Shrink the size of the sub-section header below the OpenEuler section,
reducing confusion as to what section that is a part of, as it is only
necessary for OpenEuler machines.
Signed-off-by: Ryan Sullivan <rysulliv@redhat.com>
Since linux 'commit 2213d44e140f ("s390/syscalls: get rid of system call alias
functions")', s390 syscall wrappers are modified. Adjust it accordingly
for kpatch
Signed-off-by: Sumanth Korikkar <sumanthk@linux.ibm.com>
Yulia reported a bug with module.patch which can be seen with
CONFIG_PROVE_RCU:
BUG: sleeping function called from invalid context at include/linux/percpu-rwsem.h:49
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 1053, name: grep
preempt_count: 0, expected: 0
RCU nest depth: 1, expected: 0
2 locks held by grep/1053:
#0: ffff8881079bf1a0 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0x55/0x460
#1: ffffffff8275d620 (rcu_read_lock){....}-{1:2}, at: cache_seq_start_rcu+0x5/0x140 [sunrpc]
CPU: 3 PID: 1053 Comm: grep Tainted: G OE K 6.2.0 #57
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.1-2.fc37 04/01/2014
Call Trace:
<TASK>
dump_stack_lvl+0x5b/0x77
__might_resched.cold+0xff/0x13a
cpus_read_lock+0x16/0xd0
static_key_disable+0xe/0x20
e_show+0x5b/0xd70 [livepatch_module]
seq_read_iter+0x127/0x460
seq_read+0xa3/0xd0
proc_reg_read+0x52/0xa0
vfs_read+0xc9/0x2f0
? __do_sys_newfstat+0x57/0x60
? lock_is_held_type+0xe8/0x140
ksys_read+0x6c/0xf0
do_syscall_64+0x37/0x90
entry_SYSCALL_64_after_hwframe+0x72/0xdc
RIP: 0033:0x7fbd314f7af0
Code: b6 fe ff ff 48 8d 3d 2f 78 09 00 48 83 ec 08 e8 96 25 02 00 66 0f 1f 44 00 00 83 3d d9 db 2c 00 00 75 10 b8 00 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 7e e3 01 00 48 89 04 24
RSP: 002b:00007ffcd6f1c708 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 0000000000008000 RCX: 00007fbd314f7af0
RDX: 0000000000008000 RSI: 0000563c751ea000 RDI: 0000000000000003
RBP: 0000000000008000 R08: 0000000000009008 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000563c751ea000
R13: 0000000000000003 R14: 0000000000000003 R15: 0000563c751ea000
The problem is that the patched module's seq_operations take an RCU read
lock before calling e_show(), which is patched to call
static_key_disable(), which can sleep.
Fix the issue by moving all the module test code to a different module
(xfs) which doesn't take an RCU lock.
Also enable the pr_debug() test and make the static branch test
unconditional since they're supported by newer kernels and this test is
for 6.2.
Reported-by: Yulia Kopkova <ykopkova@redhat.com>
Debugged-by: Joe Lawrence <joe.lawrence@redhat.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Backport this kernel commit to kpatch's version of gcc-common.h:
commit e6a71160cc145e18ab45195abf89884112e02dfb
Author: Kees Cook <keescook@chromium.org>
Date: Wed Jan 18 12:21:35 2023 -0800
gcc-plugins: Reorganize gimple includes for GCC 13
The gimple-iterator.h header must be included before gimple-fold.h
starting with GCC 13. Reorganize gimple headers to work for all GCC
versions.
Reported-by: Palmer Dabbelt <palmer@rivosinc.com>
Acked-by: Palmer Dabbelt <palmer@rivosinc.com>
Link: https://lore.kernel.org/all/20230113173033.4380-1-palmer@rivosinc.com/
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Note that we can't directly copy the gcc-plugin headers from the kernel
as has it has dropped gcc-4.9 and older support since v5.16. Distros
like rhel-7 still use gcc-4.8, so manually cherry pick changes into the
kpatch tree.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Kernel v6.2+ commit bea75b33895f ("x86/Kconfig: Introduce function
padding") added 16 bytes of NOP padding in front of each function.
For objects built with --function-sections, this means that function
symbols no longer sit at the beginning of their respective ELF sections,
but 16 bytes offset.
In the same release, kernel v6.2+ commit 9f2899fe36a6 ("objtool: Add
option to generate prefix symbols") adds ELF function symbols with
prefix "__pfx_" to indicate the start of a function, inclusive of
NOP-padding.
For example:
$ objdump -Dr -j.text.cmdline_proc_show fs/proc/cmdline.o
...
