Commit Graph

984 Commits

Author SHA1 Message Date
Seth Jennings
ffb4f261dc Merge pull request #528 from jpoimboe/dynamic-group-size
kpatch-build: detect special section group sizes
2015-10-27 12:04:07 -05:00
Josh Poimboeuf
1704498471 kpatch-build: detect special section group sizes
Hard-coding the special section group sizes is unreliable.  Instead,
determine them dynamically by finding the related struct definitions in
the DWARF metadata.

Fixes #517.
Fixes #523.
2015-10-27 11:31:40 -05:00
Seth Jennings
a1db97bd7c Merge pull request #524 from jpoimboe/set_memory_rw
kmod/core: call unexported set_memory_[ro|rw]
2015-10-26 09:21:07 -05:00
Josh Poimboeuf
b2de4ba059 kmod/core: call unexported set_memory_[ro|rw]
In recent kernels, set_memory_ro() and set_memory_rw() are no longer
exported.  Call them anyway :-)

Fixes #496.
2015-10-26 08:23:54 -05:00
Seth Jennings
ff40e54435 Merge pull request #515 from euspectre/kcflags-fix
kpatch-build: do not use -ffunction-sections for a patch module itself
2015-10-21 14:10:33 -05:00
Evgenii Shatokhin
7b9629fc0a kpatch-build: do not use -ffunction-sections for a patch module itself
-ffunction-sections and -fdata-sections are needed when building the
original and the patched kernels.

It is not necessary, however, to use these options when building a
patch module itself, its functions and data are OK in the sections they
are.

Let us remove these options from KCGLAGS after the kernels have been
built.
2015-10-21 21:13:23 +03:00
Seth Jennings
1cd59c6603 Merge pull request #512 from euspectre/kpatch-build-symvers-fixes
kpatch-build: a couple of symvers-related fixes
2015-10-20 09:57:11 -05:00
Seth Jennings
f6aba601ed Merge pull request #513 from euspectre/do-not-clobber-rpmbuild-dir
kpatch-build: do not clobber ~/rpmbuild directory
2015-10-20 09:09:14 -05:00
Evgenii Shatokhin
9df043bc2e kpatch-build: do not clobber ~/rpmbuild directory
If a source RPM is used to obtain the kernel sources, kpatch-build
executes rpmdev-setuptree to prepare ~/rpmbuild directory tree, installs
the source RPM there. Then it calls 'rpmbuild -bp' to prepare the
kernel source tree.

All this, however, may clobber the existing contents of ~/rpmbuild,
which is very inconvenient if one uses rpmbuild to build other packages.

To avoid that, I could not find a better way than to specify a fake home
directory (~/.kpatch/tempsrc) for that portion of kpatch-build. It seems,
neither rpmdev-setuptree nor rpm have appropriate options for that.

I put the affected commands into a subshell so that the changes in $HOME
could not propagate to other parts of kpatch-build.
2015-10-19 15:45:43 +03:00
Evgenii Shatokhin
d5e3e09428 kpatch-build: look for symvers file in /lib/modules/.../kpatch too
If kpatch core module is packaged in an RPM and the package is installed,
the likely location of the module and its symvers file is
/lib/modules/<kernel_version>/extra/kpatch/.

kpatch-build checks this location too now when looking for the .symvers
file. This is convenient for distributing the Kpatch tools as RPMs and
the like.

Signed-off-by: Evgenii Shatokhin <eshatokhin@odin.com>
2015-10-19 14:23:35 +03:00
Evgenii Shatokhin
cba3081d59 kpatch-build: use Module.symvers for the target kernel
Before this fix, kpatch-build looked for Module.symvers for the core
module built for the currently running kernel. So, if one tried to build
a patch module for a kernel, different from the current one, an error
would occur. This patch fixed the problem.

Signed-off-by: Evgenii Shatokhin <eshatokhin@odin.com>
2015-10-19 13:19:09 +03:00
Seth Jennings
d444caa907 Merge pull request #510 from libin2015/support-add-new-file-v2
kpatch-build: support adding new files in patch
2015-10-16 09:29:45 -05:00
Seth Jennings
3d97dbc7fc Merge pull request #505 from flaming-toast/vmlinux_null_fix
livepatch-patch-hook: check for object->name before calling strcmp
2015-10-16 08:59:13 -05:00
Seth Jennings
8a182ce0aa Merge pull request #508 from libin2015/support-weak-function-v2
kpatch-build: support patching weak function
2015-10-16 08:52:03 -05:00
Li Bin
ef76bd9cc9 kpatch-build: support adding new files in patch
Geting the changed objects from the patched dir, in order to support
adding new files in patch.

