Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5126409yba; Wed, 10 Apr 2019 11:56:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqywvDWgZ575gGPZ4LhXVde7JXSPjyOTOAU2MWivqQ0SIsPRZLPQAEE5uOXBTE7e/5sQLPV6 X-Received: by 2002:a63:e915:: with SMTP id i21mr42404268pgh.297.1554922614797; Wed, 10 Apr 2019 11:56:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554922614; cv=none; d=google.com; s=arc-20160816; b=m7VN+EOx3I9Dhoh7ahmKD9nAns1UoA/1WxknX2iMMSL5SQQ1q6/QV9l/rYcODlVJX8 5pltMUd0ubXzaeks2SMDrPmGydXjWPH3v8c8QC5KAiIWcCgNSMErHsligqmVN8XWaLYl FJVgR8ig6U4uxZ7kdctGFY0C0V69owUoBqTMwz/SqSyfgcFT9ILtKYvgNiS7WswuBAEs ICvzqKcsCLjV5zwXQFBYiF9zPc8m//5SKY5SYOsHNWhzCLdqNTMnOanPpPhC5y/pe5QR pI3bqYorhkY4c1Rx83xk4ZyVgX2XNKeyGwfinFOdSBxAGE56ZTQlt/D7/y3F8VE7UXMO fFgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=4ZpwYdn5ZRSvpWvvIJnwF97Nzx+ltQmI0G/vfeTcKQg=; b=l2W/18R2QSicXRZiJf+ysATsg7I1z2Zk1WhxHOCR8TFImogc8fFjgJMLL24PhwY8b8 j7BHmtaghZiLe4e4JdE5POO9XD1jbYV59cgmeA/BtbaIrzevQQi/b4NPxxBzlLN576pC HQOCDEnOSbtRXmgZe2wDTTGs5G9csykpJbvAYnXW6C4f1gcFJ+1J+CY1O6zezimjT0ix kcjdzQvVibmJsHZVwooAFHLfLw/tNUZi/7QuCfTzNzJLEWLxbz8d9CYOPqaSYZ4Q04+d 67fjIMLkA8UIUcLHZ5apKTANqLFJ9drz4Y2pm/Nt8yXRKqxALrXEiIVlnIi+cZyi06PT YvzA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q12si32945574plr.434.2019.04.10.11.56.39; Wed, 10 Apr 2019 11:56:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387497AbfDJPvL (ORCPT + 99 others); Wed, 10 Apr 2019 11:51:11 -0400 Received: from mx1.redhat.com ([209.132.183.28]:17094 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387480AbfDJPvH (ORCPT ); Wed, 10 Apr 2019 11:51:07 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6D4B58B139; Wed, 10 Apr 2019 15:51:07 +0000 (UTC) Received: from jlaw-desktop.bos.redhat.com (dhcp-17-208.bos.redhat.com [10.18.17.208]) by smtp.corp.redhat.com (Postfix) with ESMTP id 07F791017B45; Wed, 10 Apr 2019 15:51:05 +0000 (UTC) From: Joe Lawrence To: linux-kernel@vger.kernel.org, live-patching@vger.kernel.org, linux-kbuild@vger.kernel.org Cc: Jessica Yu , Jiri Kosina , Joao Moreira , Joe Lawrence , Josh Poimboeuf , Konstantin Khlebnikov , Masahiro Yamada , Michael Matz , Miroslav Benes , Nicolai Stange , Petr Mladek Subject: [PATCH v3 2/9] kbuild: Support for Symbols.list creation Date: Wed, 10 Apr 2019 11:50:51 -0400 Message-Id: <20190410155058.9437-3-joe.lawrence@redhat.com> In-Reply-To: <20190410155058.9437-1-joe.lawrence@redhat.com> References: <20190410155058.9437-1-joe.lawrence@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 10 Apr 2019 15:51:07 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Joao Moreira For automatic resolution of livepatch relocations, a file called Symbols.list is used. This file maps symbols within every compiled kernel object allowing the identification of symbols whose name is unique, thus relocation can be automatically inferred, or providing information that helps developers when code annotation is required for solving the matter. Add support for creating Symbols.list in the main Makefile. First, ensure that built-in is compiled when CONFIG_LIVEPATCH is enabled (as required to achieve a complete Symbols.list file). Define