[gentoo-soc] Google Summer of Code summary week 08

[gentoo-soc] Google Summer of Code summary week 08

[Alice Ferrazzi]

___Google Summer of Code summary week 08___


What I did in this week 08 summary:

elivepatch:

* Working with tempfile for keeping the uncompressed configuration file using
the appropiate tempfile module.
* Refactoring and code cleaning.
* Check if the ebuild is present in the overlay before trying to merge it.
* lpatch added locally
* fix ebuild directory
* Static patch and config filename on send
    This is useful for isolating the api requests using only the uuid as
    session identifier
* Removed livepatchStatus and lpatch class configurations.
    Because we need a request to only be identified by is own UUID,
    for isolating the transaction.
* return in case the request with same uuid is already present.
* Fixed livepatch output name for reflecting the static setted patch name
* module install removed as not needed
* debug option is now also copying the build.log to the uuid
directory, for investigating failed attempt  * refactored uuid\_dir
with uuid in the case where uuid\_dir is not actually containing the
full path
* adding debug\_info to the configuration file if not already present
    however this setting is only needed for the livepatch creation
(not tested yet)


Kpatc:

* Investigate about dwarf attribute problems




What I need to do next time:

 * Finish the function for download the livepatch to the client
 * Testing elivepatch
 * Implementing the CVE patch uploader
 * Installing elivepatch to the Gentoo server
 * Fix kpatch-build for automatically work with gentoo-sources
 * Add more features to elivepatch

---------------------------------------------------

day 33
`What was my plan for today?`

* testing and improving elivepatch

`What i did today?`

* Working with tempfile for keeping the uncompressed configuration file using
the appropiate tempfile module.
* Refactoring and code cleaning.
* Check if the ebuild is present in the overlay before trying to merge it.


`what i will do next time?`

* testing and improving elivepatch
---------------------------------------------------
day 34

`What was my plan for today?`

* testing and improving elivepatch

`What i did today?`

* lpatch added locally
* fix ebuild directory
* Static patch and config filename on send
    This is useful for isolating the api requests using only the uuid as
    session identifier
* Removed livepatchStatus and lpatch class configurations.
    Because we need a request to only be identified by is own UUID,
    for isolating the transaction.
* return in case the request with same uuid is already present.

we still have problem about
"can'\''t find special struct alt_instr size."

I will investigate it tomorrow



`what i will do next time?`

* testing and improving elivepatch
* Investigating the missing informations in the livepatch

---------------------------------------------------
day 35

`What was my plan for today?`

* testing and improving elivepatch

`What i did today?`

Today I investigate the missing information on the livepatch that we have
when we don't have CONFIG\_DEBUG\_INFO=y in our kernel configuration.
In the case we don't have debug\_info in the kernel configuration we usually
get missing alt\_instr errors from kpatch-build and this is stopping elivepatch
from creating a livepatch.
This DEBUG\_INFO is only needed for making the livepatch and dosen't
have to be setted
also in production (but not tested it yet)

Kpatch need some special section data for find where to inject the livepatch.
This special section data existence is checked by kpatch-build in the
given vmlinux file.
The vmlinux file need CONFIG\_DEBUG\_INFO=y for making the debug
symbols containing
the special section data.
This special section data is found like this:

[[!pygments bash content="""
# Set state if name matches
a == 0 && /DW_AT_name.* alt_instr[[:space:]]*$/ {a = 1; next}
b == 0 && /DW_AT_name.* bug_entry[[:space:]]*$/ {b = 1; next}
p == 0 && /DW_AT_name.* paravirt_patch_site[[:space:]]*$/ {p = 1; next}
e == 0 && /DW_AT_name.* exception_table_entry[[:space:]]*$/ {e = 1; next}
"""]]

DW\_AT\_NAME is the dwarf attributei (AT) for the name of declaration
as it appear in
the source program.

[[!pygments bash content="""
<1><3a75de>: Abbrev Number: 118 (DW_TAG_variable)
   <3a75df>   DW_AT_name        : (indirect string, offset: 0x2878c):
__alt_instructions
   <3a75e3>   DW_AT_decl_file   : 1
   <3a75e4>   DW_AT_decl_line   : 271
   <3a75e6>   DW_AT_type        : <0x3a75d3>
   <3a75ea>   DW_AT_external    : 1
   <3a75ea>   DW_AT_declaration : 1
"""]]

* decl\_file is the file containing the source declaration
* type is the type of declaration
* external means that the variable is visible outside of its enclosing
compilation unit
* declaration indicates that this entry represents a non-defining
declaration of object

more informations can be found here http://dwarfstd.org/doc/Dwarf3.pdf

After the kpatch-build identify the various name attribute

It will re build the original kernel and the patched kernel

With the use of create-diff-object program, kpatch-build will
extract new and modified ELF by using the dwarf data special section

Finally it will create the patch module using create-kpatch-module program
and by using dynamic linked objects relocation (dynrelas) symbol
sections changes

[continue...]

`what i will do next time?`

* testing and improving elivepatch
* Investigating the missing informations in the livepatch


---------------------------------------------------

day 36

`What was my plan for today?`

* testing and improving elivepatch

`What i did today?`

* Fixed livepatch output name for reflecting the static setted patch name
* module install removed as not needed
* debug option is now also copying the build.log to the uuid
directory, for investigating failed attempt  * refactored uuid\_dir
with uuid in the case where uuid\_dir is not actually containing the
full path
* adding debug\_info to the configuration file if not already present
    however this setting is only needed for the livepatch creation
(not tested yet)

`what i will do next time?`

* testing and improving elivepatch

[[!tag draft ]]

---------------------------------------------------

-- 
Thanks,
Alice Ferrazzi

Gentoo Kernel Project Leader
Mail: Alice Ferrazzi <alicef@gentoo.org>
PGP: 2E4E 0856 461C 0585 1336 F496 5621 A6B2 8638 781A