From: Marcos Paulo de Souza <mpdesouza@suse.de>
To: Joe Lawrence <joe.lawrence@redhat.com>
Cc: live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-kbuild@vger.kernel.org
Subject: Re: [RFC PATCH v6 00/12] livepatch: klp-convert tool
Date: Tue, 7 Feb 2023 09:57:59 -0300 [thread overview]
Message-ID: <20230207125759.xfcsnlma6ezehff7@daedalus> (raw)
In-Reply-To: <20220216163940.228309-1-joe.lawrence@redhat.com>
On Wed, Feb 16, 2022 at 11:39:28AM -0500, Joe Lawrence wrote:
> This mostly a rebase update of the livepatch klp-convert tool used to
> generate klp-relocation types (explained in the summary below).
>
> I'm marking this as an RFC as it hasn't been extensively tested for all
> livepatch supported arches. There are may be a few symbol annotation
> changes pending what may be implemented for the FGKASLR patchset, I've
> left a few TODO and // question? marks in the code, etc. At the same
> time, I think "CET/IBT support and live-patches" highlighted a potential
> need for this tooling, so I'm posting it in its current format for
> discussion. I'll reply to individual patches to highlight a few points
> of interest.
>
>
> Summary
> -------
>
> Livepatches may use symbols which are not contained in its own scope,
> and, because of that, may end up compiled with relocations that will
> only be resolved during module load. Yet, when the referenced symbols
> are not exported, solving this relocation requires information on the
> object that holds the symbol (either vmlinux or modules) and its
> position inside the object, as an object may contain multiple symbols
> with the same name. Providing such information must be done accordingly
> to what is specified in Documentation/livepatch/module-elf-format.txt.
>
> Currently, there is no trivial way to embed the required information as
> requested in the final livepatch elf object. klp-convert solves this
> problem in two different forms: (i) by relying on a symbol map, which is
> built during kernel compilation, to automatically infer the relocation
> targeted symbol, and, when such inference is not possible (ii) by using
> annotations in the elf object to convert the relocation accordingly to
> the specification, enabling it to be handled by the livepatch loader.
>
> Given the above, add support for symbol mapping in the form of a
> symbols.klp file; add klp-convert tool; integrate klp-convert tool into
> kbuild; make livepatch modules discernible during kernel compilation
> pipeline; add data-structure and macros to enable users to annotate
> livepatch source code; make modpost stage compatible with livepatches;
> update livepatch-sample and update documentation.
>
> The patch was tested under three use-cases:
>
> use-case 1: There is a relocation in the lp that can be automatically
> resolved by klp-convert. For example. see the saved_command_line
> variable in lib/livepatch/test_klp_convert2.c.
>
> use-case 2: There is a relocation in the lp that cannot be automatically
> resolved, as the name of the respective symbol appears in multiple
> objects. The livepatch contains an annotation to enable a correct
> relocation. See the KLP_MODULE_RELOC / KLP_SYMPOS annotation sections
> in lib/livepatch/test_klp_convert{1,2}.c.
>
> use-case 3: There is a relocation in the lp that cannot be automatically
> resolved similarly as 2, but no annotation was provided in the
> livepatch, triggering an error during compilation. Reproducible by
> removing the KLP_MODULE_RELOC / KLP_SYMPOS annotation sections in
> lib/livepatch/test_klp_convert{1,2}.c.
>
> Selftests have been added to exercise these klp-convert use-cases
> through several tests.
>
>
> Branches
> --------
>
>
> Previous versions
> -----------------
>
> RFC:
> https://lore.kernel.org/lkml/cover.1477578530.git.jpoimboe@redhat.com/
> v2:
> https://lore.kernel.org/lkml/f52d29f7-7d1b-ad3d-050b-a9fa8878faf2@redhat.com/
> v3:
> https://lore.kernel.org/lkml/20190410155058.9437-1-joe.lawrence@redhat.com/
> v4:
> https://lore.kernel.org/lkml/20190509143859.9050-1-joe.lawrence@redhat.com/
> v5:
> (not posted)
> https://github.com/joe-lawrence/klp-convert-tree/tree/klp-convert-v5-devel
> v6:
> https://github.com/joe-lawrence/klp-convert-tree/tree/klp-convert-v6
> https://github.com/joe-lawrence/klp-convert-tree/tree/klp-convert-v6-devel
Hi Joe,
I send reviews to some patches of the v6 batch, but there is currently a v7 in
your github profile. I believe that I sent Rb for patches that are the same
between versions.
