When a patch module is loaded, the kernel facilities like alternatives
and paravirt may alter some of its instructions. This happens before
Kpatch core module is notified and tries to apply dynrelas to it. If an
instruction to apply a dynrela to has already been changed by these
facilities, an incorrect instruction might be written as a result.
The core module now detects such conditions and does not apply dynrela
to the changed instructions.
Suggested by Josh Poimboeuf in the discussion of
https://github.com/dynup/kpatch/issues/580.
Changes in v.2:
* Used pr_notice to give more emphasis to the messages.
* Added an explanation message.
Signed-off-by: Evgenii Shatokhin <eshatokhin@virtuozzo.com>
It may be convenient to be able to turn off the automatic loading of
the patches that kpatch.service does. This helps, for example, if a
buggy patch is installed and crashes the system at boot.
This commit allows to specify kpatch.enable=0 in the kernel command
line. In this case, the binary patches will not be loaded automatically,
and the users should be able to remove or replace the offending patches
after the system boots.
Signed-off-by: Evgenii Shatokhin <eshatokhin@virtuozzo.com>
kpatch-build currently requires Module.symvers for the Kpatch core
module unconditionally and fails if it is not found. This does not allow
using kpatch-build to prepare livepatch-based patches.
This patch fixes the problem.
Signed-off-by: Evgenii Shatokhin <eshatokhin@virtuozzo.com>
Process the patch name correctly that only concern the fuffix with
.patch or .diff. Otherwise if the patch name is not end with .patch
or .diff but has it as substring, the fuffix will be removed
unreasonably.
Signed-off-by: Li Bin <huawei.libin@huawei.com>
Commit 7523e4dc5057 upstream ("module: use a structure to encapsulate
layout") uses a new field to access module memory. Account for this change
and ensure backwards compatibility with kernel versions < 4.5
Support patching objects that have duplicated function names. This feature was
introduced upstream in Linux v4.5.
This patch appends the symbol position to the symbol structure when
lookup_local_symbol is called. This pos variable is then used when creating the
funcs and dynrelas sections. Finally, incorporate sympos into the livepatch
patch hook only if the kernel version is greater than v4.5. In other cases the
older format is used.
Fixes: #493
Signed-off-by: Chris J Arges <chris.j.arges@canonical.com>
In some cases when packaging it may not be useful to build kmod/core at
package build time (for example if using DKMS). Add a parameter 'BUILDMOD'
that when set to 'yes' will build kmod/core.
Signed-off-by: Chris J Arges <chris.j.arges@canonical.com>
Don't assume we are building for the current kernel. In addition print out
a proper package necessary for building the module.
Signed-off-by: Chris J Arges <chris.j.arges@canonical.com>
Some distributions prefer not to use /usr/libexec. To make things easier
for packaging, allow this directory to be set easily via environment
variables.
Signed-off-by: Chris J Arges <chris.j.arges@canonical.com>
The uncorrelation logic is incomplete. For bundled symbols, in addition
to uncorrelating the sections, it should also uncorrelate the section
symbols and any rela sections.
Similarly the correlation logic needs to correlate section symbols. (It
already correlates rela sections.)
If a kernel SRPM is used to get the kernel sources, the target kernel
version is determined from the name of the SRPM.
One cannot obtain the target kernel version this way if the source tree
is used instead of an SRPM, so let us extract that information from
vmlinux.
Signed-off-by: Evgenii Shatokhin <eshatokhin@odin.com>
This fix is an addition to 9fedd0d283 "kpatch-build: fix
gcc_version_check".
On some systems, the GCC version stored in vmlinux may have the
following format:
(GNU) 4.8.3 20140911 (Red Hat 4.8.3-9)
while GCC returns
(GCC) 4.8.3 20140911 (Red Hat 4.8.3-9)
As a result, binary patches cannot be built, although the compiler is
the same.
gcc_version_check() now takes this into account.
Signed-off-by: Evgenii Shatokhin <eshatokhin@odin.com>
"kpatch replace" is complex, buggy, and probably unnecessary. And
upstream livepatch has nothing like it.
Remove it from the kpatch utility, but leave the infrastructure in place
in the patch module and the core module for now.
Fixes: #456
Deal with a special case where gcc needs a pointer to the address at the end of
a data section.
This is usually used with a compare instruction to determine when to end a
loop. The code doesn't actually dereference the pointer so this is "normal"
and we just replace the section reference with a reference to the last symbol
in the section.
Note that this only catches the issue when it happens at the end of a section.
It can also happen in the middle of a section. In that case, the wrong symbol
will be associated with the reference. But that's ok because:
1) This situation only occurs when gcc is trying to get the address of the
symbol, not the contents of its data; and
2) Because kpatch doesn't allow data sections to change, &(var1+sizeof(var1))
will always be the same as &var2.
Fixes: #553
Refine the static local variable handling again. This builds on a
previous patch by Zhou Chengming.
This fixes the following bugs reported by Zhou:
1. xxx.123 ---> xxx.123 (previous correlation by coincidence)
xxx.256 ---> xxx.256 (previous correlation by coincidence)
But real xxx.123 ---> xxx.256
In this case, the code doesn't work. Because when find patched_sym for
xxx.123, the xxx.256 in patched_object hasn't been de-correlated.
2. old-object | new-object
func1 | func1
xxx.123 | xxx.123 (inline)
func2 | func2
xxx.256 | xxx.256
xxx.123 | xxx.123 (inline)
When find patched_sym for xxx.123, first find xxx.123 in func1 of new-object,
But then find xxx.256 in func2 of new-object.
So I think should not iterate the base-sections, when find one, just go out to next symbol.
Both of these problems can be fixed by splitting the code up into
multiple passes:
1. uncorrelate all static locals
2. correlate all static locals
3. ensure each static local is referenced by all the same sections in
both objects
4. print warning on any new static locals
Fixes: #545
Before this patch, kpatch_build dependends on bash version >4.0
that support declare -A. This patch remove this dependency by
replacing dict(declare -A) with array.
Signed-off-by: Li Bin <huawei.libin@huawei.com>
When find kobj, it should use 'cat changed_objs' to get the changed
objects, in order to process the following object format:
a/b/c/../../object.o. If using patched dir to get changed object,
the object will be a/object.o, but it is a/b/c/../../object.o in
*.cmd file.
This patch also fix the find_parent_obj that change the format
'a/b/c/../../object.o' to 'a/object.o' in deep find, otherwise
it will fail with "two parent matches for *.o".
Signed-off-by: Li Bin <huawei.libin@huawei.com>
