mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2025-01-18 03:44:27 +08:00
958ef1e39d
The possibility to re-enable a registered patch was useful for immediate patches where the livepatch module had to stay until the system reboot. The improved consistency model allows to achieve the same result by unloading and loading the livepatch module again. Also we are going to add a feature called atomic replace. It will allow to create a patch that would replace all already registered patches. The aim is to handle dependent patches more securely. It will obsolete the stack of patches that helped to handle the dependencies so far. Then it might be unclear when a cumulative patch re-enabling is safe. It would be complicated to support the many modes. Instead we could actually make the API and code easier to understand. Therefore, remove the two step public API. All the checks and init calls are moved from klp_register_patch() to klp_enabled_patch(). Also the patch is automatically freed, including the sysfs interface when the transition to the disabled state is completed. As a result, there is never a disabled patch on the top of the stack. Therefore we do not need to check the stack in __klp_enable_patch(). And we could simplify the check in __klp_disable_patch(). Also the API and logic is much easier. It is enough to call klp_enable_patch() in module_init() call. The patch can be disabled by writing '0' into /sys/kernel/livepatch/<patch>/enabled. Then the module can be removed once the transition finishes and sysfs interface is freed. The only problem is how to free the structures and kobjects safely. The operation is triggered from the sysfs interface. We could not put the related kobject from there because it would cause lock inversion between klp_mutex and kernfs locks, see kn->count lockdep map. Therefore, offload the free task to a workqueue. It is perfectly fine: + The patch can no longer be used in the livepatch operations. + The module could not be removed until the free operation finishes and module_put() is called. + The operation is asynchronous already when the first klp_try_complete_transition() fails and another call is queued with a delay. Suggested-by: Josh Poimboeuf <jpoimboe@redhat.com> Signed-off-by: Petr Mladek <pmladek@suse.com> Acked-by: Miroslav Benes <mbenes@suse.cz> Acked-by: Josh Poimboeuf <jpoimboe@redhat.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
145 lines
3.5 KiB
C
145 lines
3.5 KiB
C
/*
|
|
* Copyright (C) 2017 Joe Lawrence <joe.lawrence@redhat.com>
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version 2
|
|
* of the License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
/*
|
|
* livepatch-shadow-fix2.c - Shadow variables, livepatch demo
|
|
*
|
|
* Purpose
|
|
* -------
|
|
*
|
|
* Adds functionality to livepatch-shadow-mod's in-flight data
|
|
* structures through a shadow variable. The livepatch patches a
|
|
* routine that periodically inspects data structures, incrementing a
|
|
* per-data-structure counter, creating the counter if needed.
|
|
*
|
|
*
|
|
* Usage
|
|
* -----
|
|
*
|
|
* This module is not intended to be standalone. See the "Usage"
|
|
* section of livepatch-shadow-mod.c.
|
|
*/
|
|
|
|
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
|
|
|
|
#include <linux/module.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/livepatch.h>
|
|
#include <linux/slab.h>
|
|
|
|
/* Shadow variable enums */
|
|
#define SV_LEAK 1
|
|
#define SV_COUNTER 2
|
|
|
|
struct dummy {
|
|
struct list_head list;
|
|
unsigned long jiffies_expire;
|
|
};
|
|
|
|
bool livepatch_fix2_dummy_check(struct dummy *d, unsigned long jiffies)
|
|
{
|
|
int *shadow_count;
|
|
|
|
/*
|
|
* Patch: handle in-flight dummy structures, if they do not
|
|
* already have a SV_COUNTER shadow variable, then attach a
|
|
* new one.
|
|
*/
|
|
shadow_count = klp_shadow_get_or_alloc(d, SV_COUNTER,
|
|
sizeof(*shadow_count), GFP_NOWAIT,
|
|
NULL, NULL);
|
|
if (shadow_count)
|
|
*shadow_count += 1;
|
|
|
|
return time_after(jiffies, d->jiffies_expire);
|
|
}
|
|
|
|
static void livepatch_fix2_dummy_leak_dtor(void *obj, void *shadow_data)
|
|
{
|
|
void *d = obj;
|
|
void **shadow_leak = shadow_data;
|
|
|
|
kfree(*shadow_leak);
|
|
pr_info("%s: dummy @ %p, prevented leak @ %p\n",
|
|
__func__, d, *shadow_leak);
|
|
}
|
|
|
|
void livepatch_fix2_dummy_free(struct dummy *d)
|
|
{
|
|
void **shadow_leak;
|
|
int *shadow_count;
|
|
|
|
/* Patch: copy the memory leak patch from the fix1 module. */
|
|
shadow_leak = klp_shadow_get(d, SV_LEAK);
|
|
if (shadow_leak)
|
|
klp_shadow_free(d, SV_LEAK, livepatch_fix2_dummy_leak_dtor);
|
|
else
|
|
pr_info("%s: dummy @ %p leaked!\n", __func__, d);
|
|
|
|
/*
|
|
* Patch: fetch the SV_COUNTER shadow variable and display
|
|
* the final count. Detach the shadow variable.
|
|
*/
|
|
shadow_count = klp_shadow_get(d, SV_COUNTER);
|
|
if (shadow_count) {
|
|
pr_info("%s: dummy @ %p, check counter = %d\n",
|
|
__func__, d, *shadow_count);
|
|
klp_shadow_free(d, SV_COUNTER, NULL);
|
|
}
|
|
|
|
kfree(d);
|
|
}
|
|
|
|
static struct klp_func funcs[] = {
|
|
{
|
|
.old_name = "dummy_check",
|
|
.new_func = livepatch_fix2_dummy_check,
|
|
},
|
|
{
|
|
.old_name = "dummy_free",
|
|
.new_func = livepatch_fix2_dummy_free,
|
|
}, { }
|
|
};
|
|
|
|
static struct klp_object objs[] = {
|
|
{
|
|
.name = "livepatch_shadow_mod",
|
|
.funcs = funcs,
|
|
}, { }
|
|
};
|
|
|
|
static struct klp_patch patch = {
|
|
.mod = THIS_MODULE,
|
|
.objs = objs,
|
|
};
|
|
|
|
static int livepatch_shadow_fix2_init(void)
|
|
{
|
|
return klp_enable_patch(&patch);
|
|
}
|
|
|
|
static void livepatch_shadow_fix2_exit(void)
|
|
{
|
|
/* Cleanup any existing SV_COUNTER shadow variables */
|
|
klp_shadow_free_all(SV_COUNTER, NULL);
|
|
}
|
|
|
|
module_init(livepatch_shadow_fix2_init);
|
|
module_exit(livepatch_shadow_fix2_exit);
|
|
MODULE_LICENSE("GPL");
|
|
MODULE_INFO(livepatch, "Y");
|