The current version is almost one year older already. Do you plan to send v7
soon?
Thanks a lot!
Marcos
>
>
> Summary of changes in v5
> ------------------------
>
> [For/from Masahiro]
> - rename Symbols.list to symbols.klp
> - remove HOST_EXTRACFLAGS from klp-convert build
> - kbuild tweaks from Masahiro Yamada
> - SPDX instead of the license boilerplate
>
> [Joe]
> - a bunch of small checkpatch, clang-check fixes
> - klp-convert: account for symbols shared across sections
> - klp-convert: sympos endianness for cross-compile
> - klp-convert: implement rela section support list
> - klp-convert: update group sections sh_link
> - klp-convert: flag annotations without relocations
> - klp-convert: allow .rela__jump_table to vmlinux
> - livepatch/selftests: Add __asm__ symbol renaming examples
> - livepatch/selftests: test multiple sections
> - livepatch/selftests: add static keys test
>
> [Miroslav]
> - klp-convert: use _safe list traversals only when required
> - klp-convert: separate rela conversation from removal
>
>
> Summary of changes in v6
> ------------------------
>
> [For/from Christophe]
> - klp-convert: Support for ppc32 ELF files
>
> [Joe]
> - livepatch/selftests: add data relocations test
> - klp-convert: move relas to klp_rela_sec tail
> - rebase for v5.17-rc1
>
>
> Joao Moreira (2):
> kbuild: Support for symbols.klp creation
> documentation: Update on livepatch elf format
>
> Joe Lawrence (5):
> livepatch/selftests: add klp-convert
> livepatch/selftests: test multiple sections
> livepatch/selftests: add __asm__ symbol renaming examples
> livepatch/selftests: add data relocations test
> livepatch/selftests: add static keys test
>
> Josh Poimboeuf (5):
> livepatch: Create and include UAPI headers
> livepatch: Add klp-convert tool
> livepatch: Add klp-convert annotation helpers
> modpost: Integrate klp-convert
> livepatch: Add sample livepatch module
>
> .gitignore | 2 +
> Documentation/dontdiff | 1 +
> Documentation/livepatch/livepatch.rst | 3 +
> Documentation/livepatch/module-elf-format.rst | 42 +-
> MAINTAINERS | 2 +
> Makefile | 12 +-
> include/linux/livepatch.h | 13 +
> include/uapi/linux/livepatch.h | 25 +
> kernel/livepatch/core.c | 4 +-
> lib/livepatch/Makefile | 12 +
> lib/livepatch/test_klp_convert.h | 45 +
> lib/livepatch/test_klp_convert1.c | 121 +++
> lib/livepatch/test_klp_convert2.c | 110 +++
> lib/livepatch/test_klp_convert_data.c | 190 ++++
> lib/livepatch/test_klp_convert_keys.c | 91 ++
> lib/livepatch/test_klp_convert_keys_mod.c | 52 +
> lib/livepatch/test_klp_convert_mod_a.c | 31 +
> lib/livepatch/test_klp_convert_mod_b.c | 19 +
> lib/livepatch/test_klp_convert_mod_c.c | 36 +
> lib/livepatch/test_klp_convert_sections.c | 120 +++
> samples/livepatch/Makefile | 1 +
> .../livepatch/livepatch-annotated-sample.c | 93 ++
> scripts/Makefile | 1 +
> scripts/Makefile.modfinal | 38 +-
> scripts/Makefile.modpost | 5 +
> scripts/livepatch/.gitignore | 1 +
> scripts/livepatch/Makefile | 5 +
> scripts/livepatch/elf.c | 813 ++++++++++++++++
> scripts/livepatch/elf.h | 74 ++
> scripts/livepatch/klp-convert.c | 885 ++++++++++++++++++
> scripts/livepatch/klp-convert.h | 47 +
> scripts/livepatch/list.h | 391 ++++++++
> scripts/mod/modpost.c | 28 +-
> scripts/mod/modpost.h | 1 +
> .../selftests/livepatch/test-livepatch.sh | 405 ++++++++
