SlideShare a Scribd company logo

Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by the Kernel to its modules

Anne Nicolas
Anne Nicolas

Operating system distributors often face challenges that are somewhat different from that of upstream kernel developers. For instance, some kernel updates often need to stay at least binary compatible with modules that might be “out of tree” for some time. In that context, being able to automatically detect and analyze changes to the binary interface exposed by the kernel to its module does have some noticeable value. The Libabigail framework is capable of analyzing ELF binaries along with their accompanying debug info in the DWARF format, detect and report changes in types, functions, variables and ELF symbols. It has historically supported that for user space shared libraries and application so we worked to make it understand the Linux kernel binaries. In this presentation, we are going to present the current support of ABI analysis for Linux Kernel binaries, the challenges we face, how we address them and the plans we have for the future. Dodji Seketeli, Jessica Yu, Matthias Männich

Software
1 of 33
Download to read offline
2019 | Public Analyzing changes to the binary interface exposed by the Kernel to its modules Kernel Recipes 2019 Jessica Yu -- Dodji Seketeli -- Matthias Männich
2019 | Public What makes up the kernel ABI? ● Low level binary interface between the kernel and its modules ● Set of exported symbols (functions, variables) and their symbol versions (CRCs) ● Data structure layouts, offsets, size, alignment ● ABI tools check these structural expectations
2019 | Public Kernel ABI - why care? ● In a perfect world, all modules would be in-tree and upstream... ● Unfortunately, reality is more complicated
2019 | Public Kernel ABI - why care? ● Distributors care about maintaining kABI stability for out-of-tree modules from partners/vendors ● Prevent needed third party modules from breaking with routine kernel updates
2019 | Public Kernel ABI - why care? ● Decouple development of the kernel and its modules ● Provide a single kernel ABI / API for ecosystem of vendor modules
2019 | Public Upstream tools for kernel ABI checks ● modversions/genksyms (CONFIG_MODVERSIONS)
2019 | Public Modversions: Limitations ● yacc/lex based parser (genksyms) ● Prone to report false positive kABI breakages ● Maintenance pain ● Limited reporting of kABI breakage
2019 | Public Modversions: Limitations KABI: symbol bio_trim(vmlinux) changed crc from 0xea9cb7e9 to 0x595bb017 block/bio.c:1891: warning: bio_trim: modversion changed because of changes in struct blk_mq_tags
2019 | Public Modversions: Limitations diff --git a/include/linux/livepatch.h b/include/linux/livepatch.h index 273400814020..326fb541588a 100644 --- a/include/linux/livepatch.h +++ b/include/linux/livepatch.h @@ -153,8 +153,7 @@ struct klp_patch { struct list_head list; struct kobject kobj; struct list_head obj_list; - bool enabled; - bool forced; + bool enabled, forced; struct work_struct free_work; struct completion finish; };
2019 | Public Modversions: Limitations linux/kernel/livepatch/core.c:1022: error: klp_enable_patch: modversion changed because of changes in struct klp_patch Export klp_enable_patch == <int klp_enable_patch ( struct klp_patch { … struct list_head obj_list ; bool enabled , forced ; struct work_struct free_work ; … > Export klp_enable_patch == <int klp_enable_patch ( struct klp_patch { … struct list_head obj_list ; bool enabled ; bool forced ; struct work_struct free_work ; … > ● As a result, CRC also changes, although the binary interface has stayed the same
2019 | Public Modversions: Limitations <2><9916d7>: Abbrev Number: 14 (DW_TAG_member) <9916d8> DW_AT_name : (indirect string, offset: 0x212486): enabled <9916dc> DW_AT_decl_file : 203 <9916dd> DW_AT_decl_line : 156 <9916de> DW_AT_type : <0x983849> <9916e2> DW_AT_data_member_location: 120 <2><9916e3>: Abbrev Number: 14 (DW_TAG_member) <9916e4> DW_AT_name : (indirect string, offset: 0x64b0f): forced <9916e8> DW_AT_decl_file : 203 <9916e9> DW_AT_decl_line : 156 <9916ea> DW_AT_type : <0x983849> <9916ee> DW_AT_data_member_location: 121
2019 | Public Modversions: Limitations ● Similar things happen when a struct suddenly becomes defined (inclusion of header file) Export for_each_kernel_tracepoint == <void for_each_kernel_tracepoint ( void ( * ) ( struct tracepoint { … struct static_key_mod { UNKNOWN } * next ; …> Move the definition of static_key_mod to a header file included by kernel/tracepoint.c, you get: Export for_each_kernel_tracepoint == <void for_each_kernel_tracepoint ( void ( * ) ( struct tracepoint { … struct static_key_mod { struct static_key_mod * next ; struct jump_entry * entries ; struct module { enum module_state { MODULE_STATE_LIVE , …> ● As a result, CRC also changes, although the binary interface has stayed the same
2019 | Public Modversions: Limitations $ echo 'struct foo { int bar; };' | ./scripts/genksyms/genksyms -d Defn for struct foo == <struct foo { int bar ; } > Hash table occupancy 1/4096 = 0.000244141 $ echo 'struct __attribute__((packed)) foo { int bar; };' | ./scripts/genksyms/genksyms -d Hash table occupancy 0/4096 = 0 Source: https://lore.kernel.org/lkml/CAKwvOdnJAApaUhTQs7w_VjSeYBQa0c-TNxRB4xPLi0Y0sOQMMQ@mail.gmail.com/
2019 | Public Distro requirements ● ABI tracking for a (sub)set of exported symbols ● Normally don’t care about ABI of in-tree only or inter-driver/inter-module symbols (symbol whitelist) ● Human-readable kABI reports, easily pinpoint source of kABI breakages and save developer time ● Runtime ABI checks (checking symbol CRCs at module load time) ● Doesn’t extend kernel/package build time by too much ● ...
