Livepatching changes for 6.1
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEESH4wyp42V4tXvYsjUqAMR0iAlPIFAmM9Y/gACgkQUqAMR0iA lPJxwg//SJsMwv3zDDP3YAzhROongc9mlNL9yTNo5zMFYaLIF6j0UkN7zP7+ChTY u3rfiOYOiSNVyylC4+Auznqi219wjEPedDtJkP6Gx6mHJIArXoFltOGct1fz3CH6 xJjBYPpRVQTP54HQ/OEM4kfxn7eG1HXpErxIYUfeRzM5REJR0iZFfI6FwyXVhjsL 1lDTHc/qlLlaDMqik2sQ/3yJ391SQKodAwkJY9d2wS06OjMmvtX+dADZJkXwv14f 5wnBXG/4Zr0HSR2JW3VgU7AwZptaRLYF2PtYdDp+yI0DSsmjPq4d+0YqTVbgLNSq r0XmewMpnNUNojEuFpW4/+RGZo0pnlJpjUOYfKTbDecnYfMjUFtSGPLVTMnN1OT+ xcW/Q8jO4nQ24993xrQbOr/vBT6nIsePkJAOJkTPzzAxkPF3X7ik3lZyjb7ntDlV mTfUpmTiFtmdMsDaKFxbgRknPre7z4XASMAiErHU4TGNyKBHsRDXmAdtC8hNn7ZU z2NGlDrBKuHL8IcKQ6uH/SYtyG3HIVCeiWqkRd9Sm9RKoz4p+sGl3I4D367O+fGX GGwXj8b5wvjl/BGXHoM+kQKmclYB8kD/8iQSwd64qooTkiDtt1HDPGr2Ewa5thiz fDoVyy98vyRSNmXtst9S7+IMmdjQ7mjmW9AlAITOwIo89UW+7GQ= =+qS1 -----END PGP SIGNATURE----- Merge tag 'livepatching-for-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching Pull livepatching updates from Petr Mladek: - Fix race between fork and livepatch transition revert - Add sysfs entry that shows "patched" state for each object (module) that can be livepatched by the given livepatch - Some clean up * tag 'livepatching-for-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching: selftests/livepatch: add sysfs test livepatch: add sysfs entry "patched" for each klp_object selftests/livepatch: normalize sysctl error message livepatch: Add a missing newline character in klp_module_coming() livepatch: fix race between fork and KLP transition
This commit is contained in:
commit
4de65c5830
|
@ -55,6 +55,14 @@ Description:
|
|||
The object directory contains subdirectories for each function
|
||||
that is patched within the object.
|
||||
|
||||
What: /sys/kernel/livepatch/<patch>/<object>/patched
|
||||
Date: August 2022
|
||||
KernelVersion: 6.1.0
|
||||
Contact: live-patching@vger.kernel.org
|
||||
Description:
|
||||
An attribute which indicates whether the object is currently
|
||||
patched.
