diff --git a/doc/INSTALL.md b/doc/INSTALL.md index 73f7437d1..4c6dbd559 100644 --- a/doc/INSTALL.md +++ b/doc/INSTALL.md @@ -12,6 +12,7 @@ Table of contents - [Debian 8 (Jessie)](#debian-8-jessie) - [Debian 7 (Lenny)](#debian-7-lenny) - [Gentoo](#gentoo) + - [OpenEuler](#openeuler) - [Build](#build) - [Install](#install) @@ -187,6 +188,115 @@ Configure ccache: ccache --max-size=5G ``` +### OpenEuler + +*ATTENTION: openEuler maintains its own version of kpatch which work with its +own kernel. You can check this [link](https://gitee.com/src-openeuler/kpatch) +to see its documents. This document describes how to run mainline kpatch in openEuler.* + +*NOTE: You'll need about 15GB of free disk space for the kpatch-build cache in +`~/.kpatch` and for ccache.* + +Install the dependencies for compiling kpatch and running kpatch-build: + +```bash +source test/integration/lib.sh +# Will request root privileges +kpatch_dependencies +``` + +Before running kpatch-build, two more things need to be checked: +------- +1. Ensure current kernel compiled with *CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY* set + + openEuler has two strategies to apply kernel live patches and it is decided at compile time. + + When CONFIG_LIVEPATCH_STOP_MACHINE_CONSISTENCY set, openEuler uses its own strategy. + + When CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY set, openEuler uses the conventional strategy. + + Only one config option can take effect at the same time. + A [chinese blog](https://www.modb.pro/db/232858) written by the openEuler official describes + their modifications for kernel livepatch. The main difference is CONFIG_LIVEPATCH_STOP_MACHINE_CONSISTENCY + will disable the usage of ftrace handler in livepatch, they believe it will be faster. + + Check whether your current kernel compiled with *CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY* + ```bash + grep "CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY" /boot/config-$(uname -r) + ``` + + If you see any output, it means your kernel satisfies, you can go directly to check step 2. + + If not, then you need to recompile your current kernel with CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY set. + + You can reference the following steps to recompile the kernel if needed + 1. download source code of the current kernel + ```bash + # set working directories + TEMPDIR=~/.tmp + mkdir -p $TEMPDIR + mkdir -p $TEMPDIR/buildroot + + # download kernel source rpm package + yumdownloader --source --destdir "$TEMPDIR" kernel-$(uname -r) + + # obtain source code from package + rpm -D "_topdir $TEMPDIR/buildroot" -ivh $TEMPDIR/kernel-*.src.rpm + rpmbuild -D "_topdir $TEMPDIR/buildroot" -bp --nodeps --target=$(uname -m) $TEMPDIR/buildroot/SPECS/kernel.spec + + # check source code and copy config file + cd $TEMPDIR/buildroot/BUILD/kernel-*/linux-*[sS]ource + cp /boot/config-$(uname -r) .config + ``` + + 2. set CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY + ```bash + make menuconfig + ``` + select order + + -> Processor type and features + -> Enable Livepatch + -> Kernel Live Patching + -> live patching method + + choose + > based on ftrace + + After this step, you shoud see CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY in .config file + + 3. recompile kernel and install it to your running environment. + + Just to remind, after installing the recompiled kernel, the config file should also be updated. + + +2. Ensure */update/source* is in the rpm repo lists + + openEuler releases its source rpm package of the kernel in two places. + + One is /source and it is included in rpm repo lists by default. + + One is /update/source and it may not be included it in some release versions. + + ```bash + grep "/update/source" /etc/yum.repos.d/openEuler.repo + ``` + + If you can't see any output, add it to the end of /etc/yum.repos.d/openEuler.repo + + For example, if you use openEuler 21.09, you will add something like: + ``` + [update-source] + name=update-source + baseurl=https://repo.openeuler.org/openEuler-21.09/update/source/ + enabled=1 + gpgcheck=0 + ``` + + *baseurl* is releated with your release version, be careful please! + + Goto [openEuler repo](https://repo.openeuler.org/), find your own suitable baseurl. + Build ----- diff --git a/kpatch-build/kpatch-build b/kpatch-build/kpatch-build index 634095d59..5cd292f49 100755 --- a/kpatch-build/kpatch-build +++ b/kpatch-build/kpatch-build @@ -750,9 +750,13 @@ elif [[ -e "$KERNEL_SRCDIR"/.config ]] && [[ -e "$VERSIONFILE" ]] && [[ "$(cat " echo "Using cache at $KERNEL_SRCDIR" else - if [[ "$DISTRO" = fedora ]] || [[ "$DISTRO" = rhel ]] || [[ "$DISTRO" = ol ]] || [[ "$DISTRO" = centos ]]; then + if [[ "$DISTRO" = fedora ]] || [[ "$DISTRO" = rhel ]] || [[ "$DISTRO" = ol ]] || [[ "$DISTRO" = centos ]] || [[ "$DISTRO" = openEuler ]]; then - echo "Fedora/Red Hat distribution detected" + [[ "$DISTRO" = fedora ]] && echo "Fedora distribution detected" + [[ "$DISTRO" = rhel ]] && echo "RHEL distribution detected" + [[ "$DISTRO" = ol ]] && echo "Oracle Linux distribution detected" + [[ "$DISTRO" = centos ]] && echo "CentOS distribution detected" + [[ "$DISTRO" = openEuler ]] && echo "OpenEuler distribution detected" clean_cache @@ -773,7 +777,13 @@ else rpmbuild -D "_topdir $RPMTOPDIR" -bp --nodeps "--target=$(uname -m)" "$RPMTOPDIR"/SPECS/kernel$ALT.spec 2>&1 | logger || die "rpmbuild -bp failed. you may need to run 'yum-builddep kernel' first." - mv "$RPMTOPDIR"/BUILD/kernel-*/linux-* "$KERNEL_SRCDIR" 2>&1 | logger || die + if [[ "$DISTRO" = openEuler ]]; then + # openEuler has two directories with the same content after 'rpm -D' + # openEuler 21.09 has linux-* and linux-*-source while openEuler 20.03 has linux-* and linux-*-Source + mv "$RPMTOPDIR"/BUILD/kernel-*/linux-*[sS]ource "$KERNEL_SRCDIR" 2>&1 | logger || die + else + mv "$RPMTOPDIR"/BUILD/kernel-*/linux-* "$KERNEL_SRCDIR" 2>&1 | logger || die + fi rm -rf "$RPMTOPDIR" rm -rf "$KERNEL_SRCDIR/.git" @@ -783,7 +793,11 @@ else echo "$ARCHVERSION" > "$VERSIONFILE" || die - [[ -z "$CONFIGFILE" ]] && CONFIGFILE="$KERNEL_SRCDIR/configs/kernel$ALT-$KVER-$ARCH.config" + if [[ "$DISTRO" = openEuler ]]; then + [[ -z "$CONFIGFILE" ]] && CONFIGFILE="/boot/config-${ARCHVERSION}" + else + [[ -z "$CONFIGFILE" ]] && CONFIGFILE="$KERNEL_SRCDIR/configs/kernel$ALT-$KVER-$ARCH.config" + fi (cd "$KERNEL_SRCDIR" && make mrproper 2>&1 | logger) || die @@ -841,6 +855,9 @@ fi # shellcheck disable=SC1090 source "$CONFIGFILE" +[[ "$DISTRO" = openEuler ]] && [[ -z "$CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY" ]] && \ + die "openEuler kernel doesn't have 'CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY' enabled" + [[ -z "$CONFIG_DEBUG_INFO" ]] && die "kernel doesn't have 'CONFIG_DEBUG_INFO' enabled" # Build variables - Set some defaults, then adjust features diff --git a/test/integration/lib.sh b/test/integration/lib.sh index aff7c6e99..f18114936 100644 --- a/test/integration/lib.sh +++ b/test/integration/lib.sh @@ -116,6 +116,19 @@ kpatch_centos_dependencies() sudo yum remove -y epel-release } +kpatch_openEuler_dependencies() +{ + local kernel_version + local arch + kernel_version=$(uname -r) + arch=$(uname -m) + + sudo yum install -y make gcc patch bison flex openssl-devel dwarves \ + rpm-build dnf-plugins-core python3-devel openssl-devel ncurses-devel elfutils-libelf-devel + sudo yum install -y "kernel-source-${kernel_version%.*}" \ + "kernel-debuginfo-${kernel_version%.*}" "kernel-devel-${kernel_version%.*}" +} + kpatch_dependencies() { # shellcheck disable=SC1091