Re: [PATCH v3 00/10] livepatch,module: Remove .klp.arch and module_disable_ro()

From: Miroslav Benes
Date: Tue Apr 28 2020 - 09:49:03 EST


On Sat, 25 Apr 2020, Josh Poimboeuf wrote:

> v3:
> - klp: split klp_write_relocations() into object/section specific
> functions [joe]
> - s390: fix plt/got writes [joe]
> - s390: remove text_mutex usage [mbenes]
> - x86: do text_poke_sync() before releasing text_mutex [peterz]
> - split x86 text_mutex changes into separate patch [mbenes]
>
> v2:
> - add vmlinux.ko check [peterz]
> - remove 'klp_object' forward declaration [mbenes]
> - use text_mutex [jeyu]
> - fix documentation TOC [jeyu]
> - fix s390 issues [mbenes]
> - upstream kpatch-build now supports this
> (though it's only enabled for Linux >= 5.8)
>
> These patches add simplifications and improvements for some issues Peter
> found six months ago, as part of his non-writable text code (W^X)
> cleanups.
>
> Highlights:
>
> - Remove the livepatch arch-specific .klp.arch sections, which were used
> to do paravirt patching and alternatives patching for livepatch
> replacement code.
>
> - Add support for jump labels in patched code.
>
> - Remove the last module_disable_ro() usage.
>
> For more background, see this thread:
>
> https://lkml.kernel.org/r/20191021135312.jbbxsuipxldocdjk@treble
>
> This has been tested with kpatch-build integration tests and klp-convert
> selftests.
>
> Josh Poimboeuf (7):
> livepatch: Disallow vmlinux.ko
> livepatch: Apply vmlinux-specific KLP relocations early
> livepatch: Prevent module-specific KLP rela sections from referencing
> vmlinux symbols
> s390: Change s390_kernel_write() return type to match memcpy()
> livepatch: Remove module_disable_ro() usage
> module: Remove module_disable_ro()
> x86/module: Use text_mutex in apply_relocate_add()
>
> Peter Zijlstra (3):
> livepatch: Remove .klp.arch
> s390/module: Use s390_kernel_write() for late relocations
> x86/module: Use text_poke() for late relocations
>
> Documentation/livepatch/module-elf-format.rst | 15 +-
> arch/s390/include/asm/uaccess.h | 2 +-
> arch/s390/kernel/module.c | 147 +++++++++------
> arch/s390/mm/maccess.c | 9 +-
> arch/um/kernel/um_arch.c | 16 ++
> arch/x86/kernel/Makefile | 1 -
> arch/x86/kernel/livepatch.c | 53 ------
> arch/x86/kernel/module.c | 43 ++++-
> include/linux/livepatch.h | 17 +-
> include/linux/module.h | 2 -
> kernel/livepatch/core.c | 177 +++++++++++-------
> kernel/module.c | 23 +--
> 12 files changed, 277 insertions(+), 228 deletions(-)
> delete mode 100644 arch/x86/kernel/livepatch.c

With the small issue in patch 2 fixed

Acked-by: Miroslav Benes <mbenes@xxxxxxx>

Great stuff. I am happy we will get rid of the arch-specific code.

M