Disassembly of section .text.cmdline_proc_show:
0000000000000000 <__pfx_cmdline_proc_show>:
0: 90 nop
1: 90 nop
2: 90 nop
3: 90 nop
4: 90 nop
5: 90 nop
6: 90 nop
7: 90 nop
8: 90 nop
9: 90 nop
a: 90 nop
b: 90 nop
c: 90 nop
d: 90 nop
e: 90 nop
f: 90 nop
0000000000000010 <cmdline_proc_show>:
10: e8 00 00 00 00 callq 15 <cmdline_proc_show+0x5>
11: R_X86_64_PLT32 __fentry__-0x4
15: 55 push %rbp
16: 48 8b 35 00 00 00 00 mov 0x0(%rip),%rsi # 1d <cmdline_proc_show+0xd>
19: R_X86_64_PC32 saved_command_line-0x4
1d: 48 89 fd mov %rdi,%rbp
20: e8 00 00 00 00 callq 25 <cmdline_proc_show+0x15>
21: R_X86_64_PLT32 seq_puts-0x4
25: 48 89 ef mov %rbp,%rdi
28: be 0a 00 00 00 mov $0xa,%esi
2d: e8 00 00 00 00 callq 32 <cmdline_proc_show+0x22>
2e: R_X86_64_PLT32 seq_putc-0x4
32: 31 c0 xor %eax,%eax
34: 5d pop %rbp
35: e9 00 00 00 00 jmpq 3a <cmdline_proc_show+0x2a>
36: R_X86_64_PLT32 __x86_return_thunk-0x4
Kpatch-build needs to gracefully handle NOP-padding when it is present.
At the same time, it should include "__pfx_<function>" symbols when
their respective functions change, but not treat prefix such functions
as first-class functions.
This also adds support for CONFIG_CFI_CLANG, which also creates prefixed
symbols with the name "__cfi_<function>".
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Add patches rebased on top of upstream 6.2.0.
Integration tests for these can be ran as this:
$ make PATCH_DIR="linux-6.2.0" KPATCH_BUILD_OPTS="--non-replace --sourcedir /path/to/src/linux-6.2.0" integration-slow
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Kernel v6.2+ commit de3d098dd1fc ("powerpc/64: Add module check for ELF
ABI version") now verifies the ELF header e_flags for its ABI value and
refuse to load modules with complaint, "Invalid module architecture in
ELF header: 21"
Like other ELF header details, copy the flags from the reference ELF
input file to the new ELF file to avoid module load errors.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Kernel v6.2+ commit bea75b33895f ("x86/Kconfig: Introduce function
padding") introduces the -fpatchable-function-entry=16,16 build flag on
x86. This leverages compiler support for generating a
__patchable_function_entries section similar to __mcount_loc.
That said, x86 still utilizes __mcount_loc even when
__patchable_function_entries exists. The latter point to the __pfx
symbols, but the section is discarded in the vmlinux link and isn't used
regardless, for ftrace or for any other purpose.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
The kernel has a VERMAGIC_STRING, e.g. "6.2.0". The module loader uses
that string to ensure that all loaded modules' version strings match the
kernel's.
If the kernel source is in a git tree, and if there are uncommitted
changes, the version string will have a '+' or "-dirty" appended to it,
like "6.1.0+" or "6.2.0-dirty". This dirty tree detection is done by
the setlocalversion script.
This affects kpatch-build in a few ways. When it builds the original
kernel, in some cases there are uncommitted changes to the makefiles.
When it builds the patched kernel, there are additional uncommitted
changes due to the .patch file being applied.
We want to avoid the VERMAGIC_STRING changing between builds. Otherwise
it would cause problems:
- object code which uses that string would change unnecessarily,
causing a false positive change detected by create-diff-object
- the linked patch module would report the wrong version, resulting in
the module failing to load due to version mismatch.
Up until now, the version was prevented from changing by running
`setlocalversion --save-scmversion` before the build. That command
hard-codes the version by saving it to a file which is then
automatically read later during future invocations of the kernel build.
Unfortunately that feature was removed in the 6.3 merge window with
commit f6e09b07cc12 ("kbuild: do not put .scmversion into the source
tarball"). So we need to come up with a new approach.
Fix it by temporarily replacing the setlocalversion script with a
one-liner which just echo's the original version. I think this is
unfortunately the best we can do, as we really can't handle
VERMAGIC_STRING changing, either during/between kernel builds or during
the module link.