2019 | Public Enters Libabigail ● “ABI Generic Analysis and Instrumentation Library” ○ Framework to analyze ABI by looking at binaries directly ● It’s basically a library ○ Reads ELF and DWARF information ○ Builds an internal in-memory representation of ABI artifacts (a.k.a ABI/IR) ■ Functions, variables, types, ELF symbols ● Can compare two ABI IRs ○ The result of the comparison is also an IR (a.k.a DIFF/IR) ● The aim is to analyze the graphs represented by the IRs to emit useful information ● Different tools use the library in specific ways for specific purposes ○ Initially tailored to support analysis of userspace shared libraries ● Jessica and Matthias recently joined to help make the framework grok Linux kernel binaries
2019 | Public Libabigail Kernel Support ● Kernel binaries have several symbol tables ○ .symtab, __ksymtab, __ksymtab_gpl ○ that’s where we find symbols of functions/variables that matter ○ possibly various formats ■ since v4.19 new format possible on AARCH64 ● Kernel made of vmlinux + thousands of modules and hundreds of thousands of types ○ We want to build one in-memory representation for vmlinux + modules ○ We want to be able to load two Kernel IR in memory at one point in time ● Somewhat bigger than your average shared library out there … ○ Challenging to be fast enough but we are regularly making progress Or what’s specific about it ...
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} +void new_func() {} Typical Breakages -- Added FunctionLibabigail Functions changes summary: 0 Removed, 0 Changed, 1 Added function Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 1 Added function: 'function void new_func()' {new_func} ABI Breakage yes, but ABI still compatible Mitigation n/a Notes new_func() becomes part of the ABI. An update of the ABI representation is required to catch future breakages of new_func().
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { - A, C, B + A, B, C }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} Typical Breakages -- Sort enum valuesLibabigail Functions changes summary: 0 Removed, 1 Changed, 0 Added function Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 1 function with some indirect sub-type change: [C]'function void func_enu(my_enum)' at test.c:16:1 has indirect sub-type changes: parameter 1 of type 'enum my_enum' has sub-type changes: type size hasn't changed 2 enumerator changes: 'my_enum::C' from value '1' to '2' at test.c:10:1 'my_enum::B' from value '2' to '1' at test.c:10:1 ABI Breakage no, but API breakage Mitigation Just don't. Notes Again, this is not a strict ABI breakage, but still discovered as breakage. In this case, the change is not considered harmless.
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} -void func_enu(enum my_enum e) {} Typical Breakages -- Removed FunctionLibabigail Functions changes summary: 1 Removed, 0 Changed, 0 Added function Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 1 Removed function: 'function void func_enu(my_enum)' {func_enu} ABI Breakage yes Mitigation Add back the symbol (maybe forward if it was a rename). Notes
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; + int new_member; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} Typical Breakages -- Add struct memberLibabigail Functions changes summary: 0 Removed, 2 Changed, 0 Added functions Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 2 functions with some indirect sub-type change: [C]'function void func_str(my_struct)' at test.c:15:1 has indirect sub-type changes: parameter 1 of type 'struct my_struct' has sub-type changes: type size changed from 8224 to 8256 (in bits) 1 data member insertion: 'int my_struct::new_member', at offset 8224 (in bits) at test.c:8: [C]'function void func_ptr(my_struct*)' at test.c:16:1 has indirect sub-type changes: parameter 1 of type 'my_struct*' has sub-type changes: in pointed to type 'struct my_struct' at test.c:5:1: [...] ABI Breakage yes, but strictly only for func_str() Mitigation Add padding to data structures potentially being affected. Notes func_ptr() does not actually suffer from an ABI breakage at that very definition. It might be affected when the parameter gets dereferenced or if its size is taken. Libabigail diagnoses this because it can. It would not if the full definition of my_struct would not be available.
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; - struct my_type b; + struct my_type c; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} Typical Breakages -- Struct member name changeLibabigail Functions changes summary: 0 Removed, 0 Changed (2 filtered out), 0 Added functions Variables changes summary: 0 Removed, 0 Changed, 0 Added variable ABI Breakage no, but API breakage Mitigation From an ABI point of view this is sane. Notes The rename is detected, but considered harmless. Most likely the rename is not essential for the intent of the actual patch. So, reverting the rename is probably a good idea.
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; - struct my_type b; + char b[1024]; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} Typical Breakages -- Type change (with identical memory layout)Libabigail Functions changes summary: 0 Removed, 2 Changed, 0 Added functions Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 2 functions with some indirect sub-type change: [C]'function void func_ptr(my_struct*)' at test.c:15:1 has indirect sub-type changes: parameter 1 of type 'my_struct*' has sub-type changes: in pointed to type 'struct my_struct' at test.c:5:1: type size hasn't changed 1 data member change: type of 'my_type my_struct::b' changed: entity changed from 'struct my_type' to 'char[1024]' [...] ABI Breakage no, but API breakage Mitigation Just don't. Notes Again, this is not a strict ABI breakage, but still discovered as breakage. In this case, the change is not considered harmless.
2019 | Public Project Treble (Android 8) Stable ABIs for Android Kernels Applications Android Framework HAL Interface Vendor Implementation of HAL Interface Hardware Components Linux Kernel Framework Build Part of the Android build that is hardware-agnostic Vendor Implementation Part of the Android build that is aware of the hardware and implements the corresponding Vendor Interface (VINTF) VINTF Android Next Generation Generic Kernel Image (GKI) (arm64) 4.19.x / 5.x.y GKI Modules 4.19.x / 5.x.y Chip- & Board- Specific Drivers (Kernel Modules) StableAPI/ABI
