Commit Graph

1016 Commits

Author SHA1 Message Date
Josh Poimboeuf
0dec5136ee kpatch-build: clean up rpmbuild tmp directory handling
Setting HOME in a subshell is too hacky.  Instead just pass the rpmbuild
directory to the rpm and rpmbuild commands.
2015-11-03 14:35:33 -06:00
Seth Jennings
b2eeb59b8a Merge pull request #542 from jpoimboe/kpatch-build-cleanups
fix a couple of minor kpatch-build issues
2015-11-03 14:09:40 -06:00
Josh Poimboeuf
b8bc7c2812 kpatch-build: fix tempsrc directory leak
Also rename it to tmphome to more accurately describe its purpose.
2015-11-03 13:55:56 -06:00
Josh Poimboeuf
686cc4ff52 kpatch-build: put log file in $CACHEDIR
Otherwise it gets removed along with TEMPDIR if '--debug' isn't set.
2015-11-03 13:52:47 -06:00
Seth Jennings
b412753292 Merge pull request #541 from euspectre/special-struct-size-fix
kpatch-build: fix searching for the sizes of special structures
2015-11-03 08:34:18 -06:00
Evgenii Shatokhin
ad6581756e kpatch-build: fix searching for the sizes of special structures
readelf -wi may output trailing spaces in the lines with section names
('alt_instr', etc.). The regexps should take this into account,
otherwise kpatch-build may fail with error:
    "can't find special struct size"
2015-11-03 12:39:39 +03:00
Seth Jennings
045a983574 Merge pull request #536 from jpoimboe/static-local-rewrite
Rewrite static local variable correlation logic
2015-11-02 11:16:55 -06:00
Josh Poimboeuf
3932684cb4 Merge pull request #539 from arges/minor
Minor comment changes
2015-10-30 17:13:52 -05:00
Chris J Arges
aaa584a856 kpatch-build: edit script description
This script works on other distros and can target source linux directories.
Adjust comments to match this.

Signed-off-by: Chris J Arges <chris.j.arges@canonical.com>
2015-10-30 17:01:27 -05:00
Seth Jennings
1bbd5ff365 Merge pull request #537 from jpoimboe/test-cleanups
test: integration test cleanup
2015-10-30 16:56:17 -05:00
Josh Poimboeuf
353f976312 test: integration test cleanup
- fix kpatch tool path in multiple.test
- remove "kpatch replace" tests (replace is deprecated)
2015-10-30 16:47:34 -05:00
Josh Poimboeuf
7c88c41cfe create-diff-object: rewrite static local variable correlation logic
Rewrite the static local variable correlation logic.  The algorithm now
traverses all the static locals in the original object rather than the
patched object, ensuring that each symbol in the original object has a
twin.  It adds a new restriction that static local variables can't be
removed.

This adds support for the following:

- Multiple static locals with the same name in the same function

- Two separate static locals which happen to have the same numbered
  suffix

- Static locals which are referenced by data sections

- CSWTCH and other static locals which are sometimes unused due to
  sharing of their data sections

Fixes: #514
2015-10-29 16:52:10 -05:00
Josh Poimboeuf
bbc35bc12e Revert "create-diff-object: strip unused CSWTCH symbols"
It turns out this is a more general issue which exists for more than
just CSWTCH symbols.  The new static local handling code will handle it.

This reverts commit fd0c1bbe9c.
2015-10-29 16:51:22 -05:00
Seth Jennings
2e4dea5236 Merge pull request #525 from euspectre/no-reloc-fix
kpatch-build: revisit checking for fentry calls
2015-10-28 20:49:56 -05:00
Seth Jennings
0523597ae5 Merge pull request #534 from jpoimboe/cswtch-2
CSWTCH fix, take 2
2015-10-28 20:44:13 -05:00
Josh Poimboeuf
fd0c1bbe9c create-diff-object: strip unused CSWTCH symbols
Fixes: #532
2015-10-28 18:52:32 -05:00
Josh Poimboeuf
98f892b273 Revert "create-diff-object: Ignore unused CSWTCH static local symbols"
This reverts commit ce7ed7007b.
2015-10-28 18:41:50 -05:00
Seth Jennings
46732a74d3 Merge pull request #529 from jpoimboe/CSWTCH
create-diff-object: Ignore unused CSWTCH static local symbols
2015-10-28 14:47:41 -05:00
Seth Jennings
79945c3253 Merge pull request #531 from jpoimboe/vdso
kpatch-gcc: update ignore list
2015-10-28 14:46:57 -05:00
Evgenii Shatokhin
393be6f8fc kpatch-build: revisit checking for fentry calls
create-diff-object now checks if the original functions have fentry calls.
If an original function to be affected by the patch does not have the
fentry call, it cannot be patched. Error is reported in that case.

kpatch_create_mcount_sections() now also takes into account if a changed
or a new function has fentry call. If it does, mcount record is
generated for it as before. If a changed or a new function has no fentry
call, it is not an error in this case.

