Livepatches may use symbols which are not contained in its own scope,
and, because of that, may end up compiled with relocations that will
only be resolved during module load. Yet, when the referenced symbols are
not exported, solving this relocation requires information on the object
that holds the symbol (either vmlinux or modules) and its position inside
the object, as an object may contain multiple symbols with the same name.
Providing such information must be done accordingly to what is specified
in Documentation/livepatch/module-elf-format.txt.
Currently, there is no trivial way to embed the required information as
requested in the final livepatch elf object. klp-convert solves this
problem in two different forms: (i) by relying on a symbol map, which is
built during kernel compilation, to automatically infers the relocation
targeted symbol, and, when such inference is not possible (ii) by using
annotations in the elf object to convert the relocation accordingly to
the specification, enabling it to be handled by the livepatch loader.
Given the above, add support for symbol mapping in the form of
Symbols.list file; add klp-convert tool; integrate klp-convert tool into
kbuild; make livepatch modules discernible during kernel compilation
pipeline; add data-structure and macros to enable users to annotate
livepatch source code; make modpost stage compatible with livepatches;
update livepatch-sample and update documentation.
The patch was tested under three use-cases:
use-case 1: There is a relocation in the lp that can be automatically
resolved by klp-convert (tested by removing the annotations from
samples/livepatch/livepatch-annotated-sample.c)
use-case 2: There is a relocation in the lp that cannot be automatically
resolved, as the name of the respective symbol appears in multiple
objects. The livepatch contains an annotation to enable a correct
relocation - reproducible with this livepatch sample:
http://www.livewire.com.br/suse/klp/livepatch-sample.1.c
use-case 3: There is a relocation in the lp that cannot be automatically
resolved similarly as 2, but no annotation was provided in the livepatch,
triggering an error during compilation - reproducible with this livepatch
sample: http://www.livewire.com.br/suse/klp/livepatch-sample.2.c
Joao Moreira (2):
kbuild: Support for Symbols.list creation
documentation: Update on livepatch elf format
Josh Poimboeuf (5):
livepatch: Create and include UAPI headers
livepatch: Add klp-convert tool
livepatch: Add klp-convert annotation helpers
modpost: Integrate klp-convert
livepatch: Add sample livepatch module
Miroslav Benes (1):
modpost: Add modinfo flag to livepatch modules
.gitignore | 1 +
Documentation/livepatch/module-elf-format.txt | 47 +-
MAINTAINERS | 2 +
Makefile | 29 +-
include/linux/livepatch.h | 12 +
include/uapi/linux/livepatch.h | 33 ++
kernel/livepatch/core.c | 4 +-
samples/livepatch/Makefile | 5 +-
samples/livepatch/livepatch-annotated-sample.c | 128 +++++
samples/livepatch/livepatch-sample.c | 1 -
scripts/Kbuild.include | 4 +-
scripts/Makefile | 1 +
scripts/Makefile.build | 6 +
scripts/Makefile.modpost | 24 +-
scripts/livepatch/.gitignore | 1 +
scripts/livepatch/Makefile | 7 +
scripts/livepatch/elf.c | 696 +++++++++++++++++++++++++
scripts/livepatch/elf.h | 84 +++
scripts/livepatch/klp-convert.c | 567 ++++++++++++++++++++
scripts/livepatch/list.h | 389 ++++++++++++++
scripts/mod/modpost.c | 80 ++-
scripts/mod/modpost.h | 1 +
22 files changed, 2104 insertions(+), 18 deletions(-)
create mode 100644 include/uapi/linux/livepatch.h
create mode 100644 samples/livepatch/livepatch-annotated-sample.c
create mode 100644 scripts/livepatch/.gitignore
create mode 100644 scripts/livepatch/Makefile
create mode 100644 scripts/livepatch/elf.c
create mode 100644 scripts/livepatch/elf.h
create mode 100644 scripts/livepatch/klp-convert.c
create mode 100644 scripts/livepatch/list.h
--
2.12.0
From: Josh Poimboeuf <[email protected]>
Define klp prefixes in include/uapi/linux/livepatch.h, and use them for
replacing hard-coded values in kernel/livepatch/core.c.
Update MAINTAINERS.
Note: Add defines to uapi as these are also to be used by klp-convert, a
userspace tool that will be added in patch 03/07 of this same patch set.
[jmoreira: split up and changelog]
Signed-off-by: Josh Poimboeuf <[email protected]>
Signed-off-by: Joao Moreira <[email protected]>
---
MAINTAINERS | 1 +
include/linux/livepatch.h | 1 +
include/uapi/linux/livepatch.h | 28 ++++++++++++++++++++++++++++
kernel/livepatch/core.c | 4 ++--
4 files changed, 32 insertions(+), 2 deletions(-)
create mode 100644 include/uapi/linux/livepatch.h
diff --git a/MAINTAINERS b/MAINTAINERS
index 09b5ab6a8a5c..1d8ea36e1173 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -7713,6 +7713,7 @@ R: Petr Mladek <[email protected]>
S: Maintained
F: kernel/livepatch/
F: include/linux/livepatch.h
+F: include/uapi/linux/livepatch.h
F: arch/x86/include/asm/livepatch.h
F: arch/x86/kernel/livepatch.c
F: Documentation/livepatch/
diff --git a/include/linux/livepatch.h b/include/linux/livepatch.h
index 194991ef9347..96a75be7ef50 100644
--- a/include/linux/livepatch.h
+++ b/include/linux/livepatch.h
@@ -24,6 +24,7 @@
#include <linux/module.h>
#include <linux/ftrace.h>
#include <linux/completion.h>
+#include <uapi/linux/livepatch.h>
#if IS_ENABLED(CONFIG_LIVEPATCH)
diff --git a/include/uapi/linux/livepatch.h b/include/uapi/linux/livepatch.h
new file mode 100644
index 000000000000..bc35f85fd859
--- /dev/null
+++ b/include/uapi/linux/livepatch.h
@@ -0,0 +1,28 @@
+/*
+ * livepatch.h - Kernel Live Patching Core
+ *
+ * Copyright (C) 2016 Josh Poimboeuf <[email protected]>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _UAPI_LIVEPATCH_H
+#define _UAPI_LIVEPATCH_H
+
+#include <linux/types.h>
+
+#define KLP_RELA_PREFIX ".klp.rela."
+#define KLP_SYM_PREFIX ".klp.sym."
+
+#endif /* _UAPI_LIVEPATCH_H */
diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
index b9628e43c78f..a9b172d2c83f 100644
--- a/kernel/livepatch/core.c
+++ b/kernel/livepatch/core.c
@@ -212,7 +212,7 @@ static int klp_resolve_symbols(Elf_Shdr *relasec, struct module *pmod)
/* Format: .klp.sym.objname.symname,sympos */
cnt = sscanf(strtab + sym->st_name,
- ".klp.sym.%55[^.].%127[^,],%lu",
+ KLP_SYM_PREFIX "%55[^.].%127[^,],%lu",
objname, symname, &sympos);
if (cnt != 3) {
pr_err("symbol %s has an incorrectly formatted name\n",
@@ -258,7 +258,7 @@ static int klp_write_object_relocations(struct module *pmod,
* See comment in klp_resolve_symbols() for an explanation
* of the selected field width value.
*/
- cnt = sscanf(secname, ".klp.rela.%55[^.]", sec_objname);
+ cnt = sscanf(secname, KLP_RELA_PREFIX "%55[^.]", sec_objname);
if (cnt != 1) {
pr_err("section %s has an incorrectly formatted name\n",
secname);
--
2.12.0
For automatic resolution of livepatch relocations, a file called
Symbols.list is used. This file maps symbols within every compiled
kernel object allowing the identification of symbols whose name is
unique, thus relocation can be automatically inferred, or providing
information that helps developers when code annotation is required for
solving the matter.
Add support for creating Symbols.list in the main Makefile. First,
ensure that built-in is compiled when CONFIG_LIVEPATCH is enabled (as
required to achieve a complete Symbols.list file). Define the command to
build Symbols.list (cmd_klp_map) and hook it in the modules rule.
As it is undesirable to have symbols from livepatch objects inside
Symbols.list, make livepatches discernible by modifying
scripts/Makefile.build to create a .livepatch file for each livepatch
in $(MODVERDIR). This file is then used by cmd_klp_map to identify and
bypass livepatches.
For identifying livepatches during the build process, a flag variable
LIVEPATCH_$(basetarget).o is considered in scripts/Makefile.build. This
way, set this flag for the livepatch sample Makefile in
samples/livepatch/Makefile.
Finally, Add a clean rule to ensure that Symbols.list is removed during
clean.
Notes:
To achieve a correct Symbols.list file, all kernel objects must be
considered, thus, its construction require these objects to be priorly
built. On the other hand, invoking scripts/Makefile.modpost without
having a complete Symbols.list in place would occasionally lead to
in-tree livepatches being post-processed incorrectly. To prevent this
from becoming a circular dependency, the construction of Symbols.list
uses non-post-processed kernel objects and such does not cause harm as
the symbols normally referenced from within livepatches are visible at
this stage. Also due to these requirements, the spot in-between modules
compilation and the invocation of scripts/Makefile.modpost was picked
for hooking cmd_klp_map.
The approach based on .livepatch files was proposed as an alternative
to using MODULE_INFO statementes. This approach was originally
proposed by Miroslav Benes as a workaround for identifying livepathces
without depending on modinfo during the modpost stage. It was moved to
this patch as the approach also shown to be useful while building
Symbols.list.
Signed-off-by: Joao Moreira <[email protected]>
---
.gitignore | 1 +
Makefile | 27 ++++++++++++++++++++++++---
samples/livepatch/Makefile | 1 +
scripts/Makefile.build | 6 ++++++
4 files changed, 32 insertions(+), 3 deletions(-)
diff --git a/.gitignore b/.gitignore
index 0c39aa20b6ba..e6a67517a3bc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,6 +39,7 @@ Module.symvers
*.dwo
*.su
*.c.[012]*.*
+Symbols.list
#
# Top-level generic files
diff --git a/Makefile b/Makefile
index e40c471abe29..e1d315e585d8 100644
--- a/Makefile
+++ b/Makefile
@@ -320,10 +320,13 @@ KBUILD_BUILTIN := 1
# If we have only "make modules", don't compile built-in objects.
# When we're building modules with modversions, we need to consider
# the built-in objects during the descend as well, in order to
-# make sure the checksums are up to date before we record them.
+# make sure the checksums are up to date before we record them. The
+# same applies for building livepatches, as built-in objects may hold
+# symbols which are referenced from livepatches and are required by
+# klp-convert post-processing tool for resolving these cases.
ifeq ($(MAKECMDGOALS),modules)
- KBUILD_BUILTIN := $(if $(CONFIG_MODVERSIONS),1)
+ KBUILD_BUILTIN := $(if $(or $(CONFIG_MODVERSIONS), $(CONFIG_LIVEPATCH)),1)
endif
# If we have "make <whatever> modules", compile modules
@@ -1207,9 +1210,24 @@ all: modules
# duplicate lines in modules.order files. Those are removed
# using awk while concatenating to the final file.
+quiet_cmd_klp_map = LIVEPATCH Symbols.list
+SLIST = $(objtree)/Symbols.list
+
+define cmd_klp_map
+ $(shell echo "*vmlinux" > $(SLIST)) \
+ $(shell nm -f posix $(objtree)/vmlinux | cut -d\ -f1 >> $(SLIST)) \
+ $(foreach m, $(wildcard $(MODVERDIR)/*.mod), \
+ $(eval mod = $(patsubst %.ko,%.o,$(shell head -n1 $(m)))) \
+ $(if $(wildcard $(MODVERDIR)/$(shell basename -s .o $(mod)).livepatch),,\
+ $(eval fmod = $(subst $(quote),_,$(subst -,_,$(mod)))) \
+ $(shell echo "*$(shell basename -s .o $(fmod))" >> $(SLIST)) \
+ $(shell nm -f posix $(mod) | cut -d\ -f1 >> $(SLIST))))
+endef
+
PHONY += modules
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
$(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
+ $(if $(CONFIG_LIVEPATCH), $(call cmd,klp_map))
@$(kecho) ' Building modules, stage 2.';
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.fwinst obj=firmware __fw_modbuild
@@ -1306,7 +1324,10 @@ vmlinuxclean:
$(Q)$(CONFIG_SHELL) $(srctree)/scripts/link-vmlinux.sh clean
$(Q)$(if $(ARCH_POSTLINK), $(MAKE) -f $(ARCH_POSTLINK) clean)
-clean: archclean vmlinuxclean
+klpclean:
+ $(Q) rm -f $(objtree)/Symbols.list
+
+clean: archclean vmlinuxclean klpclean
# mrproper - Delete all generated files, including .config
#
diff --git a/samples/livepatch/Makefile b/samples/livepatch/Makefile
index 10319d7ea0b1..955e7ac12d2b 100644
--- a/samples/livepatch/Makefile
+++ b/samples/livepatch/Makefile
@@ -1 +1,2 @@
+LIVEPATCH_livepatch-sample.o := y
obj-$(CONFIG_SAMPLE_LIVEPATCH) += livepatch-sample.o
diff --git a/scripts/Makefile.build b/scripts/Makefile.build
index 733e044fff8b..d0c32a50cce7 100644
--- a/scripts/Makefile.build
+++ b/scripts/Makefile.build
@@ -276,6 +276,11 @@ objtool_obj = $(if $(patsubst y%,, \
endif # SKIP_STACK_VALIDATION
endif # CONFIG_STACK_VALIDATION
+ifdef CONFIG_LIVEPATCH
+cmd_livepatch = $(if $(LIVEPATCH_$(basetarget).o), \
+ $(shell touch $(MODVERDIR)/$(basetarget).livepatch))
+endif
+
define rule_cc_o_c
$(call echo-cmd,checksrc) $(cmd_checksrc) \
$(call cmd_and_fixdep,cc_o_c) \
@@ -309,6 +314,7 @@ $(single-used-m): $(obj)/%.o: $(src)/%.c $(recordmcount_source) $(objtool_obj) F
$(call if_changed_rule,cc_o_c)
@{ echo $(@:.o=.ko); echo $@; \
$(cmd_undef_syms); } > $(MODVERDIR)/$(@F:.o=.mod)
+ $(call cmd_livepatch)
quiet_cmd_cc_lst_c = MKLST $@
cmd_cc_lst_c = $(CC) $(c_flags) -g -c -o $*.o $< && \
--
2.12.0
From: Josh Poimboeuf <[email protected]>
Define macros KLP_MODULE_RELOC and KLP_SYMPOS in
include/linux/livepatch.h to improve user-friendliness of the
livepatch annotation process.
[jmoreira:
* split up: move KLP_MODULE_RELOC from previous patch to here
* add KLP_SYMPOS
* move macros from include/uapi/livepatch.h to include/linux/livepatch.h
]
Signed-off-by: Josh Poimboeuf <[email protected]>
Signed-off-by: Joao Moreira <[email protected]>
---
include/linux/livepatch.h | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/include/linux/livepatch.h b/include/linux/livepatch.h
index 96a75be7ef50..3956929f21bc 100644
--- a/include/linux/livepatch.h
+++ b/include/linux/livepatch.h
@@ -165,6 +165,17 @@ static inline bool klp_have_reliable_stack(void)
IS_ENABLED(CONFIG_HAVE_RELIABLE_STACKTRACE);
}
+/* Used to annotate symbol relocations in livepatches */
+#define KLP_MODULE_RELOC(obj) \
+ struct klp_module_reloc \
+ __attribute__((__section__(".klp.module_relocs." #obj)))
+
+#define KLP_SYMPOS(symbol, pos) \
+ { \
+ .sym = &symbol, \
+ .sympos = pos, \
+ },
+
#else /* !CONFIG_LIVEPATCH */
static inline int klp_module_coming(struct module *mod) { return 0; }
--
2.12.0
From: Josh Poimboeuf <[email protected]>
Create cmd_klp_convert and hook it into scripts/Makefile.modpost.
cmd_klp_convert invokes klp-convert with the right arguments for the
conversion of unresolved symbols inside a livepatch.
[khlebnikov:
* save cmd_ld_ko_o into .module.cmd, if_changed_rule doesn't do that
* fix bashisms for debian where /bin/sh is a symlink to /bin/dash
* rename rule_link_module to rule_ld_ko_o, otherwise arg-check inside
if_changed_rule compares cmd_link_module and cmd_ld_ko_o
* check modinfo -F livepatch only if CONFIG_LIVEPATCH is true
]
[mbenes:
* remove modinfo call. LIVEPATCH_ in Makefile
]
[jmoreira:
* split up: move the .livepatch file-based scheme for identifying
livepatches to a previous patch, as it was required for correctly
building Symbols.list there
* split up: move modinfo call removal by mbenes to the next patch
]
Signed-off-by: Josh Poimboeuf <[email protected]>
Signed-off-by: Konstantin Khlebnikov <[email protected]>
Signed-off-by: Miroslav Benes <[email protected]>
Signed-off-by: Joao Moreira <[email protected]>
---
scripts/Kbuild.include | 4 +++-
scripts/Makefile.modpost | 16 +++++++++++++++-
scripts/mod/modpost.c | 6 +++++-
scripts/mod/modpost.h | 1 +
4 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/scripts/Kbuild.include b/scripts/Kbuild.include
index 61f87a99bf0a..9aba82d76659 100644
--- a/scripts/Kbuild.include
+++ b/scripts/Kbuild.include
@@ -251,6 +251,8 @@ endif
# (needed for the shell)
make-cmd = $(call escsq,$(subst \#,\\\#,$(subst $$,$$$$,$(cmd_$(1)))))
+save-cmd = printf '%s\n' 'cmd_$@ := $(make-cmd)' > $(dot-target).cmd
+
# Find any prerequisites that is newer than target or that does not exist.
# PHONY targets skipped in both cases.
any-prereq = $(filter-out $(PHONY),$?) $(filter-out $(PHONY) $(wildcard $^),$^)
@@ -260,7 +262,7 @@ any-prereq = $(filter-out $(PHONY),$?) $(filter-out $(PHONY) $(wildcard $^),$^)
if_changed = $(if $(strip $(any-prereq) $(arg-check)), \
@set -e; \
$(echo-cmd) $(cmd_$(1)); \
- printf '%s\n' 'cmd_$@ := $(make-cmd)' > $(dot-target).cmd, @:)
+ $(save-cmd), @:)
# Execute the command and also postprocess generated .d dependencies file.
if_changed_dep = $(if $(strip $(any-prereq) $(arg-check) ), \
diff --git a/scripts/Makefile.modpost b/scripts/Makefile.modpost
index 16923ba4b5b1..52264ce1b883 100644
--- a/scripts/Makefile.modpost
+++ b/scripts/Makefile.modpost
@@ -125,8 +125,22 @@ quiet_cmd_ld_ko_o = LD [M] $@
-o $@ $(filter-out FORCE,$^) ; \
$(if $(ARCH_POSTLINK), $(MAKE) -f $(ARCH_POSTLINK) $@, true)
+SLIST = $(objtree)/Symbols.list
+KLP_CONVERT = scripts/livepatch/klp-convert
+quiet_cmd_klp_convert = LIVEPATCH $@
+ cmd_klp_convert = mv $@ $(@:.ko=.klp.o); \
+ $(KLP_CONVERT) $(SLIST) $(@:.ko=.klp.o) $@
+
+define rule_ld_ko_o
+ $(call echo-cmd,ld_ko_o) $(cmd_ld_ko_o) ; \
+ $(call save-cmd,ld_ko_o) ; \
+ $(if $(CONFIG_LIVEPATCH), \
+ $(if $(wildcard $(MODVERDIR)/$(basetarget).livepatch), \
+ $(call echo-cmd,klp_convert) $(cmd_klp_convert) ))
+endef
+
$(modules): %.ko :%.o %.mod.o FORCE
- +$(call if_changed,ld_ko_o)
+ +$(call if_changed_rule,ld_ko_o)
targets += $(modules)
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
index 30d752a4a6a6..d9fe972ed92e 100644
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -1977,6 +1977,10 @@ static void read_symbols(char *modname)
"license", license);
}
+ /* Livepatch modules have unresolved symbols resolved by klp-convert */
+ if (get_modinfo(info.modinfo, info.modinfo_len, "livepatch"))
+ mod->livepatch = 1;
+
for (sym = info.symtab_start; sym < info.symtab_stop; sym++) {
symname = remove_dot(info.strtab + sym->st_name);
@@ -2170,7 +2174,7 @@ static int add_versions(struct buffer *b, struct module *mod)
for (s = mod->unres; s; s = s->next) {
exp = find_symbol(s->name);
if (!exp || exp->module == mod) {
- if (have_vmlinux && !s->weak) {
+ if (have_vmlinux && !s->weak && !mod->livepatch) {
if (warn_unresolved) {
warn("\"%s\" [%s.ko] undefined!\n",
s->name, mod->name);
diff --git a/scripts/mod/modpost.h b/scripts/mod/modpost.h
index 6a5e1515123b..dcb32a57be29 100644
--- a/scripts/mod/modpost.h
+++ b/scripts/mod/modpost.h
@@ -117,6 +117,7 @@ struct module {
int skip;
int has_init;
int has_cleanup;
+ int livepatch;
struct buffer dev_table_buf;
char srcversion[25];
int is_dot_o;
--
2.12.0
From: Miroslav Benes <[email protected]>
Currently, livepatch infrastructure in the kernel relies on
MODULE_INFO(livepatch, "Y") statement in a livepatch module. Then the
kernel module loader knows a module is indeed livepatch module and can
behave accordingly.
klp-convert, on the other hand relies on LIVEPATCH_* statement in the
module's Makefile for exactly the same reason.
