livepatch: kernel: add support for live patching
authorSeth Jennings <sjenning@redhat.com>
Tue, 16 Dec 2014 17:58:19 +0000 (11:58 -0600)
committerJiri Kosina <jkosina@suse.cz>
Mon, 22 Dec 2014 14:40:49 +0000 (15:40 +0100)
commitb700e7f03df5d92f85fa5247fe1f557528d3363d
treed6da8186d1bd9c42bbd5db9f23deeb1e47bb6dec
parentc5f4546593e9911800f0926c1090959b58bc5c93
livepatch: kernel: add support for live patching

This commit introduces code for the live patching core.  It implements
an ftrace-based mechanism and kernel interface for doing live patching
of kernel and kernel module functions.

It represents the greatest common functionality set between kpatch and
kgraft and can accept patches built using either method.

This first version does not implement any consistency mechanism that
ensures that old and new code do not run together.  In practice, ~90% of
CVEs are safe to apply in this way, since they simply add a conditional
check.  However, any function change that can not execute safely with
the old version of the function can _not_ be safely applied in this
version.

[ jkosina@suse.cz: due to the number of contributions that got folded into
  this original patch from Seth Jennings, add SUSE's copyright as well, as
  discussed via e-mail ]

Signed-off-by: Seth Jennings <sjenning@redhat.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Reviewed-by: Petr Mladek <pmladek@suse.cz>
Reviewed-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Signed-off-by: Miroslav Benes <mbenes@suse.cz>
Signed-off-by: Petr Mladek <pmladek@suse.cz>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Documentation/ABI/testing/sysfs-kernel-livepatch [new file with mode: 0644]
MAINTAINERS
arch/x86/Kconfig
arch/x86/include/asm/livepatch.h [new file with mode: 0644]
arch/x86/kernel/Makefile
arch/x86/kernel/livepatch.c [new file with mode: 0644]
include/linux/livepatch.h [new file with mode: 0644]
kernel/Makefile
kernel/livepatch/Kconfig [new file with mode: 0644]
kernel/livepatch/Makefile [new file with mode: 0644]
kernel/livepatch/core.c [new file with mode: 0644]