livepatch-shadow-mod.c 5.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /*
  3. * Copyright (C) 2017 Joe Lawrence <joe.lawrence@redhat.com>
  4. */
  5. /*
  6. * livepatch-shadow-mod.c - Shadow variables, buggy module demo
  7. *
  8. * Purpose
  9. * -------
  10. *
  11. * As a demonstration of livepatch shadow variable API, this module
  12. * introduces memory leak behavior that livepatch modules
  13. * livepatch-shadow-fix1.ko and livepatch-shadow-fix2.ko correct and
  14. * enhance.
  15. *
  16. * WARNING - even though the livepatch-shadow-fix modules patch the
  17. * memory leak, please load these modules at your own risk -- some
  18. * amount of memory may leaked before the bug is patched.
  19. *
  20. *
  21. * Usage
  22. * -----
  23. *
  24. * Step 1 - Load the buggy demonstration module:
  25. *
  26. * insmod samples/livepatch/livepatch-shadow-mod.ko
  27. *
  28. * Watch dmesg output for a few moments to see new dummy being allocated
  29. * and a periodic cleanup check. (Note: a small amount of memory is
  30. * being leaked.)
  31. *
  32. *
  33. * Step 2 - Load livepatch fix1:
  34. *
  35. * insmod samples/livepatch/livepatch-shadow-fix1.ko
  36. *
  37. * Continue watching dmesg and note that now livepatch_fix1_dummy_free()
  38. * and livepatch_fix1_dummy_alloc() are logging messages about leaked
  39. * memory and eventually leaks prevented.
  40. *
  41. *
  42. * Step 3 - Load livepatch fix2 (on top of fix1):
  43. *
  44. * insmod samples/livepatch/livepatch-shadow-fix2.ko
  45. *
  46. * This module extends functionality through shadow variables, as a new
  47. * "check" counter is added to the dummy structure. Periodic dmesg
  48. * messages will log these as dummies are cleaned up.
  49. *
  50. *
  51. * Step 4 - Cleanup
  52. *
  53. * Unwind the demonstration by disabling the livepatch fix modules, then
  54. * removing them and the demo module:
  55. *
  56. * echo 0 > /sys/kernel/livepatch/livepatch_shadow_fix2/enabled
  57. * echo 0 > /sys/kernel/livepatch/livepatch_shadow_fix1/enabled
  58. * rmmod livepatch-shadow-fix2
  59. * rmmod livepatch-shadow-fix1
  60. * rmmod livepatch-shadow-mod
  61. */
  62. #include <linux/kernel.h>
  63. #include <linux/module.h>
  64. #include <linux/sched.h>
  65. #include <linux/slab.h>
  66. #include <linux/stat.h>
  67. #include <linux/workqueue.h>
  68. MODULE_LICENSE("GPL");
  69. MODULE_AUTHOR("Joe Lawrence <joe.lawrence@redhat.com>");
  70. MODULE_DESCRIPTION("Buggy module for shadow variable demo");
  71. /* Allocate new dummies every second */
  72. #define ALLOC_PERIOD 1
  73. /* Check for expired dummies after a few new ones have been allocated */
  74. #define CLEANUP_PERIOD (3 * ALLOC_PERIOD)
  75. /* Dummies expire after a few cleanup instances */
  76. #define EXPIRE_PERIOD (4 * CLEANUP_PERIOD)
  77. /*
  78. * Keep a list of all the dummies so we can clean up any residual ones
  79. * on module exit
  80. */
  81. static LIST_HEAD(dummy_list);
  82. static DEFINE_MUTEX(dummy_list_mutex);
  83. struct dummy {
  84. struct list_head list;
  85. unsigned long jiffies_expire;
  86. };
  87. static __used noinline struct dummy *dummy_alloc(void)
  88. {
  89. struct dummy *d;
  90. int *leak;
  91. d = kzalloc(sizeof(*d), GFP_KERNEL);
  92. if (!d)
  93. return NULL;
  94. d->jiffies_expire = jiffies + secs_to_jiffies(EXPIRE_PERIOD);
  95. /* Oops, forgot to save leak! */
  96. leak = kzalloc(sizeof(*leak), GFP_KERNEL);
  97. if (!leak) {
  98. kfree(d);
  99. return NULL;
  100. }
  101. pr_info("%s: dummy @ %p, expires @ %lx\n",
  102. __func__, d, d->jiffies_expire);
  103. return d;
  104. }
  105. static __used noinline void dummy_free(struct dummy *d)
  106. {
  107. pr_info("%s: dummy @ %p, expired = %lx\n",
  108. __func__, d, d->jiffies_expire);
  109. kfree(d);
  110. }
  111. static __used noinline bool dummy_check(struct dummy *d,
  112. unsigned long jiffies)
  113. {
  114. return time_after(jiffies, d->jiffies_expire);
  115. }
  116. /*
  117. * alloc_work_func: allocates new dummy structures, allocates additional
  118. * memory, aptly named "leak", but doesn't keep
  119. * permanent record of it.
  120. */
  121. static void alloc_work_func(struct work_struct *work);
  122. static DECLARE_DELAYED_WORK(alloc_dwork, alloc_work_func);
  123. static void alloc_work_func(struct work_struct *work)
  124. {
  125. struct dummy *d;
  126. d = dummy_alloc();
  127. if (!d)
  128. return;
  129. mutex_lock(&dummy_list_mutex);
  130. list_add(&d->list, &dummy_list);
  131. mutex_unlock(&dummy_list_mutex);
  132. schedule_delayed_work(&alloc_dwork, secs_to_jiffies(ALLOC_PERIOD));
  133. }
  134. /*
  135. * cleanup_work_func: frees dummy structures. Without knownledge of
  136. * "leak", it leaks the additional memory that
  137. * alloc_work_func created.
  138. */
  139. static void cleanup_work_func(struct work_struct *work);
  140. static DECLARE_DELAYED_WORK(cleanup_dwork, cleanup_work_func);
  141. static void cleanup_work_func(struct work_struct *work)
  142. {
  143. struct dummy *d, *tmp;
  144. unsigned long j;
  145. j = jiffies;
  146. pr_info("%s: jiffies = %lx\n", __func__, j);
  147. mutex_lock(&dummy_list_mutex);
  148. list_for_each_entry_safe(d, tmp, &dummy_list, list) {
  149. /* Kick out and free any expired dummies */
  150. if (dummy_check(d, j)) {
  151. list_del(&d->list);
  152. dummy_free(d);
  153. }
  154. }
  155. mutex_unlock(&dummy_list_mutex);
  156. schedule_delayed_work(&cleanup_dwork, secs_to_jiffies(CLEANUP_PERIOD));
  157. }
  158. static int livepatch_shadow_mod_init(void)
  159. {
  160. schedule_delayed_work(&alloc_dwork, secs_to_jiffies(ALLOC_PERIOD));
  161. schedule_delayed_work(&cleanup_dwork, secs_to_jiffies(CLEANUP_PERIOD));
  162. return 0;
  163. }
  164. static void livepatch_shadow_mod_exit(void)
  165. {
  166. struct dummy *d, *tmp;
  167. /* Wait for any dummies at work */
  168. cancel_delayed_work_sync(&alloc_dwork);
  169. cancel_delayed_work_sync(&cleanup_dwork);
  170. /* Cleanup residual dummies */
  171. list_for_each_entry_safe(d, tmp, &dummy_list, list) {
  172. list_del(&d->list);
  173. dummy_free(d);
  174. }
  175. }
  176. module_init(livepatch_shadow_mod_init);
  177. module_exit(livepatch_shadow_mod_exit);