Artem Savkov [Tue, 29 May 2018 09:51:10 +0000 (11:51 +0200)]
create-diff-object: ignore .cold.* suffixes in is_bundleable()
While building a gcc-consprop patch from integration tests gcc8 would place a
__timekeeping_inject_sleeptime.constprop.18.cold.27 symbol into
.text.unlikely.__timekeeping_inject_sleeptime.constprop.18 section. Because
section name doesn't have the '.cold.27' suffix this symbol fails
is_bundleable() check while still being bundleable and later exits early in
kpatch_rename_mangled_functions() without renaming the corresponding patched
function. All of this results in a create-diff-object errror:
ERROR: timekeeping.o: symbol changed sections: __timekeeping_inject_sleeptime.constprop.18.cold.27
/home/asavkov/dev/kpatch/kpatch-build/create-diff-object: unreconcilable difference
Fix by ignoring .cold.* name suffix in is_bundleable() for.text.unlikely
sections.
Signed-off-by: Artem Savkov <asavkov@redhat.com> Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Thu, 7 Nov 2024 10:58:57 +0000 (11:58 +0100)]
create-diff-object: also include relas that point to changed sections
create-diff-object has a special handling for some specific sections, like
.altinstructions or .livepatch.hooks.*. The contents of those sections are in
the form of array elements, where each element can be processed independently
of the rest. For example an element in .altinstructions is a set of
replacement coordinates, with the layout specified by the alt_instr struct. In
the case of .livepatch.hooks.* each element is a pointer to a hook function to
call.
The contents of this array is processed element wise, so that
create-diff-object can decide whether the element relates to the content in the
livepatch and thus needs keeping. Such relation is driven based on the
contents of the relocations for the special sections. If a relocation to be
applied to a special section element depends on any symbol to be included in
the livepatch then the special element is also considered required and thus
added to the livepatch contents.
However relocations don't always reference function type symbols, they can also
reference sections type symbols, and that's usually the case with hook symbols
that have relocations based on section symbols, as an example:
RELOCATION RECORDS FOR [.livepatch.hooks.load]:
OFFSET TYPE VALUE 0000000000000000 R_X86_64_64 .text.foobar
As seen above, the .livepatch.hooks.load relocation uses a non-function symbol,
which given the current code in should_keep_rela_group() would mean it's not
considered for inclusion in the livepatch.
Fix this by allowing should_keep_rela_group() to also keep relocations if they
either point to function or section symbols.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Wed, 6 Nov 2024 16:50:24 +0000 (17:50 +0100)]
create-diff-object: don't include symbols for .livepatch.hooks.* sections
Not all toolchains generate symbols for the .livepatch.hooks.* sections,
neither those symbols are required by the livepatch loading logic in Xen to
find and process the hooks. Hooks in livepatch payloads are found and
processed based exclusively on section data.
The unconditional attempt to expect each hook serction to have a matching
symbol leads to a segmentation fault in create-diff-object when such symbol is
not present, as the code references a NULL pointer.
Fix this by not attempting to include symbols associated with hook sections.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Wed, 31 Jan 2024 11:06:58 +0000 (12:06 +0100)]
livepatch-build: allow patch file name sizes up to 127 characters
XenServer uses quite long Xen version names, and encode such in the livepatch
filename, and it's currently running out of space in the file name.
Bump max filename size to 127, so it also matches the patch name length in the
hypervisor interface. Note the size of the buffer is 128 characters, and the
last one is reserved for the null terminator.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Andrew Cooper [Fri, 23 Feb 2024 10:29:06 +0000 (10:29 +0000)]
Fix inclusion of new object files
Right now, there's a mixup over the xen/ part of the path for new files.
+ NEW_FILES=./arch/x86/lp-hooks.o
+ for i in '$NEW_FILES'
++ dirname ./arch/x86/lp-hooks.o
+ mkdir -p output/./arch/x86
+ cp patched/./arch/x86/lp-hooks.o output/./arch/x86/lp-hooks.o
cp: cannot stat 'patched/./arch/x86/lp-hooks.o': No such file or directory
Alter the `cd` and `find` runes to use paths relative to the root of the
different source trees.