Remove dependency on modinfo and generate MODULE_INFO flag
automatically in modpost when LIVEPATCH_* is defined in the module's
Makefile. Generate a list of all built livepatch modules based on
the .livepatch file and store it in (MODVERDIR)/livepatchmods. Give
this list as an argument for modpost which will use it to identify
livepatch modules.
As MODULE_INFO is no longer needed in the sample, remove it.
[jmoreira:
* fix modpost.c (add_livepatch_flag) to update module structure with
livepatch flag and prevent modpost from breaking due to unresolved
symbols
* remove MODULE_INFO statement
]
Signed-off-by: Miroslav Benes <[email protected]>
Signed-off-by: Joao Moreira <[email protected]>
---
samples/livepatch/livepatch-sample.c | 1 -
scripts/Makefile.modpost | 8 +++-
scripts/mod/modpost.c | 82 +++++++++++++++++++++++++++++++++---
3 files changed, 84 insertions(+), 7 deletions(-)
diff --git a/samples/livepatch/livepatch-sample.c b/samples/livepatch/livepatch-sample.c
index 84795223f15f..8bc6c4f37d77 100644
--- a/samples/livepatch/livepatch-sample.c
+++ b/samples/livepatch/livepatch-sample.c
@@ -105,4 +105,3 @@ static void livepatch_exit(void)
module_init(livepatch_init);
module_exit(livepatch_exit);
MODULE_LICENSE("GPL");
-MODULE_INFO(livepatch, "Y");
diff --git a/scripts/Makefile.modpost b/scripts/Makefile.modpost
index 52264ce1b883..d87464084c44 100644
--- a/scripts/Makefile.modpost
+++ b/scripts/Makefile.modpost
@@ -64,6 +64,11 @@ MODLISTCMD := find $(MODVERDIR) -name '*.mod' | xargs -r grep -h '\.ko$$' | sort
__modules := $(shell $(MODLISTCMD))
modules := $(patsubst %.o,%.ko, $(wildcard $(__modules:.ko=.o)))
+# find all .livepatch files listed in $(MODVERDIR)/
+ifdef CONFIG_LIVEPATCH
+$(shell find $(MODVERDIR) -name '*.livepatch' | xargs -r -I{} basename {} .livepatch > $(MODVERDIR)/livepatchmods)
+endif
+
# Stop after building .o files if NOFINAL is set. Makes compile tests quicker
_modpost: $(if $(KBUILD_MODPOST_NOFINAL), $(modules:.ko:.o),$(modules))
@@ -78,7 +83,8 @@ modpost = scripts/mod/modpost \
$(if $(KBUILD_EXTMOD),-o $(modulesymfile)) \
$(if $(CONFIG_DEBUG_SECTION_MISMATCH),,-S) \
$(if $(CONFIG_SECTION_MISMATCH_WARN_ONLY),,-E) \
- $(if $(KBUILD_EXTMOD)$(KBUILD_MODPOST_WARN),-w)
+ $(if $(KBUILD_EXTMOD)$(KBUILD_MODPOST_WARN),-w) \
+ $(if $(CONFIG_LIVEPATCH),-l $(MODVERDIR)/livepatchmods)
MODPOST_OPT=$(subst -i,-n,$(filter -i,$(MAKEFLAGS)))
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
index d9fe972ed92e..416737056bc3 100644
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -1977,10 +1977,6 @@ static void read_symbols(char *modname)
"license", license);
}
- /* Livepatch modules have unresolved symbols resolved by klp-convert */
- if (get_modinfo(info.modinfo, info.modinfo_len, "livepatch"))
- mod->livepatch = 1;
-
for (sym = info.symtab_start; sym < info.symtab_stop; sym++) {
symname = remove_dot(info.strtab + sym->st_name);
@@ -2395,6 +2391,76 @@ static void write_dump(const char *fname)
free(buf.p);
}
+struct livepatch_mod_list {
+ struct livepatch_mod_list *next;
+ char *livepatch_mod;
+};
+
+static struct livepatch_mod_list *load_livepatch_mods(const char *fname)
+{
+ struct livepatch_mod_list *list_iter, *list_start = NULL;
+ unsigned long size, pos = 0;
+ void *file = grab_file(fname, &size);
+ char *line;
+
+ if (!file)
+ return NULL;
+
+ while ((line = get_next_line(&pos, file, size))) {
+ list_iter = NOFAIL(malloc(sizeof(*list_iter)));
+ list_iter->next = list_start;
+ list_iter->livepatch_mod = NOFAIL(strdup(line));
+ list_start = list_iter;
+ }
+ release_file(file, size);
+
+ return list_start;
+}
+
+static void free_livepatch_mods(struct livepatch_mod_list *list_start)
+{
+ struct livepatch_mod_list *list_iter;
+
+ while (list_start) {
+ list_iter = list_start->next;
+ free(list_start->livepatch_mod);
+ free(list_start);
+ list_start = list_iter;
+ }
+}
+
+static int is_livepatch_mod(const char *modname,
+ struct livepatch_mod_list *list)
+{
+ const char *myname;
+
+ if (!list)
+ return 0;
+
+ myname = strrchr(modname, '/');
+ if (myname)
+ myname++;
+ else
+ myname = modname;
+
+ while (list) {
+ if (!strcmp(myname, list->livepatch_mod))
+ return 1;
+ list = list->next;
+ }
+ return 0;
+}
+
+static void add_livepatch_flag(struct buffer *b, struct module *mod,
+ struct livepatch_mod_list *list)
+{
+ if (is_livepatch_mod(mod->name, list)) {
+ buf_printf(b, "\nMODULE_INFO(livepatch, \"Y\");\n");
+ mod->livepatch = 1;
+ }
+}
+
+
struct ext_sym_list {
struct ext_sym_list *next;
const char *file;
@@ -2410,8 +2476,9 @@ int main(int argc, char **argv)
int err;
struct ext_sym_list *extsym_iter;
struct ext_sym_list *extsym_start = NULL;
+ struct livepatch_mod_list *livepatch_mods = NULL;
- while ((opt = getopt(argc, argv, "i:I:e:mnsST:o:awM:K:E")) != -1) {
+ while ((opt = getopt(argc, argv, "i:I:e:l:mnsST:o:awM:K:E")) != -1) {
switch (opt) {
case 'i':
kernel_read = optarg;
@@ -2428,6 +2495,9 @@ int main(int argc, char **argv)
extsym_iter->file = optarg;
extsym_start = extsym_iter;
break;
+ case 'l':
+ livepatch_mods = load_livepatch_mods(optarg);
+ break;
case 'm':
modversions = 1;
break;
@@ -2496,6 +2566,7 @@ int main(int argc, char **argv)
add_header(&buf, mod);
add_intree_flag(&buf, !external_module);
add_staging_flag(&buf, mod->name);
+ add_livepatch_flag(&buf, mod, livepatch_mods);
err |= add_versions(&buf, mod);
add_depends(&buf, mod, modules);
add_moddevtable(&buf, mod);
@@ -2518,6 +2589,7 @@ int main(int argc, char **argv)
"Set CONFIG_SECTION_MISMATCH_WARN_ONLY=y to allow them.\n");
}
}
+ free_livepatch_mods(livepatch_mods);
free(buf.p);
return err;
--
2.12.0
From: Josh Poimboeuf <[email protected]>
Add a new livepatch sample in samples/livepatch/ to make use of
symbols that must be post-processed to enable load-time relocation
resolution. As the new sample is to be used as an example, it is
annotated with KLP_MODULE_REOC and with KLP_SYMPOS macros.
The livepatch sample updates the function cmdline_proc_show to
print the string referenced by the symbol saved_command_line
appended by the string "livepatch=1".
[jmoreira:
* Switched from "updating existing" module to "adding a new" module
* Update module to use KLP_SYMPOS
* Comments on symbol resolution scheme
* Update Makefile
* Changelog
]
Signed-off-by: Josh Poimboeuf <[email protected]>
Signed-off-by: Joao Moreira <[email protected]>
---
samples/livepatch/Makefile | 4 +-
samples/livepatch/livepatch-annotated-sample.c | 128 +++++++++++++++++++++++++
2 files changed, 131 insertions(+), 1 deletion(-)
create mode 100644 samples/livepatch/livepatch-annotated-sample.c
diff --git a/samples/livepatch/Makefile b/samples/livepatch/Makefile
index 955e7ac12d2b..2690ef439bec 100644
--- a/samples/livepatch/Makefile
+++ b/samples/livepatch/Makefile
@@ -1,2 +1,4 @@
LIVEPATCH_livepatch-sample.o := y
-obj-$(CONFIG_SAMPLE_LIVEPATCH) += livepatch-sample.o
+LIVEPATCH_livepatch-annotated-sample.o := y
+obj-$(CONFIG_SAMPLE_LIVEPATCH) += livepatch-sample.o \
+ livepatch-annotated-sample.o
diff --git a/samples/livepatch/livepatch-annotated-sample.c b/samples/livepatch/livepatch-annotated-sample.c
new file mode 100644
index 000000000000..93da32610076
--- /dev/null
+++ b/samples/livepatch/livepatch-annotated-sample.c
@@ -0,0 +1,128 @@
+/*
+ * livepatch-annotated-sample.c - Kernel Live Patching Sample Module
+ *
+ * Copyright (C) 2014 Seth Jennings <[email protected]>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
+#include <linux/module.h>
+#include <linux/kernel.h>
+#include <linux/livepatch.h>
+#include <linux/seq_file.h>
+
+/*
+ * This (dumb) live patch overrides the function that prints the
+ * kernel boot cmdline when /proc/cmdline is read.
+ *
+ * This livepatch uses the symbol saved_command_line whose relocation
+ * must be resolved during load time. To enable that, this module
+ * must be post-processed by a tool called klp-convert, which embeds
+ * information to be used by the loader to solve the relocation.
+ *
+ * The module is annotated with KLP_MODULE_RELOC/KLP_SYMPOS macros.
+ * These annotations are used by klp-convert to infer that the symbol
+ * saved_command_line is in the object vmlinux.
+ *
+ * As saved_command_line has no other homonimous symbol across
+ * kernel objects, this annotation is not a requirement, and can be
+ * suppressed with no harm to klp-convert. Yet, it is kept here as an
+ * example on how to annotate livepatch modules that contain symbols
+ * whose names are used in more than one kernel object.
+ *
+ * Example:
+ *
+ * $ cat /proc/cmdline
+ * <your cmdline>
+ *
+ * $ insmod livepatch-sample.ko
+ * $ cat /proc/cmdline
+ * <your cmdline> livepatch=1
+ *
+ * $ echo 0 > /sys/kernel/livepatch/livepatch_sample/enabled
+ * $ cat /proc/cmdline
+ * <your cmdline>
+ */
+
+extern char *saved_command_line;
+
+static int livepatch_cmdline_proc_show(struct seq_file *m, void *v)
+{
+ seq_printf(m, "%s livepatch=1\n", saved_command_line);
+ return 0;
+}
+
+KLP_MODULE_RELOC(vmlinux) vmlinux_relocs[] = {
+ KLP_SYMPOS(saved_command_line, 0)
+};
+
+static struct klp_func vmlinux_funcs[] = {
+ {
+ .old_name = "cmdline_proc_show",
+ .new_func = livepatch_cmdline_proc_show,
+ }, { }
+};
+
+static struct klp_object objs[] = {
+ {
+ /* name being NULL means vmlinux */
+ .funcs = vmlinux_funcs,
+ }, { }
+};
+
+static struct klp_patch patch = {
+ .mod = THIS_MODULE,
+ .objs = objs,
+};
+
+static int livepatch_init(void)
+{
+ int ret;
+
+ if (!klp_have_reliable_stack() && !patch.immediate) {
+ /*
+ * WARNING: Be very careful when using 'patch.immediate' in
+ * your patches. It's ok to use it for simple patches like
+ * this, but for more complex patches which change function
+ * semantics, locking semantics, or data structures, it may not
+ * be safe. Use of this option will also prevent removal of
+ * the patch.
+ *
+ * See Documentation/livepatch/livepatch.txt for more details.
+ */
+ patch.immediate = true;
+ pr_notice("The consistency model isn't supported for your architecture. Bypassing safety mechanisms and applying the patch immediately.\n");
+ }
+
+ ret = klp_register_patch(&patch);
+ if (ret)
+ return ret;
+ ret = klp_enable_patch(&patch);
+ if (ret) {
+ WARN_ON(klp_unregister_patch(&patch));
+ return ret;
+ }
+ return 0;
+}
+
+static void livepatch_exit(void)
+{
+ WARN_ON(klp_unregister_patch(&patch));
+}
+
+module_init(livepatch_init);
+module_exit(livepatch_exit);
+MODULE_LICENSE("GPL");
--
2.12.0
Add a section to Documentation/livepatch/module-elf-format.txt
describing how klp-convert works for fixing relocations.
Signed-off-by: Joao Moreira <[email protected]>
---
Documentation/livepatch/module-elf-format.txt | 47 ++++++++++++++++++++++++---
1 file changed, 42 insertions(+), 5 deletions(-)
diff --git a/Documentation/livepatch/module-elf-format.txt b/Documentation/livepatch/module-elf-format.txt
index f21a5289a09c..6b0259dfab49 100644
--- a/Documentation/livepatch/module-elf-format.txt
+++ b/Documentation/livepatch/module-elf-format.txt
@@ -2,7 +2,8 @@
Livepatch module Elf format
===========================
-This document outlines the Elf format requirements that livepatch modules must follow.
+This document outlines the Elf format requirements that livepatch modules must
+follow.
-----------------
Table of Contents
@@ -25,8 +26,9 @@ Table of Contents
3.3.2 Required name format
3.3.3 Example livepatch symbol names
3.3.4 Example `readelf --symbols` output
-4. Architecture-specific sections
-5. Symbol table and Elf section access
+4. Automatic conversion of unresolved relocations
+5. Architecture-specific sections
+6. Symbol table and Elf section access
----------------------------
0. Background and motivation
@@ -293,8 +295,43 @@ Symbol table '.symtab' contains 127 entries:
[*] Note that the 'Ndx' (Section index) for these symbols is SHN_LIVEPATCH (0xff20).
"OS" means OS-specific.
+--------------------------------------------------
+4. Automatic conversion of unresolved relocations
+--------------------------------------------------
+Sometimes livepatches may operate on symbols which are not self-contained nor
+exported. When this happens, these symbols remain unresolved in the elf object
+and will trigger an error during the livepatch instantiation.
+
+Whenever possible, the kernel building infrastructure solves this problem
+automatically. First, a symbol database containing information on all compiled
+objects is built. Second, this database - a file named Symbols.list, placed in
+the kernel source root directory - is used to identify targets for unresolved
+relocations, converting them in the livepatch elf accordingly to the
+specifications above-described. While the first stage is fully handled by the
+building system, the second is done by a tool called klp-convert, which can be
+found in "scripts/livepatch".
+
+When an unresolved relocation has as target a symbol whose name is also used by
+different symbols throughout the kernel, the relocation cannot be resolved
+automatically. In these cases, the livepatch developer must add annotations to
+the livepatch, making it possible for the system to identify which is the
+correct target amongst multiple homonymous symbols. Such annotations must be
+done through a data structure as follows:
+
+struct KLP_MODULE_RELOC(object) data_structure_name[] = {
+ KLP_SYMPOS(symbol, pos)
+};
+
+In the above example, object refers to the object file which contains the
+symbol, being vmlinux or a module; symbol refers to the symbol name that will
+be relocated and pos is its position in the object.
+
+When a data structure like this is added to the livepatch, the resulting elf
+will hold symbols that will be identified by klp-convert and used to solve name
+ambiguities.
+
---------------------------------
-4. Architecture-specific sections
+5. Architecture-specific sections
---------------------------------
Architectures may override arch_klp_init_object_loaded() to perform
additional arch-specific tasks when a target module loads, such as applying
@@ -305,7 +342,7 @@ be easily identified when iterating through a patch module's Elf sections
(See arch/x86/kernel/livepatch.c for a complete example).
--------------------------------------
-5. Symbol table and Elf section access
+6. Symbol table and Elf section access
--------------------------------------
A livepatch module's symbol table is accessible through module->symtab.
--
2.12.0
From: Josh Poimboeuf <[email protected]>
Livepatches may use symbols which are not contained in its own scope,
and, because of that, may end up compiled with relocations that will
only be resolved during module load. Yet, when the referenced symbols
are not exported, solving this relocation requires information on the
object that holds the symbol (either vmlinux or modules) and its
position inside the object, as an object may contain multiple symbols
with the same name. Providing such information must be done
accordingly to what is specified in
Documentation/livepatch/module-elf-format.txt.
Currently, there is no trivial way to embed the required information
as requested in the final livepatch elf object. klp-convert solves
this problem in two different forms: (i) by relying on Symbols.list,
which is built during kernel compilation, to automatically infer the
relocation targeted symbol, and, when such inference is not possible
(ii) by using annotations in the elf object to convert the relocation
accordingly to the specification, enabling it to be handled by the
livepatch loader.
Given the above, create scripts/livepatch to hold tools developed for
livepatches and add source files for klp-convert there.
The core file of klp-convert is scripts/livepatch/klp-convert.c, which
implements the heuristics used to solve the relocations and the
conversion of unresolved symbols into the expected format, as defined
in [1].
klp-convert receives as arguments the Symbols.list file, an input
livepatch module to be converted and the output name for the converted
livepatch. When it starts running, klp-convert parses Symbols.list and
builds two internal lists of symbols, one containing the exported and
another containing the non-exported symbols. Then, by parsing the rela
sections in the elf object, klp-convert identifies which symbols must
be converted, which are those unresolved and that do not have a
corresponding exported symbol, and attempts to convert them
accordingly to the specification.
By using Symbols.list, klp-convert identifies which symbols have names
that only appear in a single kernel object, thus being capable of
resolving these cases without the intervention of the developer. When
various homonymous symbols exist through kernel objects, it is not
possible to infer the right one, thus klp-convert falls back into
using developer annotations. If these were not provided, then the tool
will print a list with all acceptable targets for the symbol being
processed.
Annotations in the context of klp-convert are accessible as struct
klp_module_reloc entries in sections named
.klp.module_relocs.<objname>. These entries are pairs of symbol
references and positions which are to be resolved against definitions
in <objname>.
Define the structure klp_module_reloc in
include/linux/uapi/livepatch.h allowing developers to annotate the
livepatch source code with it.
klp-convert relies on libelf and on a list implementation. Add files
scripts/livepatch/elf.c and scripts/livepatch/elf.h, which are a
libelf interfacing layer and scripts/livepatch/list.h, which is a
list implementation.
Update Makefiles to correctly support the compilation of the new tool,
update MAINTAINERS file and add a .gitignore file.
[1] - Documentation/livepatch/module-elf-format.txt
[khlebnikov: use HOSTLOADLIBES_ instead of HOSTLDFLAGS: -lelf must be
at the end]
[jmoreira:
* add support to automatic relocation conversion in klp-convert.c
* changelog]
Signed-off-by: Josh Poimboeuf <[email protected]>
Signed-off-by: Konstantin Khlebnikov <[email protected]>
Signed-off-by: Joao Moreira <[email protected]>
---
MAINTAINERS | 1 +
Makefile | 2 +-
include/uapi/linux/livepatch.h | 5 +
scripts/Makefile | 1 +
scripts/livepatch/.gitignore | 1 +
scripts/livepatch/Makefile | 7 +
scripts/livepatch/elf.c | 696 ++++++++++++++++++++++++++++++++++++++++
scripts/livepatch/elf.h | 84 +++++
scripts/livepatch/klp-convert.c | 567 ++++++++++++++++++++++++++++++++
scripts/livepatch/list.h | 389 ++++++++++++++++++++++
10 files changed, 1752 insertions(+), 1 deletion(-)
create mode 100644 scripts/livepatch/.gitignore
create mode 100644 scripts/livepatch/Makefile
create mode 100644 scripts/livepatch/elf.c
create mode 100644 scripts/livepatch/elf.h
create mode 100644 scripts/livepatch/klp-convert.c
create mode 100644 scripts/livepatch/list.h
diff --git a/MAINTAINERS b/MAINTAINERS
index 1d8ea36e1173..3e0a576a5639 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -7719,6 +7719,7 @@ F: arch/x86/kernel/livepatch.c
F: Documentation/livepatch/
F: Documentation/ABI/testing/sysfs-kernel-livepatch
F: samples/livepatch/
+F: scripts/livepatch/
L: [email protected]
T: git git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching.git
diff --git a/Makefile b/Makefile
index e1d315e585d8..5265cb5a3d89 100644
--- a/Makefile
+++ b/Makefile
@@ -561,7 +561,7 @@ ifeq ($(KBUILD_EXTMOD),)
# in parallel
PHONY += scripts
scripts: scripts_basic include/config/auto.conf include/config/tristate.conf \
- asm-generic gcc-plugins
+ asm-generic gcc-plugins headers_install
$(Q)$(MAKE) $(build)=$(@)
# Objects we will link into vmlinux / subdirs we need to visit
diff --git a/include/uapi/linux/livepatch.h b/include/uapi/linux/livepatch.h
index bc35f85fd859..3de6f7fcea3a 100644
--- a/include/uapi/linux/livepatch.h
+++ b/include/uapi/linux/livepatch.h
@@ -25,4 +25,9 @@
#define KLP_RELA_PREFIX ".klp.rela."
