tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'livepatching-for-6.11' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching

Pull livepatching update from Petr Mladek:

- show patch->replace flag in sysfs

- add or improve few selftests

* tag 'livepatching-for-6.11' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching:
livepatch: Replace snprintf() with sysfs_emit()
selftests/livepatch: Add selftests for "replace" sysfs attribute
livepatch: Add "replace" sysfs attribute
selftests: livepatch: Test atomic replace against multiple modules
selftests/livepatch: define max test-syscall processes

Linus Torvalds d2d721e2 28bbe4ea

+163 -53
+8
Documentation/ABI/testing/sysfs-kernel-livepatch
··· 47 47 disabled when the feature is used. See 48 48 Documentation/livepatch/livepatch.rst for more information. 49 49 50 + What: /sys/kernel/livepatch/<patch>/replace 51 + Date: Jun 2024 52 + KernelVersion: 6.11.0 53 + Contact: live-patching@vger.kernel.org 54 + Description: 55 + An attribute which indicates whether the patch supports 56 + atomic-replace. 57 + 50 58 What: /sys/kernel/livepatch/<patch>/<object> 51 59 Date: Nov 2014 52 60 KernelVersion: 3.19.0
+14 -3
kernel/livepatch/core.c
··· 346 346 * /sys/kernel/livepatch/<patch>/enabled 347 347 * /sys/kernel/livepatch/<patch>/transition 348 348 * /sys/kernel/livepatch/<patch>/force 349 + * /sys/kernel/livepatch/<patch>/replace 349 350 * /sys/kernel/livepatch/<patch>/<object> 350 351 * /sys/kernel/livepatch/<patch>/<object>/patched 351 352 * /sys/kernel/livepatch/<patch>/<object>/<function,sympos> ··· 402 401 struct klp_patch *patch; 403 402 404 403 patch = container_of(kobj, struct klp_patch, kobj); 405 - return snprintf(buf, PAGE_SIZE-1, "%d\n", patch->enabled); 404 + return sysfs_emit(buf, "%d\n", patch->enabled); 406 405 } 407 406 408 407 static ssize_t transition_show(struct kobject *kobj, ··· 411 410 struct klp_patch *patch; 412 411 413 412 patch = container_of(kobj, struct klp_patch, kobj); 414 - return snprintf(buf, PAGE_SIZE-1, "%d\n", 415 - patch == klp_transition_patch); 413 + return sysfs_emit(buf, "%d\n", patch == klp_transition_patch); 416 414 } 417 415 418 416 static ssize_t force_store(struct kobject *kobj, struct kobj_attribute *attr, ··· 443 443 return count; 444 444 } 445 445 446 + static ssize_t replace_show(struct kobject *kobj, 447 + struct kobj_attribute *attr, char *buf) 448 + { 449 + struct klp_patch *patch; 450 + 451 + patch = container_of(kobj, struct klp_patch, kobj); 452 + return sysfs_emit(buf, "%d\n", patch->replace); 453 + } 454 + 446 455 static struct kobj_attribute enabled_kobj_attr = __ATTR_RW(enabled); 447 456 static struct kobj_attribute transition_kobj_attr = __ATTR_RO(transition); 448 457 static struct kobj_attribute force_kobj_attr = __ATTR_WO(force); 458 + static struct kobj_attribute replace_kobj_attr = __ATTR_RO(replace); 449 459 static struct attribute *klp_patch_attrs[] = { 450 460 &enabled_kobj_attr.attr, 451 461 &transition_kobj_attr.attr, 452 462 &force_kobj_attr.attr, 463 + &replace_kobj_attr.attr, 453 464 NULL 454 465 }; 455 466 ATTRIBUTE_GROUPS(klp_patch);
+89 -49
tools/testing/selftests/livepatch/test-livepatch.sh