This now results in:
+ NEW_FILES=xen/arch/x86/lp-hooks.o
+ for i in '$NEW_FILES'
++ dirname xen/arch/x86/lp-hooks.o
+ mkdir -p output/xen/arch/x86
+ cp patched/xen/arch/x86/lp-hooks.o output/xen/arch/x86/lp-hooks.o
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>
Roger Pau Monne [Wed, 13 Dec 2023 13:51:47 +0000 (14:51 +0100)]
livepatch-build-tools: fix misuse of script directory as work directory
It's incorrect to assume that the script directory will always match the
directory the script is executed from. Instead cache the directory at the
start of script execution in order to be able to get back to it if needed.
Fixes: 629ab8ddb775 ('livepatch-build-tools: do not use readlink -m option') Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Tue, 28 Nov 2023 09:21:52 +0000 (10:21 +0100)]
livepatch-build-tools: account for section alignment when calculating function size
Forcing function section alignment at the compiler level ensures that enough
space is present in the text section so that at least a jump can be encoded in
the old function body to switch to the newly loaded code payload.
Modify create-diff-object to account for any section alignment when calculating
the size of the old function.
When used with a suitable -falign-function compiler parameter on the Xen
hypervisor build this ensures that all functions have enough space to
accommodate for any control flow instructions plus a jump.
Note that while the rounding could be applied to all (text) symbols, it's not
required, as the size is only relevant for functions that are live patched, and
hence only do the rounding when calculating the old (previous) function size.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Tue, 28 Nov 2023 09:21:50 +0000 (10:21 +0100)]
livepatch-build-tools: do not use readlink -m option
Busybox readlink implementation only supports the -f option to follow symlinks,
so adjust the logic in order to keep the same behaviour without using the -m
option.
Singed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Mon, 13 Nov 2023 16:09:40 +0000 (17:09 +0100)]
livepatch-tools: fix isnumber() function clash
isnumber() is already defined for some libcs [0] but the interface is not the
same, the isnumber() helper just checks if a single character is a digit.
Rename isnumber() to is_number() in order to avoid the clash.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Mon, 13 Nov 2023 16:09:39 +0000 (17:09 +0100)]
livepatch-tools: add -largp option when required
crate-diff-object makes use of argp library, and depending on the libc
used by the system (ie: musl or BSD libc) argp is a separate library
and requires the addition of -largp to the build rune.
Introduce some shell logic to detect whether -largp is required for
linking create-diff-object.
I haven't done this as a reusable macro because I'm not sure there's
much point in doing so, the only library we need to test for is argp,
anything else is likely to be a mandatory library flag that doesn't
require such testing (like libelf for example).
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
It's a GNU libc specific header which prevents building on musl for
example. Instead use errx() in ERROR() and DIFF_FATAL() macros.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
create-diff-object: handle missing padding at end of special section
The paravirt_patch_site struct has 12 bytes of data and 4 bytes of
padding, for a total of 16 bytes. However, when laying out the structs
in the .parainstructions section, the vmlinux script only aligns before
each struct's data, not after. So the last entry doesn't have the
4-byte padding, which breaks kpatch_regenerate_special_section()'s
assumption of a 16-byte struct, resulting in a memcpy past the end of
the section.
Fixes #747.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
This is commit:
c2dc3836e862 create-diff-object: handle missing padding at end of special section
In kpatch repository.
I've seen the .fixup section get an alignment of 16 but a size of 81,
which makes the error removed in this patch trigger. Overall I'm not
sure why the original alignment check was done against the size of the
section, the alignment applies to the address of the section, not its
size.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Raphael Ning [Thu, 19 Jan 2023 10:13:05 +0000 (10:13 +0000)]
livepatch-gcc: Ignore buildid.o
Not all .o files generated by the Xen build need to be passed to
create-diff-object for analysis. The latest example is:
Run create-diff-object on xen/arch/x86/efi/buildid.o
Open base
/usr/libexec/livepatch-build-tools/create-diff-object: ERROR: buildid.o: kpatch_create_section_list: 77: elf_getshdrnum
This file is special, as it does not contain any sections. It is
generated by objcopy from a magic string of bytes (see Xen commit eee5909e9d1e x86/EFI: use less crude a way of generating the build ID),
which probably will never change. Therefore, livepatch-gcc should not
copy it to the output directory.