#define KLP_SYM_PREFIX ".klp.sym."
+struct klp_module_reloc {
+ void *sym;
+ unsigned int sympos;
+} __attribute__((packed));
+
#endif /* _UAPI_LIVEPATCH_H */
diff --git a/scripts/Makefile b/scripts/Makefile
index 1d80897a9644..2cc2b8a52b3b 100644
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -45,6 +45,7 @@ subdir-y += mod
subdir-$(CONFIG_SECURITY_SELINUX) += selinux
subdir-$(CONFIG_DTC) += dtc
subdir-$(CONFIG_GDB_SCRIPTS) += gdb
+subdir-$(CONFIG_LIVEPATCH) += livepatch
# Let clean descend into subdirs
subdir- += basic kconfig package gcc-plugins
diff --git a/scripts/livepatch/.gitignore b/scripts/livepatch/.gitignore
new file mode 100644
index 000000000000..dc22fe4b6a5b
--- /dev/null
+++ b/scripts/livepatch/.gitignore
@@ -0,0 +1 @@
+klp-convert
diff --git a/scripts/livepatch/Makefile b/scripts/livepatch/Makefile
new file mode 100644
index 000000000000..05bae6a849e4
--- /dev/null
+++ b/scripts/livepatch/Makefile
@@ -0,0 +1,7 @@
+hostprogs-y := klp-convert
+always := $(hostprogs-y)
+
+klp-convert-objs := klp-convert.o elf.o
+
+HOSTCFLAGS := -g -I$(INSTALL_HDR_PATH)/include -Wall
+HOSTLOADLIBES_klp-convert := -lelf
diff --git a/scripts/livepatch/elf.c b/scripts/livepatch/elf.c
new file mode 100644
index 000000000000..f279dd3be1b7
--- /dev/null
+++ b/scripts/livepatch/elf.c
@@ -0,0 +1,696 @@
+/*
+ * elf.c - ELF access library
+ *
+ * Adapted from kpatch (https://github.com/dynup/kpatch):
+ * Copyright (C) 2013-2016 Josh Poimboeuf <[email protected]>
+ * Copyright (C) 2014 Seth Jennings <[email protected]>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "elf.h"
+
+#define WARN(format, ...) \
+ fprintf(stderr, "%s: " format "\n", elf->name, ##__VA_ARGS__)
+
+/*
+ * Fallback for systems without this "read, mmaping if possible" cmd.
+ */
+#ifndef ELF_C_READ_MMAP
+#define ELF_C_READ_MMAP ELF_C_READ
+#endif
+
+bool is_rela_section(struct section *sec)
+{
+ return (sec->sh.sh_type == SHT_RELA);
+}
+
+struct section *find_section_by_name(struct elf *elf, const char *name)
+{
+ struct section *sec;
+
+ list_for_each_entry(sec, &elf->sections, list)
+ if (!strcmp(sec->name, name))
+ return sec;
+
+ return NULL;
+}
+
+static struct section *find_section_by_index(struct elf *elf,
+ unsigned int idx)
+{
+ struct section *sec;
+
+ list_for_each_entry(sec, &elf->sections, list)
+ if (sec->idx == idx)
+ return sec;
+
+ return NULL;
+}
+
+static struct symbol *find_symbol_by_index(struct elf *elf, unsigned int idx)
+{
+ struct symbol *sym;
+
+ list_for_each_entry(sym, &elf->symbols, list)
+ if (sym->idx == idx)
+ return sym;
+
+ return NULL;
+}
+
+static int read_sections(struct elf *elf)
+{
+ Elf_Scn *s = NULL;
+ struct section *sec;
+ size_t shstrndx, sections_nr;
+ int i;
+
+ if (elf_getshdrnum(elf->elf, §ions_nr)) {
+ perror("elf_getshdrnum");
+ return -1;
+ }
+
+ if (elf_getshdrstrndx(elf->elf, &shstrndx)) {
+ perror("elf_getshdrstrndx");
+ return -1;
+ }
+
+ for (i = 0; i < sections_nr; i++) {
+ sec = malloc(sizeof(*sec));
+ if (!sec) {
+ perror("malloc");
+ return -1;
+ }
+ memset(sec, 0, sizeof(*sec));
+
+ INIT_LIST_HEAD(&sec->relas);
+
+ list_add_tail(&sec->list, &elf->sections);
+
+ s = elf_getscn(elf->elf, i);
+ if (!s) {
+ perror("elf_getscn");
+ return -1;
+ }
+
+ sec->idx = elf_ndxscn(s);
+
+ if (!gelf_getshdr(s, &sec->sh)) {
+ perror("gelf_getshdr");
+ return -1;
+ }
+
+ sec->name = elf_strptr(elf->elf, shstrndx, sec->sh.sh_name);
+ if (!sec->name) {
+ perror("elf_strptr");
+ return -1;
+ }
+
+ sec->elf_data = elf_getdata(s, NULL);
+ if (!sec->elf_data) {
+ perror("elf_getdata");
+ return -1;
+ }
+
+ if (sec->elf_data->d_off != 0 ||
+ sec->elf_data->d_size != sec->sh.sh_size) {
+ WARN("unexpected data attributes for %s", sec->name);
+ return -1;
+ }
+
+ sec->data = sec->elf_data->d_buf;
+ sec->size = sec->elf_data->d_size;
+ }
+
+ /* sanity check, one more call to elf_nextscn() should return NULL */
+ if (elf_nextscn(elf->elf, s)) {
+ WARN("section entry mismatch");
+ return -1;
+ }
+
+ return 0;
+}
+
+static int read_symbols(struct elf *elf)
+{
+ struct section *symtab;
+ struct symbol *sym;
+ int symbols_nr, i;
+
+ symtab = find_section_by_name(elf, ".symtab");
+ if (!symtab) {
+ WARN("missing symbol table");
+ return -1;
+ }
+
+ symbols_nr = symtab->sh.sh_size / symtab->sh.sh_entsize;
+
+ for (i = 0; i < symbols_nr; i++) {
+ sym = malloc(sizeof(*sym));
+ if (!sym) {
+ perror("malloc");
+ return -1;
+ }
+ memset(sym, 0, sizeof(*sym));
+
+ sym->idx = i;
+
+ if (!gelf_getsym(symtab->elf_data, i, &sym->sym)) {
+ perror("gelf_getsym");
+ goto err;
+ }
+
+ sym->name = elf_strptr(elf->elf, symtab->sh.sh_link,
+ sym->sym.st_name);
+ if (!sym->name) {
+ perror("elf_strptr");
+ goto err;
+ }
+
+ sym->type = GELF_ST_TYPE(sym->sym.st_info);
+ sym->bind = GELF_ST_BIND(sym->sym.st_info);
+
+ if (sym->sym.st_shndx > SHN_UNDEF &&
+ sym->sym.st_shndx < SHN_LORESERVE) {
+ sym->sec = find_section_by_index(elf,
+ sym->sym.st_shndx);
+ if (!sym->sec) {
+ WARN("couldn't find section for symbol %s",
+ sym->name);
+ goto err;
+ }
+ if (sym->type == STT_SECTION) {
+ sym->name = sym->sec->name;
+ sym->sec->sym = sym;
+ }
+ }
+
+ sym->offset = sym->sym.st_value;
+ sym->size = sym->sym.st_size;
+
+ list_add_tail(&sym->list, &elf->symbols);
+ }
+
+ return 0;
+
+err:
+ free(sym);
+ return -1;
+}
+
+static int read_relas(struct elf *elf)
+{
+ struct section *sec;
+ struct rela *rela;
+ int i;
+ unsigned int symndx;
+
+ list_for_each_entry(sec, &elf->sections, list) {
+ if (sec->sh.sh_type != SHT_RELA)
+ continue;
+
+ sec->base = find_section_by_name(elf, sec->name + 5);
+ if (!sec->base) {
+ WARN("can't find base section for rela section %s",
+ sec->name);
+ return -1;
+ }
+
+ sec->base->rela = sec;
+
+ for (i = 0; i < sec->sh.sh_size / sec->sh.sh_entsize; i++) {
+ rela = malloc(sizeof(*rela));
+ if (!rela) {
+ perror("malloc");
+ return -1;
+ }
+ memset(rela, 0, sizeof(*rela));
+
+ if (!gelf_getrela(sec->elf_data, i, &rela->rela)) {
+ perror("gelf_getrela");
+ return -1;
+ }
+
+ rela->type = GELF_R_TYPE(rela->rela.r_info);
+ rela->addend = rela->rela.r_addend;
+ rela->offset = rela->rela.r_offset;
+ symndx = GELF_R_SYM(rela->rela.r_info);
+ rela->sym = find_symbol_by_index(elf, symndx);
+ if (!rela->sym) {
+ WARN("can't find rela entry symbol %d for %s",
+ symndx, sec->name);
+ return -1;
+ }
+
+ list_add_tail(&rela->list, &sec->relas);
+ }
+ }
+
+ return 0;
+}
+
+struct section *create_rela_section(struct elf *elf, const char *name,
+ struct section *base)
+{
+ struct section *sec;
+
+ sec = malloc(sizeof(*sec));
+ if (!sec) {
+ WARN("malloc failed");
+ return NULL;
+ }
+ memset(sec, 0, sizeof(*sec));
+ INIT_LIST_HEAD(&sec->relas);
+
+ sec->base = base;
+ sec->name = strdup(name);
+ if (!sec->name) {
+ WARN("strdup failed");
+ return NULL;
+ }
+ sec->sh.sh_name = -1;
+ sec->sh.sh_type = SHT_RELA;
+ sec->sh.sh_entsize = sizeof(GElf_Rela);
+ sec->sh.sh_addralign = 8;
+ sec->sh.sh_flags = SHF_ALLOC;
+
+ sec->elf_data = malloc(sizeof(*sec->elf_data));
+ if (!sec->elf_data) {
+ WARN("malloc failed");
+ return NULL;
+ }
+ memset(sec->elf_data, 0, sizeof(*sec->elf_data));
+ sec->elf_data->d_type = ELF_T_RELA;
+
+ list_add_tail(&sec->list, &elf->sections);
+
+ return sec;
+}
+
+static int update_shstrtab(struct elf *elf)
+{
+ struct section *shstrtab, *sec;
+ size_t orig_size, new_size = 0, offset, len;
+ char *buf;
+
+ shstrtab = find_section_by_name(elf, ".shstrtab");
+ if (!shstrtab) {
+ WARN("can't find .shstrtab");
+ return -1;
+ }
+
+ orig_size = new_size = shstrtab->size;
+
+ list_for_each_entry(sec, &elf->sections, list) {
+ if (sec->sh.sh_name != -1)
+ continue;
+ new_size += strlen(sec->name) + 1;
+ }
+
+ if (new_size == orig_size)
+ return 0;
+
+ buf = malloc(new_size);
+ if (!buf) {
+ WARN("malloc failed");
+ return -1;
+ }
+ memcpy(buf, (void *)shstrtab->data, orig_size);
+
+ offset = orig_size;
+ list_for_each_entry(sec, &elf->sections, list) {
+ if (sec->sh.sh_name != -1)
+ continue;
+ sec->sh.sh_name = offset;
+ len = strlen(sec->name) + 1;
+ memcpy(buf + offset, sec->name, len);
+ offset += len;
+ }
+
+ shstrtab->elf_data->d_buf = shstrtab->data = buf;
+ shstrtab->elf_data->d_size = shstrtab->size = new_size;
+ shstrtab->sh.sh_size = new_size;
+
+ return 0;
+}
+
+static int update_strtab(struct elf *elf)
+{
+ struct section *strtab;
+ struct symbol *sym;
+ size_t orig_size, new_size = 0, offset, len;
+ char *buf;
+
+ strtab = find_section_by_name(elf, ".strtab");
+ if (!strtab) {
+ WARN("can't find .strtab");
+ return -1;
+ }
+
+ orig_size = new_size = strtab->size;
+
+ list_for_each_entry(sym, &elf->symbols, list) {
+ if (sym->sym.st_name != -1)
+ continue;
+ new_size += strlen(sym->name) + 1;
+ }
+
+ if (new_size == orig_size)
+ return 0;
+
+ buf = malloc(new_size);
+ if (!buf) {
+ WARN("malloc failed");
+ return -1;
+ }
+ memcpy(buf, (void *)strtab->data, orig_size);
+
+ offset = orig_size;
+ list_for_each_entry(sym, &elf->symbols, list) {
+ if (sym->sym.st_name != -1)
+ continue;
+ sym->sym.st_name = offset;
+ len = strlen(sym->name) + 1;
+ memcpy(buf + offset, sym->name, len);
+ offset += len;
+ }
+
+ strtab->elf_data->d_buf = strtab->data = buf;
+ strtab->elf_data->d_size = strtab->size = new_size;
+ strtab->sh.sh_size = new_size;
+
+ return 0;
+}
+
+static int update_symtab(struct elf *elf)
+{
+ struct section *symtab, *sec;
+ struct symbol *sym;
+ char *buf;
+ size_t size;
+ int offset = 0, nr_locals = 0, idx, nr_syms;
+
+ idx = 0;
+ list_for_each_entry(sec, &elf->sections, list)
+ sec->idx = idx++;
+
+ idx = 0;
+ list_for_each_entry(sym, &elf->symbols, list) {
+ sym->idx = idx++;
+ if (sym->sec)
+ sym->sym.st_shndx = sym->sec->idx;
+ }
+ nr_syms = idx;
+
+ symtab = find_section_by_name(elf, ".symtab");
+ if (!symtab) {
+ WARN("can't find symtab");
+ return -1;
+ }
+
+ symtab->sh.sh_link = find_section_by_name(elf, ".strtab")->idx;
+
+ /* create new symtab buffer */
+ size = nr_syms * symtab->sh.sh_entsize;
+ buf = malloc(size);
+ if (!buf) {
+ WARN("malloc failed");
+ return -1;
+ }
+ memset(buf, 0, size);
+
+ offset = 0;
+ list_for_each_entry(sym, &elf->symbols, list) {
+ memcpy(buf + offset, &sym->sym, symtab->sh.sh_entsize);
+ offset += symtab->sh.sh_entsize;
+
+ if (sym->bind == STB_LOCAL)
+ nr_locals++;
+ }
+
+ symtab->elf_data->d_buf = symtab->data = buf;
+ symtab->elf_data->d_size = symtab->size = size;
+ symtab->sh.sh_size = size;
+
+ /* update symtab section header */
+ symtab->sh.sh_info = nr_locals;
+
+ return 0;
+}
+
+static int update_relas(struct elf *elf)
+{
+ struct section *sec, *symtab;
+ struct rela *rela;
+ int nr_relas, idx, size;
+ GElf_Rela *relas;
+
+ symtab = find_section_by_name(elf, ".symtab");
+
+ list_for_each_entry(sec, &elf->sections, list) {
+ if (!is_rela_section(sec))
+ continue;
+
+ sec->sh.sh_link = symtab->idx;
+ if (sec->base)
+ sec->sh.sh_info = sec->base->idx;
+
+ nr_relas = 0;
+ list_for_each_entry(rela, &sec->relas, list)
+ nr_relas++;
+
+ size = nr_relas * sizeof(*relas);
+ relas = malloc(size);
+ if (!relas) {
+ WARN("malloc failed");
+ return -1;
+ }
+
+ sec->elf_data->d_buf = sec->data = relas;
+ sec->elf_data->d_size = sec->size = size;
+ sec->sh.sh_size = size;
+
+ idx = 0;
+ list_for_each_entry(rela, &sec->relas, list) {
+ relas[idx].r_offset = rela->offset;
+ relas[idx].r_addend = rela->addend;
+ relas[idx].r_info = GELF_R_INFO(rela->sym->idx,
+ rela->type);
+ idx++;
+ }
+ }
+
+ return 0;
+}
+
+static int write_file(struct elf *elf, const char *file)
+{
+ int fd;
+ Elf *e;
+ GElf_Ehdr eh, ehout;
+ Elf_Scn *scn;
+ Elf_Data *data;
+ GElf_Shdr sh;
+ struct section *sec;
+
+ fd = creat(file, 0664);
+ if (fd == -1) {
+ WARN("couldn't create %s", file);
+ return -1;
+ }
+
+ e = elf_begin(fd, ELF_C_WRITE, NULL);
+ if (!e) {
+ WARN("elf_begin failed");
+ return -1;
+ }
+
+ if (!gelf_newehdr(e, gelf_getclass(elf->elf))) {
+ WARN("gelf_newehdr failed");
+ return -1;
+ }
+
+ if (!gelf_getehdr(e, &ehout)) {
+ WARN("gelf_getehdr failed");
+ return -1;
+ }
+
+ if (!gelf_getehdr(elf->elf, &eh)) {
+ WARN("gelf_getehdr failed");
+ return -1;
+ }
+
+ memset(&ehout, 0, sizeof(ehout));
+ ehout.e_ident[EI_DATA] = eh.e_ident[EI_DATA];
+ ehout.e_machine = eh.e_machine;
+ ehout.e_type = eh.e_type;
+ ehout.e_version = EV_CURRENT;
+ ehout.e_shstrndx = find_section_by_name(elf, ".shstrtab")->idx;
+
+ list_for_each_entry(sec, &elf->sections, list) {
+ if (!sec->idx)
+ continue;
+ scn = elf_newscn(e);
+ if (!scn) {
+ WARN("elf_newscn failed");
+ return -1;
+ }
+
+ data = elf_newdata(scn);
+ if (!data) {
+ WARN("elf_newdata failed");
+ return -1;
+ }
+
+ if (!elf_flagdata(data, ELF_C_SET, ELF_F_DIRTY)) {
+ WARN("elf_flagdata failed");
+ return -1;
+ }
+
+ data->d_type = sec->elf_data->d_type;
+ data->d_buf = sec->elf_data->d_buf;
+ data->d_size = sec->elf_data->d_size;
+
+ if (!gelf_getshdr(scn, &sh)) {
+ WARN("gelf_getshdr failed");
+ return -1;
+ }
+
+ sh = sec->sh;
+
+ if (!gelf_update_shdr(scn, &sh)) {
+ WARN("gelf_update_shdr failed");
+ return -1;
+ }
+ }
+
+ if (!gelf_update_ehdr(e, &ehout)) {
+ WARN("gelf_update_ehdr failed");
+ return -1;
+ }
+
+ if (elf_update(e, ELF_C_WRITE) < 0) {
+ fprintf(stderr, "%s\n", elf_errmsg(-1));
+ WARN("elf_update failed");
+ return -1;
+ }
+
+ return 0;
+}
+
+int elf_write_file(struct elf *elf, const char *file)
+{
+ int ret;
+
+ ret = update_shstrtab(elf);
+ if (ret)
+ return ret;
+
+ ret = update_strtab(elf);
+ if (ret)
+ return ret;
+
+ ret = update_symtab(elf);
+ if (ret)
+ return ret;
+
+ ret = update_relas(elf);
+ if (ret)
+ return ret;
+
+ return write_file(elf, file);
+}
+
+struct elf *elf_open(const char *name)
+{
+ struct elf *elf;
+
+ elf_version(EV_CURRENT);
+
+ elf = malloc(sizeof(*elf));
+ if (!elf) {
+ perror("malloc");
+ return NULL;
+ }
+ memset(elf, 0, sizeof(*elf));
+
+ INIT_LIST_HEAD(&elf->sections);
+ INIT_LIST_HEAD(&elf->symbols);
+
+ elf->fd = open(name, O_RDONLY);
+ if (elf->fd == -1) {
+ perror("open");
+ goto err;
+ }
+
+ elf->elf = elf_begin(elf->fd, ELF_C_READ_MMAP, NULL);
+ if (!elf->elf) {
+ perror("elf_begin");
+ goto err;
+ }
+
+ if (!gelf_getehdr(elf->elf, &elf->ehdr)) {
+ perror("gelf_getehdr");
+ goto err;
+ }
+
+ if (read_sections(elf))
+ goto err;
+
+ if (read_symbols(elf))
+ goto err;
+
+ if (read_relas(elf))
+ goto err;
+
+ return elf;
+
+err:
+ elf_close(elf);
+ return NULL;
+}
+
+void elf_close(struct elf *elf)
+{
+ struct section *sec, *tmpsec;
+ struct symbol *sym, *tmpsym;
+ struct rela *rela, *tmprela;
+
+ list_for_each_entry_safe(sym, tmpsym, &elf->symbols, list) {
+ list_del(&sym->list);
+ free(sym);
+ }
+ list_for_each_entry_safe(sec, tmpsec, &elf->sections, list) {
+ list_for_each_entry_safe(rela, tmprela, &sec->relas, list) {
+ list_del(&rela->list);
+ free(rela);
+ }
+ list_del(&sec->list);
+ free(sec);
+ }
+ if (elf->fd > 0)
+ close(elf->fd);
+ if (elf->elf)
+ elf_end(elf->elf);
+ free(elf);
+}
diff --git a/scripts/livepatch/elf.h b/scripts/livepatch/elf.h
new file mode 100644
index 000000000000..e8aa8f5fb3bc
--- /dev/null
+++ b/scripts/livepatch/elf.h
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2015-2016 Josh Poimboeuf <[email protected]>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _KLP_POST_ELF_H
+#define _KLP_POST_ELF_H
+
+#include <stdio.h>
+#include <stdbool.h>
+#include <gelf.h>
+#include "list.h"
+
+#ifdef LIBELF_USE_DEPRECATED
+# define elf_getshdrnum elf_getshnum
+# define elf_getshdrstrndx elf_getshstrndx
+#endif
+
+struct section {
+ struct list_head list;
+ GElf_Shdr sh;
+ struct section *base, *rela;
+ struct list_head relas;
+ struct symbol *sym;
+ Elf_Data *elf_data;