2019 | Public Stable ABI within Boundaries ○ Define what is part of the ABI ○ Whitelist ○ Suppression ○ Only keep ABI stable within major upstream branch ○ E.g. LTS 4.9, 4.14, 4.19, 5.x ○ Single Kernel Configuration ○ Suitable for all vendors ○ Configuration changes allowed if they don't break ABI ○ Single Toolchain ○ Hermetic Build Branches Configuration Toolchain Scope and how Android implements that* ○ android-4.19 ○ android-5.x * ○ Generic Kernel Image (GKI) configuration ○ Clang Build (only) ○ Hermetic Toolchain* (enforced by build wrapper) ○ Observable ABI ○ Whitelists * ○ Symbol Namespaces * * some of these are still work in progress and to be finalized / implemented
2019 | Public Integration into the Android Kernel Build build_abi.sh build.sh ABI Tooling ○ Setup (hermetic) build environment ○ Toolchain ○ Cross Compiler ○ Build Dir / Dist Dir ○ make mrproper ○ make <defconfig> ○ make ○ create Android Kernel distribution ○ abidw --linux-tree out/ ○ abidiff abi.xml abi-base.xml ○ create abi report $ repo init -u <url> -b <branch> # initialize workspace $ repo sync # get sources, toolchain, dependencies, etc. $ build/build_abi.sh # build and validate ABI
2019 | Public ० Define a baseline ABI ० Keep it along with your sources ० Establish ABI checking (e.g. build_abi.sh) as mandatory test before merging ० Changes targeting Android Common Kernels have to pass this test in AOSP Gerrit Monitoring and Enforcement --- a/include/linux/utsname.h +++ b/include/linux/utsname.h @@ -22,6 +22,7 @@ struct user_namespace; extern struct user_namespace init_user_ns; struct uts_namespace { + int dummy; struct kref kref; struct new_utsname name; struct user_namespace *user_ns;
2019 | Public ० Library and set of tools to analyze ABIs of binaries ० Allows serializing, deserializing and comparing of ABI representation ० Considers ELF symbols along with DWARF information ० Linux Kernel Support is fairly new, but works pretty good (considers ksymtab instead of ELF symbol table ) ० Support for 4.19+ Kernels is almost completed "Application Binary Interface Generic Analysis and Instrumentation Library" https://sourceware.org/libabigail/ Libabigail 1 2 3 Create Binaries Extract ABI Compare vmlinux mod1.ko mod2.ko abi.xml abi.xml vs. abi-base.xml
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} ABI RepresentationLibabigail <abi-corpus path='test.o' architecture='elf-amd-x86_64'> <elf-function-symbols> <elf-symbol name='func_enu' type='func-type'/> <elf-symbol name='func_ptr' type='func-type'/> <elf-symbol name='func_str' type='func-type'/> </elf-function-symbols> <elf-variable-symbols> <elf-symbol name='my_struct' size='1028' type='object-type'/> <elf-symbol name='my_type' size='1024' type='object-type'/> </elf-variable-symbols> [...]
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} ABI RepresentationLibabigail [...] <abi-instr version='1.0' address-size='64' language='LANG_C99'> <type-decl name='void' id='type-id-1'/> <type-decl name='enum-int' size-in-bits='32' id='type-id-2'/> <enum-decl name='my_enum' line='10' column='1' id='type-id-3'> <underlying-type type-id='type-id-2'/> <enumerator name='A' value='0'/> <enumerator name='C' value='1'/> <enumerator name='B' value='2'/> </enum-decl> <function-decl name='func_enu' line='16' column='1' size-in-bits='64' elf-symbol-id='func_enu'> <parameter type-id='type-id-3' name='e' line='16' column='1'/> <return type-id='type-id-1'/> <!-- void -> </function-decl> [...]
2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} ABI RepresentationLibabigail [...] <class-decl name='my_struct' size-in-bits='8224' is-struct='yes' line='5' column='1' id='type-id-4'> <data-member layout-offset-in-bits='0'> <var-decl name='a' type-id='type-id-5' line='6' column='1'/> </data-member> <data-member layout-offset-in-bits='32'> <var-decl name='b' type-id='type-id-6' line='7' column='1'/> </data-member> </class-decl> <type-decl name='int' size-in-bits='32' id='type-id-5'/> <class-decl name='my_type' size-in-bits='8192' [...]</class-decl> <pointer-type-def type-id='type-id-4' size-in-bits='64' id='type-id-11'/> <function-decl name='func_ptr' line='15' column='1' size-in-bits='64' elf-symbol-id='func_ptr'> <parameter type-id='type-id-11' name='s' line='15' column='1'/> <return type-id='type-id-1'/> </function-decl> [...]
2019 | Public include/linux/mm.h enum { REGION_INTERSECTS, REGION_DISJOINT, REGION_MIXED, }; /* returns one of the above values */ int region_intersects(resource_size_t offset, size_t size, unsigned long flags, unsigned long desc); Untagged enumsUnhandled Cases How to handle sorting of such an enum now? enum { - REGION_INTERSECTS, REGION_DISJOINT, + REGION_INTERSECTS, REGION_MIXED, }; Generate ABI capturing data structures (code generation or compiler plugin) enum abi_enum { abi_REGION_INTERSECTS = REGION_INTERSECTS, abi_REGION_DISJOINT = REGION_DISJOINT, abi_REGION_MIXED = REGION_MIXED, }; void abi_func(enum abi_enum e) { } Captured as ELF symbol
2019 | Public include/linux/sched.h /* Used in tsk->state: */ #define TASK_RUNNING 0x0000 #define TASK_INTERRUPTIBLE 0x0001 #define TASK_UNINTERRUPTIBLE 0x0002 [...] #define TASK_WAKEKILL 0x0100 [...] /* Convenience macros for the sake of set_current_state: */ #define TASK_KILLABLE (TASK_WAKEKILL | TASK_UNINTERRUPTIBLE) DefinesUnhandled Cases How to handle changes to #defined values? #define TASK_RUNNING 0x0000 #define TASK_INTERRUPTIBLE 0x0001 -#define TASK_UNINTERRUPTIBLE 0x0002 +#define TASK_UNINTERRUPTIBLE 0x0004 [...] #define TASK_KILLABLE (TASK_WAKEKILL | TASK_UNINTERRUPTIBLE) Deduct defines and create trackable data structures. enum abi_enum { abi_TASK_RUNNING = 0x0000, abi_TASK_INTERRUPTIBLE = 0x0001, abi_TASK_UNINTERRUPTIBLE = 0x0002, abi_TASK_WAKEKILL = 0x0100, abi_TASK_KILLABLE = 0x0102 }; void abi_func(enum abi_enum e) { } Captured as ELF symbol
2019 | Public Questions? Dodji Seketeli dodji@seketeli.org Jessica Yu jeyu@kernel.org Matthias Männich maennich@android.com

