The current solution doesn't work because "$?" will always be 0, even if
there were no "CC" lines in the build log. Instead, just make sure the
changed_objs file isn't empty.
Add a patch testing step before compiling the kernel, so that users
don't have to wait for the kernel to compile before seeing if the patch
applies cleanly.
Also allow the printing of the patch command's stdout/stderr to make it
clear what files are being patched and whether there's any fuzz.
If the patch file fails to apply, it "corrupts" the cache by leaving the
old applied-patch file around. Fix that by always cleaning up after
ourselves.
Allow the user to supply a custom kernel source directory. This copies
the directory to ~/.kpatch/src instead of using it in place. Otherwise
the "make mrproper" (which is needed for compiling objects in a separate
tree) would modify the original source tree and remove its .config file.
There's currently no caching support for this option. If needed, we
could implement that pretty easily by calculating an md5sum of the
original source directory.
kpatch-build is outgrowing the kpatch script and probably is a better
fit as its own utility instead of being wrapped by kpatch. Install
kpatch-build into /usr/local/bin, remove the kpatch wrapper around it,
and update the README accordingly.
For a local object or function symbol, we expect that
the section offset, sym.st_value, be 0 because we used
-ffunction-sections and -fdata-section during compile.
If value != 0, it undermines assumptions we make and
should return an error. Exceptions should be handled
on a case by case basis, like __ksymtab_strings.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
In preparation for adding an automated test framework,
add an ability to create-object-diff that will create
a human readable list of included sections and symbols
with type and bind information so that the test framework
can compare against a known-good reference list with the
expected set of sections and symbols.
The file is created when the -i/--inventory option is
used. The inventory filename is the user supplied output
file name suffixed by .inventory
Signed-off-by: Seth Jennings <sjenning@redhat.com>
I'm tired of setting CFLAGS and people shouldn't have to
recompile to get debug output. This lays the foundations
proper option handling and logging levels.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
- Fixup debug messages
- Remove dead code
- No more DEPENDENCY state
- Reachability test is now the "Inclusion tree" for determining
which syms/sections will be included in the output
- 'reachable' field is now and 'include' and is the sole
consideration in including sections/symbols (no more complex
conditional checks)
- Order LOCAL before GLOBAL in the symbol table. Apparently, after
a FILE sym, all LOCAL symbols should precede GLOBAL syms or readelf
shows <corrupt>
- Handle __ksymtab_strings section and __ksymtab_* syms
Signed-off-by: Seth Jennings <sjenning@redhat.com>
The kernel Makefile look for localversion in the source tree,
not the object tree. The absense from the source tree results
in a patch module that will not load because the kernel versions
don't match.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
Setting KCFLAGS="-ffunction-sections -fdata-sections" causes make to
invalidate all the kernel objects, resulting in all the objects getting
rebuilt on the next pass, thus no build caching.
To fix that, build the objects in a separate directory (obj) for normal
builds, and another separate directory (obj2) for the builds with added
cflags.
The compression of the cache during initial build time and
the removal and (re)decompression of the cache for subsequent
builds takes a large amount of time and causes significant I/O.
This commit removes the compressed cache and, instead, keeps
the cache uncompressed and maintained in a known state. If
the "applied-patch" file does not exist, then the cache is
in the unpatched state. If the file does exist, the cache is
in a patched state and can be returned to an unpatched state
with "patch -R -p1 < applied-patch".
The if cache is detected and is in the patched state, the patch
is removed and vmlinux is rebuilt to obtain the base vmlinux.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
Right now kpatch-build fails when more than one object
file has changed because the quotes around the for loop
arrays cause the for loop to execute only once for all
elements in a single string.
Remove the quotes around the for loop arrays so that the
for loop is execute for each element.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
When calling kpatch-build from the git directory, the patch kmod build
fails because it can't find kpatch.h because the symlink is broken.
Copy the kpatch.h file (instead of the symlink) to TEMPDIR.
bash gets confused when a command and its args are quoted:
/usr/local/libexec/kpatch/kpatch-build: line 131: strip -d --keep-file-symbols: command not found
Build and install the kpatch core module with make and make install,
rather than building it every time with kpatch build.
The only downside to this approach is that the user has to make and make
install kpatch every time they get a new kernel. But this is only
temporary, until the kpatch module is delivered in an RPM.
The source tree directory structure should be maintained
in the TEMPDIR while building the hotpatch module so that
changed objects in different directories with the same
name don't collide during the build process.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
We need to keep the file symbols around for add-patches-section
and link-vmlinux-syms to resolve ambigous symbols in vmlinux.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
Use relative paths so that kpatch and kpatch-build will find the tools
and data they need, regardless of the installation prefix. Also add
support for running them straight from the git repo.
