Commit | Line | Data |
---|---|---|
1ccea77e | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
439e7271 JL |
2 | /* |
3 | * Copyright (C) 2017 Joe Lawrence <joe.lawrence@redhat.com> | |
439e7271 JL |
4 | */ |
5 | ||
6 | /* | |
7 | * livepatch-shadow-fix1.c - Shadow variables, livepatch demo | |
8 | * | |
9 | * Purpose | |
10 | * ------- | |
11 | * | |
12 | * Fixes the memory leak introduced in livepatch-shadow-mod through the | |
13 | * use of a shadow variable. This fix demonstrates the "extending" of | |
14 | * short-lived data structures by patching its allocation and release | |
15 | * functions. | |
16 | * | |
17 | * | |
18 | * Usage | |
19 | * ----- | |
20 | * | |
21 | * This module is not intended to be standalone. See the "Usage" | |
22 | * section of livepatch-shadow-mod.c. | |
23 | */ | |
24 | ||
25 | #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt | |
26 | ||
27 | #include <linux/module.h> | |
28 | #include <linux/kernel.h> | |
29 | #include <linux/livepatch.h> | |
30 | #include <linux/slab.h> | |
31 | ||
32 | /* Shadow variable enums */ | |
33 | #define SV_LEAK 1 | |
34 | ||
35 | /* Allocate new dummies every second */ | |
36 | #define ALLOC_PERIOD 1 | |
37 | /* Check for expired dummies after a few new ones have been allocated */ | |
38 | #define CLEANUP_PERIOD (3 * ALLOC_PERIOD) | |
39 | /* Dummies expire after a few cleanup instances */ | |
40 | #define EXPIRE_PERIOD (4 * CLEANUP_PERIOD) | |
41 | ||
42 | struct dummy { | |
43 | struct list_head list; | |
44 | unsigned long jiffies_expire; | |
45 | }; | |
46 | ||
e91c2518 PM |
47 | /* |
48 | * The constructor makes more sense together with klp_shadow_get_or_alloc(). | |
49 | * In this example, it would be safe to assign the pointer also to the shadow | |
50 | * variable returned by klp_shadow_alloc(). But we wanted to show the more | |
51 | * complicated use of the API. | |
52 | */ | |
53 | static int shadow_leak_ctor(void *obj, void *shadow_data, void *ctor_data) | |
54 | { | |
8f6b8866 | 55 | int **shadow_leak = shadow_data; |
be6da984 | 56 | int **leak = ctor_data; |
e91c2518 | 57 | |
be6da984 PM |
58 | if (!ctor_data) |
59 | return -EINVAL; | |
60 | ||
61 | *shadow_leak = *leak; | |
e91c2518 PM |
62 | return 0; |
63 | } | |
64 | ||
b73d5dc7 | 65 | static struct dummy *livepatch_fix1_dummy_alloc(void) |
439e7271 JL |
66 | { |
67 | struct dummy *d; | |
8f6b8866 | 68 | int *leak; |
f46e49a9 | 69 | int **shadow_leak; |
439e7271 JL |
70 | |
71 | d = kzalloc(sizeof(*d), GFP_KERNEL); | |
72 | if (!d) | |
73 | return NULL; | |
74 | ||
75 | d->jiffies_expire = jiffies + | |
76 | msecs_to_jiffies(1000 * EXPIRE_PERIOD); | |
77 | ||
78 | /* | |
79 | * Patch: save the extra memory location into a SV_LEAK shadow | |
80 | * variable. A patched dummy_free routine can later fetch this | |
81 | * pointer to handle resource release. | |
82 | */ | |
8f6b8866 | 83 | leak = kzalloc(sizeof(*leak), GFP_KERNEL); |