+ char *name;
+ int idx;
+ void *data;
+ unsigned int size;
+};
+
+struct symbol {
+ struct list_head list;
+ GElf_Sym sym;
+ struct section *sec;
+ char *name;
+ unsigned int idx;
+ unsigned char bind, type;
+ unsigned long offset;
+ unsigned int size;
+};
+
+struct rela {
+ struct list_head list;
+ GElf_Rela rela;
+ struct symbol *sym;
+ unsigned int type;
+ unsigned long offset;
+ int addend;
+};
+
+struct elf {
+ Elf *elf;
+ GElf_Ehdr ehdr;
+ int fd;
+ char *name;
+ struct list_head sections;
+ struct list_head symbols;
+};
+
+
+struct elf *elf_open(const char *name);
+bool is_rela_section(struct section *sec);
+struct section *find_section_by_name(struct elf *elf, const char *name);
+struct section *create_rela_section(struct elf *elf, const char *name,
+ struct section *base);
+
+void elf_close(struct elf *elf);
+int elf_write_file(struct elf *elf, const char *file);
+
+
+#endif /* _KLP_POST_ELF_H */
diff --git a/scripts/livepatch/klp-convert.c b/scripts/livepatch/klp-convert.c
new file mode 100644
index 000000000000..baf6c83f8eb0
--- /dev/null
+++ b/scripts/livepatch/klp-convert.c
@@ -0,0 +1,567 @@
+/*
+ * Copyright (C) 2016 Josh Poimboeuf <[email protected]>
+ * Copyright (C) 2017 Joao Moreira <[email protected]>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <linux/livepatch.h>
+#include "elf.h"
+#include "list.h"
+
+#define SHN_LIVEPATCH 0xff20
+#define SHF_RELA_LIVEPATCH 0x00100000
+#define MODULE_NAME_LEN (64 - sizeof(GElf_Addr))
+#define WARN(format, ...) \
+ fprintf(stderr, "klp-convert: " format "\n", ##__VA_ARGS__)
+
+struct symbol_entry {
+ struct list_head list;
+ char *symbol_name;
+ char *object_name;
+};
+
+struct sympos {
+ struct list_head list;
+ char *symbol_name;
+ char *object_name;
+ int pos;
+};
+
+/*
+ * Symbols parsed from Symbols.list are kept in two lists:
+ * - symbols: keeps non-exported symbols
+ * - exp_symbols: keeps exported symbols (__ksymtab_prefixed)
+ */
+static LIST_HEAD(symbols);
+static LIST_HEAD(exp_symbols);
+
+/* In-livepatch user-provided symbol positions are kept in list usr_symbols */
+static LIST_HEAD(usr_symbols);
+
+void free_syms_lists(void)
+{
+ struct symbol_entry *entry, *aux;
+ struct sympos *sp, *sp_aux;
+
+ list_for_each_entry_safe(entry, aux, &symbols, list) {
+ free(entry->object_name);
+ free(entry->symbol_name);
+ list_del(&entry->list);
+ free(entry);
+ }
+
+ list_for_each_entry_safe(entry, aux, &exp_symbols, list) {
+ free(entry->object_name);
+ free(entry->symbol_name);
+ list_del(&entry->list);
+ free(entry);
+ }
+
+ list_for_each_entry_safe(sp, sp_aux, &usr_symbols, list) {
+ free(sp->object_name);
+ free(sp->symbol_name);
+ list_del(&sp->list);
+ free(sp);
+ }
+}
+
+/* Parses file and fill symbols and exp_symbols list */
+bool load_syms_lists(const char *symbols_list)
+{
+ FILE *fsyms;
+ struct symbol_entry *entry;
+ size_t len = 0;
+ ssize_t n;
+ char *obj = NULL, *sym = NULL;
+
+ fsyms = fopen(symbols_list, "r");
+ if (!fsyms) {
+ WARN("Unable to open Symbol list: %s", symbols_list);
+ return false;
+ }
+
+ n = getline(&sym, &len, fsyms);
+ while (n > 0) {
+ if (sym[n-1] == '\n')
+ sym[n-1] = '\0';
+
+ /* Objects in Symbols.list are flagged with '*' */
+ if (sym[0] == '*') {
+ if (obj)
+ free(obj);
+ obj = strdup(sym+1);
+ if (!obj) {
+ WARN("Unable to allocate object name\n");
+ return false;
+ }
+ free(sym);
+ } else {
+ entry = calloc(1, sizeof(struct symbol_entry));
+ if (!entry) {
+ WARN("Unable to allocate Symbol entry\n");
+ return false;
+ }
+
+ entry->object_name = strdup(obj);
+ if (!entry->object_name) {
+ WARN("Unable to allocate entry object name\n");
+ return false;
+ }
+
+ entry->symbol_name = sym;
+
+ if (strncmp(entry->symbol_name, "__ksymtab_", 10) == 0)
+ list_add(&entry->list, &exp_symbols);
+ else
+ list_add(&entry->list, &symbols);
+ }
+ len = 0;
+ sym = NULL;
+ n = getline(&sym, &len, fsyms);
+ }
+ free(sym);
+ free(obj);
+ fclose(fsyms);
+ return true;
+}
+
+/* Dump symbols list for debugging purposes */
+void dump_symbols(void)
+{
+ struct symbol_entry *entry;
+
+ fprintf(stderr, "BEGIN OF SYMBOLS DUMP\n");
+ list_for_each_entry(entry, &symbols, list)
+ printf("%s %s\n", entry->object_name, entry->symbol_name);
+ fprintf(stderr, "END OF SYMBOLS DUMP\n");
+}
+
+
+/* Searches for sympos of specific symbol in usr_symbols list */
+bool get_usr_sympos(struct symbol *s, struct sympos *sp)
+{
+ struct sympos *aux;
+
+ list_for_each_entry(aux, &usr_symbols, list) {
+ if (strcmp(aux->symbol_name, s->name) == 0) {
+ sp->symbol_name = aux->symbol_name;
+ sp->object_name = aux->object_name;
+ sp->pos = aux->pos;
+ return true;
+ }
+ }
+ return false;
+}
+
+/* Removes symbols used for sympos annotation from livepatch elf object */
+void clear_sympos_symbols(struct section *sec, struct elf *klp_elf)
+{
+ struct symbol *sym, *aux;
+
+ list_for_each_entry_safe(sym, aux, &klp_elf->symbols, list) {
+ if (sym->sec == sec) {
+ list_del(&sym->list);
+ free(sym);
+ }
+ }
+}
+
+/* Removes annotation from livepatch elf object */
+void clear_sympos_annontations(struct elf *klp_elf)
+{
+ struct section *sec, *aux;
+
+ list_for_each_entry_safe(sec, aux, &klp_elf->sections, list) {
+ if (strncmp(sec->name, ".klp.module_relocs.", 19) == 0) {
+ clear_sympos_symbols(sec, klp_elf);
+ list_del(&sec->list);
+ free(sec);
+ continue;
+ }
+ if (strncmp(sec->name, ".rela.klp.module_relocs.", 24) == 0) {
+ list_del(&sec->list);
+ free(sec);
+ continue;
+ }
+ }
+}
+
+/* Checks if two or more elements in usr_symbols have the same name */
+bool sympos_sanity_check(void)
+{
+ bool sane = true;
+ struct sympos *sp, *aux;
+
+ list_for_each_entry(sp, &usr_symbols, list) {
+ aux = list_next_entry(sp, list);
+ list_for_each_entry_from(aux, &usr_symbols, list) {
+ if (strcmp(sp->symbol_name, aux->symbol_name) == 0) {
+ WARN("KLP_SYMPOS Collision: %s in %s and %s.",
+ sp->symbol_name,
+ sp->object_name,
+ aux->object_name);
+ sane = false;
+ }
+ }
+ }
+ return sane;
+}
+
+/* Parses the livepatch elf object and fills usr_symbols */
+bool load_usr_symbols(struct elf *klp_elf)
+{
+ char objname[MODULE_NAME_LEN];
+ struct sympos *sp;
+ struct section *sec, *aux, *relasec;
+ struct rela *rela;
+ struct klp_module_reloc *reloc;
+ int i, nr_entries;
+
+ list_for_each_entry_safe(sec, aux, &klp_elf->sections, list) {
+ if (sscanf(sec->name, ".klp.module_relocs.%55s", objname) != 1)
+ continue;
+
+ relasec = sec->rela;
+ reloc = sec->data;
+ i = 0;
+ nr_entries = sec->size / sizeof(*reloc);
+ list_for_each_entry(rela, &relasec->relas, list) {
+ sp = calloc(1, sizeof(struct sympos));
+ if (!sp) {
+ WARN("Unable to allocate sympos memory\n");
+ return false;
+ }
+ sp->object_name = strdup(objname);
+ if (!sp->object_name) {
+ WARN("Unable to allocate object name\n");
+ return false;
+ }
+ sp->symbol_name = strdup(rela->sym->name);
+ sp->pos = reloc[i].sympos;
+ list_add(&sp->list, &usr_symbols);
+ i++;
+ }
+ if (i != nr_entries) {
+ WARN("nr_entries mismatch (%d != %d) for %s\n",
+ i, nr_entries, relasec->name);
+ return false;
+ }
+ }
+ clear_sympos_annontations(klp_elf);
+ return sympos_sanity_check();
+}
+
+/* Dumps sympos list (useful for debugging purposes) */
+void dump_sympos(void)
+{
+ struct sympos *sp;
+
+ fprintf(stderr, "BEGIN OF SYMPOS DUMP\n");
+ list_for_each_entry(sp, &usr_symbols, list) {
+ fprintf(stderr, "%s %s %d\n", sp->symbol_name, sp->object_name,
+ sp->pos);
+ }
+ fprintf(stderr, "END OF SYMPOS DUMP\n");
+}
+
+/* prints list of valid sympos for symbol with provided name */
+void print_valid_module_relocs(char *name)
+{
+ struct symbol_entry *e;
+ char *cur_obj = "";
+ int counter;
+ bool first = true;
+
+ /* Symbols from the same object are locally gathered in the list */
+ fprintf(stderr, "Valid KLP_SYMPOS for symbol %s:\n", name);
+ fprintf(stderr, "-------------------------------------------------\n");
+ list_for_each_entry(e, &symbols, list) {
+ if (strcmp(e->object_name, cur_obj) != 0) {
+ cur_obj = e->object_name;
+ counter = 0;
+ }
+ if (strcmp(e->symbol_name, name) == 0) {
+ if (counter == 0) {
+ if (!first)
+ fprintf(stderr, "}\n");
+
+ fprintf(stderr, "KLP_MODULE_RELOC(%s){\n",
+ cur_obj);
+ first = false;
+ }
+ fprintf(stderr, "\tKLP_SYMPOS(%s,%d)\n", name, counter);
+ counter++;
+ }
+ }
+ fprintf(stderr, "-------------------------------------------------\n");
+}
+
+/* Searches for symbol in symbols list and returns its sympos if it is unique,
+ * otherwise prints a list with all considered valid sympos
+ */
+struct symbol_entry *find_sym_entry_by_name(char *name)
+{
+ struct symbol_entry *found = NULL;
+ struct symbol_entry *e;
+
+ list_for_each_entry(e, &symbols, list) {
+ if (strcmp(e->symbol_name, name) == 0) {
+
+ /* If there exist multiple symbols with the same
+ * name then user-provided sympos is required
+ */
+ if (found) {
+ print_valid_module_relocs(name);
+ return NULL;
+ }
+ found = e;
+ }
+ }
+ if (found)
+ return found;
+
+ return NULL;
+}
+
+/* Checks if sympos is valid, otherwise prints valid sympos list */
+bool valid_sympos(struct sympos *sp)
+{
+ struct symbol_entry *e;
+ int counter = 0;
+
+ list_for_each_entry(e, &symbols, list) {
+ if ((strcmp(e->symbol_name, sp->symbol_name) == 0) &&
+ (strcmp(e->object_name, sp->object_name) == 0)) {
+ if (counter == sp->pos)
+ return true;
+ counter++;
+ }
+ }
+
+ WARN("Provided KLP_SYMPOS does not match a symbol (%s.%s)",
+ sp->symbol_name, sp->object_name);
+ print_valid_module_relocs(sp->symbol_name);
+
+ return false;
+}
+
+/* Returns the right sympos respective to a symbol to be relocated */
+bool find_missing_position(struct symbol *s, struct sympos *sp)
+{
+ struct symbol_entry *entry;
+
+ if (get_usr_sympos(s, sp)) {
+ if (valid_sympos(sp))
+ return true;
+ return false;
+ }
+
+ /* if no user-provided sympos, search symbol in symbols list */
+ entry = find_sym_entry_by_name(s->name);
+ if (entry) {
+ sp->symbol_name = entry->symbol_name;
+ sp->object_name = entry->object_name;
+ sp->pos = 0;
+ return true;
+ }
+ return false;
+}
+
+/* Finds or creates a klp rela section based on another given section (@oldsec)
+ * and sympos (@*sp), then returns it
+ */
+struct section *get_or_create_klp_rela_section(struct section *oldsec,
+ struct sympos *sp, struct elf *klp_elf)
+{
+ char *name;
+ struct section *sec;
+ unsigned int length;
+
+ length = strlen(KLP_RELA_PREFIX) + strlen(sp->object_name)
+ + strlen(oldsec->base->name) + 2;
+
+ name = calloc(1, length);
+ if (!name) {
+ WARN("Memory allocation failed (%s%s.%s)\n", KLP_RELA_PREFIX,
+ sp->object_name, oldsec->base->name);
+ return NULL;
+ }
+
+ if (snprintf(name, length, KLP_RELA_PREFIX "%s.%s", sp->object_name,
+ oldsec->base->name) >= length) {
+ WARN("Length error (%s)", name);
+ free(name);
+ return false;
+ }
+
+ sec = find_section_by_name(klp_elf, name);
+ if (!sec)
+ sec = create_rela_section(klp_elf, name, oldsec->base);
+
+ if (sec)
+ sec->sh.sh_flags |= SHF_RELA_LIVEPATCH;
+
+ free(name);
+ return sec;
+}
+
+/* Create klp rela, add it to the right klp rela sec and del reference rela */
+bool convert_rela(struct section *oldsec, struct rela *r, struct sympos *sp,
+ struct elf *klp_elf)
+{
+ char *name;
+ char pos[4]; /* assume that pos will never be > 999 */
+ unsigned int length;
+ struct section *sec;
+ struct symbol *s = r->sym;
+
+ sec = get_or_create_klp_rela_section(oldsec, sp, klp_elf);
+ if (!sec) {
+ WARN("Can't create or access klp.rela section (%s.%s)\n",
+ sp->object_name, sp->symbol_name);
+ return false;
+ }
+
+ if (snprintf(pos, sizeof(pos), "%d", sp->pos) > 3) {
+ WARN("Insuficient buffer for expanding sympos (%s.%s,%d)\n",
+ sp->object_name, sp->symbol_name, sp->pos);
+ return false;
+ }
+
+ length = strlen(KLP_SYM_PREFIX) + strlen(sp->object_name)
+ + strlen(sp->symbol_name) + 4;
+
+ name = calloc(1, length);
+ if (!name) {
+ WARN("Memory allocation failed (%s%s.%s,%s)\n", KLP_SYM_PREFIX,
+ sp->object_name, sp->symbol_name, pos);
+ return false;
+ }
+
+ if (snprintf(name, length, KLP_SYM_PREFIX "%s.%s,%s", sp->object_name,
+ sp->symbol_name, pos) >= length) {
+ WARN("Length error (%s.%s)", sp->object_name, sp->symbol_name);
+ return false;
+ }
+
+ s->name = name;
+ s->sec = NULL;
+ s->sym.st_name = -1;
+ s->sym.st_shndx = SHN_LIVEPATCH;
+
+ list_del(&r->list);
+ list_add(&r->list, &sec->relas);
+ return true;
+}
+
+/* Checks if given symbol name matches a symbol in exp_symbols */
+bool is_exported(char *sname)
+{
+ struct symbol_entry *e;
+
+ /* exp_symbols itens are prefixed with __ksymtab_ - comparisons must
+ * skip prefix and check if both are properly null-terminated
+ */
+ list_for_each_entry(e, &exp_symbols, list) {
+ if (strcmp(e->symbol_name + 10, sname) == 0)
+ return true;
+ }
+ return false;
+}
+
+/* Checks if a symbol was previously klp-converted based on its name */
+bool is_converted(char *sname)
+{
+ int len = strlen(KLP_SYM_PREFIX);
+
+ if (strncmp(sname, KLP_SYM_PREFIX, len) == 0)
+ return true;
+ return false;
+}
+
+/* Checks if symbol must be klp-converted - must not be already resolved, have
+ * been already klp-converted nor be an exported symbol
+ */
+bool must_convert(struct symbol *sym)
+{
+ if (sym->sec)
+ return false;
+ return (!(is_converted(sym->name) || is_exported(sym->name)));
+}
+
+int main(int argc, const char **argv)
+{
+ const char *klp_in_module, *klp_out_module, *symbols_list;
+ struct rela *rela, *tmprela;
+ struct section *sec, *aux;
+ struct sympos *sp;
+ struct elf *klp_elf;
+
+ if (argc != 4) {
+ WARN("Usage: %s <Symbols.list> <input.ko> <out.ko>", argv[0]);
+ return -1;
+ }
+
+ symbols_list = argv[1];
+ klp_in_module = argv[2];
+ klp_out_module = argv[3];
+
+ klp_elf = elf_open(klp_in_module);
+ if (!klp_elf) {
+ WARN("Unable to read elf file %s\n", klp_in_module);
+ return -1;
+ }
+
+ if (!load_syms_lists(symbols_list))
+ return -1;
+
+ if (!load_usr_symbols(klp_elf)) {
+ WARN("Unable to load user-provided sympos");
+ return -1;
+ }
+
+ list_for_each_entry_safe(sec, aux, &klp_elf->sections, list) {
+ if (!is_rela_section(sec))
+ continue;
+ list_for_each_entry_safe(rela, tmprela, &sec->relas, list) {
+ if (!must_convert(rela->sym))
+ continue;
+
+ sp = calloc(1, sizeof(struct sympos));
+ if (!sp) {
+ WARN("Unable to allocate memory for sympos");
+ return -1;
+ }
+ if (!find_missing_position(rela->sym, sp)) {
+ WARN("Unable to find missing symbol");
+ return -1;
+ }
+ if (!convert_rela(sec, rela, sp, klp_elf)) {
+ WARN("Unable to convert relocation");
+ return -1;
+ }
+ free(sp);
+ }
+ }
+
+ free_syms_lists();
+ if (elf_write_file(klp_elf, klp_out_module))
+ return -1;
+
+ return 0;
+}
diff --git a/scripts/livepatch/list.h b/scripts/livepatch/list.h
new file mode 100644
index 000000000000..b324eb29c3b6
--- /dev/null
+++ b/scripts/livepatch/list.h
@@ -0,0 +1,389 @@
+#ifndef _LINUX_LIST_H
+#define _LINUX_LIST_H
+
+/*
+ * Simple doubly linked list implementation.
+ *
+ * Some of the internal functions ("__xxx") are useful when
+ * manipulating whole lists rather than single entries, as
+ * sometimes we already know the next/prev entries and we can
+ * generate better code by using them directly rather than
+ * using the generic single-entry routines.
+ */
+
+#define WRITE_ONCE(a, b) (a = b)
+#define READ_ONCE(a) a
+
+#undef offsetof
+#define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
+
+/**
+ * container_of - cast a member of a structure out to the containing structure
+ * @ptr: the pointer to the member.
+ * @type: the type of the container struct this is embedded in.
+ * @member: the name of the member within the struct.