|
||||
|
||||
What: /sys/kernel/livepatch/<patch>/<object>/<function,sympos>
|
||||
Date: Nov 2014
|
||||
KernelVersion: 3.19.0
|
||||
|
|
|
@ -325,6 +325,7 @@ int klp_apply_section_relocs(struct module *pmod, Elf_Shdr *sechdrs,
|
|||
* /sys/kernel/livepatch/<patch>/transition
|
||||
* /sys/kernel/livepatch/<patch>/force
|
||||
* /sys/kernel/livepatch/<patch>/<object>
|
||||
* /sys/kernel/livepatch/<patch>/<object>/patched
|
||||
* /sys/kernel/livepatch/<patch>/<object>/<function,sympos>
|
||||
*/
|
||||
static int __klp_disable_patch(struct klp_patch *patch);
|
||||
|
@ -431,6 +432,22 @@ static struct attribute *klp_patch_attrs[] = {
|
|||
};
|
||||
ATTRIBUTE_GROUPS(klp_patch);
|
||||
|
||||
static ssize_t patched_show(struct kobject *kobj,
|
||||
struct kobj_attribute *attr, char *buf)
|
||||
{
|
||||
struct klp_object *obj;
|
||||
|
||||
obj = container_of(kobj, struct klp_object, kobj);
|
||||
return sysfs_emit(buf, "%d\n", obj->patched);
|
||||
}
|
||||
|
||||
static struct kobj_attribute patched_kobj_attr = __ATTR_RO(patched);
|
||||
static struct attribute *klp_object_attrs[] = {
|
||||
&patched_kobj_attr.attr,
|
||||
NULL,
|
||||
};
|
||||
ATTRIBUTE_GROUPS(klp_object);
|
||||
|
||||
static void klp_free_object_dynamic(struct klp_object *obj)
|
||||
{
|
||||
kfree(obj->name);
|
||||
|
@ -576,6 +593,7 @@ static void klp_kobj_release_object(struct kobject *kobj)
|
|||
static struct kobj_type klp_ktype_object = {
|
||||
.release = klp_kobj_release_object,
|
||||
.sysfs_ops = &kobj_sysfs_ops,
|
||||
.default_groups = klp_object_groups,
|
||||
};
|
||||
|
||||
static void klp_kobj_release_func(struct kobject *kobj)
|
||||
|
@ -1171,7 +1189,7 @@ int klp_module_coming(struct module *mod)
|
|||
return -EINVAL;
|
||||
|
||||
if (!strcmp(mod->name, "vmlinux")) {
|
||||
pr_err("vmlinux.ko: invalid module name");
|
||||
pr_err("vmlinux.ko: invalid module name\n");
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
|
|
|
@ -610,9 +610,23 @@ void klp_reverse_transition(void)
|
|||
/* Called from copy_process() during fork */
|
||||
void klp_copy_process(struct task_struct *child)
|
||||
{
|
||||
child->patch_state = current->patch_state;
|
||||
|
||||
/* TIF_PATCH_PENDING gets copied in setup_thread_stack() */
|
||||
/*
|
||||
* The parent process may have gone through a KLP transition since
|
||||
* the thread flag was copied in setup_thread_stack earlier. Bring
|
||||
* the task flag up to date with the parent here.
|
||||
*
|
||||
* The operation is serialized against all klp_*_transition()
|
||||
* operations by the tasklist_lock. The only exception is
|
||||
* klp_update_patch_state(current), but we cannot race with
|
||||
* that because we are current.
|
||||
*/
|
||||
if (test_tsk_thread_flag(current, TIF_PATCH_PENDING))
|
||||
set_tsk_thread_flag(child, TIF_PATCH_PENDING);
|
||||
else
|
||||
clear_tsk_thread_flag(child, TIF_PATCH_PENDING);
|
||||
|
||||
child->patch_state = current->patch_state;
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -6,7 +6,8 @@ TEST_PROGS := \
|
|||
test-callbacks.sh \
|
||||
test-shadow-vars.sh \
|
||||
test-state.sh \
|
||||
test-ftrace.sh
|
||||
test-ftrace.sh \
|
||||
test-sysfs.sh
