Commit 1d05334d authored by Peter Zijlstra's avatar Peter Zijlstra Committed by Jiri Kosina
Browse files

livepatch: Remove .klp.arch 



After the previous patch, vmlinux-specific KLP relocations are now
applied early during KLP module load.  This means that .klp.arch
sections are no longer needed for *vmlinux-specific* KLP relocations.

One might think they're still needed for *module-specific* KLP
relocations.  If a to-be-patched module is loaded *after* its
corresponding KLP module is loaded, any corresponding KLP relocations
will be delayed until the to-be-patched module is loaded.  If any
special sections (.parainstructions, for example) rely on those
relocations, their initializations (apply_paravirt) need to be done
afterwards.  Thus the apparent need for arch_klp_init_object_loaded()
and its corresponding .klp.arch sections -- it allows some of the
special section initializations to be done at a later time.

But... if you look closer, that dependency between the special sections
and the module-specific KLP relocations doesn't actually exist in
reality.  Looking at the contents of the .altinstructions and
.parainstructions sections, there's not a realistic scenario in which a
KLP module's .altinstructions or .parainstructions section needs to
access a symbol in a to-be-patched module.  It might need to access a
local symbol or even a vmlinux symbol; but not another module's symbol.
When a special section needs to reference a local or vmlinux symbol, a
normal rela can be used instead of a KLP rela.

Since the special section initializations don't actually have any real
dependency on module-specific KLP relocations, .klp.arch and
arch_klp_init_object_loaded() no longer have a reason to exist.  So
remove them.

As Peter said much more succinctly:

  So the reason for .klp.arch was that .klp.rela.* stuff would overwrite
  paravirt instructions. If that happens you're doing it wrong. Those
  RELAs are core kernel, not module, and thus should've happened in
  .rela.* sections at patch-module loading time.

  Reverting this removes the two apply_{paravirt,alternatives}() calls
  from the late patching path, and means we don't have to worry about
  them when removing module_disable_ro().

[ jpoimboe: Rewrote patch description.  Tweaked klp_init_object_loaded()
	    error path. ]

Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
Acked-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: default avatarJoe Lawrence <joe.lawrence@redhat.com>
Acked-by: default avatarMiroslav Benes <mbenes@suse.cz>
Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
parent 7c8e2bdd

Documentation/livepatch/module-elf-format.rst

+2 −13
Original line number Diff line number Diff line
@@ -14,8 +14,7 @@ This document outlines the Elf format requirements that livepatch modules must f 
   4. Livepatch symbols

      4.1 A livepatch module's symbol table

      4.2 Livepatch symbol format

   5. Architecture-specific sections

   6. Symbol table and Elf section access

   5. Symbol table and Elf section access



1. Background and motivation

============================
@@ -298,17 +297,7 @@ Examples: 
  Note that the 'Ndx' (Section index) for these symbols is SHN_LIVEPATCH (0xff20).

  "OS" means OS-specific.



5. Architecture-specific sections

=================================

Architectures may override arch_klp_init_object_loaded() to perform

additional arch-specific tasks when a target module loads, such as applying

arch-specific sections. On x86 for example, we must apply per-object

.altinstructions and .parainstructions sections when a target module loads.

These sections must be prefixed with ".klp.arch.$objname." so that they can

be easily identified when iterating through a patch module's Elf sections

(See arch/x86/kernel/livepatch.c for a complete example).



6. Symbol table and Elf section access

5. Symbol table and Elf section access

======================================

A livepatch module's symbol table is accessible through module->symtab.

arch/x86/kernel/Makefile

+0 −1
Original line number Diff line number Diff line
@@ -90,7 +90,6 @@ obj-$(CONFIG_X86_MPPARSE) += mpparse.o 
obj-y				+= apic/

obj-$(CONFIG_X86_REBOOTFIXUPS)	+= reboot_fixups_32.o

obj-$(CONFIG_DYNAMIC_FTRACE)	+= ftrace.o

obj-$(CONFIG_LIVEPATCH)	+= livepatch.o

obj-$(CONFIG_FUNCTION_TRACER)	+= ftrace_$(BITS).o

obj-$(CONFIG_FUNCTION_GRAPH_TRACER) += ftrace.o

obj-$(CONFIG_FTRACE_SYSCALLS)	+= ftrace.o

arch/x86/kernel/livepatch.c

deleted100644 → 0
+0 −53
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0-or-later