All this fixes the following issues.

1. If an original function has no fentry call (e.g. a "notrace" function)
but the patched function has it, the original function can not be
patched, but it would only be detected when applying the patch.

2. kpatch_create_mcount_sections() crashed if a patched function had no
relocation at all.

I observed such crashes when experimenting with a modified version of
the patch "tcp_cubic: better follow cubic curve after idle period" in
CentOS 7 x64.

Besides that, for a function with the first instruction starting with
0x0f, it would be incorrectly detemined that the function had fentry call.
The first bytes of the function would be overwritten in that case.

3. create-diff-object output an error if a new (an added) function had
no fentry call. This restriction is not necessary.

v2:

* Moved the check for fentry calls after the call to
kpatch_compare_correlated_elements() and before info about the original
ELF file is destroyed. The original symbols are now checked there (via
sym->twin) rather than the patched ones.

* Removed an excessive error check.

Signed-off-by: Evgenii Shatokhin <eshatokhin@odin.com>
2015-10-28 20:49:50 +03:00
Seth Jennings
01006814d8 Merge pull request #526 from arges/addflags
kpatch-build: consolidate build-artifacts and place into CACHEDIR
2015-10-28 12:44:18 -05:00
Chris J Arges
d0c8f43656 kpatch-build: put build artifacts into cachedir
Build artifacts are stored in $CACHEDIR/tmp instead of /tmp. This includes
files such as the build log and the temp directories used to build the patch.

In addition, allow $CACHEDIR to be set as an environment variable.

Signed-off-by: Chris J Arges <chris.j.arges@canonical.com>
2015-10-28 11:56:07 -05:00
Josh Poimboeuf
d378b245e5 kpatch-gcc: add libstub to ignore list
The firmware libstub library isn't a part of the proper runtime kernel
and can be safely ignored.

Fixes: #518
2015-10-28 11:39:55 -05:00
Josh Poimboeuf
a1d6b0d00e kpatch-gcc: update vdso location for newer kernels
With recent kernels, the vdso code has moved from arch/x86/vdso to
arch/x86/entry/vdso.

Fixes: #530
2015-10-28 11:27:15 -05:00
Josh Poimboeuf
ce7ed7007b create-diff-object: Ignore unused CSWTCH static local symbols
Fixes #519.
2015-10-28 10:06:51 -05:00
Seth Jennings
d4d4fb2b0e Merge pull request #522 from jpoimboe/integration-test-cleanup
Integration test cleanups
2015-10-27 12:14:59 -05:00
Seth Jennings
e78222e635 Merge pull request #527 from jpoimboe/werror
create-diff-object: make all warnings into errors
2015-10-27 12:07:20 -05:00
Seth Jennings
ffb4f261dc Merge pull request #528 from jpoimboe/dynamic-group-size
kpatch-build: detect special section group sizes
2015-10-27 12:04:07 -05:00
Josh Poimboeuf
1704498471 kpatch-build: detect special section group sizes
Hard-coding the special section group sizes is unreliable.  Instead,
determine them dynamically by finding the related struct definitions in
the DWARF metadata.

Fixes #517.
Fixes #523.
2015-10-27 11:31:40 -05:00
Josh Poimboeuf
2899b5c23c create-diff-object: make all warnings into errors 2015-10-27 11:29:38 -05:00
Josh Poimboeuf
aa9f7fb1f6 test: add ability to run tests remotely
Create a "make remote" target and a poor man's ansible to allow setting
up a remote F22 system and running integration tests on it.

To run tests remotely:

  make remote SSH_HOST=my.remote.f22.box
2015-10-26 22:35:40 -05:00
Josh Poimboeuf
69b241ab38 test: fix ccache
For some reason CCACHE_HASHDIR needs to be unset for ccache to work when
building the integration tests from the kpatch-test script.
2015-10-26 22:35:40 -05:00
Josh Poimboeuf
3d46973c40 test: fix patches
Update the integration test patches so that they apply against the F22
kernel.
2015-10-26 21:09:19 -05:00
Josh Poimboeuf
8dc6a4dd3c test: move tests to f22 directory
The integration tests are targeted for Fedora kernels, so move them to a
new f22 directory.  The README file specifies the exact kernel version
they're targeted for.
2015-10-26 21:09:19 -05:00
Seth Jennings
a1db97bd7c Merge pull request #524 from jpoimboe/set_memory_rw
kmod/core: call unexported set_memory_[ro|rw]
2015-10-26 09:21:07 -05:00
Josh Poimboeuf
b2de4ba059 kmod/core: call unexported set_memory_[ro|rw]
In recent kernels, set_memory_ro() and set_memory_rw() are no longer
exported.  Call them anyway :-)

Fixes #496.
2015-10-26 08:23:54 -05:00
Seth Jennings
ff40e54435 Merge pull request #515 from euspectre/kcflags-fix
kpatch-build: do not use -ffunction-sections for a patch module itself
2015-10-21 14:10:33 -05:00
Evgenii Shatokhin
7b9629fc0a kpatch-build: do not use -ffunction-sections for a patch module itself
-ffunction-sections and -fdata-sections are needed when building the
original and the patched kernels.