|
||||
|
||||
TEST_FILES := settings
|
||||
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
|
||||
MAX_RETRIES=600
|
||||
RETRY_INTERVAL=".1" # seconds
|
||||
KLP_SYSFS_DIR="/sys/kernel/livepatch"
|
||||
|
||||
# Kselftest framework requirement - SKIP code is 4
|
||||
ksft_skip=4
|
||||
|
@ -86,7 +87,7 @@ function set_ftrace_enabled() {
|
|||
|
||||
if [[ "$result" != "$1" ]] ; then
|
||||
if [[ $can_fail -eq 1 ]] ; then
|
||||
echo "livepatch: $err" > /dev/kmsg
|
||||
echo "livepatch: $err" | sed 's#/proc/sys/kernel/#kernel.#' > /dev/kmsg
|
||||
return
|
||||
fi
|
||||
|
||||
|
@ -308,3 +309,36 @@ function check_result {
|
|||
|
||||
cleanup_dmesg_file
|
||||
}
|
||||
|
||||
# check_sysfs_rights(modname, rel_path, expected_rights) - check sysfs
|
||||
# path permissions
|
||||
# modname - livepatch module creating the sysfs interface
|
||||
# rel_path - relative path of the sysfs interface
|
||||
# expected_rights - expected access rights
|
||||
function check_sysfs_rights() {
|
||||
local mod="$1"; shift
|
||||
local rel_path="$1"; shift
|
||||
local expected_rights="$1"; shift
|
||||
|
||||
local path="$KLP_SYSFS_DIR/$mod/$rel_path"
|
||||
local rights=$(/bin/stat --format '%A' "$path")
|
||||
if test "$rights" != "$expected_rights" ; then
|
||||
die "Unexpected access rights of $path: $expected_rights vs. $rights"
|
||||
fi
|
||||
}
|
||||
|
||||
# check_sysfs_value(modname, rel_path, expected_value) - check sysfs value
|
||||
# modname - livepatch module creating the sysfs interface
|
||||
# rel_path - relative path of the sysfs interface
|
||||
# expected_value - expected value read from the file
|
||||
function check_sysfs_value() {
|
||||
local mod="$1"; shift
|
||||
local rel_path="$1"; shift
|
||||
local expected_value="$1"; shift
|
||||
|
||||
local path="$KLP_SYSFS_DIR/$mod/$rel_path"
|
||||
local value=`cat $path`
|
||||
if test "$value" != "$expected_value" ; then
|
||||
die "Unexpected value in $path: $expected_value vs. $value"
|
||||
fi
|
||||
}
|
||||
|
|
|
@ -0,0 +1,86 @@
|
|||
#!/bin/bash
|
||||
# SPDX-License-Identifier: GPL-2.0
|
||||
# Copyright (C) 2022 Song Liu <song@kernel.org>
|
||||
|
||||
. $(dirname $0)/functions.sh
|
||||
|
||||
MOD_LIVEPATCH=test_klp_livepatch
|
||||
|
||||
setup_config
|
||||
|
||||
# - load a livepatch and verifies the sysfs entries work as expected
|
||||
|
||||
start_test "sysfs test"
|
||||
|
||||
load_lp $MOD_LIVEPATCH
|
||||
|
||||
check_sysfs_rights "$MOD_LIVEPATCH" "" "drwxr-xr-x"
|
||||
check_sysfs_rights "$MOD_LIVEPATCH" "enabled" "-rw-r--r--"
|
||||
check_sysfs_value "$MOD_LIVEPATCH" "enabled" "1"
|
||||
check_sysfs_rights "$MOD_LIVEPATCH" "force" "--w-------"
|
||||
check_sysfs_rights "$MOD_LIVEPATCH" "transition" "-r--r--r--"
|
||||
check_sysfs_value "$MOD_LIVEPATCH" "transition" "0"
|
||||
check_sysfs_rights "$MOD_LIVEPATCH" "vmlinux/patched" "-r--r--r--"
|
||||
check_sysfs_value "$MOD_LIVEPATCH" "vmlinux/patched" "1"
|
||||
|
||||
disable_lp $MOD_LIVEPATCH
|
||||
|
||||
unload_lp $MOD_LIVEPATCH
|
||||
|
||||
check_result "% modprobe $MOD_LIVEPATCH
|
||||
livepatch: enabling patch '$MOD_LIVEPATCH'
|
||||
livepatch: '$MOD_LIVEPATCH': initializing patching transition