+ *
+ */
+#define container_of(ptr, type, member) ({ \
+ const typeof(((type *)0)->member) * __mptr = (ptr); \
+ (type *)((char *)__mptr - offsetof(type, member)); })
+
+struct list_head {
+ struct list_head *next, *prev;
+};
+
+#define LIST_HEAD_INIT(name) { &(name), &(name) }
+
+#define LIST_HEAD(name) \
+ struct list_head name = LIST_HEAD_INIT(name)
+
+static inline void INIT_LIST_HEAD(struct list_head *list)
+{
+ WRITE_ONCE(list->next, list);
+ list->prev = list;
+}
+
+/*
+ * Insert a new entry between two known consecutive entries.
+ *
+ * This is only for internal list manipulation where we know
+ * the prev/next entries already!
+ */
+static inline void __list_add(struct list_head *new,
+ struct list_head *prev,
+ struct list_head *next)
+{
+ next->prev = new;
+ new->next = next;
+ new->prev = prev;
+ WRITE_ONCE(prev->next, new);
+}
+
+/**
+ * list_add - add a new entry
+ * @new: new entry to be added
+ * @head: list head to add it after
+ *
+ * Insert a new entry after the specified head.
+ * This is good for implementing stacks.
+ */
+static inline void list_add(struct list_head *new, struct list_head *head)
+{
+ __list_add(new, head, head->next);
+}
+
+
+/**
+ * list_add_tail - add a new entry
+ * @new: new entry to be added
+ * @head: list head to add it before
+ *
+ * Insert a new entry before the specified head.
+ * This is useful for implementing queues.
+ */
+static inline void list_add_tail(struct list_head *new, struct list_head *head)
+{
+ __list_add(new, head->prev, head);
+}
+
+/*
+ * Delete a list entry by making the prev/next entries
+ * point to each other.
+ *
+ * This is only for internal list manipulation where we know
+ * the prev/next entries already!
+ */
+static inline void __list_del(struct list_head *prev, struct list_head *next)
+{
+ next->prev = prev;
+ WRITE_ONCE(prev->next, next);
+}
+
+/**
+ * list_del - deletes entry from list.
+ * @entry: the element to delete from the list.
+ * Note: list_empty() on entry does not return true after this, the entry is
+ * in an undefined state.
+ */
+static inline void __list_del_entry(struct list_head *entry)
+{
+ __list_del(entry->prev, entry->next);
+}
+
+static inline void list_del(struct list_head *entry)
+{
+ __list_del(entry->prev, entry->next);
+}
+
+/**
+ * list_is_last - tests whether @list is the last entry in list @head
+ * @list: the entry to test
+ * @head: the head of the list
+ */
+static inline int list_is_last(const struct list_head *list,
+ const struct list_head *head)
+{
+ return list->next == head;
+}
+
+/**
+ * list_empty - tests whether a list is empty
+ * @head: the list to test.
+ */
+static inline int list_empty(const struct list_head *head)
+{
+ return READ_ONCE(head->next) == head;
+}
+
+/**
+ * list_entry - get the struct for this entry
+ * @ptr: the &struct list_head pointer.
+ * @type: the type of the struct this is embedded in.
+ * @member: the name of the list_head within the struct.
+ */
+#define list_entry(ptr, type, member) \
+ container_of(ptr, type, member)
+
+/**
+ * list_first_entry - get the first element from a list
+ * @ptr: the list head to take the element from.
+ * @type: the type of the struct this is embedded in.
+ * @member: the name of the list_head within the struct.
+ *
+ * Note, that list is expected to be not empty.
+ */
+#define list_first_entry(ptr, type, member) \
+ list_entry((ptr)->next, type, member)
+
+/**
+ * list_last_entry - get the last element from a list
+ * @ptr: the list head to take the element from.
+ * @type: the type of the struct this is embedded in.
+ * @member: the name of the list_head within the struct.
+ *
+ * Note, that list is expected to be not empty.
+ */
+#define list_last_entry(ptr, type, member) \
+ list_entry((ptr)->prev, type, member)
+
+/**
+ * list_first_entry_or_null - get the first element from a list
+ * @ptr: the list head to take the element from.
+ * @type: the type of the struct this is embedded in.
+ * @member: the name of the list_head within the struct.
+ *
+ * Note that if the list is empty, it returns NULL.
+ */
+#define list_first_entry_or_null(ptr, type, member) \
+ (!list_empty(ptr) ? list_first_entry(ptr, type, member) : NULL)
+
+/**
+ * list_next_entry - get the next element in list
+ * @pos: the type * to cursor
+ * @member: the name of the list_head within the struct.
+ */
+#define list_next_entry(pos, member) \
+ list_entry((pos)->member.next, typeof(*(pos)), member)
+
+/**
+ * list_prev_entry - get the prev element in list
+ * @pos: the type * to cursor
+ * @member: the name of the list_head within the struct.
+ */
+#define list_prev_entry(pos, member) \
+ list_entry((pos)->member.prev, typeof(*(pos)), member)
+
+/**
+ * list_for_each - iterate over a list
+ * @pos: the &struct list_head to use as a loop cursor.
+ * @head: the head for your list.
+ */
+#define list_for_each(pos, head) \
+ for (pos = (head)->next; pos != (head); pos = pos->next)
+
+/**
+ * list_for_each_prev - iterate over a list backwards
+ * @pos: the &struct list_head to use as a loop cursor.
+ * @head: the head for your list.
+ */
+#define list_for_each_prev(pos, head) \
+ for (pos = (head)->prev; pos != (head); pos = pos->prev)
+
+/**
+ * list_for_each_safe - iterate over a list safe against removal of list entry
+ * @pos: the &struct list_head to use as a loop cursor.
+ * @n: another &struct list_head to use as temporary storage
+ * @head: the head for your list.
+ */
+#define list_for_each_safe(pos, n, head) \
+ for (pos = (head)->next, n = pos->next; pos != (head); \
+ pos = n, n = pos->next)
+
+/**
+ * list_for_each_prev_safe - iterate over a list backwards safe against removal
+ of list entry
+ * @pos: the &struct list_head to use as a loop cursor.
+ * @n: another &struct list_head to use as temporary storage
+ * @head: the head for your list.
+ */
+#define list_for_each_prev_safe(pos, n, head) \
+ for (pos = (head)->prev, n = pos->prev; \
+ pos != (head); \
+ pos = n, n = pos->prev)
+
+/**
+ * list_for_each_entry - iterate over list of given type
+ * @pos: the type * to use as a loop cursor.
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ */
+#define list_for_each_entry(pos, head, member) \
+ for (pos = list_first_entry(head, typeof(*pos), member); \
+ &pos->member != (head); \
+ pos = list_next_entry(pos, member))
+
+/**
+ * list_for_each_entry_reverse - iterate backwards over list of given type.
+ * @pos: the type * to use as a loop cursor.
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ */
+#define list_for_each_entry_reverse(pos, head, member) \
+ for (pos = list_last_entry(head, typeof(*pos), member); \
+ &pos->member != (head); \
+ pos = list_prev_entry(pos, member))
+
+/**
+ * list_prepare_entry - prepare a pos entry for use in
+ list_for_each_entry_continue()
+ * @pos: the type * to use as a start point
+ * @head: the head of the list
+ * @member: the name of the list_head within the struct.
+ *
+ * Prepares a pos entry for use as a start point in
+ list_for_each_entry_continue().
+ */
+#define list_prepare_entry(pos, head, member) \
+ ((pos) ? : list_entry(head, typeof(*pos), member))
+
+/**
+ * list_for_each_entry_continue - continue iteration over list of given type
+ * @pos: the type * to use as a loop cursor.
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ *
+ * Continue to iterate over list of given type, continuing after
+ * the current position.
+ */
+#define list_for_each_entry_continue(pos, head, member) \
+ for (pos = list_next_entry(pos, member); \
+ &pos->member != (head); \
+ pos = list_next_entry(pos, member))
+
+/**
+ * list_for_each_entry_continue_reverse - iterate backwards from the given point
+ * @pos: the type * to use as a loop cursor.
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ *
+ * Start to iterate over list of given type backwards, continuing after
+ * the current position.
+ */
+#define list_for_each_entry_continue_reverse(pos, head, member) \
+ for (pos = list_prev_entry(pos, member); \
+ &pos->member != (head); \
+ pos = list_prev_entry(pos, member))
+
+/**
+ * list_for_each_entry_from - iterate over list of given type from the current
+ point
+ * @pos: the type * to use as a loop cursor.
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ *
+ * Iterate over list of given type, continuing from current position.
+ */
+#define list_for_each_entry_from(pos, head, member) \
+ for (; &pos->member != (head); \
+ pos = list_next_entry(pos, member))
+
+/**
+ * list_for_each_entry_safe - iterate over list of given type safe against
+ removal of list entry
+ * @pos: the type * to use as a loop cursor.
+ * @n: another type * to use as temporary storage
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ */
+#define list_for_each_entry_safe(pos, n, head, member) \
+ for (pos = list_first_entry(head, typeof(*pos), member), \
+ n = list_next_entry(pos, member); \
+ &pos->member != (head); \
+ pos = n, n = list_next_entry(n, member))
+
+/**
+ * list_for_each_entry_safe_continue - continue list iteration safe against
+ * removal
+ * @pos: the type * to use as a loop cursor.
+ * @n: another type * to use as temporary storage
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ *
+ * Iterate over list of given type, continuing after current point,
+ * safe against removal of list entry.
+ */
+#define list_for_each_entry_safe_continue(pos, n, head, member) \
+ for (pos = list_next_entry(pos, member), \
+ n = list_next_entry(pos, member); \
+ &pos->member != (head); \
+ pos = n, n = list_next_entry(n, member))
+
+/**
+ * list_for_each_entry_safe_from - iterate over list from current point safe
+ * against removal
+ * @pos: the type * to use as a loop cursor.
+ * @n: another type * to use as temporary storage
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ *
+ * Iterate over list of given type from current point, safe against
+ * removal of list entry.
+ */
+#define list_for_each_entry_safe_from(pos, n, head, member) \
+ for (n = list_next_entry(pos, member); \
+ &pos->member != (head); \
+ pos = n, n = list_next_entry(n, member))
+
+/**
+ * list_for_each_entry_safe_reverse - iterate backwards over list safe against
+ * removal
+ * @pos: the type * to use as a loop cursor.
+ * @n: another type * to use as temporary storage
+ * @head: the head for your list.
+ * @member: the name of the list_head within the struct.
+ *
+ * Iterate backwards over list of given type, safe against removal
+ * of list entry.
+ */
+#define list_for_each_entry_safe_reverse(pos, n, head, member) \
+ for (pos = list_last_entry(head, typeof(*pos), member), \
+ n = list_prev_entry(pos, member); \
+ &pos->member != (head); \
+ pos = n, n = list_prev_entry(n, member))
+
+/**
+ * list_safe_reset_next - reset a stale list_for_each_entry_safe loop
+ * @pos: the loop cursor used in the list_for_each_entry_safe loop
+ * @n: temporary storage used in list_for_each_entry_safe
+ * @member: the name of the list_head within the struct.
+ *
+ * list_safe_reset_next is not safe to use in general if the list may be
+ * modified concurrently (eg. the lock is dropped in the loop body). An
+ * exception to this is if the cursor element (pos) is pinned in the list,
+ * and list_safe_reset_next is called after re-taking the lock and before
+ * completing the current iteration of the loop body.
+ */
+#define list_safe_reset_next(pos, n, member) \
+ (n = list_next_entry(pos, member))
+
+#endif
--
2.12.0
On Tue, Aug 29, 2017 at 04:01:32PM -0300, Joao Moreira wrote:
> Livepatches may use symbols which are not contained in its own scope,
> and, because of that, may end up compiled with relocations that will
> only be resolved during module load. Yet, when the referenced symbols are
> not exported, solving this relocation requires information on the object
> that holds the symbol (either vmlinux or modules) and its position inside
> the object, as an object may contain multiple symbols with the same name.
> Providing such information must be done accordingly to what is specified
> in Documentation/livepatch/module-elf-format.txt.
>
> Currently, there is no trivial way to embed the required information as
> requested in the final livepatch elf object. klp-convert solves this
> problem in two different forms: (i) by relying on a symbol map, which is
> built during kernel compilation, to automatically infers the relocation
> targeted symbol, and, when such inference is not possible (ii) by using
> annotations in the elf object to convert the relocation accordingly to
> the specification, enabling it to be handled by the livepatch loader.
>
> Given the above, add support for symbol mapping in the form of
> Symbols.list file; add klp-convert tool; integrate klp-convert tool into
> kbuild; make livepatch modules discernible during kernel compilation
> pipeline; add data-structure and macros to enable users to annotate
> livepatch source code; make modpost stage compatible with livepatches;
> update livepatch-sample and update documentation.
>
> The patch was tested under three use-cases:
>
> use-case 1: There is a relocation in the lp that can be automatically
> resolved by klp-convert (tested by removing the annotations from
> samples/livepatch/livepatch-annotated-sample.c)
>
> use-case 2: There is a relocation in the lp that cannot be automatically
> resolved, as the name of the respective symbol appears in multiple
> objects. The livepatch contains an annotation to enable a correct
> relocation - reproducible with this livepatch sample:
> http://www.livewire.com.br/suse/klp/livepatch-sample.1.c
>
> use-case 3: There is a relocation in the lp that cannot be automatically
> resolved similarly as 2, but no annotation was provided in the livepatch,
> triggering an error during compilation - reproducible with this livepatch
> sample: http://www.livewire.com.br/suse/klp/livepatch-sample.2.c
>
> Joao Moreira (2):
> kbuild: Support for Symbols.list creation
> documentation: Update on livepatch elf format
>
> Josh Poimboeuf (5):
> livepatch: Create and include UAPI headers
> livepatch: Add klp-convert tool
> livepatch: Add klp-convert annotation helpers
> modpost: Integrate klp-convert
> livepatch: Add sample livepatch module
>
> Miroslav Benes (1):
> modpost: Add modinfo flag to livepatch modules
Thanks a lot for picking these patches up and improving them. I've only
glanced at the code, but so far it's looking good. It may be a few
weeks before a I get a chance to do a proper review.
One quick question, possibly for Miroslav. Do we have a plan yet for
dealing with GCC optimizations?
https://lkml.kernel.org/r/20161110161053.heua3abuaekz4yy7@treble
I still like the '-fpreserve-function-abi' idea, but maybe it's not
realistic.
--
Josh
Hi, I just would like to pinpoint a bug I just noticed while doing some
extra experiments on klp-convert.
In this current version multiple relas respective to a same symbol are
not being correctly moved into the .klp.rela section, just the first
one. This way, if the live-patch algorithm reuses the same symbol
multiple times, only the first one will be correctly resolved.
I have already worked out a solution for the bug and I'll integrate it
into v2, along with another use-case that unveils this situation.
Also, despite the bug, the live-patch was not prevented from being
loaded. Perhaps we should care about it in the future.
Tks,
Joao.
On 08/29/2017 04:01 PM, Joao Moreira wrote:
> From: Josh Poimboeuf <[email protected]>
>
> Livepatches may use symbols which are not contained in its own scope,
> and, because of that, may end up compiled with relocations that will
> only be resolved during module load. Yet, when the referenced symbols
> are not exported, solving this relocation requires information on the
> object that holds the symbol (either vmlinux or modules) and its
> position inside the object, as an object may contain multiple symbols
> with the same name. Providing such information must be done
> accordingly to what is specified in
> Documentation/livepatch/module-elf-format.txt.
>
> Currently, there is no trivial way to embed the required information
> as requested in the final livepatch elf object. klp-convert solves
> this problem in two different forms: (i) by relying on Symbols.list,
> which is built during kernel compilation, to automatically infer the
> relocation targeted symbol, and, when such inference is not possible
> (ii) by using annotations in the elf object to convert the relocation
> accordingly to the specification, enabling it to be handled by the
> livepatch loader.
>
> Given the above, create scripts/livepatch to hold tools developed for
> livepatches and add source files for klp-convert there.
>
> The core file of klp-convert is scripts/livepatch/klp-convert.c, which
> implements the heuristics used to solve the relocations and the
> conversion of unresolved symbols into the expected format, as defined
> in [1].
>
> klp-convert receives as arguments the Symbols.list file, an input
> livepatch module to be converted and the output name for the converted
> livepatch. When it starts running, klp-convert parses Symbols.list and
> builds two internal lists of symbols, one containing the exported and
> another containing the non-exported symbols. Then, by parsing the rela
> sections in the elf object, klp-convert identifies which symbols must
> be converted, which are those unresolved and that do not have a
> corresponding exported symbol, and attempts to convert them
> accordingly to the specification.
>
> By using Symbols.list, klp-convert identifies which symbols have names
> that only appear in a single kernel object, thus being capable of
> resolving these cases without the intervention of the developer. When
> various homonymous symbols exist through kernel objects, it is not
> possible to infer the right one, thus klp-convert falls back into
> using developer annotations. If these were not provided, then the tool
> will print a list with all acceptable targets for the symbol being
> processed.
>
> Annotations in the context of klp-convert are accessible as struct
> klp_module_reloc entries in sections named
> .klp.module_relocs.<objname>. These entries are pairs of symbol
> references and positions which are to be resolved against definitions
> in <objname>.
>
> Define the structure klp_module_reloc in
> include/linux/uapi/livepatch.h allowing developers to annotate the
> livepatch source code with it.
>
> klp-convert relies on libelf and on a list implementation. Add files
> scripts/livepatch/elf.c and scripts/livepatch/elf.h, which are a
> libelf interfacing layer and scripts/livepatch/list.h, which is a
> list implementation.
>
> Update Makefiles to correctly support the compilation of the new tool,
> update MAINTAINERS file and add a .gitignore file.
>
> [1] - Documentation/livepatch/module-elf-format.txt
>
> [khlebnikov: use HOSTLOADLIBES_ instead of HOSTLDFLAGS: -lelf must be
> at the end]
> [jmoreira:
> * add support to automatic relocation conversion in klp-convert.c
> * changelog]
>
> Signed-off-by: Josh Poimboeuf <[email protected]>
> Signed-off-by: Konstantin Khlebnikov <[email protected]>
> Signed-off-by: Joao Moreira <[email protected]>
> ---
> MAINTAINERS | 1 +
> Makefile | 2 +-
> include/uapi/linux/livepatch.h | 5 +
> scripts/Makefile | 1 +
> scripts/livepatch/.gitignore | 1 +
> scripts/livepatch/Makefile | 7 +
> scripts/livepatch/elf.c | 696 ++++++++++++++++++++++++++++++++++++++++
> scripts/livepatch/elf.h | 84 +++++
> scripts/livepatch/klp-convert.c | 567 ++++++++++++++++++++++++++++++++
> scripts/livepatch/list.h | 389 ++++++++++++++++++++++
> 10 files changed, 1752 insertions(+), 1 deletion(-)
> create mode 100644 scripts/livepatch/.gitignore
> create mode 100644 scripts/livepatch/Makefile
> create mode 100644 scripts/livepatch/elf.c
> create mode 100644 scripts/livepatch/elf.h
> create mode 100644 scripts/livepatch/klp-convert.c
> create mode 100644 scripts/livepatch/list.h
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 1d8ea36e1173..3e0a576a5639 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -7719,6 +7719,7 @@ F: arch/x86/kernel/livepatch.c
> F: Documentation/livepatch/
> F: Documentation/ABI/testing/sysfs-kernel-livepatch
> F: samples/livepatch/
> +F: scripts/livepatch/
> L: [email protected]
> T: git git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching.git
>
> diff --git a/Makefile b/Makefile
> index e1d315e585d8..5265cb5a3d89 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -561,7 +561,7 @@ ifeq ($(KBUILD_EXTMOD),)
> # in parallel
> PHONY += scripts
> scripts: scripts_basic include/config/auto.conf include/config/tristate.conf \
> - asm-generic gcc-plugins
> + asm-generic gcc-plugins headers_install
> $(Q)$(MAKE) $(build)=$(@)
>
> # Objects we will link into vmlinux / subdirs we need to visit
> diff --git a/include/uapi/linux/livepatch.h b/include/uapi/linux/livepatch.h
> index bc35f85fd859..3de6f7fcea3a 100644
> --- a/include/uapi/linux/livepatch.h
> +++ b/include/uapi/linux/livepatch.h
> @@ -25,4 +25,9 @@
> #define KLP_RELA_PREFIX ".klp.rela."
> #define KLP_SYM_PREFIX ".klp.sym."