the command to build Symbols.list (cmd_klp_map) and hook it in the modules rule. As it is undesirable to have symbols from livepatch objects inside Symbols.list, make livepatches discernible by modifying scripts/Makefile.build to create a .livepatch file for each livepatch in $(MODVERDIR). This file then used by cmd_klp_map to identify and bypass livepatches. For identifying livepatches during the build process, a flag variable LIVEPATCH_$(basetarget).o is considered in scripts/Makefile.build. This way, set this flag for the livepatch sample Makefile in samples/livepatch/Makefile. Finally, Add a clean rule to ensure that Symbols.list is removed during clean. Notes: To achieve a correct Symbols.list file, all kernel objects must be considered, thus, its construction require these objects to be priorly built. On the other hand, invoking scripts/Makefile.modpost without having a complete Symbols.list in place would occasionally lead to in-tree livepatches being post-processed incorrectly. To prevent this from becoming a circular dependency, the construction of Symbols.list uses non-post-processed kernel objects and such does not cause harm as the symbols normally referenced from within livepatches are visible at this stage. Also due to these requirements, the spot in-between modules compilation and the invocation of scripts/Makefile.modpost was picked for hooking cmd_klp_map. The approach based on .livepatch files was proposed as an alternative to using MODULE_INFO statements. This approach was originally proposed by Miroslav Benes as a workaround for identifying livepathes without depending on modinfo during the modpost stage. It was moved to this patch as the approach also shown to be useful while building Symbols.list. Signed-off-by: Joao Moreira Signed-off-by: Joe Lawrence --- .gitignore | 1 + Makefile | 30 ++++++++++++++++++++++++++---- samples/livepatch/Makefile | 1 + scripts/Makefile.build | 7 +++++++ 4 files changed, 35 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index a20ac26aa2f5..5cd5758f5ffe 100644 --- a/.gitignore +++ b/.gitignore @@ -45,6 +45,7 @@ *.xz Module.symvers modules.builtin +Symbols.list # # Top-level generic files diff --git a/Makefile b/Makefile index 15c8251d4d5e..2c07bdd87b2f 100644 --- a/Makefile +++ b/Makefile @@ -574,10 +574,13 @@ KBUILD_BUILTIN := 1 # If we have only "make modules", don't compile built-in objects. # When we're building modules with modversions, we need to consider # the built-in objects during the descend as well, in order to -# make sure the checksums are up to date before we record them. +# make sure the checksums are up to date before we record them. The +# same applies for building livepatches, as built-in objects may hold +# symbols which are referenced from livepatches and are required by +# klp-convert post-processing tool for resolving these cases. ifeq ($(MAKECMDGOALS),modules) - KBUILD_BUILTIN := $(if $(CONFIG_MODVERSIONS),1) + KBUILD_BUILTIN := $(if $(or $(CONFIG_MODVERSIONS), $(CONFIG_LIVEPATCH)),1) endif # If we have "make modules", compile modules @@ -1261,9 +1264,25 @@ all: modules # duplicate lines in modules.order files. Those are removed # using awk while concatenating to the final file. +quiet_cmd_klp_map = KLP Symbols.list +SLIST = $(objtree)/Symbols.list + +define cmd_klp_map + $(shell echo "klp-convert-symbol-data.0.1" > $(SLIST)) \ + $(shell echo "*vmlinux" >> $(SLIST)) \ + $(shell nm -f posix $(objtree)/vmlinux | cut -d\ -f1 >> $(SLIST)) \ + $(foreach m, $(wildcard $(MODVERDIR)/*.mod), \ + $(eval mod = $(patsubst %.ko,%.o,$(shell head -n1 $(m)))) \ + $(if $(wildcard $(MODVERDIR)/$(shell basename -s .o $(mod)).livepatch),,\ + $(eval fmod = $(subst $(quote),_,$(subst -,_,$(mod)))) \ + $(shell echo "*$(shell basename -s .o $(fmod))" >> $(SLIST)) \ + $(shell nm -f posix $(mod) | cut -d\ -f1 >> $(SLIST)))) +endef + PHONY += modules modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order + $(if $(CONFIG_LIVEPATCH), $(call cmd,klp_map)) @$(kecho) ' Building modules, stage 2.'; $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost @@ -1350,7 +1369,7 @@ clean: rm-dirs := $(CLEAN_DIRS) clean: rm-files := $(CLEAN_FILES) clean-dirs := $(addprefix _clean_, . $(vmlinux-alldirs) Documentation samples) -PHONY += $(clean-dirs) clean archclean vmlinuxclean +PHONY += $(clean-dirs) clean archclean vmlinuxclean klpclean $(clean-dirs): $(Q)$(MAKE) $(clean)=$(patsubst _clean_%,%,$@) @@ -1358,7 +1377,10 @@ vmlinuxclean: $(Q)$(CONFIG_SHELL) $(srctree)/scripts/link-vmlinux.sh clean $(Q)$(if $(ARCH_POSTLINK), $(MAKE) -f $(ARCH_POSTLINK) clean) -clean: archclean vmlinuxclean +klpclean: + $(Q) rm -f $(objtree)/Symbols.list + +clean: archclean vmlinuxclean klpclean # mrproper - Delete all generated files, including .config # diff --git a/samples/livepatch/Makefile b/samples/livepatch/Makefile index 2472ce39a18d..8b9b42a258ad 100644 --- a/samples/livepatch/Makefile +++ b/samples/livepatch/Makefile @@ -1,3 +1,4 @@ +LIVEPATCH_livepatch-sample := y obj-$(CONFIG_SAMPLE_LIVEPATCH) += livepatch-sample.o obj-$(CONFIG_SAMPLE_LIVEPATCH) += livepatch-shadow-mod.o obj-$(CONFIG_SAMPLE_LIVEPATCH) += livepatch-shadow-fix1.o diff --git a/scripts/Makefile.build b/scripts/Makefile.build index 76ca30cc4791..ca76bd2080f0 100644 --- a/scripts/Makefile.build +++ b/scripts/Makefile.build @@ -246,6 +246,11 @@ cmd_gen_ksymdeps = \ $(CONFIG_SHELL) $(srctree)/scripts/gen_ksymdeps.sh $@ >> $(dot-target).cmd endif +ifdef CONFIG_LIVEPATCH +cmd_livepatch = $(if $(LIVEPATCH_$(basetarget)), \ + $(shell touch $(MODVERDIR)/$(basetarget).livepatch)) +endif + define rule_cc_o_c $(call cmd,checksrc) $(call cmd_and_fixdep,cc_o_c) @@ -280,6 +285,7 @@ $(obj)/%.o: $(src)/%.c $(recordmcount_source) $(objtool_dep) FORCE $(single-used-m): $(obj)/%.o: $(src)/%.c $(recordmcount_source) $(objtool_dep) FORCE $(call cmd,force_checksrc) $(call if_changed_rule,cc_o_c) + $(call cmd_livepatch) @{ echo $(@:.o=.ko); echo $@; \ $(cmd_undef_syms); } > $(MODVERDIR)/$(@F:.o=.mod) @@ -456,6 +462,7 @@ cmd_link_multi-m = $(LD) $(ld_flags) -r -o $@ $(filter %.o,$^) $(cmd_secanalysis $(multi-used-m): FORCE $(call if_changed,link_multi-m) + $(call cmd,livepatch) @{ echo $(@:.o=.ko); echo $(filter %.o,$^); \ $(cmd_undef_syms); } > $(MODVERDIR)/$(@F:.o=.mod) $(call multi_depend, $(multi-used-m), .o, -objs -y -m) -- 2.20.1