Merge pull request #1263 from anatasluo/master

kpatch-build: add support for openEuler
dynup · May 13, 2022 · 6a0dcb0 · 6a0dcb0
2 parents f6e0142 + e680087
commit 6a0dcb0
Show file tree

Hide file tree

Showing 3 changed files with 144 additions and 4 deletions.
diff --git a/doc/INSTALL.md b/doc/INSTALL.md
@@ -12,6 +12,7 @@ Table of contents
 	- [Debian 8 (Jessie)](#debian-8-jessie)
 	- [Debian 7 (Lenny)](#debian-7-lenny)
 	- [Gentoo](#gentoo)
+	- [OpenEuler](#openeuler)
 - [Build](#build)
 - [Install](#install)
 
@@ -187,6 +188,115 @@ Configure ccache:
 ccache --max-size=5G
 ```
 
+### OpenEuler
+
+*ATTENTION: openEuler maintains its own version of kpatch which work with its
+own kernel. You can check this [link](https://gitee.com/src-openeuler/kpatch)
+to see its documents. This document describes how to run mainline kpatch in openEuler.*
+
+*NOTE: You'll need about 15GB of free disk space for the kpatch-build cache in
+`~/.kpatch` and for ccache.*
+
+Install the dependencies for compiling kpatch and running kpatch-build:
+
+```bash
+source test/integration/lib.sh
+# Will request root privileges
+kpatch_dependencies
+```
+
+Before running kpatch-build, two more things need to be checked:
+-------
+1. Ensure current kernel compiled with *CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY* set
+
+    openEuler has two strategies to apply kernel live patches and it is decided at compile time.
+
+    When CONFIG_LIVEPATCH_STOP_MACHINE_CONSISTENCY set, openEuler uses its own strategy.
+
+    When CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY set, openEuler uses the conventional strategy.
+
+    Only one config option can take effect at the same time.
+    A [chinese blog](https://www.modb.pro/db/232858) written by the openEuler official describes
+    their modifications for kernel livepatch. The main difference is CONFIG_LIVEPATCH_STOP_MACHINE_CONSISTENCY
+    will disable the usage of ftrace handler in livepatch, they believe it will be faster.
+
+    Check whether your current kernel compiled with *CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY*
+    ```bash
+    grep "CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY" /boot/config-$(uname -r)
+    ```
+
+    If you see any output, it means your kernel satisfies, you can go directly to check step 2.
+
+    If not, then you need to recompile your current kernel with CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY set.
+
+    You can reference the following steps to recompile the kernel if needed
+    1. download source code of the current kernel
+        ```bash
+        # set working directories
+        TEMPDIR=~/.tmp
+        mkdir -p $TEMPDIR
+        mkdir -p $TEMPDIR/buildroot
+
+        # download kernel source rpm package
+        yumdownloader --source --destdir "$TEMPDIR" kernel-$(uname -r)
+
+        # obtain source code from package
+        rpm -D "_topdir $TEMPDIR/buildroot" -ivh $TEMPDIR/kernel-*.src.rpm
+        rpmbuild -D "_topdir $TEMPDIR/buildroot" -bp --nodeps --target=$(uname -m) $TEMPDIR/buildroot/SPECS/kernel.spec
+
+        # check source code and copy config file
+        cd $TEMPDIR/buildroot/BUILD/kernel-*/linux-*[sS]ource
+        cp /boot/config-$(uname -r) .config
+        ```
+
+    2. set CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY
+        ```bash
+        make menuconfig
+        ```
+        select order
+
+            -> Processor type and features
+                -> Enable Livepatch
+                    -> Kernel Live Patching
+                        -> live patching method
+
+        choose
+        > based on ftrace
+
+        After this step, you shoud see CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY in .config file
+
+    3. recompile kernel and install it to your running environment.
+
+        Just to remind, after installing the recompiled kernel, the config file should also be updated.
+
+
+2. Ensure */update/source* is in the rpm repo lists
+