>
> +struct klp_module_reloc {
> + void *sym;
> + unsigned int sympos;
> +} __attribute__((packed));
> +
> #endif /* _UAPI_LIVEPATCH_H */
> diff --git a/scripts/Makefile b/scripts/Makefile
> index 1d80897a9644..2cc2b8a52b3b 100644
> --- a/scripts/Makefile
> +++ b/scripts/Makefile
> @@ -45,6 +45,7 @@ subdir-y += mod
> subdir-$(CONFIG_SECURITY_SELINUX) += selinux
> subdir-$(CONFIG_DTC) += dtc
> subdir-$(CONFIG_GDB_SCRIPTS) += gdb
> +subdir-$(CONFIG_LIVEPATCH) += livepatch
>
> # Let clean descend into subdirs
> subdir- += basic kconfig package gcc-plugins
> diff --git a/scripts/livepatch/.gitignore b/scripts/livepatch/.gitignore
> new file mode 100644
> index 000000000000..dc22fe4b6a5b
> --- /dev/null
> +++ b/scripts/livepatch/.gitignore
> @@ -0,0 +1 @@
> +klp-convert
> diff --git a/scripts/livepatch/Makefile b/scripts/livepatch/Makefile
> new file mode 100644
> index 000000000000..05bae6a849e4
> --- /dev/null
> +++ b/scripts/livepatch/Makefile
> @@ -0,0 +1,7 @@
> +hostprogs-y := klp-convert
> +always := $(hostprogs-y)
> +
> +klp-convert-objs := klp-convert.o elf.o
> +
> +HOSTCFLAGS := -g -I$(INSTALL_HDR_PATH)/include -Wall
> +HOSTLOADLIBES_klp-convert := -lelf
> diff --git a/scripts/livepatch/elf.c b/scripts/livepatch/elf.c
> new file mode 100644
> index 000000000000..f279dd3be1b7
> --- /dev/null
> +++ b/scripts/livepatch/elf.c
> @@ -0,0 +1,696 @@
> +/*
> + * elf.c - ELF access library
> + *
> + * Adapted from kpatch (https://github.com/dynup/kpatch):
> + * Copyright (C) 2013-2016 Josh Poimboeuf <[email protected]>
> + * Copyright (C) 2014 Seth Jennings <[email protected]>
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * as published by the Free Software Foundation; either version 2
> + * of the License, or (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, see <http://www.gnu.org/licenses/>.
> + */
> +
> +#include <sys/types.h>
> +#include <sys/stat.h>
> +#include <fcntl.h>
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <string.h>
> +#include <unistd.h>
> +
> +#include "elf.h"
> +
> +#define WARN(format, ...) \
> + fprintf(stderr, "%s: " format "\n", elf->name, ##__VA_ARGS__)
> +
> +/*
> + * Fallback for systems without this "read, mmaping if possible" cmd.
> + */
> +#ifndef ELF_C_READ_MMAP
> +#define ELF_C_READ_MMAP ELF_C_READ
> +#endif
> +
> +bool is_rela_section(struct section *sec)
> +{
> + return (sec->sh.sh_type == SHT_RELA);
> +}
> +
> +struct section *find_section_by_name(struct elf *elf, const char *name)
> +{
> + struct section *sec;
> +
> + list_for_each_entry(sec, &elf->sections, list)
> + if (!strcmp(sec->name, name))
> + return sec;
> +
> + return NULL;
> +}
> +
> +static struct section *find_section_by_index(struct elf *elf,
> + unsigned int idx)
> +{
> + struct section *sec;
> +
> + list_for_each_entry(sec, &elf->sections, list)
> + if (sec->idx == idx)
> + return sec;
> +
> + return NULL;
> +}
> +
> +static struct symbol *find_symbol_by_index(struct elf *elf, unsigned int idx)
> +{
> + struct symbol *sym;
> +
> + list_for_each_entry(sym, &elf->symbols, list)
> + if (sym->idx == idx)
> + return sym;
> +
> + return NULL;
> +}
> +
> +static int read_sections(struct elf *elf)
> +{
> + Elf_Scn *s = NULL;
> + struct section *sec;
> + size_t shstrndx, sections_nr;
> + int i;
> +
> + if (elf_getshdrnum(elf->elf, §ions_nr)) {
> + perror("elf_getshdrnum");
> + return -1;
> + }
> +
> + if (elf_getshdrstrndx(elf->elf, &shstrndx)) {
> + perror("elf_getshdrstrndx");
> + return -1;
> + }
> +
> + for (i = 0; i < sections_nr; i++) {
> + sec = malloc(sizeof(*sec));
> + if (!sec) {
> + perror("malloc");
> + return -1;
> + }
> + memset(sec, 0, sizeof(*sec));
> +
> + INIT_LIST_HEAD(&sec->relas);
> +
> + list_add_tail(&sec->list, &elf->sections);
> +
> + s = elf_getscn(elf->elf, i);
> + if (!s) {
> + perror("elf_getscn");
> + return -1;
> + }
> +
> + sec->idx = elf_ndxscn(s);
> +
> + if (!gelf_getshdr(s, &sec->sh)) {
> + perror("gelf_getshdr");
> + return -1;
> + }
> +
> + sec->name = elf_strptr(elf->elf, shstrndx, sec->sh.sh_name);
> + if (!sec->name) {
> + perror("elf_strptr");
> + return -1;
> + }
> +
> + sec->elf_data = elf_getdata(s, NULL);
> + if (!sec->elf_data) {
> + perror("elf_getdata");
> + return -1;
> + }
> +
> + if (sec->elf_data->d_off != 0 ||
> + sec->elf_data->d_size != sec->sh.sh_size) {
> + WARN("unexpected data attributes for %s", sec->name);
> + return -1;
> + }
> +
> + sec->data = sec->elf_data->d_buf;
> + sec->size = sec->elf_data->d_size;
> + }
> +
> + /* sanity check, one more call to elf_nextscn() should return NULL */
> + if (elf_nextscn(elf->elf, s)) {
> + WARN("section entry mismatch");
> + return -1;
> + }
> +
> + return 0;
> +}
> +
> +static int read_symbols(struct elf *elf)
> +{
> + struct section *symtab;
> + struct symbol *sym;
> + int symbols_nr, i;
> +
> + symtab = find_section_by_name(elf, ".symtab");
> + if (!symtab) {
> + WARN("missing symbol table");
> + return -1;
> + }
> +
> + symbols_nr = symtab->sh.sh_size / symtab->sh.sh_entsize;
> +
> + for (i = 0; i < symbols_nr; i++) {
> + sym = malloc(sizeof(*sym));
> + if (!sym) {
> + perror("malloc");
> + return -1;
> + }
> + memset(sym, 0, sizeof(*sym));
> +
> + sym->idx = i;
> +
> + if (!gelf_getsym(symtab->elf_data, i, &sym->sym)) {
> + perror("gelf_getsym");
> + goto err;
> + }
> +
> + sym->name = elf_strptr(elf->elf, symtab->sh.sh_link,
> + sym->sym.st_name);
> + if (!sym->name) {
> + perror("elf_strptr");
> + goto err;
> + }
> +
> + sym->type = GELF_ST_TYPE(sym->sym.st_info);
> + sym->bind = GELF_ST_BIND(sym->sym.st_info);
> +
> + if (sym->sym.st_shndx > SHN_UNDEF &&
> + sym->sym.st_shndx < SHN_LORESERVE) {
> + sym->sec = find_section_by_index(elf,
> + sym->sym.st_shndx);
> + if (!sym->sec) {
> + WARN("couldn't find section for symbol %s",
> + sym->name);
> + goto err;
> + }
> + if (sym->type == STT_SECTION) {
> + sym->name = sym->sec->name;
> + sym->sec->sym = sym;
> + }
> + }
> +
> + sym->offset = sym->sym.st_value;
> + sym->size = sym->sym.st_size;
> +
> + list_add_tail(&sym->list, &elf->symbols);
> + }
> +
> + return 0;
> +
> +err:
> + free(sym);
> + return -1;
> +}
> +
> +static int read_relas(struct elf *elf)
> +{
> + struct section *sec;
> + struct rela *rela;
> + int i;
> + unsigned int symndx;
> +
> + list_for_each_entry(sec, &elf->sections, list) {
> + if (sec->sh.sh_type != SHT_RELA)
> + continue;
> +
> + sec->base = find_section_by_name(elf, sec->name + 5);
> + if (!sec->base) {
> + WARN("can't find base section for rela section %s",
> + sec->name);
> + return -1;
> + }
> +
> + sec->base->rela = sec;
> +
> + for (i = 0; i < sec->sh.sh_size / sec->sh.sh_entsize; i++) {
> + rela = malloc(sizeof(*rela));
> + if (!rela) {
> + perror("malloc");
> + return -1;
> + }
> + memset(rela, 0, sizeof(*rela));
> +
> + if (!gelf_getrela(sec->elf_data, i, &rela->rela)) {
> + perror("gelf_getrela");
> + return -1;
> + }
> +
> + rela->type = GELF_R_TYPE(rela->rela.r_info);
> + rela->addend = rela->rela.r_addend;
> + rela->offset = rela->rela.r_offset;
> + symndx = GELF_R_SYM(rela->rela.r_info);
> + rela->sym = find_symbol_by_index(elf, symndx);
> + if (!rela->sym) {
> + WARN("can't find rela entry symbol %d for %s",
> + symndx, sec->name);
> + return -1;
> + }
> +
> + list_add_tail(&rela->list, &sec->relas);
> + }
> + }
> +
> + return 0;
> +}
> +
> +struct section *create_rela_section(struct elf *elf, const char *name,
> + struct section *base)
> +{
> + struct section *sec;
> +
> + sec = malloc(sizeof(*sec));
> + if (!sec) {
> + WARN("malloc failed");
> + return NULL;
> + }
> + memset(sec, 0, sizeof(*sec));
> + INIT_LIST_HEAD(&sec->relas);
> +
> + sec->base = base;
> + sec->name = strdup(name);
> + if (!sec->name) {
> + WARN("strdup failed");
> + return NULL;
> + }
> + sec->sh.sh_name = -1;
> + sec->sh.sh_type = SHT_RELA;
> + sec->sh.sh_entsize = sizeof(GElf_Rela);
> + sec->sh.sh_addralign = 8;
> + sec->sh.sh_flags = SHF_ALLOC;
> +
> + sec->elf_data = malloc(sizeof(*sec->elf_data));
> + if (!sec->elf_data) {
> + WARN("malloc failed");
> + return NULL;
> + }
> + memset(sec->elf_data, 0, sizeof(*sec->elf_data));
> + sec->elf_data->d_type = ELF_T_RELA;
> +
> + list_add_tail(&sec->list, &elf->sections);
> +
> + return sec;
> +}
> +
> +static int update_shstrtab(struct elf *elf)
> +{
> + struct section *shstrtab, *sec;
> + size_t orig_size, new_size = 0, offset, len;
> + char *buf;
> +
> + shstrtab = find_section_by_name(elf, ".shstrtab");
> + if (!shstrtab) {
> + WARN("can't find .shstrtab");
> + return -1;
> + }
> +
> + orig_size = new_size = shstrtab->size;
> +
> + list_for_each_entry(sec, &elf->sections, list) {
> + if (sec->sh.sh_name != -1)
> + continue;
> + new_size += strlen(sec->name) + 1;
> + }
> +
> + if (new_size == orig_size)
> + return 0;
> +
> + buf = malloc(new_size);
> + if (!buf) {
> + WARN("malloc failed");
> + return -1;
> + }
> + memcpy(buf, (void *)shstrtab->data, orig_size);
> +
> + offset = orig_size;
> + list_for_each_entry(sec, &elf->sections, list) {
> + if (sec->sh.sh_name != -1)
> + continue;
> + sec->sh.sh_name = offset;
> + len = strlen(sec->name) + 1;
> + memcpy(buf + offset, sec->name, len);
> + offset += len;
> + }
> +
> + shstrtab->elf_data->d_buf = shstrtab->data = buf;
> + shstrtab->elf_data->d_size = shstrtab->size = new_size;
> + shstrtab->sh.sh_size = new_size;
> +
> + return 0;
> +}
> +
> +static int update_strtab(struct elf *elf)
> +{
> + struct section *strtab;
> + struct symbol *sym;
> + size_t orig_size, new_size = 0, offset, len;
> + char *buf;
> +
> + strtab = find_section_by_name(elf, ".strtab");
> + if (!strtab) {
> + WARN("can't find .strtab");
> + return -1;
> + }
> +
> + orig_size = new_size = strtab->size;
> +
> + list_for_each_entry(sym, &elf->symbols, list) {
> + if (sym->sym.st_name != -1)
> + continue;
> + new_size += strlen(sym->name) + 1;
> + }
> +
> + if (new_size == orig_size)
> + return 0;
> +
> + buf = malloc(new_size);
> + if (!buf) {
> + WARN("malloc failed");
> + return -1;
> + }
> + memcpy(buf, (void *)strtab->data, orig_size);
> +
> + offset = orig_size;
> + list_for_each_entry(sym, &elf->symbols, list) {
> + if (sym->sym.st_name != -1)
> + continue;
> + sym->sym.st_name = offset;
> + len = strlen(sym->name) + 1;
> + memcpy(buf + offset, sym->name, len);
> + offset += len;
> + }
> +
> + strtab->elf_data->d_buf = strtab->data = buf;
> + strtab->elf_data->d_size = strtab->size = new_size;
> + strtab->sh.sh_size = new_size;
> +
> + return 0;
> +}
> +
> +static int update_symtab(struct elf *elf)
> +{
> + struct section *symtab, *sec;
> + struct symbol *sym;
> + char *buf;
> + size_t size;
> + int offset = 0, nr_locals = 0, idx, nr_syms;
> +
> + idx = 0;
> + list_for_each_entry(sec, &elf->sections, list)
> + sec->idx = idx++;
> +
> + idx = 0;
> + list_for_each_entry(sym, &elf->symbols, list) {
> + sym->idx = idx++;
> + if (sym->sec)
> + sym->sym.st_shndx = sym->sec->idx;
> + }
> + nr_syms = idx;
> +
> + symtab = find_section_by_name(elf, ".symtab");
> + if (!symtab) {
> + WARN("can't find symtab");
> + return -1;
> + }
> +
> + symtab->sh.sh_link = find_section_by_name(elf, ".strtab")->idx;
> +
> + /* create new symtab buffer */
> + size = nr_syms * symtab->sh.sh_entsize;
> + buf = malloc(size);
> + if (!buf) {
> + WARN("malloc failed");
> + return -1;
> + }
> + memset(buf, 0, size);
> +
> + offset = 0;
> + list_for_each_entry(sym, &elf->symbols, list) {
> + memcpy(buf + offset, &sym->sym, symtab->sh.sh_entsize);
> + offset += symtab->sh.sh_entsize;
> +
> + if (sym->bind == STB_LOCAL)
> + nr_locals++;
> + }
> +
> + symtab->elf_data->d_buf = symtab->data = buf;
> + symtab->elf_data->d_size = symtab->size = size;
> + symtab->sh.sh_size = size;
> +
> + /* update symtab section header */
> + symtab->sh.sh_info = nr_locals;
> +
> + return 0;
> +}
> +
> +static int update_relas(struct elf *elf)
> +{
> + struct section *sec, *symtab;
> + struct rela *rela;
> + int nr_relas, idx, size;
> + GElf_Rela *relas;
> +
> + symtab = find_section_by_name(elf, ".symtab");
> +
> + list_for_each_entry(sec, &elf->sections, list) {
> + if (!is_rela_section(sec))
> + continue;
> +
> + sec->sh.sh_link = symtab->idx;
> + if (sec->base)
> + sec->sh.sh_info = sec->base->idx;
> +
> + nr_relas = 0;
> + list_for_each_entry(rela, &sec->relas, list)
> + nr_relas++;
> +
> + size = nr_relas * sizeof(*relas);
> + relas = malloc(size);
> + if (!relas) {
> + WARN("malloc failed");
> + return -1;
> + }
> +
> + sec->elf_data->d_buf = sec->data = relas;
> + sec->elf_data->d_size = sec->size = size;
> + sec->sh.sh_size = size;
> +
> + idx = 0;
> + list_for_each_entry(rela, &sec->relas, list) {
> + relas[idx].r_offset = rela->offset;
> + relas[idx].r_addend = rela->addend;
> + relas[idx].r_info = GELF_R_INFO(rela->sym->idx,
> + rela->type);
> + idx++;
> + }
> + }
> +
> + return 0;
> +}
> +
> +static int write_file(struct elf *elf, const char *file)
> +{
> + int fd;
> + Elf *e;
> + GElf_Ehdr eh, ehout;
> + Elf_Scn *scn;
> + Elf_Data *data;
> + GElf_Shdr sh;
> + struct section *sec;
> +
> + fd = creat(file, 0664);
> + if (fd == -1) {
> + WARN("couldn't create %s", file);
> + return -1;
> + }
> +
> + e = elf_begin(fd, ELF_C_WRITE, NULL);
> + if (!e) {
> + WARN("elf_begin failed");
> + return -1;
> + }
> +
> + if (!gelf_newehdr(e, gelf_getclass(elf->elf))) {
> + WARN("gelf_newehdr failed");
> + return -1;
> + }
> +
> + if (!gelf_getehdr(e, &ehout)) {
> + WARN("gelf_getehdr failed");
> + return -1;
> + }
> +
> + if (!gelf_getehdr(elf->elf, &eh)) {
> + WARN("gelf_getehdr failed");
> + return -1;
> + }
> +
> + memset(&ehout, 0, sizeof(ehout));
> + ehout.e_ident[EI_DATA] = eh.e_ident[EI_DATA];
> + ehout.e_machine = eh.e_machine;
> + ehout.e_type = eh.e_type;
> + ehout.e_version = EV_CURRENT;
> + ehout.e_shstrndx = find_section_by_name(elf, ".shstrtab")->idx;
> +
> + list_for_each_entry(sec, &elf->sections, list) {
> + if (!sec->idx)
> + continue;
> + scn = elf_newscn(e);
> + if (!scn) {
> + WARN("elf_newscn failed");
> + return -1;
> + }
> +
> + data = elf_newdata(scn);
> + if (!data) {
> + WARN("elf_newdata failed");
> + return -1;
> + }
> +
> + if (!elf_flagdata(data, ELF_C_SET, ELF_F_DIRTY)) {
> + WARN("elf_flagdata failed");
> + return -1;
> + }
> +
> + data->d_type = sec->elf_data->d_type;
> + data->d_buf = sec->elf_data->d_buf;
> + data->d_size = sec->elf_data->d_size;
> +
> + if (!gelf_getshdr(scn, &sh)) {
> + WARN("gelf_getshdr failed");
> + return -1;
> + }
> +
> + sh = sec->sh;
> +
> + if (!gelf_update_shdr(scn, &sh)) {
> + WARN("gelf_update_shdr failed");
> + return -1;
> + }
> + }
> +
> + if (!gelf_update_ehdr(e, &ehout)) {
> + WARN("gelf_update_ehdr failed");
> + return -1;
> + }
> +
> + if (elf_update(e, ELF_C_WRITE) < 0) {
> + fprintf(stderr, "%s\n", elf_errmsg(-1));
> + WARN("elf_update failed");
> + return -1;
> + }
> +
> + return 0;
> +}
> +
> +int elf_write_file(struct elf *elf, const char *file)
> +{
> + int ret;
> +
> + ret = update_shstrtab(elf);
> + if (ret)
> + return ret;
> +
> + ret = update_strtab(elf);
> + if (ret)
> + return ret;
> +
> + ret = update_symtab(elf);
> + if (ret)
> + return ret;
> +
> + ret = update_relas(elf);
> + if (ret)
> + return ret;
> +
> + return write_file(elf, file);
> +}
> +
> +struct elf *elf_open(const char *name)
> +{
> + struct elf *elf;
> +
> + elf_version(EV_CURRENT);
> +
> + elf = malloc(sizeof(*elf));
> + if (!elf) {
> + perror("malloc");
> + return NULL;
> + }
> + memset(elf, 0, sizeof(*elf));
> +
> + INIT_LIST_HEAD(&elf->sections);
> + INIT_LIST_HEAD(&elf->symbols);
> +
> + elf->fd = open(name, O_RDONLY);
> + if (elf->fd == -1) {
> + perror("open");
> + goto err;
> + }
> +
> + elf->elf = elf_begin(elf->fd, ELF_C_READ_MMAP, NULL);
> + if (!elf->elf) {
> + perror("elf_begin");
> + goto err;
> + }
> +
> + if (!gelf_getehdr(elf->elf, &elf->ehdr)) {
> + perror("gelf_getehdr");
> + goto err;
> + }
> +
> + if (read_sections(elf))
> + goto err;
> +
> + if (read_symbols(elf))
> + goto err;
> +
> + if (read_relas(elf))
> + goto err;
> +
> + return elf;
> +
> +err:
> + elf_close(elf);
> + return NULL;
> +}
> +
> +void elf_close(struct elf *elf)
> +{
> + struct section *sec, *tmpsec;
> + struct symbol *sym, *tmpsym;
> + struct rela *rela, *tmprela;
> +
> + list_for_each_entry_safe(sym, tmpsym, &elf->symbols, list) {
> + list_del(&sym->list);
> + free(sym);
> + }
> + list_for_each_entry_safe(sec, tmpsec, &elf->sections, list) {
> + list_for_each_entry_safe(rela, tmprela, &sec->relas, list) {
> + list_del(&rela->list);
> + free(rela);
> + }
> + list_del(&sec->list);
> + free(sec);
> + }
> + if (elf->fd > 0)
> + close(elf->fd);
> + if (elf->elf)
> + elf_end(elf->elf);
> + free(elf);
> +}
> diff --git a/scripts/livepatch/elf.h b/scripts/livepatch/elf.h
> new file mode 100644
> index 000000000000..e8aa8f5fb3bc
> --- /dev/null
> +++ b/scripts/livepatch/elf.h
> @@ -0,0 +1,84 @@
> +/*
> + * Copyright (C) 2015-2016 Josh Poimboeuf <[email protected]>
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * as published by the Free Software Foundation; either version 2
> + * of the License, or (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, see <http://www.gnu.org/licenses/>.