Recommended

Kernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyKernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyAnne Nicolas
 
Kernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureKernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureAnne Nicolas
 
Embedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayEmbedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayAnne Nicolas
 
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedKernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedAnne Nicolas
 
The 7 Deadly Sins of Packet Processing - Venky Venkatesan and Bruce Richardson
The 7 Deadly Sins of Packet Processing - Venky Venkatesan and Bruce RichardsonThe 7 Deadly Sins of Packet Processing - Venky Venkatesan and Bruce Richardson
The 7 Deadly Sins of Packet Processing - Venky Venkatesan and Bruce Richardsonharryvanhaaren
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDKDenys Haryachyy
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunheut2008
 
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverter
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterKernel Recipes 2014 - NDIV: a low overhead network traffic diverter
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterAnne Nicolas
 

Recommended

Kernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyKernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyAnne Nicolas
 
Kernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureKernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureAnne Nicolas
 
Embedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayEmbedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayAnne Nicolas
 
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedKernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedAnne Nicolas
 
The 7 Deadly Sins of Packet Processing - Venky Venkatesan and Bruce Richardson
The 7 Deadly Sins of Packet Processing - Venky Venkatesan and Bruce RichardsonThe 7 Deadly Sins of Packet Processing - Venky Venkatesan and Bruce Richardson
The 7 Deadly Sins of Packet Processing - Venky Venkatesan and Bruce Richardsonharryvanhaaren
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDKDenys Haryachyy
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunheut2008
 
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverter
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterKernel Recipes 2014 - NDIV: a low overhead network traffic diverter
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterAnne Nicolas
 
Building a Virtualized Continuum with Intel(r) Clear Containers
Building a Virtualized Continuum with Intel(r) Clear ContainersBuilding a Virtualized Continuum with Intel(r) Clear Containers
Building a Virtualized Continuum with Intel(r) Clear ContainersMichelle Holley
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network StackAdrien Mahieux
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerJeff Anderson
 
Berkeley Packet Filters
Berkeley Packet FiltersBerkeley Packet Filters
Berkeley Packet FiltersKernel TLV
 
A Kernel of Truth: Intrusion Detection and Attestation with eBPF
A Kernel of Truth: Intrusion Detection and Attestation with eBPFA Kernel of Truth: Intrusion Detection and Attestation with eBPF
A Kernel of Truth: Intrusion Detection and Attestation with eBPFoholiab
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabMichelle Holley
 
Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Kernel TLV
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux KernelKernel TLV
 
Kernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesKernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesAnne Nicolas
 
FreeBSD and Drivers
FreeBSD and DriversFreeBSD and Drivers
FreeBSD and DriversKernel TLV
 
DPDK In Depth
DPDK In DepthDPDK In Depth
DPDK In DepthKernel TLV
 
Staging driver sins
Staging driver sinsStaging driver sins
Staging driver sinsStephen Hemminger
 
Linux Ethernet device driver
Linux Ethernet device driverLinux Ethernet device driver
Linux Ethernet device driver艾鍗科技
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsHisaki Ohara
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.Naoto MATSUMOTO
 
DPDK KNI interface
DPDK KNI interfaceDPDK KNI interface
DPDK KNI interfaceDenys Haryachyy
 
Kernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver frameworkKernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver frameworkAnne Nicolas
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptablesKernel TLV
 
The n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkThe n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkmarkdgray
 
Not breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABINot breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABIAlison Chaiken
 
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...Anne Nicolas
 

More Related Content

What's hot

Building a Virtualized Continuum with Intel(r) Clear Containers
Building a Virtualized Continuum with Intel(r) Clear ContainersBuilding a Virtualized Continuum with Intel(r) Clear Containers
Building a Virtualized Continuum with Intel(r) Clear ContainersMichelle Holley
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerJeff Anderson
 
Berkeley Packet Filters
Berkeley Packet FiltersBerkeley Packet Filters
Berkeley Packet FiltersKernel TLV
 
A Kernel of Truth: Intrusion Detection and Attestation with eBPF
A Kernel of Truth: Intrusion Detection and Attestation with eBPFA Kernel of Truth: Intrusion Detection and Attestation with eBPF
A Kernel of Truth: Intrusion Detection and Attestation with eBPFoholiab
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabMichelle Holley
 
Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Kernel TLV
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux KernelKernel TLV
 
Kernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesKernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesAnne Nicolas
 
FreeBSD and Drivers
FreeBSD and DriversFreeBSD and Drivers
FreeBSD and DriversKernel TLV
 
Linux Ethernet device driver
Linux Ethernet device driverLinux Ethernet device driver
Linux Ethernet device driver艾鍗科技
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsHisaki Ohara
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.Naoto MATSUMOTO
 
Kernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver frameworkKernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver frameworkAnne Nicolas
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptablesKernel TLV
 
The n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkThe n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkmarkdgray
 

What's hot (20)

Building a Virtualized Continuum with Intel(r) Clear Containers
Building a Virtualized Continuum with Intel(r) Clear ContainersBuilding a Virtualized Continuum with Intel(r) Clear Containers
Building a Virtualized Continuum with Intel(r) Clear Containers
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support Engineer
 
Berkeley Packet Filters
Berkeley Packet FiltersBerkeley Packet Filters
Berkeley Packet Filters
 
A Kernel of Truth: Intrusion Detection and Attestation with eBPF
A Kernel of Truth: Intrusion Detection and Attestation with eBPFA Kernel of Truth: Intrusion Detection and Attestation with eBPF
A Kernel of Truth: Intrusion Detection and Attestation with eBPF
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on Lab
 
Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecture
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
 
Kernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesKernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering Oopsies
 
FreeBSD and Drivers
FreeBSD and DriversFreeBSD and Drivers
FreeBSD and Drivers
 
DPDK In Depth
DPDK In DepthDPDK In Depth
DPDK In Depth
 
Staging driver sins
Staging driver sinsStaging driver sins
Staging driver sins
 
Linux Ethernet device driver
Linux Ethernet device driverLinux Ethernet device driver
Linux Ethernet device driver
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructions
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.
 