Signed-off-by: Raphael Ning <raphning@amazon.com> Reviewed-by: Bjoern Doebel <doebel@amazon.de> Reviewed-by: Martin Pohlack <mpohlack@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Mihails Strasuns [Thu, 19 Jan 2023 10:13:02 +0000 (10:13 +0000)]
common.h: Flush stdout before writing to stderr
Flush existing debug messages before writing an error to stderr. stderr
is usually unbuffered and stdout is usually buffered. This results in
odd looking output when an error occurs and both stderr/stdout are
printed on the same console/file. More precisely, the error message is
printed in the middle of previously emitted debug messages.
Signed-off-by: Michael Kurth <mku@amazon.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Ross Lagerwall [Wed, 8 Feb 2023 17:50:14 +0000 (17:50 +0000)]
create-diff-object: Handle missing secsym for debug sections
Certain debug sections like ".debug_aranges" when built with GAS 2.36.1
are missing section symbols (presumably because they're not needed).
Instead, of segfaulting, simply don't include them if they're missing.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
Roger Pau Monne [Thu, 10 Mar 2022 15:08:32 +0000 (16:08 +0100)]
livepatch: use basename to perform object file matching
The changes in the Xen build logic has resulted in the compiler and
objcopy being called from xen/ instead of relative to each object
directory. This requires using basename so that the directory is not
taken into account when checking against the list of files to be
explicitly ignored.
Also adjust the paths used to store the differing object files, as
with the current logic the resulting path will be wrong when using
newer Xen versions, changed_objs would end containing entries like:
xen/arch/x86/hvm/vmx/arch/x86/hvm/vmx/vmx.o
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Bjoern Doebel <doebel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Wed, 2 Mar 2022 14:27:11 +0000 (14:27 +0000)]
livepatch: differentiate between old and new build systems
Do not attempt to modify the build system if CFLAGS are not set in
Rules.mk, and instead rely on CONFIG_LIVEPATCH already setting
-f{function,data}-sections.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Wed, 2 Mar 2022 14:27:08 +0000 (14:27 +0000)]
livepatch: update readme to mention --xen-depends
Fixes: b19df7b2c05e ('livepatch-build: Embed hypervisor build id into every hotpatch') Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Bjoern Doebel <doebel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
livepatch-build: Strip all metadata symbols from hotpatch modules
Strip all unneeded metadata symbols from generated hotpatch modules.
The metadata symbols are the symbols from metadata-like sections (e.g.
'.livepatch.funcs') or livepatch hooks symbols (defined by a set of
prefixes. E.g. 'livepatch_load_data_').
By default the create-diff-object does not create symbols in metadata
sections. However, such symbols may be implicitly added by speciying
extra entries in the sections manually (in a given patch).
The symbols are not needed for the hotpatch modules and should be
stripped to avoid symbol names collisions and to save hotpatch files
space.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
livepatch-build: Strip transient or unneeded symbols
In the process of creating a final hotpatch module file make sure to
strip all transient symbols that have not been caught and removed by
create-diff-object processing. For now these are only the hooks
kpatch load/unload symbols.
For all new object files that are carried along for the final linking
the transient hooks symbols are not stripped and neither are any
unneeded symbols. Strip the transient hooks symbols explicitly from
resulting object file.
Add a new option '--strip' to additionally strip all unneeded symbols
from new object files.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Extend livepatch_patch_func to support a new field: expect. This new
field describes the expected data, its length and whether expectation
is enabled. The expectation's data is of opaque padding size.
By default the expectation field is zero-out and the expectation is
disabled unless explicitly specified in the patch.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
create-diff-object: Add support for applied/reverted marker
With version 2 of a payload structure additional field is supported
to track whether given function has been applied or reverted.
There also comes additional 8-byte alignment padding to reserve
place for future flags and options.
The new fields are zero-out upon .livepatch.funcs section creation.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Include new sections containing optional pre-, post- action hooks.
The following new section names are supported:
- .livepatch.hooks.preapply
- .livepatch.hooks.postapply
- .livepatch.hooks.prerevert
- .livepatch.hooks.postrevert
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
livepatch-build: Embed hypervisor build id into every hotpatch
This change is part of a independant stacked hotpatch modules
feature. This feature allows to bypass dependencies between modules
upon loading, but still verifies Xen build ID matching.