> + */
> +
> +#ifndef _KLP_POST_ELF_H
> +#define _KLP_POST_ELF_H
> +
> +#include <stdio.h>
> +#include <stdbool.h>
> +#include <gelf.h>
> +#include "list.h"
> +
> +#ifdef LIBELF_USE_DEPRECATED
> +# define elf_getshdrnum elf_getshnum
> +# define elf_getshdrstrndx elf_getshstrndx
> +#endif
> +
> +struct section {
> + struct list_head list;
> + GElf_Shdr sh;
> + struct section *base, *rela;
> + struct list_head relas;
> + struct symbol *sym;
> + Elf_Data *elf_data;
> + char *name;
> + int idx;
> + void *data;
> + unsigned int size;
> +};
> +
> +struct symbol {
> + struct list_head list;
> + GElf_Sym sym;
> + struct section *sec;
> + char *name;
> + unsigned int idx;
> + unsigned char bind, type;
> + unsigned long offset;
> + unsigned int size;
> +};
> +
> +struct rela {
> + struct list_head list;
> + GElf_Rela rela;
> + struct symbol *sym;
> + unsigned int type;
> + unsigned long offset;
> + int addend;
> +};
> +
> +struct elf {
> + Elf *elf;
> + GElf_Ehdr ehdr;
> + int fd;
> + char *name;
> + struct list_head sections;
> + struct list_head symbols;
> +};
> +
> +
> +struct elf *elf_open(const char *name);
> +bool is_rela_section(struct section *sec);
> +struct section *find_section_by_name(struct elf *elf, const char *name);
> +struct section *create_rela_section(struct elf *elf, const char *name,
> + struct section *base);
> +
> +void elf_close(struct elf *elf);
> +int elf_write_file(struct elf *elf, const char *file);
> +
> +
> +#endif /* _KLP_POST_ELF_H */
> diff --git a/scripts/livepatch/klp-convert.c b/scripts/livepatch/klp-convert.c
> new file mode 100644
> index 000000000000..baf6c83f8eb0
> --- /dev/null
> +++ b/scripts/livepatch/klp-convert.c
> @@ -0,0 +1,567 @@
> +/*
> + * Copyright (C) 2016 Josh Poimboeuf <[email protected]>
> + * Copyright (C) 2017 Joao Moreira <[email protected]>
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * as published by the Free Software Foundation; either version 2
> + * of the License, or (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, see <http://www.gnu.org/licenses/>.
> + */
> +
> +#include <stdlib.h>
> +#include <unistd.h>
> +#include <string.h>
> +#include <linux/livepatch.h>
> +#include "elf.h"
> +#include "list.h"
> +
> +#define SHN_LIVEPATCH 0xff20
> +#define SHF_RELA_LIVEPATCH 0x00100000
> +#define MODULE_NAME_LEN (64 - sizeof(GElf_Addr))
> +#define WARN(format, ...) \
> + fprintf(stderr, "klp-convert: " format "\n", ##__VA_ARGS__)
> +
> +struct symbol_entry {
> + struct list_head list;
> + char *symbol_name;
> + char *object_name;
> +};
> +
> +struct sympos {
> + struct list_head list;
> + char *symbol_name;
> + char *object_name;
> + int pos;
> +};
> +
> +/*
> + * Symbols parsed from Symbols.list are kept in two lists:
> + * - symbols: keeps non-exported symbols
> + * - exp_symbols: keeps exported symbols (__ksymtab_prefixed)
> + */
> +static LIST_HEAD(symbols);
> +static LIST_HEAD(exp_symbols);
> +
> +/* In-livepatch user-provided symbol positions are kept in list usr_symbols */
> +static LIST_HEAD(usr_symbols);
> +
> +void free_syms_lists(void)
> +{
> + struct symbol_entry *entry, *aux;
> + struct sympos *sp, *sp_aux;
> +
> + list_for_each_entry_safe(entry, aux, &symbols, list) {
> + free(entry->object_name);
> + free(entry->symbol_name);
> + list_del(&entry->list);
> + free(entry);
> + }
> +
> + list_for_each_entry_safe(entry, aux, &exp_symbols, list) {
> + free(entry->object_name);
> + free(entry->symbol_name);
> + list_del(&entry->list);
> + free(entry);
> + }
> +
> + list_for_each_entry_safe(sp, sp_aux, &usr_symbols, list) {
> + free(sp->object_name);
> + free(sp->symbol_name);
> + list_del(&sp->list);
> + free(sp);
> + }
> +}
> +
> +/* Parses file and fill symbols and exp_symbols list */
> +bool load_syms_lists(const char *symbols_list)
> +{
> + FILE *fsyms;
> + struct symbol_entry *entry;
> + size_t len = 0;
> + ssize_t n;
> + char *obj = NULL, *sym = NULL;
> +
> + fsyms = fopen(symbols_list, "r");
> + if (!fsyms) {
> + WARN("Unable to open Symbol list: %s", symbols_list);
> + return false;
> + }
> +
> + n = getline(&sym, &len, fsyms);
> + while (n > 0) {
> + if (sym[n-1] == '\n')
> + sym[n-1] = '\0';
> +
> + /* Objects in Symbols.list are flagged with '*' */
> + if (sym[0] == '*') {
> + if (obj)
> + free(obj);
> + obj = strdup(sym+1);
> + if (!obj) {
> + WARN("Unable to allocate object name\n");
> + return false;
> + }
> + free(sym);
> + } else {
> + entry = calloc(1, sizeof(struct symbol_entry));
> + if (!entry) {
> + WARN("Unable to allocate Symbol entry\n");
> + return false;
> + }
> +
> + entry->object_name = strdup(obj);
> + if (!entry->object_name) {
> + WARN("Unable to allocate entry object name\n");
> + return false;
> + }
> +
> + entry->symbol_name = sym;
> +
> + if (strncmp(entry->symbol_name, "__ksymtab_", 10) == 0)
> + list_add(&entry->list, &exp_symbols);
> + else
> + list_add(&entry->list, &symbols);
> + }
> + len = 0;
> + sym = NULL;
> + n = getline(&sym, &len, fsyms);
> + }
> + free(sym);
> + free(obj);
> + fclose(fsyms);
> + return true;
> +}
> +
> +/* Dump symbols list for debugging purposes */
> +void dump_symbols(void)
> +{
> + struct symbol_entry *entry;
> +
> + fprintf(stderr, "BEGIN OF SYMBOLS DUMP\n");
> + list_for_each_entry(entry, &symbols, list)
> + printf("%s %s\n", entry->object_name, entry->symbol_name);
> + fprintf(stderr, "END OF SYMBOLS DUMP\n");
> +}
> +
> +
> +/* Searches for sympos of specific symbol in usr_symbols list */
> +bool get_usr_sympos(struct symbol *s, struct sympos *sp)
> +{
> + struct sympos *aux;
> +
> + list_for_each_entry(aux, &usr_symbols, list) {
> + if (strcmp(aux->symbol_name, s->name) == 0) {
> + sp->symbol_name = aux->symbol_name;
> + sp->object_name = aux->object_name;
> + sp->pos = aux->pos;
> + return true;
> + }
> + }
> + return false;
> +}
> +
> +/* Removes symbols used for sympos annotation from livepatch elf object */
> +void clear_sympos_symbols(struct section *sec, struct elf *klp_elf)
> +{
> + struct symbol *sym, *aux;
> +
> + list_for_each_entry_safe(sym, aux, &klp_elf->symbols, list) {
> + if (sym->sec == sec) {
> + list_del(&sym->list);
> + free(sym);
> + }
> + }
> +}
> +
> +/* Removes annotation from livepatch elf object */
> +void clear_sympos_annontations(struct elf *klp_elf)
> +{
> + struct section *sec, *aux;
> +
> + list_for_each_entry_safe(sec, aux, &klp_elf->sections, list) {
> + if (strncmp(sec->name, ".klp.module_relocs.", 19) == 0) {
> + clear_sympos_symbols(sec, klp_elf);
> + list_del(&sec->list);
> + free(sec);
> + continue;
> + }
> + if (strncmp(sec->name, ".rela.klp.module_relocs.", 24) == 0) {
> + list_del(&sec->list);
> + free(sec);
> + continue;
> + }
> + }
> +}
> +
> +/* Checks if two or more elements in usr_symbols have the same name */
> +bool sympos_sanity_check(void)
> +{
> + bool sane = true;
> + struct sympos *sp, *aux;
> +
> + list_for_each_entry(sp, &usr_symbols, list) {
> + aux = list_next_entry(sp, list);
> + list_for_each_entry_from(aux, &usr_symbols, list) {
> + if (strcmp(sp->symbol_name, aux->symbol_name) == 0) {
> + WARN("KLP_SYMPOS Collision: %s in %s and %s.",
> + sp->symbol_name,
> + sp->object_name,
> + aux->object_name);
> + sane = false;
> + }
> + }
> + }
> + return sane;
> +}
> +
> +/* Parses the livepatch elf object and fills usr_symbols */
> +bool load_usr_symbols(struct elf *klp_elf)
> +{
> + char objname[MODULE_NAME_LEN];
> + struct sympos *sp;
> + struct section *sec, *aux, *relasec;
> + struct rela *rela;
> + struct klp_module_reloc *reloc;
> + int i, nr_entries;
> +
> + list_for_each_entry_safe(sec, aux, &klp_elf->sections, list) {
> + if (sscanf(sec->name, ".klp.module_relocs.%55s", objname) != 1)
> + continue;
> +
> + relasec = sec->rela;
> + reloc = sec->data;
> + i = 0;
> + nr_entries = sec->size / sizeof(*reloc);
> + list_for_each_entry(rela, &relasec->relas, list) {
> + sp = calloc(1, sizeof(struct sympos));
> + if (!sp) {
> + WARN("Unable to allocate sympos memory\n");
> + return false;
> + }
> + sp->object_name = strdup(objname);
> + if (!sp->object_name) {
> + WARN("Unable to allocate object name\n");
> + return false;
> + }
> + sp->symbol_name = strdup(rela->sym->name);
> + sp->pos = reloc[i].sympos;
> + list_add(&sp->list, &usr_symbols);
> + i++;
> + }
> + if (i != nr_entries) {
> + WARN("nr_entries mismatch (%d != %d) for %s\n",
> + i, nr_entries, relasec->name);
> + return false;
> + }
> + }
> + clear_sympos_annontations(klp_elf);
> + return sympos_sanity_check();
> +}
> +
> +/* Dumps sympos list (useful for debugging purposes) */
> +void dump_sympos(void)
> +{
> + struct sympos *sp;
> +
> + fprintf(stderr, "BEGIN OF SYMPOS DUMP\n");
> + list_for_each_entry(sp, &usr_symbols, list) {
> + fprintf(stderr, "%s %s %d\n", sp->symbol_name, sp->object_name,
> + sp->pos);
> + }
> + fprintf(stderr, "END OF SYMPOS DUMP\n");
> +}
> +
> +/* prints list of valid sympos for symbol with provided name */
> +void print_valid_module_relocs(char *name)
> +{
> + struct symbol_entry *e;
> + char *cur_obj = "";
> + int counter;
> + bool first = true;
> +
> + /* Symbols from the same object are locally gathered in the list */
> + fprintf(stderr, "Valid KLP_SYMPOS for symbol %s:\n", name);
> + fprintf(stderr, "-------------------------------------------------\n");
> + list_for_each_entry(e, &symbols, list) {
> + if (strcmp(e->object_name, cur_obj) != 0) {
> + cur_obj = e->object_name;
> + counter = 0;
> + }
> + if (strcmp(e->symbol_name, name) == 0) {
> + if (counter == 0) {
> + if (!first)
> + fprintf(stderr, "}\n");
> +
> + fprintf(stderr, "KLP_MODULE_RELOC(%s){\n",
> + cur_obj);
> + first = false;
> + }
> + fprintf(stderr, "\tKLP_SYMPOS(%s,%d)\n", name, counter);
> + counter++;
> + }
> + }
> + fprintf(stderr, "-------------------------------------------------\n");
> +}
> +
> +/* Searches for symbol in symbols list and returns its sympos if it is unique,
> + * otherwise prints a list with all considered valid sympos
> + */
> +struct symbol_entry *find_sym_entry_by_name(char *name)
> +{
> + struct symbol_entry *found = NULL;
> + struct symbol_entry *e;
> +
> + list_for_each_entry(e, &symbols, list) {
> + if (strcmp(e->symbol_name, name) == 0) {
> +
> + /* If there exist multiple symbols with the same
> + * name then user-provided sympos is required
> + */
> + if (found) {
> + print_valid_module_relocs(name);
> + return NULL;
> + }
> + found = e;
> + }
> + }
> + if (found)
> + return found;
> +
> + return NULL;
> +}
> +
> +/* Checks if sympos is valid, otherwise prints valid sympos list */
> +bool valid_sympos(struct sympos *sp)
> +{
> + struct symbol_entry *e;
> + int counter = 0;
> +
> + list_for_each_entry(e, &symbols, list) {
> + if ((strcmp(e->symbol_name, sp->symbol_name) == 0) &&
> + (strcmp(e->object_name, sp->object_name) == 0)) {
> + if (counter == sp->pos)
> + return true;
> + counter++;
> + }
> + }
> +
> + WARN("Provided KLP_SYMPOS does not match a symbol (%s.%s)",
> + sp->symbol_name, sp->object_name);
> + print_valid_module_relocs(sp->symbol_name);
> +
> + return false;
> +}
> +
> +/* Returns the right sympos respective to a symbol to be relocated */
> +bool find_missing_position(struct symbol *s, struct sympos *sp)
> +{
> + struct symbol_entry *entry;
> +
> + if (get_usr_sympos(s, sp)) {
> + if (valid_sympos(sp))
> + return true;
> + return false;
> + }
> +
> + /* if no user-provided sympos, search symbol in symbols list */
> + entry = find_sym_entry_by_name(s->name);
> + if (entry) {
> + sp->symbol_name = entry->symbol_name;
> + sp->object_name = entry->object_name;
> + sp->pos = 0;
> + return true;
> + }
> + return false;
> +}
> +
> +/* Finds or creates a klp rela section based on another given section (@oldsec)
> + * and sympos (@*sp), then returns it
> + */
> +struct section *get_or_create_klp_rela_section(struct section *oldsec,
> + struct sympos *sp, struct elf *klp_elf)
> +{
> + char *name;
> + struct section *sec;
> + unsigned int length;
> +
> + length = strlen(KLP_RELA_PREFIX) + strlen(sp->object_name)
> + + strlen(oldsec->base->name) + 2;
> +
> + name = calloc(1, length);
> + if (!name) {
> + WARN("Memory allocation failed (%s%s.%s)\n", KLP_RELA_PREFIX,
> + sp->object_name, oldsec->base->name);
> + return NULL;
> + }
> +
> + if (snprintf(name, length, KLP_RELA_PREFIX "%s.%s", sp->object_name,
> + oldsec->base->name) >= length) {
> + WARN("Length error (%s)", name);
> + free(name);
> + return false;
> + }
> +
> + sec = find_section_by_name(klp_elf, name);
> + if (!sec)
> + sec = create_rela_section(klp_elf, name, oldsec->base);
> +
> + if (sec)
> + sec->sh.sh_flags |= SHF_RELA_LIVEPATCH;
> +
> + free(name);
> + return sec;
> +}
> +
> +/* Create klp rela, add it to the right klp rela sec and del reference rela */
> +bool convert_rela(struct section *oldsec, struct rela *r, struct sympos *sp,
> + struct elf *klp_elf)
> +{
> + char *name;
> + char pos[4]; /* assume that pos will never be > 999 */
> + unsigned int length;
> + struct section *sec;
> + struct symbol *s = r->sym;
> +
> + sec = get_or_create_klp_rela_section(oldsec, sp, klp_elf);
> + if (!sec) {
> + WARN("Can't create or access klp.rela section (%s.%s)\n",
> + sp->object_name, sp->symbol_name);
> + return false;
> + }
> +
> + if (snprintf(pos, sizeof(pos), "%d", sp->pos) > 3) {
> + WARN("Insuficient buffer for expanding sympos (%s.%s,%d)\n",
> + sp->object_name, sp->symbol_name, sp->pos);
> + return false;
> + }
> +
> + length = strlen(KLP_SYM_PREFIX) + strlen(sp->object_name)
> + + strlen(sp->symbol_name) + 4;
> +
> + name = calloc(1, length);
> + if (!name) {
> + WARN("Memory allocation failed (%s%s.%s,%s)\n", KLP_SYM_PREFIX,
> + sp->object_name, sp->symbol_name, pos);
> + return false;
> + }
> +
> + if (snprintf(name, length, KLP_SYM_PREFIX "%s.%s,%s", sp->object_name,
> + sp->symbol_name, pos) >= length) {
> + WARN("Length error (%s.%s)", sp->object_name, sp->symbol_name);
> + return false;
> + }
> +
> + s->name = name;
> + s->sec = NULL;
> + s->sym.st_name = -1;
> + s->sym.st_shndx = SHN_LIVEPATCH;
> +
> + list_del(&r->list);
> + list_add(&r->list, &sec->relas);
> + return true;
> +}
> +
> +/* Checks if given symbol name matches a symbol in exp_symbols */
> +bool is_exported(char *sname)
> +{
> + struct symbol_entry *e;
> +
> + /* exp_symbols itens are prefixed with __ksymtab_ - comparisons must
> + * skip prefix and check if both are properly null-terminated
> + */
> + list_for_each_entry(e, &exp_symbols, list) {
> + if (strcmp(e->symbol_name + 10, sname) == 0)
> + return true;
> + }
> + return false;
> +}
> +
> +/* Checks if a symbol was previously klp-converted based on its name */
> +bool is_converted(char *sname)
> +{
> + int len = strlen(KLP_SYM_PREFIX);
> +
> + if (strncmp(sname, KLP_SYM_PREFIX, len) == 0)
> + return true;
> + return false;
> +}
> +
> +/* Checks if symbol must be klp-converted - must not be already resolved, have
> + * been already klp-converted nor be an exported symbol
> + */
> +bool must_convert(struct symbol *sym)
> +{
> + if (sym->sec)
> + return false;
> + return (!(is_converted(sym->name) || is_exported(sym->name)));
> +}
> +
> +int main(int argc, const char **argv)
> +{
> + const char *klp_in_module, *klp_out_module, *symbols_list;
> + struct rela *rela, *tmprela;
> + struct section *sec, *aux;
> + struct sympos *sp;
> + struct elf *klp_elf;
> +
> + if (argc != 4) {
> + WARN("Usage: %s <Symbols.list> <input.ko> <out.ko>", argv[0]);
> + return -1;
> + }
> +
> + symbols_list = argv[1];
> + klp_in_module = argv[2];
> + klp_out_module = argv[3];
> +
> + klp_elf = elf_open(klp_in_module);
> + if (!klp_elf) {
> + WARN("Unable to read elf file %s\n", klp_in_module);
> + return -1;
> + }
> +
> + if (!load_syms_lists(symbols_list))
> + return -1;
> +
> + if (!load_usr_symbols(klp_elf)) {
> + WARN("Unable to load user-provided sympos");
> + return -1;
> + }
> +
> + list_for_each_entry_safe(sec, aux, &klp_elf->sections, list) {
> + if (!is_rela_section(sec))
> + continue;
> + list_for_each_entry_safe(rela, tmprela, &sec->relas, list) {
> + if (!must_convert(rela->sym))
> + continue;
> +
> + sp = calloc(1, sizeof(struct sympos));
> + if (!sp) {
> + WARN("Unable to allocate memory for sympos");
> + return -1;
> + }
> + if (!find_missing_position(rela->sym, sp)) {
> + WARN("Unable to find missing symbol");
> + return -1;
> + }
> + if (!convert_rela(sec, rela, sp, klp_elf)) {
> + WARN("Unable to convert relocation");
> + return -1;
> + }
> + free(sp);
> + }
> + }
> +
> + free_syms_lists();
> + if (elf_write_file(klp_elf, klp_out_module))
> + return -1;
> +
> + return 0;
> +}
> diff --git a/scripts/livepatch/list.h b/scripts/livepatch/list.h
> new file mode 100644
> index 000000000000..b324eb29c3b6
> --- /dev/null
> +++ b/scripts/livepatch/list.h
> @@ -0,0 +1,389 @@
> +#ifndef _LINUX_LIST_H
> +#define _LINUX_LIST_H
> +
> +/*
> + * Simple doubly linked list implementation.
> + *
> + * Some of the internal functions ("__xxx") are useful when
> + * manipulating whole lists rather than single entries, as
> + * sometimes we already know the next/prev entries and we can
> + * generate better code by using them directly rather than
> + * using the generic single-entry routines.
> + */
> +
> +#define WRITE_ONCE(a, b) (a = b)
> +#define READ_ONCE(a) a
> +
> +#undef offsetof
> +#define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
> +
> +/**
> + * container_of - cast a member of a structure out to the containing structure
> + * @ptr: the pointer to the member.
> + * @type: the type of the container struct this is embedded in.
> + * @member: the name of the member within the struct.
