From 78c268f3781e4b9706103def0cc011505e0c4332 Mon Sep 17 00:00:00 2001 From: Josh Poimboeuf Date: Mon, 26 Jan 2026 15:56:44 -0800 Subject: livepatch/klp-build: Fix klp-build vs CONFIG_MODULE_SRCVERSION_ALL When building a patch to a single-file kernel module with CONFIG_MODULE_SRCVERSION_ALL enabled, the klp-build module link fails in modpost: Diffing objects drivers/md/raid0.o: changed function: raid0_run Building patch module: livepatch-0001-patch-raid0_run.ko drivers/md/raid0.c: No such file or directory ... The problem here is that klp-build copied drivers/md/.raid0.o.cmd to the module build directory, but it didn't also copy over the input source file listed in the .cmd file: source_drivers/md/raid0.o := drivers/md/raid0.c So modpost dies due to the missing .c file which is needed for calculating checksums for CONFIG_MODULE_SRCVERSION_ALL. Instead of copying the original .cmd file, just create an empty one. Modpost only requires that it exists. The original object's build dependencies are irrelevant for the frankenobjects used by klp-build. Fixes: 24ebfcd65a87 ("livepatch/klp-build: Introduce klp-build script for generating livepatch modules") Reported-by: Song Liu Tested-by: Song Liu Link: https://patch.msgid.link/c41b6629e02775e4c1015259aa36065b3fe2f0f3.1769471792.git.jpoimboe@kernel.org Signed-off-by: Josh Poimboeuf --- scripts/livepatch/klp-build | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'scripts/livepatch') diff --git a/scripts/livepatch/klp-build b/scripts/livepatch/klp-build index 882272120c9e..a73515a82272 100755 --- a/scripts/livepatch/klp-build +++ b/scripts/livepatch/klp-build @@ -555,13 +555,11 @@ copy_orig_objects() { local file_dir="$(dirname "$file")" local orig_file="$ORIG_DIR/$rel_file" local orig_dir="$(dirname "$orig_file")" - local cmd_file="$file_dir/.$(basename "$file").cmd" [[ ! -f "$file" ]] && die "missing $(basename "$file") for $_file" mkdir -p "$orig_dir" cp -f "$file" "$orig_dir" - [[ -e "$cmd_file" ]] && cp -f "$cmd_file" "$orig_dir" done xtrace_restore @@ -740,15 +738,17 @@ build_patch_module() { local orig_dir="$(dirname "$orig_file")" local kmod_file="$KMOD_DIR/$rel_file" local kmod_dir="$(dirname "$kmod_file")" - local cmd_file="$orig_dir/.$(basename "$file").cmd" + local cmd_file="$kmod_dir/.$(basename "$file").cmd" mkdir -p "$kmod_dir" cp -f "$file" "$kmod_dir" - [[ -e "$cmd_file" ]] && cp -f "$cmd_file" "$kmod_dir" # Tell kbuild this is a prebuilt object cp -f "$file" "${kmod_file}_shipped" + # Make modpost happy + touch "$cmd_file" + echo -n " $rel_file" >> "$makefile" done -- cgit v1.2.3 From a8ff29f0ca1d63a215ef445102662850a912d127 Mon Sep 17 00:00:00 2001 From: Josh Poimboeuf Date: Tue, 27 Jan 2026 17:12:05 -0800 Subject: livepatch/klp-build: Require Clang assembler >= 20 Some special sections specify their ELF section entsize, for example: .pushsection section, "M", @progbits, 8 The entsize (8 in this example) is needed by objtool klp-diff for extracting individual entries. Clang assembler versions older than 20 silently ignore the above construct and set entsize to 0, resulting in the following error: .discard.annotate_data: missing special section entsize or annotations Add a klp-build check to prevent the use of Clang assembler versions prior to 20. Fixes: 24ebfcd65a87 ("livepatch/klp-build: Introduce klp-build script for generating livepatch modules") Reported-by: Song Liu Acked-by: Song Liu Link: https://patch.msgid.link/957fd52e375d0e2cfa3ac729160da995084a7f5e.1769562556.git.jpoimboe@kernel.org Signed-off-by: Josh Poimboeuf --- scripts/livepatch/klp-build | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'scripts/livepatch') diff --git a/scripts/livepatch/klp-build b/scripts/livepatch/klp-build index a73515a82272..809e198a561d 100755 --- a/scripts/livepatch/klp-build +++ b/scripts/livepatch/klp-build @@ -249,6 +249,10 @@ validate_config() { [[ -v CONFIG_GCC_PLUGIN_RANDSTRUCT ]] && \ die "kernel option 'CONFIG_GCC_PLUGIN_RANDSTRUCT' not supported" + [[ -v CONFIG_AS_IS_LLVM ]] && \ + [[ "$CONFIG_AS_VERSION" -lt 200000 ]] && \ + die "Clang assembler version < 20 not supported" + return 0 } -- cgit v1.2.3 From ab10815472fcbc2c772dc21a979460b7f74f0145 Mon Sep 17 00:00:00 2001 From: Petr Pavlu Date: Fri, 23 Jan 2026 11:26:56 +0100 Subject: livepatch: Fix having __klp_objects relics in non-livepatch modules The linker script scripts/module.lds.S specifies that all input __klp_objects sections should be consolidated into an output section of the same name, and start/stop symbols should be created to enable scripts/livepatch/init.c to locate this data. This start/stop pattern is not ideal for modules because the symbols are created even if no __klp_objects input sections are present. Consequently, a dummy __klp_objects section also appears in the resulting module. This unnecessarily pollutes non-livepatch modules. Instead, since modules are relocatable files, the usual method for locating consolidated data in a module is to read its section table. This approach avoids the aforementioned problem. The klp_modinfo already stores a copy of the entire section table with the final addresses. Introduce a helper function that scripts/livepatch/init.c can call to obtain the location of the __klp_objects section from this data. Fixes: dd590d4d57eb ("objtool/klp: Introduce klp diff subcommand for diffing object files") Signed-off-by: Petr Pavlu Acked-by: Joe Lawrence Acked-by: Miroslav Benes Reviewed-by: Aaron Tomlin Link: https://patch.msgid.link/20260123102825.3521961-2-petr.pavlu@suse.com Signed-off-by: Josh Poimboeuf --- scripts/livepatch/init.c | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) (limited to 'scripts/livepatch') diff --git a/scripts/livepatch/init.c b/scripts/livepatch/init.c index 2274d8f5a482..9e315fc857bd 100644 --- a/scripts/livepatch/init.c +++ b/scripts/livepatch/init.c @@ -9,19 +9,19 @@ #include #include -extern struct klp_object_ext __start_klp_objects[]; -extern struct klp_object_ext __stop_klp_objects[]; - static struct klp_patch *patch; static int __init livepatch_mod_init(void) { + struct klp_object_ext *obj_exts; + size_t obj_exts_sec_size; struct klp_object *objs; unsigned int nr_objs; int ret; - nr_objs = __stop_klp_objects - __start_klp_objects; - + obj_exts = klp_find_section_by_name(THIS_MODULE, "__klp_objects", + &obj_exts_sec_size); + nr_objs = obj_exts_sec_size / sizeof(*obj_exts); if (!nr_objs) { pr_err("nothing to patch!\n"); ret = -EINVAL; @@ -41,7 +41,7 @@ static int __init livepatch_mod_init(void) } for (int i = 0; i < nr_objs; i++) { - struct klp_object_ext *obj_ext = __start_klp_objects + i; + struct klp_object_ext *obj_ext = obj_exts + i; struct klp_func_ext *funcs_ext = obj_ext->funcs; unsigned int nr_funcs = obj_ext->nr_funcs; struct klp_func *funcs = objs[i].funcs; @@ -90,12 +90,10 @@ err: static void __exit livepatch_mod_exit(void) { - unsigned int nr_objs; - - nr_objs = __stop_klp_objects - __start_klp_objects; + struct klp_object *obj; - for (int i = 0; i < nr_objs; i++) - kfree(patch->objs[i].funcs); + klp_for_each_object_static(patch, obj) + kfree(obj->funcs); kfree(patch->objs); kfree(patch); -- cgit