With stacked hotpatch modules it is essential that each and every
hotpatch is verified against the hypervisor build id upon upload.
It must not be possible to successfully upload hotpatches built for
incorrect version of the hypervisor.
To achieve that always embed an additional ELF section:
'.livpatch.xen_depends' containing the hypervisor build id.
The hypervisor build id must be always provided as a command line
parameter: --xen-depends.
... when all symbols have their status and include flags processed.
Processing special sections may include additional symbols. String
sections (.rodata*) are included iff they are referenced by at least
one symbol. Thus, in order to decide if string section should be
included or not, all symbols must be evaluated first.
The .init sections must not be considered for patching regardless of
whether they are CHANGED or NEW.
Explicitely detect and ignore all such sections, before marking
ignored sections as SAME.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Ross Lagerwall [Thu, 28 Nov 2019 14:36:07 +0000 (14:36 +0000)]
Fix building with updated ENFORCE_UNIQUE_SYMBOLS behaviour
The patch "build: provide option to disambiguate symbol names" changes
ENFORCE_UNIQUE_SYMBOLS so that gcc generates output to a temporary file
and then objcopy is used to create the final object file. This breaks
livepatch-build's interposition of GCC to capture the changed object
files so intercept calls to objcopy as well to capture the final object
files.
While in the area, add a couple of extra object files to be ignored when
patching.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
create-diff-object: more precisely identify .rodata sections
This is needed for more precise patchability verification.
Only non-special .rodata sections should be subject
for such a non-referenced check in kpatch_verify_patchability().
Current check (non-standard, non-rela, non-debug) is too weak and
allows also non-rodata sections without referenced symbols to slip
through.
Detect .rodata section by checking section's type (SHT_PROGBITS),
flags (no exec, no write) and finally name prefix.
create-diff-object: do not strip STN_UNDEF symbols from *.fixup
The rela groups in the *.fixup sections vary in size. That makes it
more complex to handle in the livepatch_strip_undefined_elements().
It is also unnecessary as the .fixup sections are unlikely to have
any STN_UNDEF symbols anyway.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Andrew Cooper [Tue, 27 Aug 2019 15:38:39 +0000 (16:38 +0100)]
livepatch: Identify the object file create-diff-object dislikes
... rather than leaving the user with no hint as to where to debug next.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
create-diff-object: Strip all undefined entries of known size
The patched ELF object file contains all sections and symbols as
resulted from the compilation. However, certain symbols may not be
copied over to the resulting object file, due to being unchanged or
not included for other reasons.
In such situation the resulting object file has the entire sections
copied along (with all their entries unchanged), while some of the
corresponding symbols are not copied along at all.
This leads to having incorrect undefined (STN_UNDEF) entries in the
final hotpatch ELF file.
The newly added function livepatch_strip_undefined_elements() detects
and removes all undefined RELA entries as well as their corresponding
PROGBITS section entries.
Since the sections may contain elements of unknown size (sh.sh_entsize
== 0), perform the strip only on sections with well defined entry
sizes.
After replacing the stripped rela list, it is assumed that the next
invocation of the kpatch_rebuild_rela_section_data() will adjust all
section header parameters according to the current state.
The livepatch_strip_undefined_elements() is a superset of the
kpatch_regenerate_special_section() in both scope (covers all RELA
sections instead of just special sections) and granularity (checks
all entries instead of whole groups) modulo the entries validity
predicate.
Unifying the functions results in a complicated code, which is hard
to reason about. Thus, the kpatch_regenerate_special_section() is
kept separate with its own predicate for special sections only, and
livepatch_strip_undefined_elements() follows for all sections with
the undefined symbol detecting predicate.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Martin Pohlack <mpohlack@amazon.de> Reviewed-by: Bjoern Doebel <doebel@amazon.de> Reviewed-by: Norbert Manthey <nmanthey@amazon.de> Reviewed-by: Andra-Irina Paraschiv <andraprs@amazon.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
During verification check if all sections do not contain any entries
with undefined symbols (STN_UNDEF). This situation can happen when a
section is copied over from its original object to a patched object,
but various symbols related to the section are not copied along.