Signed-off-by: Li Bin <huawei.libin@huawei.com>
2015-10-16 17:26:24 +08:00
Li Bin
724cac2e36 kpatch-build: support patching weak function
Before this patch, if changed function is weak symbol, it is not
be allowed to create live patch, and it will trigger the following
error:
/usr/local/libexec/kpatch/create-diff-object: ERROR: ***.o:
kpatch_create_patches_sections: 2294: lookup_global_symbol ***

And if the changed function reference the weak symbol, when loading
the patch module will trigger the following error:
module kpatch-***: overflow in relocation type *** val 0
insmod: can't insert 'kpatch-***.ko': invalid module format

This patch fix it and add support for patching weak function.

Signed-off-by: Li Bin <huawei.libin@huawei.com>
2015-10-16 13:21:00 +08:00
Seth Jennings
c8b0f18aa9 Merge pull request #504 from libin2015/section-change-fix
kpatch-build: verify bss/data/init section change properly
2015-10-15 17:05:07 -05:00
Josh Poimboeuf
beeadb8fa5 Merge pull request #503 from libin2015/master
kpatch-build: fix typo s/.rela.kpatch.patches/.rela.kpatch.funcs
2015-10-15 12:12:04 -05:00
Seth Jennings
efaf98036a Merge pull request #499 from zhouchengming1/master
bugfix: correlate the rela sections of bundled static variables
2015-10-14 15:35:49 -05:00
Jessica Yu
9e223369ea livepatch-patch-hook: check for object->name before calling strcmp
Fixes issue #494. A null pointer dereference can result with patch
modules for multiple objects since the "vmlinux" patch object's "name"
field is null. strcmp therefore crashes trying to compare object->name
if the current object is vmlinux and the supplied "name" argument is
not. Check that object->name is not null before invoking strcmp.
2015-10-14 13:01:42 -07:00
Li Bin
5cb6a46069 kpatch-build: verify bss/data/init section change properly
kpatch_verify_patchability can detect the change of .bss or .data or
.init section, but it must be processed before verify num_changed.
Otherwise, for example, if only .init section changed, it will fail
with 'no changed functions were found', but not 'unsupported section
change(s)'.

With this patch,
for .init section: .init section will not a bundled section, so if
the section changed, not sync the function status, kpatch_verify_patchability
will give 'changed section <secname> not selected for inclusion' and
'unsupported section change(s)' error.

for .bss/.data section: kpatch_verify_patchability will ensure not
including .data or .bss section, otherwise it will give 'data section
<secname> selected for inclusion' and 'unsupported section change(s)'
error.

Signed-off-by: Li Bin <huawei.libin@huawei.com>
2015-10-13 09:29:38 +08:00
Li Bin
2722978fd6 kpatch-build: fix typo s/.rela.kpatch.patches/.rela.kpatch.funcs
Fix the kpatch_create_dynamic_rela_sections:
s/.rela.kpatch.patches/.rela.kpatch.funcs

Signed-off-by: Li Bin <huawei.libin@huawei.com>
2015-10-13 08:31:32 +08:00
Seth Jennings
403490fff5 Merge pull request #502 from libin2015/master
kpatch-build: fix shadow_get function
2015-10-12 16:48:35 -05:00
Li Bin
495948242e kpatch-build: fix shadow_get function
The shadow_get function does't consider the case that
'shadow is inpace', and after the shadow->data be set to the data,
it will not be the pointer. This patch fix it.

Signed-off-by: Li Bin <huawei.libin@huawei.com>
2015-10-12 17:15:00 +08:00
Seth Jennings
f049dcf6e0 Merge pull request #500 from euspectre/examples
examples: Added an example of a problematic patch with an explanation
2015-10-01 08:32:49 -05:00
Evgenii Shatokhin
c95b2b16a6 examples: Added an example of a problematic patch with an explanation
examples/tcp_cubic-better-follow-cubic-curve-original.patch is the
original patch, combined from two mainline commits (see the description
in the patch). It cannot be used with Kpatch as it is because the
change is in the initialization of a global structure.

examples/tcp_cubic-better-follow-cubic-curve-converted.patch is a
modification of the patch that Kpatch can process. Still, this
modification has its issues, see the description there.

Signed-off-by: Evgenii Shatokhin <eshatokhin@odin.com>
2015-09-30 22:07:53 +03:00
Zhou ChengMing
0f556245e2 bugfix: correlate the rela sections of bundled static variables
If a static variable is a pointer, it has rela section.

