aboutsummaryrefslogtreecommitdiff
path: root/kernel/livepatch/Kconfig
AgeCommit message (Collapse)AuthorFilesLines
2020-11-13livepatch: Use the default ftrace_ops instead of REGS when ARGS is availableSteven Rostedt (VMware)1-1/+1
When CONFIG_HAVE_DYNAMIC_FTRACE_WITH_ARGS is available, the ftrace call will be able to set the ip of the calling function. This will improve the performance of live kernel patching where it does not need all the regs to be stored just to change the instruction pointer. If all archs that support live kernel patching also support HAVE_DYNAMIC_FTRACE_WITH_ARGS, then the architecture specific function klp_arch_set_pc() could be made generic. It is possible that an arch can support HAVE_DYNAMIC_FTRACE_WITH_ARGS but not HAVE_DYNAMIC_FTRACE_WITH_REGS and then have access to live patching. Cc: Josh Poimboeuf <[email protected]> Cc: Jiri Kosina <[email protected]> Cc: [email protected] Acked-by: Peter Zijlstra (Intel) <[email protected]> Acked-by: Miroslav Benes <[email protected]> Signed-off-by: Steven Rostedt (VMware) <[email protected]>
2019-05-21treewide: Add SPDX license identifier - Makefile/KconfigThomas Gleixner1-0/+1
Add SPDX license identifiers to all Make/Kconfig files which: - Have no license information of any form These files fall under the project license, GPL v2 only. The resulting SPDX license identifier is: GPL-2.0-only Signed-off-by: Thomas Gleixner <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
2017-05-27livepatch: Make livepatch dependent on !TRIM_UNUSED_KSYMSMiroslav Benes1-0/+1
If TRIM_UNUSED_KSYMS is enabled, all unneeded exported symbols are made unexported. Two-pass build of the kernel is done to find out which symbols are needed based on a configuration. This effectively complicates things for out-of-tree modules. Livepatch exports functions to (un)register and enable/disable a live patch. The only in-tree module which uses these functions is a sample in samples/livepatch/. If the sample is disabled, the functions are trimmed and out-of-tree live patches cannot be built. Note that live patches are intended to be built out-of-tree. Suggested-by: Michal Marek <[email protected]> Acked-by: Josh Poimboeuf <[email protected]> Acked-by: Jessica Yu <[email protected]> Signed-off-by: Miroslav Benes <[email protected]> Signed-off-by: Jiri Kosina <[email protected]>
2015-02-04livepatch: rename config to CONFIG_LIVEPATCHJosh Poimboeuf1-3/+3
Rename CONFIG_LIVE_PATCHING to CONFIG_LIVEPATCH to make the naming of the config and the code more consistent. Signed-off-by: Josh Poimboeuf <[email protected]> Reviewed-by: Jingoo Han <[email protected]> Signed-off-by: Jiri Kosina <[email protected]>
2015-01-20livepatch: change ARCH_HAVE_LIVE_PATCHING to HAVE_LIVE_PATCHINGMiroslav Benes1-2/+2
Change ARCH_HAVE_LIVE_PATCHING to HAVE_LIVE_PATCHING in Kconfigs. HAVE_ bools are prevalent there and we should go with the flow. Suggested-by: Andrew Morton <[email protected]> Signed-off-by: Miroslav Benes <[email protected]> Acked-by: Josh Poimboeuf <[email protected]> Signed-off-by: Jiri Kosina <[email protected]>
2015-01-06livepatch: kconfig: use bool instead of booleanChristoph Jaeger1-2/+2
Keyword 'boolean' for type definition attributes is considered deprecated and should not be used anymore. No functional changes. Reference: http://lkml.kernel.org/r/[email protected] Reference: http://lkml.kernel.org/r/[email protected] Signed-off-by: Christoph Jaeger <[email protected]> Reviewed-by: Petr Mladek <[email protected]> Reviewed-by: Jingoo Han <[email protected]> Acked-by: Josh Poimboeuf <[email protected]> Signed-off-by: Jiri Kosina <[email protected]>
2014-12-22livepatch: kernel: add support for live patchingSeth Jennings1-0/+18
This commit introduces code for the live patching core. It implements an ftrace-based mechanism and kernel interface for doing live patching of kernel and kernel module functions. It represents the greatest common functionality set between kpatch and kgraft and can accept patches built using either method. This first version does not implement any consistency mechanism that ensures that old and new code do not run together. In practice, ~90% of CVEs are safe to apply in this way, since they simply add a conditional check. However, any function change that can not execute safely with the old version of the function can _not_ be safely applied in this version. [ [email protected]: due to the number of contributions that got folded into this original patch from Seth Jennings, add SUSE's copyright as well, as discussed via e-mail ] Signed-off-by: Seth Jennings <[email protected]> Signed-off-by: Josh Poimboeuf <[email protected]> Reviewed-by: Miroslav Benes <[email protected]> Reviewed-by: Petr Mladek <[email protected]> Reviewed-by: Masami Hiramatsu <[email protected]> Signed-off-by: Miroslav Benes <[email protected]> Signed-off-by: Petr Mladek <[email protected]> Signed-off-by: Jiri Kosina <[email protected]>
Powered by cgit, Gruvboxed by Blaster4385.