|
||||
livepatch: '$MOD_LIVEPATCH': starting patching transition
|
||||
livepatch: '$MOD_LIVEPATCH': completing patching transition
|
||||
livepatch: '$MOD_LIVEPATCH': patching complete
|
||||
% echo 0 > /sys/kernel/livepatch/$MOD_LIVEPATCH/enabled
|
||||
livepatch: '$MOD_LIVEPATCH': initializing unpatching transition
|
||||
livepatch: '$MOD_LIVEPATCH': starting unpatching transition
|
||||
livepatch: '$MOD_LIVEPATCH': completing unpatching transition
|
||||
livepatch: '$MOD_LIVEPATCH': unpatching complete
|
||||
% rmmod $MOD_LIVEPATCH"
|
||||
|
||||
start_test "sysfs test object/patched"
|
||||
|
||||
MOD_LIVEPATCH=test_klp_callbacks_demo
|
||||
MOD_TARGET=test_klp_callbacks_mod
|
||||
load_lp $MOD_LIVEPATCH
|
||||
|
||||
# check the "patch" file changes as target module loads/unloads
|
||||
check_sysfs_value "$MOD_LIVEPATCH" "$MOD_TARGET/patched" "0"
|
||||
load_mod $MOD_TARGET
|
||||
check_sysfs_value "$MOD_LIVEPATCH" "$MOD_TARGET/patched" "1"
|
||||
unload_mod $MOD_TARGET
|
||||
check_sysfs_value "$MOD_LIVEPATCH" "$MOD_TARGET/patched" "0"
|
||||
|
||||
disable_lp $MOD_LIVEPATCH
|
||||
unload_lp $MOD_LIVEPATCH
|
||||
|
||||
check_result "% modprobe test_klp_callbacks_demo
|
||||
livepatch: enabling patch 'test_klp_callbacks_demo'
|
||||
livepatch: 'test_klp_callbacks_demo': initializing patching transition
|
||||
test_klp_callbacks_demo: pre_patch_callback: vmlinux
|
||||
livepatch: 'test_klp_callbacks_demo': starting patching transition
|
||||
livepatch: 'test_klp_callbacks_demo': completing patching transition
|
||||
test_klp_callbacks_demo: post_patch_callback: vmlinux
|
||||
livepatch: 'test_klp_callbacks_demo': patching complete
|
||||
% modprobe test_klp_callbacks_mod
|
||||
livepatch: applying patch 'test_klp_callbacks_demo' to loading module 'test_klp_callbacks_mod'
|
||||
test_klp_callbacks_demo: pre_patch_callback: test_klp_callbacks_mod -> [MODULE_STATE_COMING] Full formed, running module_init
|
||||
test_klp_callbacks_demo: post_patch_callback: test_klp_callbacks_mod -> [MODULE_STATE_COMING] Full formed, running module_init
|
||||
test_klp_callbacks_mod: test_klp_callbacks_mod_init
|
||||
% rmmod test_klp_callbacks_mod
|
||||
test_klp_callbacks_mod: test_klp_callbacks_mod_exit
|
||||
test_klp_callbacks_demo: pre_unpatch_callback: test_klp_callbacks_mod -> [MODULE_STATE_GOING] Going away
|
||||
livepatch: reverting patch 'test_klp_callbacks_demo' on unloading module 'test_klp_callbacks_mod'
|
||||
test_klp_callbacks_demo: post_unpatch_callback: test_klp_callbacks_mod -> [MODULE_STATE_GOING] Going away
|
||||
% echo 0 > /sys/kernel/livepatch/test_klp_callbacks_demo/enabled
|
||||
livepatch: 'test_klp_callbacks_demo': initializing unpatching transition
|
||||
test_klp_callbacks_demo: pre_unpatch_callback: vmlinux
|
||||
livepatch: 'test_klp_callbacks_demo': starting unpatching transition
|
||||
livepatch: 'test_klp_callbacks_demo': completing unpatching transition
|
||||
test_klp_callbacks_demo: post_unpatch_callback: vmlinux
|
||||
livepatch: 'test_klp_callbacks_demo': unpatching complete
|
||||
% rmmod test_klp_callbacks_demo"
|
||||
|
||||
exit 0
|
Loading…
Reference in New Issue