+    openEuler releases its source rpm package of the kernel in two places.
+
+    One is /source and it is included in rpm repo lists by default.
+
+    One is /update/source and it may not be included it in some release versions.
+
+    ```bash
+    grep "/update/source" /etc/yum.repos.d/openEuler.repo
+    ```
+
+    If you can't see any output, add it to the end of /etc/yum.repos.d/openEuler.repo
+
+    For example, if you use openEuler 21.09, you will add something like:
+    ```
+    [update-source]
+    name=update-source
+    baseurl=https://repo.openeuler.org/openEuler-21.09/update/source/
+    enabled=1
+    gpgcheck=0
+    ```
+
+    *baseurl* is releated with your release version, be careful please!
+
+    Goto [openEuler repo](https://repo.openeuler.org/), find your own suitable baseurl.
+
 Build
 -----
 

diff --git a/kpatch-build/kpatch-build b/kpatch-build/kpatch-build
@@ -735,9 +735,13 @@ elif [[ -e "$KERNEL_SRCDIR"/.config ]] && [[ -e "$VERSIONFILE" ]] && [[ "$(cat "
 	echo "Using cache at $KERNEL_SRCDIR"
 
 else
-	if [[ "$DISTRO" = fedora ]] || [[ "$DISTRO" = rhel ]] || [[ "$DISTRO" = ol ]] || [[ "$DISTRO" = centos ]]; then
+	if [[ "$DISTRO" = fedora ]] || [[ "$DISTRO" = rhel ]] || [[ "$DISTRO" = ol ]] || [[ "$DISTRO" = centos ]] || [[ "$DISTRO" = openEuler ]]; then
 
-		echo "Fedora/Red Hat distribution detected"
+		[[ "$DISTRO" = fedora ]] && echo "Fedora distribution detected"
+		[[ "$DISTRO" = rhel ]] && echo "RHEL distribution detected"
+		[[ "$DISTRO" = ol ]] && echo "Oracle Linux distribution detected"
+		[[ "$DISTRO" = centos ]] && echo "CentOS distribution detected"
+		[[ "$DISTRO" = openEuler ]] && echo "OpenEuler distribution detected"
 
 		clean_cache
 
@@ -758,7 +762,13 @@ else
 		rpmbuild -D "_topdir $RPMTOPDIR" -bp --nodeps "--target=$(uname -m)" "$RPMTOPDIR"/SPECS/kernel$ALT.spec 2>&1 | logger ||
 			die "rpmbuild -bp failed.  you may need to run 'yum-builddep kernel' first."
 
-		mv "$RPMTOPDIR"/BUILD/kernel-*/linux-* "$KERNEL_SRCDIR" 2>&1 | logger || die
+		if [[ "$DISTRO" = openEuler ]]; then
+			# openEuler has two directories with the same content after 'rpm -D'
+			# openEuler 21.09 has linux-* and linux-*-source while openEuler 20.03 has linux-* and linux-*-Source
+			mv "$RPMTOPDIR"/BUILD/kernel-*/linux-*[sS]ource "$KERNEL_SRCDIR" 2>&1 | logger || die
+		else
+			mv "$RPMTOPDIR"/BUILD/kernel-*/linux-* "$KERNEL_SRCDIR" 2>&1 | logger || die
+		fi
 		rm -rf "$RPMTOPDIR"
 		rm -rf "$KERNEL_SRCDIR/.git"
 
@@ -768,7 +778,11 @@ else
 
 		echo "$ARCHVERSION" > "$VERSIONFILE" || die
 
-		[[ -z "$CONFIGFILE" ]] && CONFIGFILE="$KERNEL_SRCDIR/configs/kernel$ALT-$KVER-$ARCH.config"
+		if [[ "$DISTRO" = openEuler ]]; then
+			[[ -z "$CONFIGFILE" ]] && CONFIGFILE="/boot/config-${ARCHVERSION}"
+		else
+			[[ -z "$CONFIGFILE" ]] && CONFIGFILE="$KERNEL_SRCDIR/configs/kernel$ALT-$KVER-$ARCH.config"
+		fi
 
 		(cd "$KERNEL_SRCDIR" && make mrproper 2>&1 | logger) || die
 
@@ -826,6 +840,9 @@ fi
 # shellcheck disable=SC1090
 source "$CONFIGFILE"
 
+[[ "$DISTRO" = openEuler ]] && [[ -z "$CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY" ]] && \
+	die "openEuler kernel doesn't have 'CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY' enabled"
+
 [[ -z "$CONFIG_DEBUG_INFO" ]] && die "kernel doesn't have 'CONFIG_DEBUG_INFO' enabled"
 
 # Build variables - Set some defaults, then adjust features

diff --git a/test/integration/lib.sh b/test/integration/lib.sh
@@ -116,6 +116,19 @@ kpatch_centos_dependencies()
 	sudo yum remove -y epel-release
 }
 
+kpatch_openEuler_dependencies()
+{
+	local kernel_version
+	local arch
+	kernel_version=$(uname -r)
+	arch=$(uname -m)
+
+	sudo yum install -y make gcc patch bison flex openssl-devel dwarves \
+		rpm-build dnf-plugins-core python3-devel openssl-devel ncurses-devel elfutils-libelf-devel
+	sudo yum install -y "kernel-source-${kernel_version%.*}" \
+		"kernel-debuginfo-${kernel_version%.*}" "kernel-devel-${kernel_version%.*}"
+}
+
 kpatch_dependencies()
 {
 	# shellcheck disable=SC1091