tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

docs/livepatch: Unify style of livepatch documentation in the ReST format

Make the structure of "Livepatch module Elf format" document similar
to the main "Livepatch" document.

Also make the structure of "(Un)patching Callbacks" document similar
to the "Shadow Variables" document.

It fixes the most visible inconsistencies of the documentation
generated from the ReST format.

Signed-off-by: Petr Mladek <pmladek@suse.com>
Acked-by: Joe Lawrence <joe.lawrence@redhat.com>
Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Miroslav Benes <mbenes@suse.cz>
Reviewed-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Reviewed-by: Kamalesh Babulal <kamalesh@linux.vnet.ibm.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>

authored by

Petr Mladek and committed by
Jonathan Corbet d9defe44 89e33ea7

+103 -114
+18 -15
Documentation/livepatch/callbacks.rst
··· 4 4 5 5 Livepatch (un)patch-callbacks provide a mechanism for livepatch modules 6 6 to execute callback functions when a kernel object is (un)patched. They 7 - can be considered a "power feature" that extends livepatching abilities 7 + can be considered a **power feature** that **extends livepatching abilities** 8 8 to include: 9 9 10 10 - Safe updates to global data ··· 17 17 with memory barriers and kernel synchronization primitives, like 18 18 mutexes/spinlocks, or even stop_machine(), to avoid concurrency issues. 19 19 20 + 1. Motivation 21 + ============= 22 + 20 23 Callbacks differ from existing kernel facilities: 21 24 22 25 - Module init/exit code doesn't run when disabling and re-enabling a ··· 30 27 Callbacks are part of the klp_object structure and their implementation 31 28 is specific to that klp_object. Other livepatch objects may or may not 32 29 be patched, irrespective of the target klp_object's current state. 30 + 31 + 2. Callback types 32 + ================= 33 33 34 34 Callbacks can be registered for the following livepatch actions: 35 35 ··· 52 46 - after a klp_object has been patched, all code has 53 47 been restored and no tasks are running patched code, 54 48 used to cleanup pre-patch callback resources 49 + 50 + 3. How it works 51 + =============== 55 52 56 53 Each callback is optional, omitting one does not preclude specifying any 57 54 other. However, the livepatching core executes the handlers in ··· 99 90 started for some reason (e.g., if another object failed to patch), 100 91 only the post-unpatch callback will be called. 101 92 93 + 4. Use cases 94 + ============ 102 95 103 - Example Use-cases 104 - ================= 96 + Sample livepatch modules demonstrating the callback API can be found in 97 + samples/livepatch/ directory. These samples were modified for use in 98 + kselftests and can be found in the lib/livepatch directory. 105 99 106 - Update global data 100 + Global data update 107 101 ------------------ 108 102 109 103 A pre-patch callback can be useful to update a global variable. For ··· 119 107 so that tcp_send_challenge_ack() could first be changed to read 120 108 sysctl_tcp_challenge_ack_limit with READ_ONCE. 121 109 122 - 123 - Support __init and probe function patches 110 + __init and probe function patches support 124 111 ----------------------------------------- 125 112 126 113 Although __init and probe functions are not directly livepatch-able, it 127 114 may be possible to implement similar updates via pre/post-patch 128 115 callbacks. 129 116 130 - 48900cb6af42 ("virtio-net: drop NETIF_F_FRAGLIST") change the way that 117 + The commit ``48900cb6af42 ("virtio-net: drop NETIF_F_FRAGLIST")`` change the way that 131 118 virtnet_probe() initialized its driver's net_device features. A 132 119 pre/post-patch callback could iterate over all such devices, making a 133 120 similar change to their hw_features value. (Client functions of the 134 121 value may need to be updated accordingly.) 135 - 136 - 137 - Other Examples 138 - ============== 139 - 140 - Sample livepatch modules demonstrating the callback API can be found in 141 - samples/livepatch/ directory. These samples were modified for use in 142 - kselftests and can be found in the lib/livepatch directory.
