kpatch-build is outgrowing the kpatch script and probably is a better
fit as its own utility instead of being wrapped by kpatch. Install
kpatch-build into /usr/local/bin, remove the kpatch wrapper around it,
and update the README accordingly.
For a local object or function symbol, we expect that
the section offset, sym.st_value, be 0 because we used
-ffunction-sections and -fdata-section during compile.
If value != 0, it undermines assumptions we make and
should return an error. Exceptions should be handled
on a case by case basis, like __ksymtab_strings.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
In preparation for adding an automated test framework,
add an ability to create-object-diff that will create
a human readable list of included sections and symbols
with type and bind information so that the test framework
can compare against a known-good reference list with the
expected set of sections and symbols.
The file is created when the -i/--inventory option is
used. The inventory filename is the user supplied output
file name suffixed by .inventory
Signed-off-by: Seth Jennings <sjenning@redhat.com>
I'm tired of setting CFLAGS and people shouldn't have to
recompile to get debug output. This lays the foundations
proper option handling and logging levels.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
- Fixup debug messages
- Remove dead code
- No more DEPENDENCY state
- Reachability test is now the "Inclusion tree" for determining
which syms/sections will be included in the output
- 'reachable' field is now and 'include' and is the sole
consideration in including sections/symbols (no more complex
conditional checks)
- Order LOCAL before GLOBAL in the symbol table. Apparently, after
a FILE sym, all LOCAL symbols should precede GLOBAL syms or readelf
shows <corrupt>
- Handle __ksymtab_strings section and __ksymtab_* syms
Signed-off-by: Seth Jennings <sjenning@redhat.com>
The kernel Makefile look for localversion in the source tree,
not the object tree. The absense from the source tree results
in a patch module that will not load because the kernel versions
don't match.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
Setting KCFLAGS="-ffunction-sections -fdata-sections" causes make to
invalidate all the kernel objects, resulting in all the objects getting
rebuilt on the next pass, thus no build caching.
To fix that, build the objects in a separate directory (obj) for normal
builds, and another separate directory (obj2) for the builds with added
cflags.
The compression of the cache during initial build time and
the removal and (re)decompression of the cache for subsequent
builds takes a large amount of time and causes significant I/O.
This commit removes the compressed cache and, instead, keeps
the cache uncompressed and maintained in a known state. If
the "applied-patch" file does not exist, then the cache is
in the unpatched state. If the file does exist, the cache is
in a patched state and can be returned to an unpatched state
with "patch -R -p1 < applied-patch".
The if cache is detected and is in the patched state, the patch
is removed and vmlinux is rebuilt to obtain the base vmlinux.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
Right now kpatch-build fails when more than one object
file has changed because the quotes around the for loop
arrays cause the for loop to execute only once for all
elements in a single string.
Remove the quotes around the for loop arrays so that the
for loop is execute for each element.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
When calling kpatch-build from the git directory, the patch kmod build
fails because it can't find kpatch.h because the symlink is broken.
Copy the kpatch.h file (instead of the symlink) to TEMPDIR.
bash gets confused when a command and its args are quoted:
/usr/local/libexec/kpatch/kpatch-build: line 131: strip -d --keep-file-symbols: command not found
Build and install the kpatch core module with make and make install,
rather than building it every time with kpatch build.
The only downside to this approach is that the user has to make and make
install kpatch every time they get a new kernel. But this is only
temporary, until the kpatch module is delivered in an RPM.
The source tree directory structure should be maintained
in the TEMPDIR while building the hotpatch module so that
changed objects in different directories with the same
name don't collide during the build process.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
We need to keep the file symbols around for add-patches-section
and link-vmlinux-syms to resolve ambigous symbols in vmlinux.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
Use relative paths so that kpatch and kpatch-build will find the tools
and data they need, regardless of the installation prefix. Also add
support for running them straight from the git repo.
Be more consistent with the patch metaphor (as opposed to modules):
- change load/unload to apply/remove
- strip "kpatch-" prefix from the module name, so that patch name "foo"
corresponds to module "kpatch-foo.ko"
Before adding any more features to the scripts, standardize the bash
style. I prefer something close to the google shell style guidelines:
http://google-styleguide.googlecode.com/svn/trunk/shell.xml
- change [[ to [ (more robust)
- put variable references in quotes (more robust)
- put "then" on same line as "if" (more C-like, readable)
- print error messages on stdout
- avoid using external utilities like ls
Also added a few error handling improvements, including using a die
function where appropriate.
- setup the makefiles to support "make" and "make install", which builds
the kpatch-build tools and installs everything in /usr/local.
- update kpatch-build to support new paths
- add "kpatch build" wrapper around kpatch-build
NOBITS section may have a non-zero size, however, the have no data and
the data descriptor will have d_buf set to NULL.
This commit fixes as segfault that occurs from trying to compare the
data of such sections.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
There are cases in which the compiler will create symbols with NOTYPE
that map to a non-zero offset inside an .rodata section. In that case, there
may not be a one-to-one relationship between that symbol and section as
the section may contains the data for multiple NOTYPE symbols.
This commit checks for this case and does not assign the symbol pointer of the
section that contains its data to avoid multiple symbols referring to the same
section from overwriting one another. It also adds a check ensuring that all
symbols whose type is !NOTYPE start at offset 0 within the section. This
should be guarenteed by the -ffunction-sections and -fdata-sections options
compiler options.
Signed-off-by: Seth Jennings <sjenning@redhat.com>