v1.2.3 From b525fcaf0a76507f152d58c6f9e5ef67b3ff552c Mon Sep 17 00:00:00 2001 From: Petr Pavlu Date: Fri, 23 Jan 2026 11:26:57 +0100 Subject: livepatch: Free klp_{object,func}_ext data after initialization The klp_object_ext and klp_func_ext data, which are stored in the __klp_objects and __klp_funcs sections, respectively, are not needed after they are used to create the actual klp_object and klp_func instances. This operation is implemented by the init function in scripts/livepatch/init.c. Prefix the two sections with ".init" so they are freed after the module is initializated. Signed-off-by: Petr Pavlu Acked-by: Joe Lawrence Acked-by: Miroslav Benes Reviewed-by: Aaron Tomlin Link: https://patch.msgid.link/20260123102825.3521961-3-petr.pavlu@suse.com Signed-off-by: Josh Poimboeuf --- scripts/livepatch/init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts/livepatch') diff --git a/scripts/livepatch/init.c b/scripts/livepatch/init.c index 9e315fc857bd..638c95cffe76 100644 --- a/scripts/livepatch/init.c +++ b/scripts/livepatch/init.c @@ -19,7 +19,7 @@ static int __init livepatch_mod_init(void) unsigned int nr_objs; int ret; - obj_exts = klp_find_section_by_name(THIS_MODULE, "__klp_objects", + obj_exts = klp_find_section_by_name(THIS_MODULE, ".init.klp_objects", &obj_exts_sec_size); nr_objs = obj_exts_sec_size / sizeof(*obj_exts); if (!nr_objs) { -- cgit v1.2.3 From 69050f8d6d075dc01af7a5f2f550a8067510366f Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 20 Feb 2026 23:49:23 -0800 Subject: treewide: Replace kmalloc with kmalloc_obj for non-scalar types This is the result of running the Coccinelle script from scripts/coccinelle/api/kmalloc_objs.cocci. The script is designed to avoid scalar types (which need careful case-by-case checking), and instead replace kmalloc-family calls that allocate struct or union object instances: Single allocations: kmalloc(sizeof(TYPE), ...) are replaced with: kmalloc_obj(TYPE, ...) Array allocations: kmalloc_array(COUNT, sizeof(TYPE), ...) are replaced with: kmalloc_objs(TYPE, COUNT, ...) Flex array allocations: kmalloc(struct_size(PTR, FAM, COUNT), ...) are replaced with: kmalloc_flex(*PTR, FAM, COUNT, ...) (where TYPE may also be *VAR) The resulting allocations no longer return "void *", instead returning "TYPE *". Signed-off-by: Kees Cook --- scripts/livepatch/init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts/livepatch') diff --git a/scripts/livepatch/init.c b/scripts/livepatch/init.c index 638c95cffe76..bbfd2e479099 100644 --- a/scripts/livepatch/init.c +++ b/scripts/livepatch/init.c @@ -28,7 +28,7 @@ static int __init livepatch_mod_init(void) goto err; } - patch = kzalloc(sizeof(*patch), GFP_KERNEL); + patch = kzalloc_obj(*patch, GFP_KERNEL); if (!patch) { ret = -ENOMEM; goto err; -- cgit v1.2.3 From bf4afc53b77aeaa48b5409da5c8da6bb4eff7f43 Mon Sep 17 00:00:00 2001 From: Linus Torvalds Date: Sat, 21 Feb 2026 16:37:42 -0800 Subject: Convert 'alloc_obj' family to use the new default GFP_KERNEL argument This was done entirely with mindless brute force, using git grep -l '\ --- scripts/livepatch/init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts/livepatch') diff --git a/scripts/livepatch/init.c b/scripts/livepatch/init.c index bbfd2e479099..f14d8c8fb35f 100644 --- a/scripts/livepatch/init.c +++ b/scripts/livepatch/init.c @@ -28,7 +28,7 @@ static int __init livepatch_mod_init(void) goto err; } - patch = kzalloc_obj(*patch, GFP_KERNEL); + patch = kzalloc_obj(*patch); if (!patch) { ret = -ENOMEM; goto err; -- cgit v1.2.3