Example:
	static int *p = &a;
changed to:
	static int *p = &b;
so its rela section has changed.

Then this change of data should be found and report error.
But if we don't correlate its rela section, we won't
find this change.

Signed-off-by: Zhou ChengMing <zhouchengming1@outlook.com>
2015-09-25 08:14:59 -07:00
Seth Jennings
667692639e Merge pull request #491 from jpoimboe/readme-oot
README updates: patch out-of-tree modules and remove some obsolete info
2015-06-25 00:02:06 -04:00
Josh Poimboeuf
99be07a372 readme: remove some obsolete information 2015-06-24 16:29:29 -05:00
Josh Poimboeuf
22d60ad60e readme: patching out-of-tree modules 2015-06-24 16:29:02 -05:00
Josh Poimboeuf
de22702b21 Merge pull request #488 from spartacus06/rminitrd
Replace initramfs code with systemd service
2015-06-03 09:24:06 -05:00
Seth Jennings
740163ae12 set mode 0644 on service unit
Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-06-03 09:09:07 -05:00
Seth Jennings
743f70f002 use PREFIX for absolute path in service unit
Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-06-03 08:47:14 -05:00
Seth Jennings
a90e3a8d80 Merge pull request #490 from kragniz/centos-kernel-package
Fix kpatch-build failure with srpm on centos
2015-06-02 09:40:09 -05:00
Louis Taylor
5875032241 Fix kpatch-build failure with srpm on centos
kpatch-build was failing on centos7 with

    mv: cannot stat '/home/vagrant/rpmbuild/BUILD/kernel-*/linux-3.10.0-229.el7.x86_64': No such file or directory

in the error log. This was due to the actual directory being named
linux-3.10.0-229.el7.centos.x86_64. This patch avoids this failure by
adding a wildcard before the arch.

Signed-off-by: Louis Taylor <louis@kragniz.eu>
2015-05-31 02:47:52 +01:00
Seth Jennings
bfc088ff89 fixup review comments
Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-04-29 12:53:39 -05:00
Seth Jennings
cf91219ce2 Merge pull request #489 from jpoimboe/readme-f21
readme: update dependencies for f21
2015-04-29 12:03:17 -05:00
Josh Poimboeuf
abdaa96c18 readme: update dependencies for f21
Change the supported Fedora version to F21 and add a new dependency.

For some reason, numactl-devel is needed by "rpmbuild -bp kernel", but
isn't detected by "yum-builddep kernel".
2015-04-29 11:50:23 -05:00
Seth Jennings
aae4d82ecc cleanup spec file
Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-04-29 10:16:52 -05:00
Seth Jennings
3810ff8f2f add kpatch systemd service
Add a systemd service file for loading of the kpatch modules

Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-04-29 10:16:52 -05:00
Seth Jennings
2d45022052 remove dracut integration
Remove the dracut support for adding the kpatch modules to the
initramfs.  This creates a sizeable delay in installation time and
doesn't offer any added protect over just applying the patches at boot
time using a systemd service.  Additional, we are seeing more platforms,
namely atomic and netboot environments, where changing the initramfs
can't be done.

Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-04-29 09:51:28 -05:00
Seth Jennings
79a09ac8df Merge pull request #486 from jpoimboe/README
README livepatch update
2015-03-26 13:52:46 -05:00
Josh Poimboeuf
d50b0b9218 README livepatch update 2015-03-25 17:17:09 -05:00
Seth Jennings
533197811a Merge pull request #482 from jpoimboe/CONFIG_LIVEPATCH
CONFIG_LIVE_PATCHING -> CONFIG_LIVEPATCH
2015-02-04 09:35:37 -06:00
Josh Poimboeuf
865f67ae74 CONFIG_LIVE_PATCHING -> CONFIG_LIVEPATCH
Change the config name to match today's upstream change.
2015-02-04 08:32:08 -06:00
Josh Poimboeuf
f627762570 Merge pull request #481 from spartacus06/scmversion-fix
ensure scmversion consistency across builds
2015-01-23 16:54:02 -06:00
Seth Jennings
e731530ffc ensure scmversion consistency across builds
Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-01-23 16:17:09 -06:00
Josh Poimboeuf
ac7ddc55dd Merge pull request #477 from spartacus06/compat2
add livepatch API support
2015-01-22 13:36:49 -06:00
Seth Jennings
cd92020f71 add *hook.c files and make target dep for patch-hook.o
Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-01-22 11:39:34 -06:00
Seth Jennings
0325e43d93 add naming convention documentation and fixes
Signed-off-by: Seth Jennings <sjenning@redhat.com>
2015-01-22 11:39:34 -06:00