DPDK KNI interface
DPDK KNI interfaceDPDK KNI interface
DPDK KNI interface
 
Kernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver frameworkKernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver framework
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptables
 
The n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkThe n00bs guide to ovs dpdk
The n00bs guide to ovs dpdk
 

Similar to Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by the Kernel to its modules

Not breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABINot breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABIAlison Chaiken
 
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...Anne Nicolas
 
MySQL 8 - UKOUG Techfest Brighton December 2nd, 2019
MySQL 8 - UKOUG Techfest Brighton December 2nd, 2019MySQL 8 - UKOUG Techfest Brighton December 2nd, 2019
MySQL 8 - UKOUG Techfest Brighton December 2nd, 2019Dave Stokes
 
Adding a BOLT pass
Adding a BOLT passAdding a BOLT pass
Adding a BOLT passAmir42407
 
C, C++ Interview Questions Part - 1
C, C++ Interview Questions Part - 1C, C++ Interview Questions Part - 1
C, C++ Interview Questions Part - 1ReKruiTIn.com
 
object oriented programming part inheritance.pptx
object oriented programming part inheritance.pptxobject oriented programming part inheritance.pptx
object oriented programming part inheritance.pptxurvashipundir04
 
GITFlow definition for all software projects
GITFlow definition for all software projectsGITFlow definition for all software projects
GITFlow definition for all software projectsThierry Gayet
 
Sprint 44 review
Sprint 44 reviewSprint 44 review
Sprint 44 reviewManageIQ
 
Reengineering and Reuse of Legacy Software
Reengineering and Reuse of Legacy SoftwareReengineering and Reuse of Legacy Software
Reengineering and Reuse of Legacy SoftwareTeodoro Cipresso
 
C++ Interview Question And Answer
C++ Interview Question And AnswerC++ Interview Question And Answer
C++ Interview Question And AnswerJagan Mohan Bishoyi
 
C++ questions And Answer
C++ questions And AnswerC++ questions And Answer
C++ questions And Answerlavparmar007
 
Sprint 127
Sprint 127Sprint 127
Sprint 127ManageIQ
 
Inline function
Inline functionInline function
Inline functionTech_MX
 
LAS16-501: Introduction to LLVM - Projects, Components, Integration, Internals
LAS16-501: Introduction to LLVM - Projects, Components, Integration, InternalsLAS16-501: Introduction to LLVM - Projects, Components, Integration, Internals
LAS16-501: Introduction to LLVM - Projects, Components, Integration, InternalsLinaro
 

Similar to Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by the Kernel to its modules (20)

Not breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABINot breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABI
 
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...
 
MySQL 8 - UKOUG Techfest Brighton December 2nd, 2019
MySQL 8 - UKOUG Techfest Brighton December 2nd, 2019MySQL 8 - UKOUG Techfest Brighton December 2nd, 2019
MySQL 8 - UKOUG Techfest Brighton December 2nd, 2019
 
Mod02 compilers
Mod02 compilersMod02 compilers
Mod02 compilers
 
Adding a BOLT pass
Adding a BOLT passAdding a BOLT pass
Adding a BOLT pass
 
embedded C.pptx
embedded C.pptxembedded C.pptx
embedded C.pptx
 
Embedded C.pptx
Embedded C.pptxEmbedded C.pptx
Embedded C.pptx
 
C, C++ Interview Questions Part - 1
C, C++ Interview Questions Part - 1C, C++ Interview Questions Part - 1
C, C++ Interview Questions Part - 1
 
object oriented programming part inheritance.pptx
object oriented programming part inheritance.pptxobject oriented programming part inheritance.pptx
object oriented programming part inheritance.pptx
 
Qe Reference
Qe ReferenceQe Reference
Qe Reference
 
GITFlow definition for all software projects
GITFlow definition for all software projectsGITFlow definition for all software projects
GITFlow definition for all software projects
 
Functions
FunctionsFunctions
Functions
 
Sprint 44 review
Sprint 44 reviewSprint 44 review
Sprint 44 review
 
Sprint 54
Sprint 54Sprint 54
Sprint 54
 
Reengineering and Reuse of Legacy Software
Reengineering and Reuse of Legacy SoftwareReengineering and Reuse of Legacy Software
Reengineering and Reuse of Legacy Software
 
C++ Interview Question And Answer
C++ Interview Question And AnswerC++ Interview Question And Answer
C++ Interview Question And Answer
 
C++ questions And Answer
C++ questions And AnswerC++ questions And Answer
C++ questions And Answer
 
Sprint 127
Sprint 127Sprint 127
Sprint 127
 
Inline function
Inline functionInline function
Inline function
 
LAS16-501: Introduction to LLVM - Projects, Components, Integration, Internals
LAS16-501: Introduction to LLVM - Projects, Components, Integration, InternalsLAS16-501: Introduction to LLVM - Projects, Components, Integration, Internals
LAS16-501: Introduction to LLVM - Projects, Components, Integration, Internals
 

More from Anne Nicolas

Kernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream firstKernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream firstAnne Nicolas
 
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIKernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIAnne Nicolas
 
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelKernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelAnne Nicolas
 
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Anne Nicolas
 
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataKernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataAnne Nicolas
 
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxEmbedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxAnne Nicolas
 
Embedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less specialEmbedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less specialAnne Nicolas
 
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconEmbedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconAnne Nicolas
 
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureEmbedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureAnne Nicolas
 
Embedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmakerEmbedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmakerAnne Nicolas
 
Embedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integrationEmbedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integrationAnne Nicolas
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingAnne Nicolas
 
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaEmbedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaAnne Nicolas
 
Kernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDPKernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDPAnne Nicolas
 
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Anne Nicolas
 
Kernel Recipes 2019 - Formal modeling made easy
Kernel Recipes 2019 - Formal modeling made easyKernel Recipes 2019 - Formal modeling made easy
Kernel Recipes 2019 - Formal modeling made easyAnne Nicolas
 
Kernel Recipes 2019 - CVEs are dead, long live the CVE!
Kernel Recipes 2019 - CVEs are dead, long live the CVE!Kernel Recipes 2019 - CVEs are dead, long live the CVE!
Kernel Recipes 2019 - CVEs are dead, long live the CVE!Anne Nicolas
 
Kernel Recipes 2019 - XDP closer integration with network stack
Kernel Recipes 2019 - XDP closer integration with network stackKernel Recipes 2019 - XDP closer integration with network stack
Kernel Recipes 2019 - XDP closer integration with network stackAnne Nicolas
 
Kernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsKernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsAnne Nicolas
 