/*

 * livepatch.c - x86-specific Kernel Live Patching Core

 */



#include <linux/module.h>

#include <linux/kallsyms.h>

#include <linux/livepatch.h>

#include <asm/text-patching.h>



/* Apply per-object alternatives. Based on x86 module_finalize() */

void arch_klp_init_object_loaded(struct klp_patch *patch,

				 struct klp_object *obj)

{

	int cnt;

	struct klp_modinfo *info;

	Elf_Shdr *s, *alt = NULL, *para = NULL;

	void *aseg, *pseg;

	const char *objname;

	char sec_objname[MODULE_NAME_LEN];

	char secname[KSYM_NAME_LEN];



	info = patch->mod->klp_info;

	objname = obj->name ? obj->name : "vmlinux";



	/* See livepatch core code for BUILD_BUG_ON() explanation */

	BUILD_BUG_ON(MODULE_NAME_LEN < 56 || KSYM_NAME_LEN != 128);



	for (s = info->sechdrs; s < info->sechdrs + info->hdr.e_shnum; s++) {

		/* Apply per-object .klp.arch sections */

		cnt = sscanf(info->secstrings + s->sh_name,

			     ".klp.arch.%55[^.].%127s",

			     sec_objname, secname);

		if (cnt != 2)

			continue;

		if (strcmp(sec_objname, objname))

			continue;

		if (!strcmp(".altinstructions", secname))

			alt = s;

		if (!strcmp(".parainstructions", secname))

			para = s;

	}



	if (alt) {

		aseg = (void *) alt->sh_addr;

		apply_alternatives(aseg, aseg + alt->sh_size);

	}



	if (para) {

		pseg = (void *) para->sh_addr;

		apply_paravirt(pseg, pseg + para->sh_size);

	}

}

include/linux/livepatch.h

+0 −3
Original line number Diff line number Diff line
@@ -195,9 +195,6 @@ struct klp_patch { 


int klp_enable_patch(struct klp_patch *);



void arch_klp_init_object_loaded(struct klp_patch *patch,

				 struct klp_object *obj);



/* Called from the module loader during module coming/going states */

int klp_module_coming(struct module *mod);

void klp_module_going(struct module *mod);

kernel/livepatch/core.c

+9 −18
Original line number Diff line number Diff line
@@ -729,12 +729,6 @@ static int klp_init_func(struct klp_object *obj, struct klp_func *func) 
			   func->old_sympos ? func->old_sympos : 1);

}



/* Arches may override this to finish any remaining arch-specific tasks */

void __weak arch_klp_init_object_loaded(struct klp_patch *patch,

					struct klp_object *obj)

{

}



int klp_apply_object_relocs(struct klp_patch *patch, struct klp_object *obj)

{

	int i, ret;
@@ -764,10 +758,11 @@ static int klp_init_object_loaded(struct klp_patch *patch, 
	struct klp_func *func;

	int ret;



	if (klp_is_module(obj)) {



		mutex_lock(&text_mutex);

		module_disable_ro(patch->mod);



	if (klp_is_module(obj)) {

		/*

		 * Only write module-specific relocations here

		 * (.klp.rela.{module}.*).  vmlinux-specific relocations were
@@ -775,17 +770,13 @@ static int klp_init_object_loaded(struct klp_patch *patch, 
		 * itself.

		 */

		ret = klp_apply_object_relocs(patch, obj);

		if (ret) {



		module_enable_ro(patch->mod, true);

		mutex_unlock(&text_mutex);



		if (ret)

			return ret;

	}

	}



	arch_klp_init_object_loaded(patch, obj);



	module_enable_ro(patch->mod, true);

	mutex_unlock(&text_mutex);



	klp_for_each_func(obj, func) {

		ret = klp_find_object_symbol(obj->name, func->old_name,

CRA Git | Maintained and supported by SUSTech CRA and CCSE