Advertisement
Advertisement

More Related Content

Advertisement

Introduction to spartakus and how it can help fight linux kernel ABI breakages

  1. - And how it can help fight linux kernel ABI breakages Samikshan Bairagya By, {#,@}samikshan Introducing 'spartakus' Content available under Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0)
  2. Topics to cover ● What is kernel ABI ● Why does kABI matter ● How to track kABI breakages ● Static code analysis using genksyms ● Issues with genksyms ● Semantic code analysis using sparse (spartakus)
  3. What is ABI? ● ABI == Application Binary Interface ● Like API, but at binary level ● Interface for application to use external library, OS at binary level. ● If ABI does not change, applications compiled against that ABI do not need recompilation
  4. Linux kernel ABI? Binary interface exported by linux kernel and accompanying kernel modules
  5. EXPORT_SYMBOL ~/r/k/linux-3.14> grep -Rn "EXPORT_SYMBOL" . ./kernel/async.c:303:EXPORT_SYMBOL_GPL(async_synchronize_cookie_domain); ./kernel/async.c:316:EXPORT_SYMBOL_GPL(async_synchronize_cookie); ./kernel/gcov/base.c:52:EXPORT_SYMBOL(__gcov_init); ./kernel/gcov/base.c:62:EXPORT_SYMBOL(__gcov_flush); ./kernel/gcov/base.c:68:EXPORT_SYMBOL(__gcov_merge_add); ./kernel/gcov/base.c:74:EXPORT_SYMBOL(__gcov_merge_single); ./kernel/gcov/base.c:80:EXPORT_SYMBOL(__gcov_merge_delta); ./kernel/gcov/base.c:86:EXPORT_SYMBOL(__gcov_merge_ior); ./kernel/tracepoint.c:395:EXPORT_SYMBOL_GPL(tracepoint_probe_register); ./kernel/tracepoint.c:439:EXPORT_SYMBOL_GPL(tracepoint_probe_unregister);
  6. Why strive for kABI stability ● kABI instability does not provide a welcoming third party environment to the hardware manufacturers ● Stable kABI means – Third party modules don't break and recompilation against the changed ABI won't be needed – Specially important for enterprise Linux vendors
  7. How to track kernel ABI ● ABI checksum information (modversions) for exported kernel symbols – Information stored in Module.symvers file – Generated during kernel build process using genksyms
  8. Module.symvers $ cat /usr/src/kernels/4.0.4-303.fc22.x86_64/Module.symvers 0x00000000 iscsi_host_add drivers/scsi/libiscsi EXPORT_SYMBOL_GPL 0x00000000 mpt_deregister drivers/message/fusion/mptbase EXPORT_SYMBOL 0x00000000 tm6000_set_reg_mask drivers/media/usb/tm6000/tm6000 EXPORT_SYMBOL_GPL 0x00000000 kvm_get_cs_db_l_bits arch/x86/kvm/kvm EXPORT_SYMBOL_GPL 0x00000000 ipv6_chk_custom_prefix vmlinux EXPORT_SYMBOL 0x00000000 sata_pmp_error_handler vmlinux EXPORT_SYMBOL_GPL 0x00000000 __cleancache_invalidate_page vmlinux EXPORT_SYMBOL 0x00000000 pcmcia_reset_card vmlinux EXPORT_SYMBOL 0x00000000 unregister_vt_notifier vmlinux EXPORT_SYMBOL_GPL 0x00000000 kmem_cache_alloc vmlinux EXPORT_SYMBOL 0x00000000 replace_page_cache_page vmlinux EXPORT_SYMBOL_GPL 0x00000000 __cond_resched_softirq vmlinux EXPORT_SYMBOL
  9. genksyms ● Generates checksums for exported kernel symbols during build process ● Static code analysis ● Part of the linux kernel source code ● tools/genksyms/
  10. genksyms - issues Strict string processing of kernel symbol definition prototypes leads to false positives at times
  11. genksyms generates different checksums for structs/unions for declarations which are semantically same genksyms – issues (contd)
  12. genksyms – issues (contd) ● 2 semantically same struct declarations should not lead to a change in kABI ● But due to strict string processing in genksyms, checksums generated for these 2 declarations are different struct list_head { struct list_head *next, *prev; }; struct list_head { struct list_head *next; struct list_head *prev; };
  13. Misleading checksums generated for variables specified as unsigned/signed of no particular data type. ● Both declarations above are semantically similar ● genksyms fails to identify this genksyms – issues (contd) 'unsigned foo' and 'unsigned int foo'
  14. Possible solution? spartakus - Using sparse for semantic processing of linux source code
  15. Using spartakus to generate checksums through semantic processing of source code eliminates such issues ● ‘unsigned foo’ is converted to ‘unsigned int foo’ and then processed to get the corresponding checksum ● Semantically similar struct/union declarations are treated as same and different checksums are not generated
  16. Wait, but what is spartakus? ● A fork of sparse – 'semantic parser of source files – creates a semantic parse tree for further analysis ● Provides additional binary 'check_kabi' – Generates checksums for exported kernel symbols like genksyms during kernel build time
  17. Is spartakus ready yet?
  18. $ git clone https://github.com/samikshan/spartakus.git – Contribute – License: GPLv2
  19. Some URLs for reference: ● Sparse: – http://kernelnewbies.org/Sparse ● Kernel ABI – http://kernelnewbies.org/ABI – http://www.jonmasters.org/blog/2007/06/16/ludi crously-technical-kernel-abi-tracking/
  20. Questions? Content available under Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) samikshan@gmail.com Contact:
  21. Thanks
Advertisement