Kernel Recipes 2019 - Faster IO through io_uring
Kernel Recipes 2019 - Faster IO through io_uringKernel Recipes 2019 - Faster IO through io_uring
Kernel Recipes 2019 - Faster IO through io_uringAnne Nicolas
 

More from Anne Nicolas (20)

Kernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream firstKernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream first
 
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIKernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
 
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelKernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
 
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
 
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataKernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
 
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxEmbedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
 
Embedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less specialEmbedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less special
 
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconEmbedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
 
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureEmbedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
 
Embedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmakerEmbedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmaker
 
Embedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integrationEmbedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integration
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debugging
 
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaEmbedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
 
Kernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDPKernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDP
 
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
 
Kernel Recipes 2019 - Formal modeling made easy
Kernel Recipes 2019 - Formal modeling made easyKernel Recipes 2019 - Formal modeling made easy
Kernel Recipes 2019 - Formal modeling made easy
 
Kernel Recipes 2019 - CVEs are dead, long live the CVE!
Kernel Recipes 2019 - CVEs are dead, long live the CVE!Kernel Recipes 2019 - CVEs are dead, long live the CVE!
Kernel Recipes 2019 - CVEs are dead, long live the CVE!
 
Kernel Recipes 2019 - XDP closer integration with network stack
Kernel Recipes 2019 - XDP closer integration with network stackKernel Recipes 2019 - XDP closer integration with network stack
Kernel Recipes 2019 - XDP closer integration with network stack
 
Kernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsKernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doors
 
Kernel Recipes 2019 - Faster IO through io_uring
Kernel Recipes 2019 - Faster IO through io_uringKernel Recipes 2019 - Faster IO through io_uring
Kernel Recipes 2019 - Faster IO through io_uring
 

Recently uploaded

Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Developmentvyaparkranti
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 

Recently uploaded (20)

Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
Advantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your BusinessAdvantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your Business
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 

Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by the Kernel to its modules