It is not necessary, however, to use these options when building a
patch module itself, its functions and data are OK in the sections they
are.

Let us remove these options from KCGLAGS after the kernels have been
built.
2015-10-21 21:13:23 +03:00
Seth Jennings
1cd59c6603 Merge pull request #512 from euspectre/kpatch-build-symvers-fixes
kpatch-build: a couple of symvers-related fixes
2015-10-20 09:57:11 -05:00
Seth Jennings
f6aba601ed Merge pull request #513 from euspectre/do-not-clobber-rpmbuild-dir
kpatch-build: do not clobber ~/rpmbuild directory
2015-10-20 09:09:14 -05:00
Evgenii Shatokhin
9df043bc2e kpatch-build: do not clobber ~/rpmbuild directory
If a source RPM is used to obtain the kernel sources, kpatch-build
executes rpmdev-setuptree to prepare ~/rpmbuild directory tree, installs
the source RPM there. Then it calls 'rpmbuild -bp' to prepare the
kernel source tree.

All this, however, may clobber the existing contents of ~/rpmbuild,
which is very inconvenient if one uses rpmbuild to build other packages.

To avoid that, I could not find a better way than to specify a fake home
directory (~/.kpatch/tempsrc) for that portion of kpatch-build. It seems,
neither rpmdev-setuptree nor rpm have appropriate options for that.

I put the affected commands into a subshell so that the changes in $HOME
could not propagate to other parts of kpatch-build.
2015-10-19 15:45:43 +03:00
Evgenii Shatokhin
d5e3e09428 kpatch-build: look for symvers file in /lib/modules/.../kpatch too
If kpatch core module is packaged in an RPM and the package is installed,
the likely location of the module and its symvers file is
/lib/modules/<kernel_version>/extra/kpatch/.

kpatch-build checks this location too now when looking for the .symvers
file. This is convenient for distributing the Kpatch tools as RPMs and
the like.

Signed-off-by: Evgenii Shatokhin <eshatokhin@odin.com>
2015-10-19 14:23:35 +03:00
Evgenii Shatokhin
cba3081d59 kpatch-build: use Module.symvers for the target kernel
Before this fix, kpatch-build looked for Module.symvers for the core
module built for the currently running kernel. So, if one tried to build
a patch module for a kernel, different from the current one, an error
would occur. This patch fixed the problem.

Signed-off-by: Evgenii Shatokhin <eshatokhin@odin.com>
2015-10-19 13:19:09 +03:00
Seth Jennings
d444caa907 Merge pull request #510 from libin2015/support-add-new-file-v2
kpatch-build: support adding new files in patch
2015-10-16 09:29:45 -05:00
Seth Jennings
3d97dbc7fc Merge pull request #505 from flaming-toast/vmlinux_null_fix
livepatch-patch-hook: check for object->name before calling strcmp
2015-10-16 08:59:13 -05:00
Seth Jennings
8a182ce0aa Merge pull request #508 from libin2015/support-weak-function-v2
kpatch-build: support patching weak function
2015-10-16 08:52:03 -05:00
Li Bin
ef76bd9cc9 kpatch-build: support adding new files in patch
Geting the changed objects from the patched dir, in order to support
adding new files in patch.

Signed-off-by: Li Bin <huawei.libin@huawei.com>
2015-10-16 17:26:24 +08:00
Li Bin
724cac2e36 kpatch-build: support patching weak function
Before this patch, if changed function is weak symbol, it is not
be allowed to create live patch, and it will trigger the following
error:
/usr/local/libexec/kpatch/create-diff-object: ERROR: ***.o:
kpatch_create_patches_sections: 2294: lookup_global_symbol ***

And if the changed function reference the weak symbol, when loading
the patch module will trigger the following error:
module kpatch-***: overflow in relocation type *** val 0
insmod: can't insert 'kpatch-***.ko': invalid module format

This patch fix it and add support for patching weak function.

Signed-off-by: Li Bin <huawei.libin@huawei.com>
2015-10-16 13:21:00 +08:00
Seth Jennings
c8b0f18aa9 Merge pull request #504 from libin2015/section-change-fix
kpatch-build: verify bss/data/init section change properly
2015-10-15 17:05:07 -05:00
Josh Poimboeuf
beeadb8fa5 Merge pull request #503 from libin2015/master
kpatch-build: fix typo s/.rela.kpatch.patches/.rela.kpatch.funcs
2015-10-15 12:12:04 -05:00