> 35 files changed, 3708 insertions(+), 11 deletions(-)
> create mode 100644 include/uapi/linux/livepatch.h
> create mode 100644 lib/livepatch/test_klp_convert.h
> create mode 100644 lib/livepatch/test_klp_convert1.c
> create mode 100644 lib/livepatch/test_klp_convert2.c
> create mode 100644 lib/livepatch/test_klp_convert_data.c
> create mode 100644 lib/livepatch/test_klp_convert_keys.c
> create mode 100644 lib/livepatch/test_klp_convert_keys_mod.c
> create mode 100644 lib/livepatch/test_klp_convert_mod_a.c
> create mode 100644 lib/livepatch/test_klp_convert_mod_b.c
> create mode 100644 lib/livepatch/test_klp_convert_mod_c.c
> create mode 100644 lib/livepatch/test_klp_convert_sections.c
> create mode 100644 samples/livepatch/livepatch-annotated-sample.c
> create mode 100644 scripts/livepatch/.gitignore
> create mode 100644 scripts/livepatch/Makefile
> create mode 100644 scripts/livepatch/elf.c
> create mode 100644 scripts/livepatch/elf.h
> create mode 100644 scripts/livepatch/klp-convert.c
> create mode 100644 scripts/livepatch/klp-convert.h
> create mode 100644 scripts/livepatch/list.h
>
> --
> 2.26.3
>
next prev parent reply other threads:[~2023-02-07 12:58 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-16 16:39 [RFC PATCH v6 00/12] livepatch: klp-convert tool Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 01/12] livepatch: Create and include UAPI headers Joe Lawrence
2022-04-14 8:50 ` Petr Mladek
2022-02-16 16:39 ` [RFC PATCH v6 02/12] kbuild: Support for symbols.klp creation Joe Lawrence
2022-04-14 9:35 ` Petr Mladek
2022-04-14 17:59 ` Nicolas Schier
2022-04-18 18:12 ` Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 03/12] livepatch: Add klp-convert tool Joe Lawrence
2022-02-16 16:46 ` Joe Lawrence
2022-02-16 16:56 ` Joe Lawrence
2022-04-14 15:03 ` elf API: was: " Petr Mladek
2022-04-18 18:01 ` Joe Lawrence
2023-02-06 18:16 ` Marcos Paulo de Souza
2022-02-16 16:39 ` [RFC PATCH v6 04/12] livepatch: Add klp-convert annotation helpers Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 05/12] modpost: Integrate klp-convert Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 06/12] livepatch: Add sample livepatch module Joe Lawrence
2023-02-07 12:52 ` Marcos Paulo de Souza
2022-02-16 16:39 ` [RFC PATCH v6 07/12] documentation: Update on livepatch elf format Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 08/12] livepatch/selftests: add klp-convert Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 09/12] livepatch/selftests: test multiple sections Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 10/12] livepatch/selftests: add __asm__ symbol renaming examples Joe Lawrence
2022-02-16 17:03 ` Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 11/12] livepatch/selftests: add data relocations test Joe Lawrence
2022-02-16 17:12 ` Joe Lawrence
2022-02-16 16:39 ` [RFC PATCH v6 12/12] livepatch/selftests: add static keys test Joe Lawrence
2022-02-16 17:17 ` [RFC PATCH v6 00/12] livepatch: klp-convert tool Joe Lawrence
2023-02-07 12:57 ` Marcos Paulo de Souza [this message]
2023-02-07 15:54 ` Joe Lawrence
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230207125759.xfcsnlma6ezehff7@daedalus \
--to=mpdesouza@suse.de \
--cc=joe.lawrence@redhat.com \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).