  • 1. 2019 | Public Analyzing changes to the binary interface exposed by the Kernel to its modules Kernel Recipes 2019 Jessica Yu -- Dodji Seketeli -- Matthias Männich
  • 2. 2019 | Public What makes up the kernel ABI? ● Low level binary interface between the kernel and its modules ● Set of exported symbols (functions, variables) and their symbol versions (CRCs) ● Data structure layouts, offsets, size, alignment ● ABI tools check these structural expectations
  • 3. 2019 | Public Kernel ABI - why care? ● In a perfect world, all modules would be in-tree and upstream... ● Unfortunately, reality is more complicated
  • 4. 2019 | Public Kernel ABI - why care? ● Distributors care about maintaining kABI stability for out-of-tree modules from partners/vendors ● Prevent needed third party modules from breaking with routine kernel updates
  • 5. 2019 | Public Kernel ABI - why care? ● Decouple development of the kernel and its modules ● Provide a single kernel ABI / API for ecosystem of vendor modules
  • 6. 2019 | Public Upstream tools for kernel ABI checks ● modversions/genksyms (CONFIG_MODVERSIONS)
  • 7. 2019 | Public Modversions: Limitations ● yacc/lex based parser (genksyms) ● Prone to report false positive kABI breakages ● Maintenance pain ● Limited reporting of kABI breakage
  • 8. 2019 | Public Modversions: Limitations KABI: symbol bio_trim(vmlinux) changed crc from 0xea9cb7e9 to 0x595bb017 block/bio.c:1891: warning: bio_trim: modversion changed because of changes in struct blk_mq_tags
  • 9. 2019 | Public Modversions: Limitations diff --git a/include/linux/livepatch.h b/include/linux/livepatch.h index 273400814020..326fb541588a 100644 --- a/include/linux/livepatch.h +++ b/include/linux/livepatch.h @@ -153,8 +153,7 @@ struct klp_patch { struct list_head list; struct kobject kobj; struct list_head obj_list; - bool enabled; - bool forced; + bool enabled, forced; struct work_struct free_work; struct completion finish; };
  • 10. 2019 | Public Modversions: Limitations linux/kernel/livepatch/core.c:1022: error: klp_enable_patch: modversion changed because of changes in struct klp_patch Export klp_enable_patch == <int klp_enable_patch ( struct klp_patch { … struct list_head obj_list ; bool enabled , forced ; struct work_struct free_work ; … > Export klp_enable_patch == <int klp_enable_patch ( struct klp_patch { … struct list_head obj_list ; bool enabled ; bool forced ; struct work_struct free_work ; … > ● As a result, CRC also changes, although the binary interface has stayed the same
  • 11. 2019 | Public Modversions: Limitations <2><9916d7>: Abbrev Number: 14 (DW_TAG_member) <9916d8> DW_AT_name : (indirect string, offset: 0x212486): enabled <9916dc> DW_AT_decl_file : 203 <9916dd> DW_AT_decl_line : 156 <9916de> DW_AT_type : <0x983849> <9916e2> DW_AT_data_member_location: 120 <2><9916e3>: Abbrev Number: 14 (DW_TAG_member) <9916e4> DW_AT_name : (indirect string, offset: 0x64b0f): forced <9916e8> DW_AT_decl_file : 203 <9916e9> DW_AT_decl_line : 156 <9916ea> DW_AT_type : <0x983849> <9916ee> DW_AT_data_member_location: 121
  • 12. 2019 | Public Modversions: Limitations ● Similar things happen when a struct suddenly becomes defined (inclusion of header file) Export for_each_kernel_tracepoint == <void for_each_kernel_tracepoint ( void ( * ) ( struct tracepoint { … struct static_key_mod { UNKNOWN } * next ; …> Move the definition of static_key_mod to a header file included by kernel/tracepoint.c, you get: Export for_each_kernel_tracepoint == <void for_each_kernel_tracepoint ( void ( * ) ( struct tracepoint { … struct static_key_mod { struct static_key_mod * next ; struct jump_entry * entries ; struct module { enum module_state { MODULE_STATE_LIVE , …> ● As a result, CRC also changes, although the binary interface has stayed the same
  • 13. 2019 | Public Modversions: Limitations $ echo 'struct foo { int bar; };' | ./scripts/genksyms/genksyms -d Defn for struct foo == <struct foo { int bar ; } > Hash table occupancy 1/4096 = 0.000244141 $ echo 'struct __attribute__((packed)) foo { int bar; };' | ./scripts/genksyms/genksyms -d Hash table occupancy 0/4096 = 0 Source: https://lore.kernel.org/lkml/CAKwvOdnJAApaUhTQs7w_VjSeYBQa0c-TNxRB4xPLi0Y0sOQMMQ@mail.gmail.com/
  • 14. 2019 | Public Distro requirements ● ABI tracking for a (sub)set of exported symbols ● Normally don’t care about ABI of in-tree only or inter-driver/inter-module symbols (symbol whitelist) ● Human-readable kABI reports, easily pinpoint source of kABI breakages and save developer time ● Runtime ABI checks (checking symbol CRCs at module load time) ● Doesn’t extend kernel/package build time by too much ● ...
  • 15. 2019 | Public Enters Libabigail ● “ABI Generic Analysis and Instrumentation Library” ○ Framework to analyze ABI by looking at binaries directly ● It’s basically a library ○ Reads ELF and DWARF information ○ Builds an internal in-memory representation of ABI artifacts (a.k.a ABI/IR) ■ Functions, variables, types, ELF symbols ● Can compare two ABI IRs ○ The result of the comparison is also an IR (a.k.a DIFF/IR) ● The aim is to analyze the graphs represented by the IRs to emit useful information ● Different tools use the library in specific ways for specific purposes ○ Initially tailored to support analysis of userspace shared libraries ● Jessica and Matthias recently joined to help make the framework grok Linux kernel binaries
  • 16. 2019 | Public Libabigail Kernel Support ● Kernel binaries have several symbol tables ○ .symtab, __ksymtab, __ksymtab_gpl ○ that’s where we find symbols of functions/variables that matter ○ possibly various formats ■ since v4.19 new format possible on AARCH64 ● Kernel made of vmlinux + thousands of modules and hundreds of thousands of types ○ We want to build one in-memory representation for vmlinux + modules ○ We want to be able to load two Kernel IR in memory at one point in time ● Somewhat bigger than your average shared library out there … ○ Challenging to be fast enough but we are regularly making progress Or what’s specific about it ...
  • 17. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} +void new_func() {} Typical Breakages -- Added FunctionLibabigail Functions changes summary: 0 Removed, 0 Changed, 1 Added function Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 1 Added function: 'function void new_func()' {new_func} ABI Breakage yes, but ABI still compatible Mitigation n/a Notes new_func() becomes part of the ABI. An update of the ABI representation is required to catch future breakages of new_func().
  • 18. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { - A, C, B + A, B, C }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} Typical Breakages -- Sort enum valuesLibabigail Functions changes summary: 0 Removed, 1 Changed, 0 Added function Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 1 function with some indirect sub-type change: [C]'function void func_enu(my_enum)' at test.c:16:1 has indirect sub-type changes: parameter 1 of type 'enum my_enum' has sub-type changes: type size hasn't changed 2 enumerator changes: 'my_enum::C' from value '1' to '2' at test.c:10:1 'my_enum::B' from value '2' to '1' at test.c:10:1 ABI Breakage no, but API breakage Mitigation Just don't. Notes Again, this is not a strict ABI breakage, but still discovered as breakage. In this case, the change is not considered harmless.
  • 19. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} -void func_enu(enum my_enum e) {} Typical Breakages -- Removed FunctionLibabigail Functions changes summary: 1 Removed, 0 Changed, 0 Added function Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 1 Removed function: 'function void func_enu(my_enum)' {func_enu} ABI Breakage yes Mitigation Add back the symbol (maybe forward if it was a rename). Notes
