On 8/26/21 5:34 PM, Peter Swain wrote: > We have a new userspace live-patch creation tool, LLpatch, paralleling > kpatch-build, but without requiring its arch-specific code for ELF > analysis and manipulation. > > We considered extending kpatch-build to a new target architecture > (arm64), cluttering its code with details of another architecture’s > quirky instruction sequences & relocation modes, and suspected there > might be a better way. > > > The LLVM suite already knows these details, and offers llvm-diff, for > comparing generated code at the LLVM-IR (internal representation) > level, which has access to much more of the code’s _intent_ than > kpatch’s create-diff-object is able to infer from ELF-level > differences. > > > Building on this, LLpatch adds namespace analysis, further > dead/duplicate code elimination, and creation of patch modules > compatible with kernel’s livepatch API. > > Arm64 is supported - testing against a livepatch-capable v5.12 arm64 > kernel, using the preliminary reliable-stacktrace work from > madvenka@xxxxxxxxxxxxxxxxxxx, LLpatch modules for x86 and arm64 behave > identically to the x86 kpatch-build modules, without requiring any > additional arch-specific code. > > On x86, where both tools are available, LLpatch produces smaller patch > modules than kpatch, and already correctly handles most of the kpatch > test cases, without any arch-specific code. This suggests it can work > with any clang-supported kernel architecture. > > > Work is ongoing, collaboration is welcome. > > > See https://github.com/google/LLpatch for further details on the > technology and its benefits. > > > Yonghyun Hwang (yonghyun@xxxxxxxxxx freeaion@xxxxxxxxx) > Bill Wendling (morbo@xxxxxxxxxx isanbard@xxxxxxxxx) > Pete Swain (swine@xxxxxxxxxx swine@xxxxxxxxx) > This is great. I have implemented an alternative method in objtool to do stack validation for livepatch purposes. I have successfully built a livepatch kernel and tested it. I have run all the livepatch tests in the linux kernel sources successfully. But I needed kpatch (or something similar) to do more testing. From Josh, I came to know that a port to ARM64 exists for kpatch. But I was not sure how well ARM64 was supported. Since your tool already works on ARM64, I could really use your tool for my testing. I will study it and contact you with any questions I might have or any help that I might need. If everything works, I can give you a "Tested-by". Thanks. Madhavan