Fixes#1335.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Updates of interest:
v0.9.8:
- Clang fix ups from Pete Swain
- Support for gcc-12
- Support for Linux 5.19
- Added RHEL-8.7 and 9.1 integration tests
- Fixed __UNIQUE_ID() variable correlation
- Improved handling of unsupported static calls
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Like unsupported jump labels and static call sites, batch report all
unsupported sibling calls so the kpatch developer doesn't need to
iteratively find them all.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
This is a test example currently preferable to proc-version.patch as
crash utility has difficulty parsing /proc/version content after being
altered.
Signed-off-by: Linqing Lu <lilu@redhat.com>
Kernel v6.2+ commits 00abd3840812 ("objtool: Add .call_sites section")
and e81dc127ef69 ("x86/callthunks: Add call patching for call depth
tracking") added .call_sites sections to object files. These are filled
with an array of s32 values.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Kernel v6.1+ commit 7e92e01b7245 ("powerpc: Provide syscall wrapper")
introduced PowerPC specific macros. Add them to kpatch-syscall.h.
WIP: the syscall.patch integration test required
-fno-optimize-sibling-calls for sys_newuname() ... should we move the
attribute out to the patch?
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Kernel v6.1+ commit 2df8220cc511 ("kbuild: build init/built-in.a just
once") split init_uts_ns and linux_banner out to
init/version-timestamp.c from init/version.c
Add init/version-timestamp.o to the list of object files that kpatch-cc
won't add to its changed_objs list.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
Architectures like ppc64le may set CONFIG_PARAVIRT=y but do not
necessarily implement via struct paravirt_patch_site.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
The term "dynrela" was invented before klp relocations ever existed.
They're basically the same thing: special livepatch-specific relocations
which get applied when the patched object gets loaded or patched.
They're necessary due to a) the need to access unexported symbols; and
b) late module patching.
The different names are confusing. Consolidate them by replacing
"dynrela" with "klp_reloc" (code) or "klp relocation" (English).
Note there's still some antiquated code in the kpatch core module and in
the pre-4.7 klp patch template which still use the "dynrela" naming.
That code is mostly dead anyway so I've just left it alone.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Now that we have KPATCH_STATIC_CALL(), document its usage. While at it,
give a more thorough description for why jump labels and static calls
aren't supported in some scenarios.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
For some reason the github version of 'make check' just started
complaining about these:
shellcheck kpatch/kpatch kpatch-build/kpatch-build kpatch-build/kpatch-cc
In kpatch-build/kpatch-build line 455:
while [[ "${filedir#$common/}" = "$filedir" ]]; do
^-----^ SC2295 (info): Expansions inside ${..} need to be quoted separately, otherwise they match as patterns.
Did you mean:
while [[ "${filedir#"$common"/}" = "$filedir" ]]; do
In kpatch-build/kpatch-build line 460:
result="${result}${filedir#$common/}"
^-----^ SC2295 (info): Expansions inside ${..} need to be quoted separately, otherwise they match as patterns.
Did you mean:
result="${result}${filedir#"$common"/}"
In kpatch-build/kpatch-cc line 26:
relobj=${obj##$KPATCH_GCC_SRCDIR/}
^----------------^ SC2295 (info): Expansions inside ${..} need to be quoted separately, otherwise they match as patterns.
Did you mean:
relobj=${obj##"$KPATCH_GCC_SRCDIR"/}
For more information:
https://www.shellcheck.net/wiki/SC2295 -- Expansions inside ${..} need to b...
make: *** [Makefile:70: check] Error 1
Error: Process completed with exit code 2.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Otherwise on recent distros it appends the errno to the error message,
like:
create-diff-object: ERROR: x86.o: kpatch_regenerate_special_section: 2633: Found 1 unsupported static call(s) in the patched code. Use KPATCH_STATIC_CALL() instead.: Success
which is not what we want in most cases.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Similar to jump labels, static calls aren't supported when the static
call key was originally defined in a module rather than in vmlinux.
Detect those cases and either remove them (in the case of tracepoints)
or error out.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Convert the hard-coded should_keep_jump_label() to a proper callback,
since static calls will need a similar filter.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Align the s390 special_section initializers to improve readability and
for consistency with the rest.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
kpatch_mangled_strcmp() only ignores the digits after the period, but in
the case of __UNIQUE_ID(), the symbol names have random digits before
the period due to the use of `__COUNTER__`. Make sure such symbols are
properly correlated.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Create a simple kpatch test that should apply across a wide range of
kernels. The version_proc_show() is a good candidate as it's easy to
verify and hasn't been touched upstream since 2008.
Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
