Commit 4de65c58 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'livepatching-for-6.1' of... 

Merge tag 'livepatching-for-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching

Pull livepatching updates from Petr Mladek:

 - Fix race between fork and livepatch transition revert

 - Add sysfs entry that shows "patched" state for each object (module)
   that can be livepatched by the given livepatch

 - Some clean up

* tag 'livepatching-for-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching:
  selftests/livepatch: add sysfs test
  livepatch: add sysfs entry "patched" for each klp_object
  selftests/livepatch: normalize sysctl error message
  livepatch: Add a missing newline character in klp_module_coming()
  livepatch: fix race between fork and KLP transition
parents b5204106 59b2a38c

Documentation/ABI/testing/sysfs-kernel-livepatch

+8 −0
Original line number Diff line number Diff line
@@ -55,6 +55,14 @@ Description: 
		The object directory contains subdirectories for each function

		that is patched within the object.



What:		/sys/kernel/livepatch/<patch>/<object>/patched

Date:		August 2022

KernelVersion:	6.1.0

Contact:	live-patching@vger.kernel.org

Description:

		An attribute which indicates whether the object is currently

		patched.



What:		/sys/kernel/livepatch/<patch>/<object>/<function,sympos>

Date:		Nov 2014

KernelVersion:	3.19.0

kernel/livepatch/core.c

+19 −1
Original line number Diff line number Diff line
@@ -325,6 +325,7 @@ int klp_apply_section_relocs(struct module *pmod, Elf_Shdr *sechdrs, 
 * /sys/kernel/livepatch/<patch>/transition

 * /sys/kernel/livepatch/<patch>/force

 * /sys/kernel/livepatch/<patch>/<object>

 * /sys/kernel/livepatch/<patch>/<object>/patched

 * /sys/kernel/livepatch/<patch>/<object>/<function,sympos>

 */

static int __klp_disable_patch(struct klp_patch *patch);
@@ -431,6 +432,22 @@ static struct attribute *klp_patch_attrs[] = { 
};

ATTRIBUTE_GROUPS(klp_patch);



static ssize_t patched_show(struct kobject *kobj,

			    struct kobj_attribute *attr, char *buf)

{

	struct klp_object *obj;



	obj = container_of(kobj, struct klp_object, kobj);

	return sysfs_emit(buf, "%d\n", obj->patched);

}



static struct kobj_attribute patched_kobj_attr = __ATTR_RO(patched);

static struct attribute *klp_object_attrs[] = {

	&patched_kobj_attr.attr,

	NULL,

};

ATTRIBUTE_GROUPS(klp_object);



static void klp_free_object_dynamic(struct klp_object *obj)

{

	kfree(obj->name);
@@ -576,6 +593,7 @@ static void klp_kobj_release_object(struct kobject *kobj) 
static struct kobj_type klp_ktype_object = {

	.release = klp_kobj_release_object,

	.sysfs_ops = &kobj_sysfs_ops,

	.default_groups = klp_object_groups,

};



static void klp_kobj_release_func(struct kobject *kobj)
@@ -1171,7 +1189,7 @@ int klp_module_coming(struct module *mod) 
		return -EINVAL;



	if (!strcmp(mod->name, "vmlinux")) {

		pr_err("vmlinux.ko: invalid module name");

		pr_err("vmlinux.ko: invalid module name\n");

		return -EINVAL;

	}

kernel/livepatch/transition.c

+16 −2
Original line number Diff line number Diff line
@@ -610,9 +610,23 @@ void klp_reverse_transition(void) 
/* Called from copy_process() during fork */

void klp_copy_process(struct task_struct *child)

{

	child->patch_state = current->patch_state;



	/* TIF_PATCH_PENDING gets copied in setup_thread_stack() */

	/*

	 * The parent process may have gone through a KLP transition since

	 * the thread flag was copied in setup_thread_stack earlier. Bring

	 * the task flag up to date with the parent here.

	 *

	 * The operation is serialized against all klp_*_transition()

	 * operations by the tasklist_lock. The only exception is

	 * klp_update_patch_state(current), but we cannot race with

	 * that because we are current.

	 */

	if (test_tsk_thread_flag(current, TIF_PATCH_PENDING))

		set_tsk_thread_flag(child, TIF_PATCH_PENDING);

	else

		clear_tsk_thread_flag(child, TIF_PATCH_PENDING);



	child->patch_state = current->patch_state;

}



/*

tools/testing/selftests/livepatch/Makefile

+2 −1
Original line number Diff line number Diff line
@@ -6,7 +6,8 @@ TEST_PROGS := \ 
	test-callbacks.sh \

	test-shadow-vars.sh \

	test-state.sh \

	test-ftrace.sh

	test-ftrace.sh \

	test-sysfs.sh



TEST_FILES := settings

tools/testing/selftests/livepatch/functions.sh

+35 −1
Original line number Diff line number Diff line
@@ -6,6 +6,7 @@ 


MAX_RETRIES=600

RETRY_INTERVAL=".1"	# seconds

KLP_SYSFS_DIR="/sys/kernel/livepatch"



# Kselftest framework requirement - SKIP code is 4

ksft_skip=4
@@ -86,7 +87,7 @@ function set_ftrace_enabled() { 


	if [[ "$result" != "$1" ]] ; then

		if [[ $can_fail -eq 1 ]] ; then

			echo "livepatch: $err" > /dev/kmsg

			echo "livepatch: $err" | sed 's#/proc/sys/kernel/#kernel.#' > /dev/kmsg

			return

		fi
@@ -308,3 +309,36 @@ function check_result { 


	cleanup_dmesg_file

}



# check_sysfs_rights(modname, rel_path, expected_rights) - check sysfs

# path permissions

#	modname - livepatch module creating the sysfs interface

#	rel_path - relative path of the sysfs interface

#	expected_rights - expected access rights

function check_sysfs_rights() {

	local mod="$1"; shift

	local rel_path="$1"; shift

	local expected_rights="$1"; shift



	local path="$KLP_SYSFS_DIR/$mod/$rel_path"

	local rights=$(/bin/stat --format '%A' "$path")

	if test "$rights" != "$expected_rights" ; then

		die "Unexpected access rights of $path: $expected_rights vs. $rights"

	fi

}



# check_sysfs_value(modname, rel_path, expected_value) - check sysfs value

#	modname - livepatch module creating the sysfs interface

#	rel_path - relative path of the sysfs interface

#	expected_value - expected value read from the file

function check_sysfs_value() {

	local mod="$1"; shift

	local rel_path="$1"; shift

	local expected_value="$1"; shift



	local path="$KLP_SYSFS_DIR/$mod/$rel_path"

	local value=`cat $path`

	if test "$value" != "$expected_value" ; then

		die "Unexpected value in $path: $expected_value vs. $value"

	fi

}