Livepatching changes for 5.18

-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEESH4wyp42V4tXvYsjUqAMR0iAlPIFAmJBmMMACgkQUqAMR0iA
 lPLeXBAAnAqK3rY+mberKcFKHLaNJ0O2Y7OMcCf5Xh8snnivgi9RYcqklSbxXQwm
 hILa2oP6gUug16zhD2XVb5Mxic7MfgsN8mfy/eItMfEVs3KqUzHKSryTp6N1PA5x
 DiQvC7Fg7NGYZs95prMCrFILwVrkLYiKlWGTmlWrz/MTfOOsbAjB9yv5bfalvlo+
 A3+XpXxHfb/Wl2kXrUjTey61Rrk3gdgLhucrHVxttb9VPp1ODoLLLu4ePoN9CArA
 fpGVUfeh1IDV3sUgwpGgXBwJFBsXxJ9ZYGnJzea0opNn8EgfwgIC97qTaa+GXX/j
 bUJFPUNrGGEq99JbPgHmu+imXC1eFfCwxXK7zi6TR7mIOq6I/DfQxCLYUHZpFIMn
 mt30wm21j2zVRsOt27frhjyXCSnts7HmOleBcd8NL+aIVKaOqamEOQrmPZPj8eH2
 cx9gAphhFv6EDnr3Cj3SbpBrqf1pcxjVa9T2gfhJjtkLLyxR2ruvlRvnWNnaKJZZ
 bC7OL74h6eAhJk1pwPcHW2BsABv3jWPzBrOYkjIhRWUY77UriWNKJ27Dd83cAVkw
 7P6GbGfTbSCX7m2+0pEdKxc9hMshK2zyTLbu02PopD7yGBDkrcnkgpPGPVMDsj4c
 44ANkVlLojBAE43fXXdRPfpSKKBa0pi6MO5WXORrWiY7PNZjAAw=
 =PhGM
 -----END PGP SIGNATURE-----

Merge tag 'livepatching-for-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching

Pull livepatching updates from Petr Mladek:

 - Forced transitions block only to-be-removed livepatches [Chengming]

 - Detect when ftrace handler could not be disabled in self-tests [David]

 - Calm down warning from a static analyzer [Tom]

* tag 'livepatching-for-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching:
  livepatch: Reorder to use before freeing a pointer
  livepatch: Don't block removal of patches that are safe to unload
  livepatch: Skip livepatch tests if ftrace cannot be configured
This commit is contained in:
Linus Torvalds 2022-03-28 14:38:31 -07:00
commit d111c9f034
5 changed files with 32 additions and 8 deletions

View File

@ -641,6 +641,13 @@ void klp_force_transition(void)
for_each_possible_cpu(cpu) for_each_possible_cpu(cpu)
klp_update_patch_state(idle_task(cpu)); klp_update_patch_state(idle_task(cpu));
klp_for_each_patch(patch) /* Set forced flag for patches being removed. */
patch->forced = true; if (klp_target_state == KLP_UNPATCHED)
klp_transition_patch->forced = true;
else if (klp_transition_patch->replace) {
klp_for_each_patch(patch) {
if (patch != klp_transition_patch)
patch->forced = true;
}
}
} }

View File

@ -109,9 +109,9 @@ static void livepatch_fix1_dummy_leak_dtor(void *obj, void *shadow_data)
void *d = obj; void *d = obj;
int **shadow_leak = shadow_data; int **shadow_leak = shadow_data;
kfree(*shadow_leak);
pr_info("%s: dummy @ %p, prevented leak @ %p\n", pr_info("%s: dummy @ %p, prevented leak @ %p\n",
__func__, d, *shadow_leak); __func__, d, *shadow_leak);
kfree(*shadow_leak);
} }
static void livepatch_fix1_dummy_free(struct dummy *d) static void livepatch_fix1_dummy_free(struct dummy *d)

View File

@ -61,9 +61,9 @@ static void livepatch_fix2_dummy_leak_dtor(void *obj, void *shadow_data)
void *d = obj; void *d = obj;
int **shadow_leak = shadow_data; int **shadow_leak = shadow_data;
kfree(*shadow_leak);
pr_info("%s: dummy @ %p, prevented leak @ %p\n", pr_info("%s: dummy @ %p, prevented leak @ %p\n",
__func__, d, *shadow_leak); __func__, d, *shadow_leak);
kfree(*shadow_leak);
} }
static void livepatch_fix2_dummy_free(struct dummy *d) static void livepatch_fix2_dummy_free(struct dummy *d)

View File

@ -75,9 +75,25 @@ function set_dynamic_debug() {
} }
function set_ftrace_enabled() { function set_ftrace_enabled() {
result=$(sysctl -q kernel.ftrace_enabled="$1" 2>&1 && \ local can_fail=0
sysctl kernel.ftrace_enabled 2>&1) if [[ "$1" == "--fail" ]] ; then
echo "livepatch: $result" > /dev/kmsg can_fail=1
shift
fi
local err=$(sysctl -q kernel.ftrace_enabled="$1" 2>&1)
local result=$(sysctl --values kernel.ftrace_enabled)
if [[ "$result" != "$1" ]] ; then
if [[ $can_fail -eq 1 ]] ; then
echo "livepatch: $err" > /dev/kmsg
return
fi
skip "failed to set kernel.ftrace_enabled = $1"
fi
echo "livepatch: kernel.ftrace_enabled = $result" > /dev/kmsg
} }
function cleanup() { function cleanup() {

View File

@ -25,7 +25,8 @@ if [[ "$(cat /proc/cmdline)" != "$MOD_LIVEPATCH: this has been live patched" ]]
die "livepatch kselftest(s) failed" die "livepatch kselftest(s) failed"
fi fi
set_ftrace_enabled 0 # Check that ftrace could not get disabled when a livepatch is enabled
set_ftrace_enabled --fail 0
if [[ "$(cat /proc/cmdline)" != "$MOD_LIVEPATCH: this has been live patched" ]] ; then if [[ "$(cat /proc/cmdline)" != "$MOD_LIVEPATCH: this has been live patched" ]] ; then
echo -e "FAIL\n\n" echo -e "FAIL\n\n"
die "livepatch kselftest(s) failed" die "livepatch kselftest(s) failed"