+85 -99
Documentation/livepatch/module-elf-format.rst
··· 7 7 8 8 .. Table of Contents 9 9 10 - 0. Background and motivation 11 - 1. Livepatch modinfo field 12 - 2. Livepatch relocation sections 13 - 2.1 What are livepatch relocation sections? 14 - 2.2 Livepatch relocation section format 15 - 2.2.1 Required flags 16 - 2.2.2 Required name format 17 - 2.2.3 Example livepatch relocation section names 18 - 2.2.4 Example `readelf --sections` output 19 - 2.2.5 Example `readelf --relocs` output 20 - 3. Livepatch symbols 21 - 3.1 What are livepatch symbols? 22 - 3.2 A livepatch module's symbol table 23 - 3.3 Livepatch symbol format 24 - 3.3.1 Required flags 25 - 3.3.2 Required name format 26 - 3.3.3 Example livepatch symbol names 27 - 3.3.4 Example `readelf --symbols` output 28 - 4. Architecture-specific sections 29 - 5. Symbol table and Elf section access 10 + 1. Background and motivation 11 + 2. Livepatch modinfo field 12 + 3. Livepatch relocation sections 13 + 3.1 Livepatch relocation section format 14 + 4. Livepatch symbols 15 + 4.1 A livepatch module's symbol table 16 + 4.2 Livepatch symbol format 17 + 5. Architecture-specific sections 18 + 6. Symbol table and Elf section access 30 19 31 - ---------------------------- 32 - 0. Background and motivation 33 - ---------------------------- 20 + 1. Background and motivation 21 + ============================ 34 22 35 23 Formerly, livepatch required separate architecture-specific code to write 36 24 relocations. However, arch-specific code to write relocations already ··· 40 52 Elf constants used to mark livepatch symbols and relocation sections were 41 53 selected from OS-specific ranges according to the definitions from glibc. 42 54 43 - 0.1 Why does livepatch need to write its own relocations? 44 - --------------------------------------------------------- 55 + Why does livepatch need to write its own relocations? 56 + ----------------------------------------------------- 45 57 A typical livepatch module contains patched versions of functions that can 46 58 reference non-exported global symbols and non-included local symbols. 47 59 Relocations referencing these types of symbols cannot be left in as-is ··· 60 72 arch-specific livepatch relocation code is replaced by a call to 61 73 apply_relocate_add(). 62 74 63 - ================================ 64 - PATCH MODULE FORMAT REQUIREMENTS 65 - ================================ 66 - 67 - -------------------------- 68 - 1. Livepatch modinfo field 69 - -------------------------- 75 + 2. Livepatch modinfo field 76 + ========================== 70 77 71 78 Livepatch modules are required to have the "livepatch" modinfo attribute. 72 79 See the sample livepatch module in samples/livepatch/ for how this is done. ··· 70 87 and looking for the presence of the "livepatch" field. This field is also 71 88 used by the kernel module loader to identify livepatch modules. 72 89 73 - Example modinfo output: 74 - ----------------------- 90 + Example: 91 + -------- 92 + 93 + **Modinfo output:** 75 94 76 95 :: 77 96 ··· 84 99 depends: 85 100 vermagic: 4.3.0+ SMP mod_unload 86 101 87 - -------------------------------- 88 - 2. Livepatch relocation sections 89 - -------------------------------- 102 + 3. Livepatch relocation sections 103 + ================================ 90 104 91 - ------------------------------------------- 92 - 2.1 What are livepatch relocation sections? 93 - ------------------------------------------- 94 105 A livepatch module manages its own Elf relocation sections to apply 95 106 relocations to modules as well as to the kernel (vmlinux) at the 96 107 appropriate time. For example, if a patch module patches a driver that is ··· 111 130 livepatch symbol. These must be resolved before livepatch can call 112 131 apply_relocate_add(). See Section 3 for more information. 