering directory '/root/linux'
6.9.0
make[2]: Leaving directory '/root/linux'
This screws up kpatch-build's assignment of the make output to
LOCALVERSION, which was expecting only "6.9.0".
Add --no-print-directory to the make invocation to avoid the undesired
entering / leaving directory info.
Fixes: 629b5acf3d ("kpatch-build: Fix setlocalversion issue with 6.3 kernel")
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Commit 629b5acf3d ("kpatch-build: Fix setlocalversion issue with 6.3
kernel") fixed VERMAGIC_STRING between kpatch original/patched kernel
builds by creating a temporary scripts/setlocalversion script. This was
accomplished by saving the output from `make kernelversion` into a
KERNELVERSION environment variable and running the (original)
scripts/setlocalversion to gather a "vX.Y" + "<src version>" pair of
strings.
Unfortunately pre-v6.3 scripts/setlocalversion does not use the
KERNELVERSION environment variable, so the same efforts results in an
unusable "<NULL>" + "<src version>" version string pair.
Restore the original `scripts/setlocalversion --save-scmversion`
invocation for source trees that (still) support the --save-scmversion
option.
Fixes: 629b5acf3d ("kpatch-build: Fix setlocalversion issue with 6.3 kernel")
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Commit 69e71f8dcc ("kpatch-build: cleanup kernel file backup/restore")
consolidated a bunch of kernel-tree copy and restoring. As part of that
effort, when kpatch-build is invoked with a -s|--sourcedir USERSRCDIR
value the vmlinux file is now saved to "$TEMPDIR/kernel-backup/" and not
simply "$TEMPDIR/". This results in kpatch-build confusion like:
readelf: /home/jolawren/.kpatch/tmp/vmlinux: Error: No such file
Update the VMLINUX reassignment in this case to point to the new path.
Fixes: 69e71f8dcc ("kpatch-build: cleanup kernel file backup/restore")
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
When kpatch-build is invoked with a -s|--sourcedir USERSRCDIR value,
kpatch-build doesn't source the /etc/os-release file as it can't assume
that the user-specified kernel source config matches any particular
distribution. Subsequent is_supported_{rpm,deb}_distro() function calls
will result in ugly syntax errors like:
kpatch-build: line 697: SUPPORTED_RPM_DISTROS: bad array subscript
kpatch-build: line 692: SUPPORTED_DEB_DISTROS: bad array subscript
Enhance the is_supported_{rpm,deb}_distro() functions to check that a
non-NULL distribution string argument exists before indexing the
SUPPORTED_{RPM,DEB}_DISTROS associative arrays.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Make kpatch-build aware about the ID of Amazon Linux distributions. No
other special changes are needed.
Signed-off-by: Puranjay Mohan <pjy@amazon.com>
Temporarily editing kernel tree sources has become a recurring
requirement in kpatch-build. Pull the saving/restoring of these files
into a common function helpers to standardize the pattern.
Reported-and-tested-by: Zhijun Wang <zhijwang@redhat.com>
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Upstream kernel v6.1+ commit linux@e1789d7c752e ("kbuild: upgrade the
orphan section warning to an error if CONFIG_WERROR is set") and
CONFIG_WERROR will result in failed kernel builds due to the linker
reporting tons of "unplaced orphan section `.text.<function>`
<object-file.o>" errors.
Workaround this by temporarily demoting such errors in the top-level
kernel Makefile.
Reported-and-tested-by: Zhijun Wang <zhijwang@redhat.com>
Closes: #1391 ("CONFIG_WERROR=y and CONFIG_LD_ORPHAN_WARN_LEVEL="error" break kpatch-build")
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Upstream kernel commit f7af6977621a ("x86/paravirt: Remove no longer
needed paravirt patching code") v6.8+ removed the .parainstructions
section and its paravirt_patch_site struct. Therefore this checks the
kernel version and does not export the struct size if the kernel
version is >= v6.8.0, avoiding the code path for it in
create-diff-object.c entirely.
Fixes: https://github.com/dynup/kpatch/issues/1380
Signed-off-by: Ryan Sullivan <rysulliv@redhat.com>
If the kernel log is empty prior to running the integration tests, the
following confusing status may be reported:
...
ERROR: dmesg overflow, try increasing kernel log buffer size
SUCCESS
This occurs because the script can't find an empty dmesg entry when the
tests are complete. Copy the upstream kernel livepatching kselftests to
fix this by logging a canary message at the beginning of the integration
tests. This will ensure a "real" message than can be found at the end.
Fixes: de1d0c6e08 ("kpatch-test: don't clear dmesg during test")
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
OpenCloudOS is a centos-like Linux distribution.
I test kpatch in OpenCloudOS V8 and V9.
It works well in V9. But v8 itself has two problems:
1. no available epol repo, so kpatch can't install ccache.
2. executing 'uname -r' can't get an accurate kernel version.
Both problems have been notified to the OpenCloudOS community.
After they fix these problems, kpatch will work well in all versions.
Signed-off-by: Longjun Luo <luolongjuna@gmail.com>
The KPATCH_SYSCALL_DEFINEn macros in kpatch-syscall.h do not provide the
same syscall metadata (saved in the __syscalls_metadata and
_ftrace_events ELF sections) as the kernel. These same macros also
instruct kpatch-build to ignore changes to these sections. This works
fine as long as there are other unmodified syscalls present in the
object file. However, if not, the kpatch syscall macros may result in
either metadata ELF sections not appearing in the patched object file.
The create-diff-object program expects to encounter any ELF section that
has been marked by KPATCH_IGNORE_SECTION in the patched object file.
To avoid this limitation, create dummy __syscalls_metadata and
_ftrace_events entries for the kpatch-modified syscall. The specific
values shouldn't matter since their sections will still be marked with
KPATCH_IGNORE_SECTION and now their presence will be guarenteed for
create-diff-object.
Closes: #1375 ("kpatch-build error when modifying an object file's only syscall")
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Joe Lawrence
Ryan Sullivan
Puranjay Mohan
George Guo
Josh Poimboeuf
Oleksandr Hnatiuk
Yongde Zhang
Julian Stecklina
Sumanth Korikkar
Ziwei Mao
Longjun Luo
zhangyongde.zyd