> + *
> + */
> +#define container_of(ptr, type, member) ({ \
> + const typeof(((type *)0)->member) * __mptr = (ptr); \
> + (type *)((char *)__mptr - offsetof(type, member)); })
> +
> +struct list_head {
> + struct list_head *next, *prev;
> +};
> +
> +#define LIST_HEAD_INIT(name) { &(name), &(name) }
> +
> +#define LIST_HEAD(name) \
> + struct list_head name = LIST_HEAD_INIT(name)
> +
> +static inline void INIT_LIST_HEAD(struct list_head *list)
> +{
> + WRITE_ONCE(list->next, list);
> + list->prev = list;
> +}
> +
> +/*
> + * Insert a new entry between two known consecutive entries.
> + *
> + * This is only for internal list manipulation where we know
> + * the prev/next entries already!
> + */
> +static inline void __list_add(struct list_head *new,
> + struct list_head *prev,
> + struct list_head *next)
> +{
> + next->prev = new;
> + new->next = next;
> + new->prev = prev;
> + WRITE_ONCE(prev->next, new);
> +}
> +
> +/**
> + * list_add - add a new entry
> + * @new: new entry to be added
> + * @head: list head to add it after
> + *
> + * Insert a new entry after the specified head.
> + * This is good for implementing stacks.
> + */
> +static inline void list_add(struct list_head *new, struct list_head *head)
> +{
> + __list_add(new, head, head->next);
> +}
> +
> +
> +/**
> + * list_add_tail - add a new entry
> + * @new: new entry to be added
> + * @head: list head to add it before
> + *
> + * Insert a new entry before the specified head.
> + * This is useful for implementing queues.
> + */
> +static inline void list_add_tail(struct list_head *new, struct list_head *head)
> +{
> + __list_add(new, head->prev, head);
> +}
> +
> +/*
> + * Delete a list entry by making the prev/next entries
> + * point to each other.
> + *
> + * This is only for internal list manipulation where we know
> + * the prev/next entries already!
> + */
> +static inline void __list_del(struct list_head *prev, struct list_head *next)
> +{
> + next->prev = prev;
> + WRITE_ONCE(prev->next, next);
> +}
> +
> +/**
> + * list_del - deletes entry from list.
> + * @entry: the element to delete from the list.
> + * Note: list_empty() on entry does not return true after this, the entry is
> + * in an undefined state.
> + */
> +static inline void __list_del_entry(struct list_head *entry)
> +{
> + __list_del(entry->prev, entry->next);
> +}
> +
> +static inline void list_del(struct list_head *entry)
> +{
> + __list_del(entry->prev, entry->next);
> +}
> +
> +/**
> + * list_is_last - tests whether @list is the last entry in list @head
> + * @list: the entry to test
> + * @head: the head of the list
> + */
> +static inline int list_is_last(const struct list_head *list,
> + const struct list_head *head)
> +{
> + return list->next == head;
> +}
> +
> +/**
> + * list_empty - tests whether a list is empty
> + * @head: the list to test.
> + */
> +static inline int list_empty(const struct list_head *head)
> +{
> + return READ_ONCE(head->next) == head;
> +}
> +
> +/**
> + * list_entry - get the struct for this entry
> + * @ptr: the &struct list_head pointer.
> + * @type: the type of the struct this is embedded in.
> + * @member: the name of the list_head within the struct.
> + */
> +#define list_entry(ptr, type, member) \
> + container_of(ptr, type, member)
> +
> +/**
> + * list_first_entry - get the first element from a list
> + * @ptr: the list head to take the element from.
> + * @type: the type of the struct this is embedded in.
> + * @member: the name of the list_head within the struct.
> + *
> + * Note, that list is expected to be not empty.
> + */
> +#define list_first_entry(ptr, type, member) \
> + list_entry((ptr)->next, type, member)
> +
> +/**
> + * list_last_entry - get the last element from a list
> + * @ptr: the list head to take the element from.
> + * @type: the type of the struct this is embedded in.
> + * @member: the name of the list_head within the struct.
> + *
> + * Note, that list is expected to be not empty.
> + */
> +#define list_last_entry(ptr, type, member) \
> + list_entry((ptr)->prev, type, member)
> +
> +/**
> + * list_first_entry_or_null - get the first element from a list
> + * @ptr: the list head to take the element from.
> + * @type: the type of the struct this is embedded in.
> + * @member: the name of the list_head within the struct.
> + *
> + * Note that if the list is empty, it returns NULL.
> + */
> +#define list_first_entry_or_null(ptr, type, member) \
> + (!list_empty(ptr) ? list_first_entry(ptr, type, member) : NULL)
> +
> +/**
> + * list_next_entry - get the next element in list
> + * @pos: the type * to cursor
> + * @member: the name of the list_head within the struct.
> + */
> +#define list_next_entry(pos, member) \
> + list_entry((pos)->member.next, typeof(*(pos)), member)
> +
> +/**
> + * list_prev_entry - get the prev element in list
> + * @pos: the type * to cursor
> + * @member: the name of the list_head within the struct.
> + */
> +#define list_prev_entry(pos, member) \
> + list_entry((pos)->member.prev, typeof(*(pos)), member)
> +
> +/**
> + * list_for_each - iterate over a list
> + * @pos: the &struct list_head to use as a loop cursor.
> + * @head: the head for your list.
> + */
> +#define list_for_each(pos, head) \
> + for (pos = (head)->next; pos != (head); pos = pos->next)
> +
> +/**
> + * list_for_each_prev - iterate over a list backwards
> + * @pos: the &struct list_head to use as a loop cursor.
> + * @head: the head for your list.
> + */
> +#define list_for_each_prev(pos, head) \
> + for (pos = (head)->prev; pos != (head); pos = pos->prev)
> +
> +/**
> + * list_for_each_safe - iterate over a list safe against removal of list entry
> + * @pos: the &struct list_head to use as a loop cursor.
> + * @n: another &struct list_head to use as temporary storage
> + * @head: the head for your list.
> + */
> +#define list_for_each_safe(pos, n, head) \
> + for (pos = (head)->next, n = pos->next; pos != (head); \
> + pos = n, n = pos->next)
> +
> +/**
> + * list_for_each_prev_safe - iterate over a list backwards safe against removal
> + of list entry
> + * @pos: the &struct list_head to use as a loop cursor.
> + * @n: another &struct list_head to use as temporary storage
> + * @head: the head for your list.
> + */
> +#define list_for_each_prev_safe(pos, n, head) \
> + for (pos = (head)->prev, n = pos->prev; \
> + pos != (head); \
> + pos = n, n = pos->prev)
> +
> +/**
> + * list_for_each_entry - iterate over list of given type
> + * @pos: the type * to use as a loop cursor.
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + */
> +#define list_for_each_entry(pos, head, member) \
> + for (pos = list_first_entry(head, typeof(*pos), member); \
> + &pos->member != (head); \
> + pos = list_next_entry(pos, member))
> +
> +/**
> + * list_for_each_entry_reverse - iterate backwards over list of given type.
> + * @pos: the type * to use as a loop cursor.
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + */
> +#define list_for_each_entry_reverse(pos, head, member) \
> + for (pos = list_last_entry(head, typeof(*pos), member); \
> + &pos->member != (head); \
> + pos = list_prev_entry(pos, member))
> +
> +/**
> + * list_prepare_entry - prepare a pos entry for use in
> + list_for_each_entry_continue()
> + * @pos: the type * to use as a start point
> + * @head: the head of the list
> + * @member: the name of the list_head within the struct.
> + *
> + * Prepares a pos entry for use as a start point in
> + list_for_each_entry_continue().
> + */
> +#define list_prepare_entry(pos, head, member) \
> + ((pos) ? : list_entry(head, typeof(*pos), member))
> +
> +/**
> + * list_for_each_entry_continue - continue iteration over list of given type
> + * @pos: the type * to use as a loop cursor.
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + *
> + * Continue to iterate over list of given type, continuing after
> + * the current position.
> + */
> +#define list_for_each_entry_continue(pos, head, member) \
> + for (pos = list_next_entry(pos, member); \
> + &pos->member != (head); \
> + pos = list_next_entry(pos, member))
> +
> +/**
> + * list_for_each_entry_continue_reverse - iterate backwards from the given point
> + * @pos: the type * to use as a loop cursor.
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + *
> + * Start to iterate over list of given type backwards, continuing after
> + * the current position.
> + */
> +#define list_for_each_entry_continue_reverse(pos, head, member) \
> + for (pos = list_prev_entry(pos, member); \
> + &pos->member != (head); \
> + pos = list_prev_entry(pos, member))
> +
> +/**
> + * list_for_each_entry_from - iterate over list of given type from the current
> + point
> + * @pos: the type * to use as a loop cursor.
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + *
> + * Iterate over list of given type, continuing from current position.
> + */
> +#define list_for_each_entry_from(pos, head, member) \
> + for (; &pos->member != (head); \
> + pos = list_next_entry(pos, member))
> +
> +/**
> + * list_for_each_entry_safe - iterate over list of given type safe against
> + removal of list entry
> + * @pos: the type * to use as a loop cursor.
> + * @n: another type * to use as temporary storage
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + */
> +#define list_for_each_entry_safe(pos, n, head, member) \
> + for (pos = list_first_entry(head, typeof(*pos), member), \
> + n = list_next_entry(pos, member); \
> + &pos->member != (head); \
> + pos = n, n = list_next_entry(n, member))
> +
> +/**
> + * list_for_each_entry_safe_continue - continue list iteration safe against
> + * removal
> + * @pos: the type * to use as a loop cursor.
> + * @n: another type * to use as temporary storage
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + *
> + * Iterate over list of given type, continuing after current point,
> + * safe against removal of list entry.
> + */
> +#define list_for_each_entry_safe_continue(pos, n, head, member) \
> + for (pos = list_next_entry(pos, member), \
> + n = list_next_entry(pos, member); \
> + &pos->member != (head); \
> + pos = n, n = list_next_entry(n, member))
> +
> +/**
> + * list_for_each_entry_safe_from - iterate over list from current point safe
> + * against removal
> + * @pos: the type * to use as a loop cursor.
> + * @n: another type * to use as temporary storage
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + *
> + * Iterate over list of given type from current point, safe against
> + * removal of list entry.
> + */
> +#define list_for_each_entry_safe_from(pos, n, head, member) \
> + for (n = list_next_entry(pos, member); \
> + &pos->member != (head); \
> + pos = n, n = list_next_entry(n, member))
> +
> +/**
> + * list_for_each_entry_safe_reverse - iterate backwards over list safe against
> + * removal
> + * @pos: the type * to use as a loop cursor.
> + * @n: another type * to use as temporary storage
> + * @head: the head for your list.
> + * @member: the name of the list_head within the struct.
> + *
> + * Iterate backwards over list of given type, safe against removal
> + * of list entry.
> + */
> +#define list_for_each_entry_safe_reverse(pos, n, head, member) \
> + for (pos = list_last_entry(head, typeof(*pos), member), \
> + n = list_prev_entry(pos, member); \
> + &pos->member != (head); \
> + pos = n, n = list_prev_entry(n, member))
> +
> +/**
> + * list_safe_reset_next - reset a stale list_for_each_entry_safe loop
> + * @pos: the loop cursor used in the list_for_each_entry_safe loop
> + * @n: temporary storage used in list_for_each_entry_safe
> + * @member: the name of the list_head within the struct.
> + *
> + * list_safe_reset_next is not safe to use in general if the list may be
> + * modified concurrently (eg. the lock is dropped in the loop body). An
> + * exception to this is if the cursor element (pos) is pinned in the list,
> + * and list_safe_reset_next is called after re-taking the lock and before
> + * completing the current iteration of the loop body.
> + */
> +#define list_safe_reset_next(pos, n, member) \
> + (n = list_next_entry(pos, member))
> +
> +#endif
>
Hi Joao,
A few nitpicks in-line below...
On Tue, Aug 29, 2017 at 04:01:34PM -0300, Joao Moreira wrote:
> For automatic resolution of livepatch relocations, a file called
> Symbols.list is used. This file maps symbols within every compiled
> kernel object allowing the identification of symbols whose name is
> unique, thus relocation can be automatically inferred, or providing
> information that helps developers when code annotation is required for
> solving the matter.
>
> Add support for creating Symbols.list in the main Makefile. First,
> ensure that built-in is compiled when CONFIG_LIVEPATCH is enabled (as
> required to achieve a complete Symbols.list file). Define the command to
> build Symbols.list (cmd_klp_map) and hook it in the modules rule.
>
> As it is undesirable to have symbols from livepatch objects inside
> Symbols.list, make livepatches discernible by modifying
> scripts/Makefile.build to create a .livepatch file for each livepatch
> in $(MODVERDIR). This file is then used by cmd_klp_map to identify and
> bypass livepatches.
>
> For identifying livepatches during the build process, a flag variable
> LIVEPATCH_$(basetarget).o is considered in scripts/Makefile.build. This
> way, set this flag for the livepatch sample Makefile in
> samples/livepatch/Makefile.
I've never tried building a livepatch out of tree (is that even
possible?) but does this make it any more/less harder?
> Finally, Add a clean rule to ensure that Symbols.list is removed during
> clean.
>
> Notes:
>
> To achieve a correct Symbols.list file, all kernel objects must be
> considered, thus, its construction require these objects to be priorly
> built. On the other hand, invoking scripts/Makefile.modpost without
> having a complete Symbols.list in place would occasionally lead to
> in-tree livepatches being post-processed incorrectly. To prevent this
> from becoming a circular dependency, the construction of Symbols.list
> uses non-post-processed kernel objects and such does not cause harm as
> the symbols normally referenced from within livepatches are visible at
> this stage. Also due to these requirements, the spot in-between modules
> compilation and the invocation of scripts/Makefile.modpost was picked
> for hooking cmd_klp_map.
>
> The approach based on .livepatch files was proposed as an alternative
> to using MODULE_INFO statementes. This approach was originally
^^^^^^^^^^^
nit: s/statementes/statements
> proposed by Miroslav Benes as a workaround for identifying livepathces
^^^^^^^^^^^
nit: s/livepathces/livepatches
> without depending on modinfo during the modpost stage. It was moved to
> this patch as the approach also shown to be useful while building
> Symbols.list.
>
> Signed-off-by: Joao Moreira <[email protected]>
> ---
> .gitignore | 1 +
> Makefile | 27 ++++++++++++++++++++++++---
> samples/livepatch/Makefile | 1 +
> scripts/Makefile.build | 6 ++++++
> 4 files changed, 32 insertions(+), 3 deletions(-)
>
> diff --git a/.gitignore b/.gitignore
> index 0c39aa20b6ba..e6a67517a3bc 100644
> --- a/.gitignore
> +++ b/.gitignore
> @@ -39,6 +39,7 @@ Module.symvers
> *.dwo
> *.su
> *.c.[012]*.*
> +Symbols.list
>
> #
> # Top-level generic files
> diff --git a/Makefile b/Makefile
> index e40c471abe29..e1d315e585d8 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -320,10 +320,13 @@ KBUILD_BUILTIN := 1
> # If we have only "make modules", don't compile built-in objects.
> # When we're building modules with modversions, we need to consider
> # the built-in objects during the descend as well, in order to
> -# make sure the checksums are up to date before we record them.
> +# make sure the checksums are up to date before we record them. The
> +# same applies for building livepatches, as built-in objects may hold
> +# symbols which are referenced from livepatches and are required by
> +# klp-convert post-processing tool for resolving these cases.
>
> ifeq ($(MAKECMDGOALS),modules)
> - KBUILD_BUILTIN := $(if $(CONFIG_MODVERSIONS),1)
> + KBUILD_BUILTIN := $(if $(or $(CONFIG_MODVERSIONS), $(CONFIG_LIVEPATCH)),1)
> endif
>
> # If we have "make <whatever> modules", compile modules
> @@ -1207,9 +1210,24 @@ all: modules
> # duplicate lines in modules.order files. Those are removed
> # using awk while concatenating to the final file.
>
> +quiet_cmd_klp_map = LIVEPATCH Symbols.list
nit: I don't think any other quiet_cmd invocations put a tab between the
label and file list. That said, "LIVEPATCH" is > 8 chars, so it's not
going to line up anyway.
> +SLIST = $(objtree)/Symbols.list
> +
> +define cmd_klp_map
> + $(shell echo "*vmlinux" > $(SLIST)) \
> + $(shell nm -f posix $(objtree)/vmlinux | cut -d\ -f1 >> $(SLIST)) \
> + $(foreach m, $(wildcard $(MODVERDIR)/*.mod), \
> + $(eval mod = $(patsubst %.ko,%.o,$(shell head -n1 $(m)))) \
> + $(if $(wildcard $(MODVERDIR)/$(shell basename -s .o $(mod)).livepatch),,\
> + $(eval fmod = $(subst $(quote),_,$(subst -,_,$(mod)))) \
> + $(shell echo "*$(shell basename -s .o $(fmod))" >> $(SLIST)) \
> + $(shell nm -f posix $(mod) | cut -d\ -f1 >> $(SLIST))))
> +endef
> +
> PHONY += modules
> modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
> $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
> + $(if $(CONFIG_LIVEPATCH), $(call cmd,klp_map))
> @$(kecho) ' Building modules, stage 2.';
> $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
> $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.fwinst obj=firmware __fw_modbuild
> @@ -1306,7 +1324,10 @@ vmlinuxclean:
> $(Q)$(CONFIG_SHELL) $(srctree)/scripts/link-vmlinux.sh clean
> $(Q)$(if $(ARCH_POSTLINK), $(MAKE) -f $(ARCH_POSTLINK) clean)
>
> -clean: archclean vmlinuxclean
> +klpclean:
> + $(Q) rm -f $(objtree)/Symbols.list
> +
> +clean: archclean vmlinuxclean klpclean
Does the klpclean target need to be added to the PHONY variable?
% touch klpclean
% make klpclean
make: 'klpclean' is up to date.
% ls -l Symbols.list
-rw-r--r--. 1 jolawren jolawren 2323179 Aug 29 16:55 Symbols.list
>
> # mrproper - Delete all generated files, including .config
> #
> diff --git a/samples/livepatch/Makefile b/samples/livepatch/Makefile
> index 10319d7ea0b1..955e7ac12d2b 100644
> --- a/samples/livepatch/Makefile
> +++ b/samples/livepatch/Makefile
> @@ -1 +1,2 @@
> +LIVEPATCH_livepatch-sample.o := y
> obj-$(CONFIG_SAMPLE_LIVEPATCH) += livepatch-sample.o
> diff --git a/scripts/Makefile.build b/scripts/Makefile.build
> index 733e044fff8b..d0c32a50cce7 100644<F2>
> --- a/scripts/Makefile.build
> +++ b/scripts/Makefile.build
> @@ -276,6 +276,11 @@ objtool_obj = $(if $(patsubst y%,, \
> endif # SKIP_STACK_VALIDATION
> endif # CONFIG_STACK_VALIDATION
>
> +ifdef CONFIG_LIVEPATCH
> +cmd_livepatch = $(if $(LIVEPATCH_$(basetarget).o), \
> + $(shell touch $(MODVERDIR)/$(basetarget).livepatch))
> +endif
> +
> define rule_cc_o_c
> $(call echo-cmd,checksrc) $(cmd_checksrc) \
> $(call cmd_and_fixdep,cc_o_c) \
> @@ -309,6 +314,7 @@ $(single-used-m): $(obj)/%.o: $(src)/%.c $(recordmcount_source) $(objtool_obj) F
> $(call if_changed_rule,cc_o_c)
> @{ echo $(@:.o=.ko); echo $@; \
> $(cmd_undef_syms); } > $(MODVERDIR)/$(@F:.o=.mod)
> + $(call cmd_livepatch)
>
> quiet_cmd_cc_lst_c = MKLST $@
> cmd_cc_lst_c = $(CC) $(c_flags) -g -c -o $*.o $< && \
> --
> 2.12.0
>
I'll try to dig in deeper and tinker with the patchset next week.
Regards,
-- Joe
On Thu, Aug 31, 2017 at 11:24:39AM -0400, Joe Lawrence wrote:
> > +quiet_cmd_klp_map = LIVEPATCH Symbols.list
>
> nit: I don't think any other quiet_cmd invocations put a tab between the
> label and file list. That said, "LIVEPATCH" is > 8 chars, so it's not
> going to line up anyway.
Maybe "SYMBOLS" would be more appropriate (and would fit).
--
Josh
On 08/31/2017 12:24 PM, Joe Lawrence wrote:
> Hi Joao,
>
Hi Joe and Josh,
Thanks for the quick feedback, I'll be looking forward for your comments
once you have the change to dig deeper :). I'll apply all typo-fixes,
add klpclean to the PHONY targets and change the quiet_cmd invocation as
suggested in v2.
>> For identifying livepatches during the build process, a flag variable
>> LIVEPATCH_$(basetarget).o is considered in scripts/Makefile.build. This
>> way, set this flag for the livepatch sample Makefile in
>> samples/livepatch/Makefile.
>
> I've never tried building a livepatch out of tree (is that even
> possible?) but does this make it any more/less harder?
Tbh, I never had tried it before, so I just emulated the process and it
was simple and successful. All it required in addition to what is
regular, was the introduction of the "LIVEPATCH_($bastarget).o := y"
into the Makefile. All else was implicitly handled by Kbuild.
Best,
Joao