··· 4 4 5 5 . $(dirname $0)/functions.sh 6 6 7 - MOD_LIVEPATCH=test_klp_livepatch 7 + MOD_LIVEPATCH1=test_klp_livepatch 8 + MOD_LIVEPATCH2=test_klp_syscall 9 + MOD_LIVEPATCH3=test_klp_callbacks_demo 8 10 MOD_REPLACE=test_klp_atomic_replace 9 11 10 12 setup_config ··· 18 16 19 17 start_test "basic function patching" 20 18 21 - load_lp $MOD_LIVEPATCH 19 + load_lp $MOD_LIVEPATCH1 22 20 23 - if [[ "$(cat /proc/cmdline)" != "$MOD_LIVEPATCH: this has been live patched" ]] ; then 21 + if [[ "$(cat /proc/cmdline)" != "$MOD_LIVEPATCH1: this has been live patched" ]] ; then 24 22 echo -e "FAIL\n\n" 25 23 die "livepatch kselftest(s) failed" 26 24 fi 27 25 28 - disable_lp $MOD_LIVEPATCH 29 - unload_lp $MOD_LIVEPATCH 26 + disable_lp $MOD_LIVEPATCH1 27 + unload_lp $MOD_LIVEPATCH1 30 28 31 - if [[ "$(cat /proc/cmdline)" == "$MOD_LIVEPATCH: this has been live patched" ]] ; then 29 + if [[ "$(cat /proc/cmdline)" == "$MOD_LIVEPATCH1: this has been live patched" ]] ; then 32 30 echo -e "FAIL\n\n" 33 31 die "livepatch kselftest(s) failed" 34 32 fi 35 33 36 - check_result "% insmod test_modules/$MOD_LIVEPATCH.ko 37 - livepatch: enabling patch '$MOD_LIVEPATCH' 38 - livepatch: '$MOD_LIVEPATCH': initializing patching transition 39 - livepatch: '$MOD_LIVEPATCH': starting patching transition 40 - livepatch: '$MOD_LIVEPATCH': completing patching transition 41 - livepatch: '$MOD_LIVEPATCH': patching complete 42 - % echo 0 > /sys/kernel/livepatch/$MOD_LIVEPATCH/enabled 43 - livepatch: '$MOD_LIVEPATCH': initializing unpatching transition 44 - livepatch: '$MOD_LIVEPATCH': starting unpatching transition 45 - livepatch: '$MOD_LIVEPATCH': completing unpatching transition 46 - livepatch: '$MOD_LIVEPATCH': unpatching complete 47 - % rmmod $MOD_LIVEPATCH" 34 + check_result "% insmod test_modules/$MOD_LIVEPATCH1.ko 35 + livepatch: enabling patch '$MOD_LIVEPATCH1' 36 + livepatch: '$MOD_LIVEPATCH1': initializing patching transition 37 + livepatch: '$MOD_LIVEPATCH1': starting patching transition 38 + livepatch: '$MOD_LIVEPATCH1': completing patching transition 39 + livepatch: '$MOD_LIVEPATCH1': patching complete 40 + % echo 0 > /sys/kernel/livepatch/$MOD_LIVEPATCH1/enabled 41 + livepatch: '$MOD_LIVEPATCH1': initializing unpatching transition 42 + livepatch: '$MOD_LIVEPATCH1': starting unpatching transition 43 + livepatch: '$MOD_LIVEPATCH1': completing unpatching transition 44 + livepatch: '$MOD_LIVEPATCH1': unpatching complete 45 + % rmmod $MOD_LIVEPATCH1" 48 46 49 47 50 48 # - load a livepatch that modifies the output from /proc/cmdline and ··· 55 53 56 54 start_test "multiple livepatches" 57 55 58 - load_lp $MOD_LIVEPATCH 56 + load_lp $MOD_LIVEPATCH1 59 57 60 58 grep 'live patched' /proc/cmdline > /dev/kmsg 61 59 grep 'live patched' /proc/meminfo > /dev/kmsg ··· 71 69 grep 'live patched' /proc/cmdline > /dev/kmsg 72 70 grep 'live patched' /proc/meminfo > /dev/kmsg 73 71 74 - disable_lp $MOD_LIVEPATCH 75 - unload_lp $MOD_LIVEPATCH 72 + disable_lp $MOD_LIVEPATCH1 73 + unload_lp $MOD_LIVEPATCH1 76 74 77 75 grep 'live patched' /proc/cmdline > /dev/kmsg 78 76 grep 'live patched' /proc/meminfo > /dev/kmsg 79 77 80 - check_result "% insmod test_modules/$MOD_LIVEPATCH.ko 81 - livepatch: enabling patch '$MOD_LIVEPATCH' 82 - livepatch: '$MOD_LIVEPATCH': initializing