113 132 114 - --------------------------------------- 115 - 2.2 Livepatch relocation section format 116 - --------------------------------------- 133 + 3.1 Livepatch relocation section format 134 + ======================================= 117 135 118 - 2.2.1 Required flags 119 - -------------------- 120 136 Livepatch relocation sections must be marked with the SHF_RELA_LIVEPATCH 121 137 section flag. See include/uapi/linux/elf.h for the definition. The module 122 138 loader recognizes this flag and will avoid applying those relocation sections ··· 121 143 so that the module loader doesn't discard them on module load (i.e. they will 122 144 be copied into memory along with the other SHF_ALLOC sections). 123 145 124 - 2.2.2 Required name format 125 - -------------------------- 126 146 The name of a livepatch relocation section must conform to the following 127 147 format:: 128 148 ··· 129 153 |________||_____| |__________| 130 154 [A] [B] [C] 131 155 132 - [A] The relocation section name is prefixed with the string ".klp.rela." 133 - [B] The name of the object (i.e. "vmlinux" or name of module) to 134 - which the relocation section belongs follows immediately after the prefix. 135 - [C] The actual name of the section to which this relocation section applies. 156 + [A] 157 + The relocation section name is prefixed with the string ".klp.rela." 136 158 137 - 2.2.3 Example livepatch relocation section names: 138 - ------------------------------------------------- 139 - .klp.rela.ext4.text.ext4_attr_store 140 - .klp.rela.vmlinux.text.cmdline_proc_show 159 + [B] 160 + The name of the object (i.e. "vmlinux" or name of module) to 161 + which the relocation section belongs follows immediately after the prefix. 141 162 142 - 2.2.4 Example `readelf --sections` output for a patch 143 - module that patches vmlinux and modules 9p, btrfs, ext4: 144 - -------------------------------------------------------- 163 + [C] 164 + The actual name of the section to which this relocation section applies. 165 + 166 + Examples: 167 + --------- 168 + 169 + **Livepatch relocation section names:** 170 + 171 + :: 172 + 173 + .klp.rela.ext4.text.ext4_attr_store 174 + .klp.rela.vmlinux.text.cmdline_proc_show 175 + 176 + **`readelf --sections` output for a patch 177 + module that patches vmlinux and modules 9p, btrfs, ext4:** 145 178 146 179 :: 147 180 ··· 167 182 [ snip ] ^ ^ 168 183 | | 169 184 [*] [*] 170 - [*] Livepatch relocation sections are SHT_RELA sections but with a few special 185 + 186 + [*] 187 + Livepatch relocation sections are SHT_RELA sections but with a few special 171 188 characteristics. Notice that they are marked SHF_ALLOC ("A") so that they will 172 189 not be discarded when the module is loaded into memory, as well as with the 173 190 SHF_RELA_LIVEPATCH flag ("o" - for OS-specific). 174 191 175 - 2.2.5 Example `readelf --relocs` output for a patch module: 176 - ----------------------------------------------------------- 192 + **`readelf --relocs` output for a patch module:** 177 193 178 194 :: 179 195 ··· 186 200 000000000000004c 0000004900000002 R_X86_64_PC32 0000000000000000 .klp.sym.vmlinux.snprintf,0 - 4 187 201 [ snip ] ^ 188 202 | 189 - [*] 190 - [*] Every symbol referenced by a relocation is a livepatch symbol. 203 + [*] 191 204 192 - -------------------- 193 - 3. Livepatch symbols 194 - -------------------- 205 + [*] 206 + Every symbol referenced by a relocation is a livepatch symbol. 195 207 196 - ------------------------------- 197 - 3.1 What are livepatch symbols? 198 - ------------------------------- 208 + 4. Livepatch symbols 209 + ==================== 210 + 199 211 Livepatch symbols are symbols referred to by livepatch relocation sections. 200 212 These are symbols accessed from new versions of functions for patched 201 213 objects, whose addresses cannot be resolved by the module loader (because ··· 213 229 in their symbol tables, and the symbol table is made accessible through 214 230 module->symtab. 