This scenario happens typically during stacked hotpatches creation
(between 2 different hotpatch modules).
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Martin Pohlack <mpohlack@amazon.de> Reviewed-by: Bjoern Doebel <doebel@amazon.de> Reviewed-by: Norbert Manthey <nmanthey@amazon.de> Reviewed-by: Andra-Irina Paraschiv <andraprs@amazon.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
create-diff-object: Do not create empty .livepatch.funcs section
When there is no changed function in the generated payload, do not
create an empty .livepatch.funcs section. Hypervisor code considers
such payloads as broken and rejects to load them.
Such payloads without any changed functions may appear when only
hooks are specified.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Martin Mazein <amazein@amazon.de> Reviewed-by: Martin Pohlack <mpohlack@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
create-diff-object: Do not include all .rodata sections
Older versions of GCC did not split .rodata.str sections by function.
Because of that, the entire section was always included.
The livepatch-build-tools commit [1] fixed patch creation and kept
including all .rodata.str sections, in order to maintain existing
behavior for GCC 6.1+.
This means all .rodata.str sections are always included by default,
regardless of whether they are needed or not.
During stacked hotpatch builds it leads to unnecessary accumulation of
the .rodata.str sections as each and every consecutive hotpatch module
contains all the .rodata.str sections of previous modules.
To prevent this situation, mark the .rodata.str sections for inclusion
only if they are referenced by any of the current hotpatch symbols (or
a corresponding RELA section).
Extend patchability verification to detect all non-standard, non-rela,
non-debug and non-special sections that are not referenced by any of
the symbols or RELA sections.
Rename should_include_str_section() to is_rodata_str_section().
create-diff-object: Add new entries to special sections array
Handle .livepatch.hooks* and .altinstr_replacement sections as the
special sections with assigned group_size resolution function.
By default each .livepatch.hooks* sections' entry is 8 bytes long (a
pointer). The .altinstr_replacement section has undefined group_size.
Allow to specify different .livepatch.hooks* section entry size using
shell environment variable HOOK_STRUCT_SIZE.
Add an explicit check to kpatch_regenerate_special_section() skipping
regeneration of special sections, whose group_size is 0.
livepatch-build: detect special section group sizes
Hard-coding the special section group sizes is unreliable. Instead,
determine them dynamically by finding the related struct definitions
in the DWARF metadata.
This is a livepatch backport of kpatch upstream commit [1]:
kpatch-build: detect special section group sizes 170449847136a48b19fc
Xen only deals with alt_instr, bug_frame and exception_table_entry
structures, so sizes of these structures are obtained from xen-syms.
This change is needed since with recent Xen the alt_instr structure
has changed size from 12 to 14 bytes.
common: Add is_referenced_section() helper function
This function checks if given section has an included corresponding
RELA section and/or any of the symbols table symbols references the
section. Section associated symbols are ignored here as there is
always such a symbol for every section.
Detect standard (always to be included) sections via their section
header type. The standard sections: ".shstrtab", ".symtab", ".strtab"
are either of type SHT_SYMTAB or SHT_STRTAB.
livepatch-build: Handle newly created object files
Up to now the livepatch-build ignores newly created object files.
When patch applies new .c file and augments its Makefile to build it
the resulting object file is not taken into account for final linking
step.
Such newly created object files can be detected by comparing patched/
and original/ directories and copied over to the output directory for
the final linking step.
livepatch-build: Do not follow every symlink for patch file
In some build systems symlinks might be used for patch file names
to point from target directories to actual patches. Following those
symlinks breaks naming convention as the resulting built modules
would be named after the actual hardlink insteads of the symlink.
Livepatch-build obtains hotpatch name from the patch file, so it
should not canonicalize the file path resolving all the symlinks to
not lose the original symlink name.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Martin Pohlack <mpohlack@amazon.de> Reviewed-by: Bjoern Doebel <doebel@amazon.de> Reviewed-by: Norbert Manthey <nmanthey@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
livepatch-gcc: Allow toolchain command with versions
Xen build system may enforce particular gcc version (e.g. gcc72).