patching transition 83 - livepatch: '$MOD_LIVEPATCH': starting patching transition 84 - livepatch: '$MOD_LIVEPATCH': completing patching transition 85 - livepatch: '$MOD_LIVEPATCH': patching complete 86 - $MOD_LIVEPATCH: this has been live patched 78 + check_result "% insmod test_modules/$MOD_LIVEPATCH1.ko 79 + livepatch: enabling patch '$MOD_LIVEPATCH1' 80 + livepatch: '$MOD_LIVEPATCH1': initializing patching transition 81 + livepatch: '$MOD_LIVEPATCH1': starting patching transition 82 + livepatch: '$MOD_LIVEPATCH1': completing patching transition 83 + livepatch: '$MOD_LIVEPATCH1': patching complete 84 + $MOD_LIVEPATCH1: this has been live patched 87 85 % insmod test_modules/$MOD_REPLACE.ko replace=0 88 86 livepatch: enabling patch '$MOD_REPLACE' 89 87 livepatch: '$MOD_REPLACE': initializing patching transition 90 88 livepatch: '$MOD_REPLACE': starting patching transition 91 89 livepatch: '$MOD_REPLACE': completing patching transition 92 90 livepatch: '$MOD_REPLACE': patching complete 93 - $MOD_LIVEPATCH: this has been live patched 91 + $MOD_LIVEPATCH1: this has been live patched 94 92 $MOD_REPLACE: this has been live patched 95 93 % echo 0 > /sys/kernel/livepatch/$MOD_REPLACE/enabled 96 94 livepatch: '$MOD_REPLACE': initializing unpatching transition ··· 98 96 livepatch: '$MOD_REPLACE': completing unpatching transition 99 97 livepatch: '$MOD_REPLACE': unpatching complete 100 98 % rmmod $MOD_REPLACE 101 - $MOD_LIVEPATCH: this has been live patched 102 - % echo 0 > /sys/kernel/livepatch/$MOD_LIVEPATCH/enabled 103 - livepatch: '$MOD_LIVEPATCH': initializing unpatching transition 104 - livepatch: '$MOD_LIVEPATCH': starting unpatching transition 105 - livepatch: '$MOD_LIVEPATCH': completing unpatching transition 106 - livepatch: '$MOD_LIVEPATCH': unpatching complete 107 - % rmmod $MOD_LIVEPATCH" 99 + $MOD_LIVEPATCH1: this has been live patched 100 + % echo 0 > /sys/kernel/livepatch/$MOD_LIVEPATCH1/enabled 101 + livepatch: '$MOD_LIVEPATCH1': initializing unpatching transition 102 + livepatch: '$MOD_LIVEPATCH1': starting unpatching transition 103 + livepatch: '$MOD_LIVEPATCH1': completing unpatching transition 104 + livepatch: '$MOD_LIVEPATCH1': unpatching complete 105 + % rmmod $MOD_LIVEPATCH1" 108 106 109 107 110 108 # - load a livepatch that modifies the output from /proc/cmdline and 111 109 # verify correct behavior 112 - # - load an atomic replace livepatch and verify that only the second is active 113 - # - remove the first livepatch and verify that the atomic replace livepatch 114 - # is still active 110 + # - load two additional livepatches and check the number of livepatch modules 111 + # applied 112 + # - load an atomic replace livepatch and check that the other three modules were 113 + # disabled 114 + # - remove all livepatches besides the atomic replace one and verify that the 115 + # atomic replace livepatch is still active 115 116 # - remove the atomic replace livepatch and verify that none are active 116 117 117 118 start_test "atomic replace livepatch" 118 119 119 - load_lp $MOD_LIVEPATCH 120 + load_lp $MOD_LIVEPATCH1 120 121 121 122 grep 'live patched' /proc/cmdline > /dev/kmsg 122 123 grep 'live patched' /proc/meminfo > /dev/kmsg 124 + 125 + for mod in $MOD_LIVEPATCH2 $MOD_LIVEPATCH3; do 126 + load_lp "$mod" 127 + done 128 + 129 + mods=(/sys/kernel/livepatch/*) 130 + nmods=${#mods[@]} 131 + if [ "$nmods" -ne 3 ]; then 132 + die "Expecting three modules listed, found $nmods" 133 + fi 123 134 124 135 load_lp $MOD_REPLACE replace=1 125 136 126 137 grep 'live patched' /proc/cmdline > /dev/kmsg 127 138 grep 'live patched' /proc/meminfo > /dev/kmsg 128 139 129 - unload_lp $MOD_LIVEPATCH 140 + mods=(/sys/kernel/livepatch/*) 141 + nmods=${#mods[@]} 142 + if [ "$nmods" -ne 1 ]; then 143 + die "Expecting only one moduled listed, found $nmods" 144 + fi 145 + 146 + # These modules were disabled by the atomic replace 147 + for mod in $MOD_LIVEPATCH3 $MOD_LIVEPATCH2 $MOD_LIVEPATCH1; do 148 + unload_lp "$mod" 149 + done 130 150 131 151 grep 'live patched' /proc/cmdline > /dev/kmsg 132 152 grep 'live patched' /proc/meminfo > /dev/kmsg ··· 159 135 grep 'live patched' /proc/cmdline > /dev/kmsg 160 136 grep 'live patched' /proc/meminfo > /dev/kmsg 161 137 162 - check_result "% insmod test_modules/$MOD_LIVEPATCH.ko 163 - livepatch: enabling patch '$MOD_LIVEPATCH' 164 - livepatch: '$MOD_LIVEPATCH': initializing patching transition 165 - livepatch: '$MOD_LIVEPATCH': starting patching transition 166 - livepatch: '$MOD_LIVEPATCH': completing patching transition 167 - livepatch: '$MOD_LIVEPATCH': patching complete 168 - $MOD_LIVEPATCH: this has been live patched 138 + check_result "% insmod test_modules/$MOD_LIVEPATCH1.ko 139 + livepatch: enabling patch '$MOD_LIVEPATCH1' 140 + livepatch: '$MOD_LIVEPATCH1': initializing patching transition 141 + livepatch: '$MOD_LIVEPATCH1': starting patching transition 142 + livepatch: '$MOD_LIVEPATCH1': completing patching transition 143 + livepatch: '$MOD_LIVEPATCH1': patching complete 144 + $MOD_LIVEPATCH1: this has been live patched 145 + % insmod test_modules/$MOD_LIVEPATCH2.ko 146 + livepatch: enabling patch '$MOD_LIVEPATCH2' 147 + livepatch: '$MOD_LIVEPATCH2': initializing patching transition 148 + livepatch: '$MOD_LIVEPATCH2': starting patching transition 149 + livepatch: '$MOD_LIVEPATCH2': completing patching transition 150 + livepatch: '$MOD_LIVEPATCH2': patching complete 151 + % insmod test_modules/$MOD_LIVEPATCH3.ko 152 + livepatch: enabling patch '$MOD_LIVEPATCH3' 153 + livepatch: '$MOD_LIVEPATCH3': initializing patching transition 154 + $MOD_LIVEPATCH3: pre_patch_callback: vmlinux 155 + livepatch: '$MOD_LIVEPATCH3': starting patching transition 156 + livepatch: '$MOD_LIVEPATCH3': completing patching transition 157 + $MOD_LIVEPATCH3: post_patch_callback: vmlinux 158 + livepatch: '$MOD_LIVEPATCH3': patching complete 169 159 % insmod test_modules/$MOD_REPLACE.ko replace=1 170 160 livepatch: enabling patch '$MOD_REPLACE' 171 161 livepatch: '$MOD_REPLACE': initializing patching transition ··· 187 149 livepatch: '$MOD_REPLACE': completing patching transition 188 150 livepatch: '$MOD_REPLACE': patching complete 189 151 $MOD_REPLACE: this has been live patched 190 - % rmmod $MOD_LIVEPATCH 152 + % rmmod $MOD_LIVEPATCH3 153 + % rmmod $MOD_LIVEPATCH2 154 + % rmmod $MOD_LIVEPATCH1 191 155 $MOD_REPLACE: this has been live patched 192 156 % echo 0 > /sys/kernel/livepatch/$MOD_REPLACE/enabled 193 157 livepatch: '$MOD_REPLACE': initializing unpatching transition
