From: David Vernet <void@manifault.com>
To: live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
jpoimboe@redhat.com, pmladek@suse.com, jikos@kernel.org,
mbenes@suse.cz, joe.lawrence@redhat.com, corbet@lwn.net
Cc: void@manifault.com, kernel-team@fb.com
Subject: [PATCH v3] livepatch: Skip livepatch tests if ftrace cannot be configured
Date: Wed, 16 Feb 2022 08:11:01 -0800 [thread overview]
Message-ID: <20220216161100.3243100-1-void@manifault.com> (raw)
livepatch has a set of selftests that are used to validate the behavior of
the livepatching subsystem. One of the testcases in the livepatch
testsuite is test-ftrace.sh, which among other things, validates that
livepatching gracefully fails when ftrace is disabled. In the event that
ftrace cannot be disabled using 'sysctl kernel.ftrace_enabled=0', the test
will fail later due to it unexpectedly successfully loading the
test_klp_livepatch module.
While the livepatch selftests are careful to remove any of the livepatch
test modules between testcases to avoid this situation, ftrace may still
fail to be disabled if another trace is active on the system that was
enabled with FTRACE_OPS_FL_PERMANENT. For example, any active BPF programs
that use trampolines will cause this test to fail due to the trampoline
being implemented with register_ftrace_direct(). The following is an
example of such a trace:
tcp_drop (1) R I D tramp: ftrace_regs_caller+0x0/0x58
(call_direct_funcs+0x0/0x30)
direct-->bpf_trampoline_6442550536_0+0x0/0x1000
In order to make the test more resilient to system state that is out of its
control, this patch updates set_ftrace_enabled() to detect sysctl failures,
and skip the testrun when appropriate.
Suggested-by: Petr Mladek <pmladek@suse.com>
Signed-off-by: David Vernet <void@manifault.com>
---
v3:
- Fixed a bug in v1 and v2 pointed out by Petr in
https://lore.kernel.org/all/20220209154934.5w5k5tqcqldbfjt3@dev0025.ash9.facebook.com/
wherein we'd incorrectly skip() in test-ftrace.sh when we expected to
fail to set sysctl due to ftrace being in-use by livepatch.
- Applied Petr's suggestions for the patch, which address the
aforementioned issue by adding a --fail flag to set_ftrace_enabled().
This allows callers to signal that they expect an invocation to fail.
- Updates the caller in test-ftrace.sh that expects the call to
set_ftrace_enabled() to fail, to pass this --fail flag.
- Slightly updates the commit summary to reflect that we only skip the
test "when appropriate" rather than if the call to sysctl fails.
v2:
- Fix typo in newly added comment (s/permament/permanent).
- Adjust the location of the added newline to be before the new comment
rather than that the end of the function.
- Make the failure-path check a bit less brittle by checking for the
exact expected string, rather than specifically for "Device or resource
busy".
.../testing/selftests/livepatch/functions.sh | 22 ++++++++++++++++---
.../selftests/livepatch/test-ftrace.sh | 3 ++-
2 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/tools/testing/selftests/livepatch/functions.sh b/tools/testing/selftests/livepatch/functions.sh
index 846c7ed71556..9230b869371d 100644
--- a/tools/testing/selftests/livepatch/functions.sh
+++ b/tools/testing/selftests/livepatch/functions.sh
@@ -75,9 +75,25 @@ function set_dynamic_debug() {
}
function set_ftrace_enabled() {
- result=$(sysctl -q kernel.ftrace_enabled="$1" 2>&1 && \
- sysctl kernel.ftrace_enabled 2>&1)
- echo "livepatch: $result" > /dev/kmsg
+ local can_fail=0
+ if [[ "$1" == "--fail" ]] ; then
+ can_fail=1
+ shift
+ fi
+
+ local err=$(sysctl -q kernel.ftrace_enabled="$1" 2>&1)
+ local result=$(sysctl --values kernel.ftrace_enabled)
+
+ if [[ "$result" != "$1" ]] ; then
+ if [[ $can_fail -eq 1 ]] ; then
+ echo "livepatch: $err" > /dev/kmsg
+ return
+ fi
+
+ skip "failed to set kernel.ftrace_enabled = $1"
+ fi
+
+ echo "livepatch: kernel.ftrace_enabled = $result" > /dev/kmsg
}
function cleanup() {
diff --git a/tools/testing/selftests/livepatch/test-ftrace.sh b/tools/testing/selftests/livepatch/test-ftrace.sh
index 552e165512f4..825540a5194d 100755
--- a/tools/testing/selftests/livepatch/test-ftrace.sh
+++ b/tools/testing/selftests/livepatch/test-ftrace.sh
@@ -25,7 +25,8 @@ if [[ "$(cat /proc/cmdline)" != "$MOD_LIVEPATCH: this has been live patched" ]]
die "livepatch kselftest(s) failed"
fi
-set_ftrace_enabled 0
+# Check that ftrace could not get disabled when a livepatch is enabled
+set_ftrace_enabled --fail 0
if [[ "$(cat /proc/cmdline)" != "$MOD_LIVEPATCH: this has been live patched" ]] ; then
echo -e "FAIL\n\n"
die "livepatch kselftest(s) failed"
--
2.30.2
next reply other threads:[~2022-02-16 16:13 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-16 16:11 David Vernet [this message]
2022-02-18 8:54 ` [PATCH v3] livepatch: Skip livepatch tests if ftrace cannot be configured Miroslav Benes
2022-02-21 14:13 ` Petr Mladek
2022-02-22 15:34 ` Joe Lawrence
2022-02-24 9:08 ` Petr Mladek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220216161100.3243100-1-void@manifault.com \
--to=void@manifault.com \
--cc=corbet@lwn.net \
--cc=jikos@kernel.org \
--cc=joe.lawrence@redhat.com \
--cc=jpoimboe@redhat.com \
--cc=kernel-team@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=mbenes@suse.cz \
--cc=pmladek@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).