Make sure the livepatch-gcc script accepts all input toolchain gcc
commands with or without version specified.
Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de> Reviewed-by: Martin Mazein <amazein@amazon.de> Reviewed-by: Bjoern Doebel <doebel@amazon.de> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Ross Lagerwall [Mon, 24 Apr 2017 12:57:57 +0000 (13:57 +0100)]
Remove section alignment requirement
Remove the requirement that section twins (i.e. functions) have the same
alignment. The section alignment of the patched section is respected by
the loader in Xen so it shouldn't matter if the original section
alignment was different.
This was discovered when building a live patch for XSA-213. For reasons
known only to the compiler, the alignment of arch_do_multicall_call()
changed from 1 to 16. This should not prevent the build tools from
generating a live patch.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Ross Lagerwall [Mon, 24 Apr 2017 11:52:43 +0000 (12:52 +0100)]
Ignore .discard sections
Ignore differences in discard sections. They are not included in the final xen
binary so there is no need to include them in the live patch.
This was discovered when building a live patch for XSA-213. Before this
commit, it failed with 'changed section .discard not selected for
inclusion'.
Reported-by: Sarah Newman <srn@prgmr.com> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Ross Lagerwall [Thu, 10 Nov 2016 10:58:45 +0000 (10:58 +0000)]
Fix patch creation with GCC 6.1+
GCC 6.1+ fixed https://gcc.gnu.org/bugzilla/show_bug.cgi?id=192 which
means that .rodata.str1.[0-9]+ sections are now split by function. We
could probably be smarter about including just the sections we need, but
for now, simply include the string sections for all functions as is done
for previous versions of GCC.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Reported-by: M A Young <m.a.young@durham.ac.uk>
Ross Lagerwall [Thu, 10 Nov 2016 14:37:39 +0000 (14:37 +0000)]
create-diff-object: Update fixup offsets in .rela.ex_table
When pruning entries from the fixup table, update the offsets in
.rela.ex_table otherwise the relas might point to the wrong fixup entry
or even out of the .fixup section.
This is a port of kpatch's commit 13d61012f9b2 ("create-diff-object:
Update fixup offsets in .rela__ex_table").
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Ross Lagerwall [Wed, 20 Jul 2016 14:42:17 +0000 (15:42 +0100)]
Prevent spurious rebuilding
Don't change the timestamp of arch/x86/Makefile when editing it since it
forces much of the Xen tree to be rebuilt and then requires many
invocations of create-diff-tool.
This is safe since the Makefile change only changes the final link rule,
and xen will be relinked anyway.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Ross Lagerwall [Fri, 10 Jun 2016 09:42:06 +0000 (10:42 +0100)]
Don't accept fuzz when patching
When testing and applying patches, set fuzz=0 so that patches must apply
exactly. Also set "-f" to avoid interactive questions, and reorder so
that patches are tested before the output directory is created.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Ross Lagerwall [Mon, 9 May 2016 10:19:54 +0000 (11:19 +0100)]
Fix patching functions which use __func__
If __func__ is used, it generates a symbol like __func__.5432
Since this is always included (see is_special_static), it will generate
duplicate symbol conflicts if GCC happens to use the same number (which
happens quite often since it doesn't appear to be random). To work
around this, rename the symbol to use a completely random number.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Ross Lagerwall [Fri, 13 Nov 2015 08:50:31 +0000 (08:50 +0000)]
Rename xsplice back to kpatch for functions coming from kpatch
To ease porting changes from kpatch, only use xsplice for the special
section names and for newly written functions but use the kpatch
namespace for ported functions.
Ross Lagerwall [Tue, 20 Oct 2015 15:51:37 +0000 (16:51 +0100)]
Add prelink tool
To simplify matters, prelink against a xen-syms file at compile time to
avoid having to resolve symbols at runtime. Create a prelink tool to do
this. Split out the elf loading and saving code of create-diff-object.c
into a common file which is shared by create-diff-object and prelink.
Ross Lagerwall [Tue, 20 Oct 2015 09:55:16 +0000 (10:55 +0100)]
Add support for specifying the path to xen-syms
This allows linking against a different xen-syms from the original
built. This may be useful if the compile environment or source code is
slightly different.
projects / livepatch-build-tools.git / log