215 231 216 - ------------------------------------- 217 - 3.2 A livepatch module's symbol table 218 - ------------------------------------- 232 + 4.1 A livepatch module's symbol table 233 + ===================================== 219 234 Normally, a stripped down copy of a module's symbol table (containing only 220 235 "core" symbols) is made available through module->symtab (See layout_symtab() 221 236 in kernel/module.c). For livepatch modules, the symbol table copied into memory ··· 238 255 94: 0000000000000000 0 NOTYPE GLOBAL DEFAULT OS [0xff20] .klp.sym.vmlinux.printk,0 239 256 [ snip ] 240 257 241 - --------------------------- 242 - 3.3 Livepatch symbol format 243 - --------------------------- 258 + 4.2 Livepatch symbol format 259 + =========================== 244 260 245 - 3.3.1 Required flags 246 - -------------------- 247 261 Livepatch symbols must have their section index marked as SHN_LIVEPATCH, so 248 262 that the module loader can identify them and not attempt to resolve them. 249 263 See include/uapi/linux/elf.h for the actual definitions. 250 264 251 - 3.3.2 Required name format 252 - -------------------------- 253 265 Livepatch symbol names must conform to the following format:: 254 266 255 267 .klp.sym.objname.symbol_name,sympos ··· 252 274 |_______||_____| |_________| | 253 275 [A] [B] [C] [D] 254 276 255 - [A] The symbol name is prefixed with the string ".klp.sym." 256 - [B] The name of the object (i.e. "vmlinux" or name of module) to 257 - which the symbol belongs follows immediately after the prefix. 258 - [C] The actual name of the symbol. 259 - [D] The position of the symbol in the object (as according to kallsyms) 260 - This is used to differentiate duplicate symbols within the same 261 - object. The symbol position is expressed numerically (0, 1, 2...). 262 - The symbol position of a unique symbol is 0. 277 + [A] 278 + The symbol name is prefixed with the string ".klp.sym." 263 279 264 - 3.3.3 Example livepatch symbol names: 265 - ------------------------------------- 280 + [B] 281 + The name of the object (i.e. "vmlinux" or name of module) to 282 + which the symbol belongs follows immediately after the prefix. 283 + 284 + [C] 285 + The actual name of the symbol. 286 + 287 + [D] 288 + The position of the symbol in the object (as according to kallsyms) 289 + This is used to differentiate duplicate symbols within the same 290 + object. The symbol position is expressed numerically (0, 1, 2...). 291 + The symbol position of a unique symbol is 0. 292 + 293 + Examples: 294 + --------- 295 + 296 + **Livepatch symbol names:** 266 297 267 298 :: 268 299 ··· 279 292 .klp.sym.vmlinux.printk,0 280 293 .klp.sym.btrfs.btrfs_ktype,0 281 294 282 - 3.3.4 Example `readelf --symbols` output for a patch module: 283 - ------------------------------------------------------------ 295 + **`readelf --symbols` output for a patch module:** 284 296 285 297 :: 286 298 ··· 293 307 [ snip ] ^ 294 308 | 295 309 [*] 296 - [*] Note that the 'Ndx' (Section index) for these symbols is SHN_LIVEPATCH (0xff20). 297 - "OS" means OS-specific. 298 310 299 - --------------------------------- 300 - 4. Architecture-specific sections 301 - --------------------------------- 311 + [*] 312 + Note that the 'Ndx' (Section index) for these symbols is SHN_LIVEPATCH (0xff20). 313 + "OS" means OS-specific. 314 + 315 + 5. Architecture-specific sections 316 + ================================= 302 317 Architectures may override arch_klp_init_object_loaded() to perform 303 318 additional arch-specific tasks when a target module loads, such as applying 304 319 arch-specific sections. On x86 for example, we must apply per-object ··· 308 321 be easily identified when iterating through a patch module's Elf sections 309 322 (See arch/x86/kernel/livepatch.c for a complete example). 310 323 311 - -------------------------------------- 312 - 5. Symbol table and Elf section access 313 - -------------------------------------- 324 + 6. Symbol table and Elf section access 325 + ====================================== 314 326 A livepatch module's symbol table is accessible through module->symtab. 315 327 316 328 Since apply_relocate_add() requires access to a module's section headers,