f46e49a9 PM |
84 | if (!leak) |
85 | goto err_leak; | |
86 | ||
87 | shadow_leak = klp_shadow_alloc(d, SV_LEAK, sizeof(leak), GFP_KERNEL, | |
88 | shadow_leak_ctor, &leak); | |
89 | if (!shadow_leak) { | |
90 | pr_err("%s: failed to allocate shadow variable for the leaking pointer: dummy @ %p, leak @ %p\n", | |
91 | __func__, d, leak); | |
92 | goto err_shadow; | |
5f30b2e8 NMG |
93 | } |
94 | ||
439e7271 JL |
95 | pr_info("%s: dummy @ %p, expires @ %lx\n", |
96 | __func__, d, d->jiffies_expire); | |
97 | ||
98 | return d; | |
f46e49a9 PM |
99 | |
100 | err_shadow: | |
101 | kfree(leak); | |
102 | err_leak: | |
103 | kfree(d); | |
104 | return NULL; | |
439e7271 JL |
105 | } |
106 | ||
3b2c77d0 PM |
107 | static void livepatch_fix1_dummy_leak_dtor(void *obj, void *shadow_data) |
108 | { | |
109 | void *d = obj; | |
8f6b8866 | 110 | int **shadow_leak = shadow_data; |
3b2c77d0 PM |
111 | |
112 | kfree(*shadow_leak); | |
113 | pr_info("%s: dummy @ %p, prevented leak @ %p\n", | |
114 | __func__, d, *shadow_leak); | |
115 | } | |
116 | ||
b73d5dc7 | 117 | static void livepatch_fix1_dummy_free(struct dummy *d) |
439e7271 | 118 | { |
8f6b8866 | 119 | int **shadow_leak; |
439e7271 JL |
120 | |
121 | /* | |
122 | * Patch: fetch the saved SV_LEAK shadow variable, detach and | |
123 | * free it. Note: handle cases where this shadow variable does | |
124 | * not exist (ie, dummy structures allocated before this livepatch | |
125 | * was loaded.) | |
126 | */ | |
127 | shadow_leak = klp_shadow_get(d, SV_LEAK); | |
3b2c77d0 PM |
128 | if (shadow_leak) |
129 | klp_shadow_free(d, SV_LEAK, livepatch_fix1_dummy_leak_dtor); | |
130 | else | |
439e7271 | 131 | pr_info("%s: dummy @ %p leaked!\n", __func__, d); |
439e7271 JL |
132 | |
133 | kfree(d); | |
134 | } | |
135 | ||
136 | static struct klp_func funcs[] = { | |
137 | { | |
138 | .old_name = "dummy_alloc", | |
139 | .new_func = livepatch_fix1_dummy_alloc, | |
140 | }, | |
141 | { | |
142 | .old_name = "dummy_free", | |
143 | .new_func = livepatch_fix1_dummy_free, | |
144 | }, { } | |
145 | }; | |
146 | ||
147 | static struct klp_object objs[] = { | |
148 | { | |
149 | .name = "livepatch_shadow_mod", | |
150 | .funcs = funcs, | |
151 | }, { } | |
152 | }; | |
153 | ||
154 | static struct klp_patch patch = { | |
155 | .mod = THIS_MODULE, | |
156 | .objs = objs, | |
157 | }; | |
158 | ||
159 | static int livepatch_shadow_fix1_init(void) | |
160 | { | |
958ef1e3 | 161 | return klp_enable_patch(&patch); |
439e7271 JL |
162 | } |
163 | ||
164 | static void livepatch_shadow_fix1_exit(void) | |
165 | { | |
166 | /* Cleanup any existing SV_LEAK shadow variables */ | |
3b2c77d0 | 167 | klp_shadow_free_all(SV_LEAK, livepatch_fix1_dummy_leak_dtor); |
439e7271 JL |
168 | } |
169 | ||
170 | module_init(livepatch_shadow_fix1_init); | |
171 | module_exit(livepatch_shadow_fix1_exit); | |
172 | MODULE_LICENSE("GPL"); | |
173 | MODULE_INFO(livepatch, "Y"); |