+4 -1
tools/testing/selftests/livepatch/test-syscall.sh
··· 15 15 16 16 start_test "patch getpid syscall while being heavily hammered" 17 17 18 - for i in $(seq 1 $(getconf _NPROCESSORS_ONLN)); do 18 + NPROC=$(getconf _NPROCESSORS_ONLN) 19 + MAXPROC=128 20 + 21 + for i in $(seq 1 $(($NPROC < $MAXPROC ? $NPROC : $MAXPROC))); do 19 22 ./test_klp-call_getpid & 20 23 pids[$i]="$!" 21 24 done
+48
tools/testing/selftests/livepatch/test-sysfs.sh
··· 18 18 check_sysfs_rights "$MOD_LIVEPATCH" "enabled" "-rw-r--r--" 19 19 check_sysfs_value "$MOD_LIVEPATCH" "enabled" "1" 20 20 check_sysfs_rights "$MOD_LIVEPATCH" "force" "--w-------" 21 + check_sysfs_rights "$MOD_LIVEPATCH" "replace" "-r--r--r--" 21 22 check_sysfs_rights "$MOD_LIVEPATCH" "transition" "-r--r--r--" 22 23 check_sysfs_value "$MOD_LIVEPATCH" "transition" "0" 23 24 check_sysfs_rights "$MOD_LIVEPATCH" "vmlinux/patched" "-r--r--r--" ··· 83 82 test_klp_callbacks_demo: post_unpatch_callback: vmlinux 84 83 livepatch: 'test_klp_callbacks_demo': unpatching complete 85 84 % rmmod test_klp_callbacks_demo" 85 + 86 + start_test "sysfs test replace enabled" 87 + 88 + MOD_LIVEPATCH=test_klp_atomic_replace 89 + load_lp $MOD_LIVEPATCH replace=1 90 + 91 + check_sysfs_rights "$MOD_LIVEPATCH" "replace" "-r--r--r--" 92 + check_sysfs_value "$MOD_LIVEPATCH" "replace" "1" 93 + 94 + disable_lp $MOD_LIVEPATCH 95 + unload_lp $MOD_LIVEPATCH 96 + 97 + check_result "% insmod test_modules/$MOD_LIVEPATCH.ko replace=1 98 + livepatch: enabling patch '$MOD_LIVEPATCH' 99 + livepatch: '$MOD_LIVEPATCH': initializing patching transition 100 + livepatch: '$MOD_LIVEPATCH': starting patching transition 101 + livepatch: '$MOD_LIVEPATCH': completing patching transition 102 + livepatch: '$MOD_LIVEPATCH': patching complete 103 + % echo 0 > /sys/kernel/livepatch/$MOD_LIVEPATCH/enabled 104 + livepatch: '$MOD_LIVEPATCH': initializing unpatching transition 105 + livepatch: '$MOD_LIVEPATCH': starting unpatching transition 106 + livepatch: '$MOD_LIVEPATCH': completing unpatching transition 107 + livepatch: '$MOD_LIVEPATCH': unpatching complete 108 + % rmmod $MOD_LIVEPATCH" 109 + 110 + start_test "sysfs test replace disabled" 111 + 112 + load_lp $MOD_LIVEPATCH replace=0 113 + 114 + check_sysfs_rights "$MOD_LIVEPATCH" "replace" "-r--r--r--" 115 + check_sysfs_value "$MOD_LIVEPATCH" "replace" "0" 116 + 117 + disable_lp $MOD_LIVEPATCH 118 + unload_lp $MOD_LIVEPATCH 119 + 120 + check_result "% insmod test_modules/$MOD_LIVEPATCH.ko replace=0 121 + livepatch: enabling patch '$MOD_LIVEPATCH' 122 + livepatch: '$MOD_LIVEPATCH': initializing patching transition 123 + livepatch: '$MOD_LIVEPATCH': starting patching transition 124 + livepatch: '$MOD_LIVEPATCH': completing patching transition 125 + livepatch: '$MOD_LIVEPATCH': patching complete 126 + % echo 0 > /sys/kernel/livepatch/$MOD_LIVEPATCH/enabled 127 + livepatch: '$MOD_LIVEPATCH': initializing unpatching transition 128 + livepatch: '$MOD_LIVEPATCH': starting unpatching transition 129 + livepatch: '$MOD_LIVEPATCH': completing unpatching transition 130 + livepatch: '$MOD_LIVEPATCH': unpatching complete 131 + % rmmod $MOD_LIVEPATCH" 86 132 87 133 exit 0