  • 20. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; + int new_member; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} Typical Breakages -- Add struct memberLibabigail Functions changes summary: 0 Removed, 2 Changed, 0 Added functions Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 2 functions with some indirect sub-type change: [C]'function void func_str(my_struct)' at test.c:15:1 has indirect sub-type changes: parameter 1 of type 'struct my_struct' has sub-type changes: type size changed from 8224 to 8256 (in bits) 1 data member insertion: 'int my_struct::new_member', at offset 8224 (in bits) at test.c:8: [C]'function void func_ptr(my_struct*)' at test.c:16:1 has indirect sub-type changes: parameter 1 of type 'my_struct*' has sub-type changes: in pointed to type 'struct my_struct' at test.c:5:1: [...] ABI Breakage yes, but strictly only for func_str() Mitigation Add padding to data structures potentially being affected. Notes func_ptr() does not actually suffer from an ABI breakage at that very definition. It might be affected when the parameter gets dereferenced or if its size is taken. Libabigail diagnoses this because it can. It would not if the full definition of my_struct would not be available.
  • 21. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; - struct my_type b; + struct my_type c; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} Typical Breakages -- Struct member name changeLibabigail Functions changes summary: 0 Removed, 0 Changed (2 filtered out), 0 Added functions Variables changes summary: 0 Removed, 0 Changed, 0 Added variable ABI Breakage no, but API breakage Mitigation From an ABI point of view this is sane. Notes The rename is detected, but considered harmless. Most likely the rename is not essential for the intent of the actual patch. So, reverting the rename is probably a good idea.
  • 22. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; - struct my_type b; + char b[1024]; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} Typical Breakages -- Type change (with identical memory layout)Libabigail Functions changes summary: 0 Removed, 2 Changed, 0 Added functions Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 2 functions with some indirect sub-type change: [C]'function void func_ptr(my_struct*)' at test.c:15:1 has indirect sub-type changes: parameter 1 of type 'my_struct*' has sub-type changes: in pointed to type 'struct my_struct' at test.c:5:1: type size hasn't changed 1 data member change: type of 'my_type my_struct::b' changed: entity changed from 'struct my_type' to 'char[1024]' [...] ABI Breakage no, but API breakage Mitigation Just don't. Notes Again, this is not a strict ABI breakage, but still discovered as breakage. In this case, the change is not considered harmless.
  • 23. 2019 | Public Project Treble (Android 8) Stable ABIs for Android Kernels Applications Android Framework HAL Interface Vendor Implementation of HAL Interface Hardware Components Linux Kernel Framework Build Part of the Android build that is hardware-agnostic Vendor Implementation Part of the Android build that is aware of the hardware and implements the corresponding Vendor Interface (VINTF) VINTF Android Next Generation Generic Kernel Image (GKI) (arm64) 4.19.x / 5.x.y GKI Modules 4.19.x / 5.x.y Chip- & Board- Specific Drivers (Kernel Modules) StableAPI/ABI
  • 24. 2019 | Public Stable ABI within Boundaries ○ Define what is part of the ABI ○ Whitelist ○ Suppression ○ Only keep ABI stable within major upstream branch ○ E.g. LTS 4.9, 4.14, 4.19, 5.x ○ Single Kernel Configuration ○ Suitable for all vendors ○ Configuration changes allowed if they don't break ABI ○ Single Toolchain ○ Hermetic Build Branches Configuration Toolchain Scope and how Android implements that* ○ android-4.19 ○ android-5.x * ○ Generic Kernel Image (GKI) configuration ○ Clang Build (only) ○ Hermetic Toolchain* (enforced by build wrapper) ○ Observable ABI ○ Whitelists * ○ Symbol Namespaces * * some of these are still work in progress and to be finalized / implemented
  • 25. 2019 | Public Integration into the Android Kernel Build build_abi.sh build.sh ABI Tooling ○ Setup (hermetic) build environment ○ Toolchain ○ Cross Compiler ○ Build Dir / Dist Dir ○ make mrproper ○ make <defconfig> ○ make ○ create Android Kernel distribution ○ abidw --linux-tree out/ ○ abidiff abi.xml abi-base.xml ○ create abi report $ repo init -u <url> -b <branch> # initialize workspace $ repo sync # get sources, toolchain, dependencies, etc. $ build/build_abi.sh # build and validate ABI
  • 26. 2019 | Public ० Define a baseline ABI ० Keep it along with your sources ० Establish ABI checking (e.g. build_abi.sh) as mandatory test before merging ० Changes targeting Android Common Kernels have to pass this test in AOSP Gerrit Monitoring and Enforcement --- a/include/linux/utsname.h +++ b/include/linux/utsname.h @@ -22,6 +22,7 @@ struct user_namespace; extern struct user_namespace init_user_ns; struct uts_namespace { + int dummy; struct kref kref; struct new_utsname name; struct user_namespace *user_ns;
  • 27. 2019 | Public ० Library and set of tools to analyze ABIs of binaries ० Allows serializing, deserializing and comparing of ABI representation ० Considers ELF symbols along with DWARF information ० Linux Kernel Support is fairly new, but works pretty good (considers ksymtab instead of ELF symbol table ) ० Support for 4.19+ Kernels is almost completed "Application Binary Interface Generic Analysis and Instrumentation Library" https://sourceware.org/libabigail/ Libabigail 1 2 3 Create Binaries Extract ABI Compare vmlinux mod1.ko mod2.ko abi.xml abi.xml vs. abi-base.xml
  • 28. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} ABI RepresentationLibabigail <abi-corpus path='test.o' architecture='elf-amd-x86_64'> <elf-function-symbols> <elf-symbol name='func_enu' type='func-type'/> <elf-symbol name='func_ptr' type='func-type'/> <elf-symbol name='func_str' type='func-type'/> </elf-function-symbols> <elf-variable-symbols> <elf-symbol name='my_struct' size='1028' type='object-type'/> <elf-symbol name='my_type' size='1024' type='object-type'/> </elf-variable-symbols> [...]
  • 29. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} ABI RepresentationLibabigail [...] <abi-instr version='1.0' address-size='64' language='LANG_C99'> <type-decl name='void' id='type-id-1'/> <type-decl name='enum-int' size-in-bits='32' id='type-id-2'/> <enum-decl name='my_enum' line='10' column='1' id='type-id-3'> <underlying-type type-id='type-id-2'/> <enumerator name='A' value='0'/> <enumerator name='C' value='1'/> <enumerator name='B' value='2'/> </enum-decl> <function-decl name='func_enu' line='16' column='1' size-in-bits='64' elf-symbol-id='func_enu'> <parameter type-id='type-id-3' name='e' line='16' column='1'/> <return type-id='type-id-1'/> <!-- void -> </function-decl> [...]
  • 30. 2019 | Public struct my_type { char str[1024]; } my_type; struct my_struct { int a; struct my_type b; } my_struct; enum my_enum { A, C, B }; void func_str(struct my_struct s) {} void func_ptr(struct my_struct * s) {} void func_enu(enum my_enum e) {} ABI RepresentationLibabigail [...] <class-decl name='my_struct' size-in-bits='8224' is-struct='yes' line='5' column='1' id='type-id-4'> <data-member layout-offset-in-bits='0'> <var-decl name='a' type-id='type-id-5' line='6' column='1'/> </data-member> <data-member layout-offset-in-bits='32'> <var-decl name='b' type-id='type-id-6' line='7' column='1'/> </data-member> </class-decl> <type-decl name='int' size-in-bits='32' id='type-id-5'/> <class-decl name='my_type' size-in-bits='8192' [...]</class-decl> <pointer-type-def type-id='type-id-4' size-in-bits='64' id='type-id-11'/> <function-decl name='func_ptr' line='15' column='1' size-in-bits='64' elf-symbol-id='func_ptr'> <parameter type-id='type-id-11' name='s' line='15' column='1'/> <return type-id='type-id-1'/> </function-decl> [...]
  • 31. 2019 | Public include/linux/mm.h enum { REGION_INTERSECTS, REGION_DISJOINT, REGION_MIXED, }; /* returns one of the above values */ int region_intersects(resource_size_t offset, size_t size, unsigned long flags, unsigned long desc); Untagged enumsUnhandled Cases How to handle sorting of such an enum now? enum { - REGION_INTERSECTS, REGION_DISJOINT, + REGION_INTERSECTS, REGION_MIXED, }; Generate ABI capturing data structures (code generation or compiler plugin) enum abi_enum { abi_REGION_INTERSECTS = REGION_INTERSECTS, abi_REGION_DISJOINT = REGION_DISJOINT, abi_REGION_MIXED = REGION_MIXED, }; void abi_func(enum abi_enum e) { } Captured as ELF symbol
  • 32. 2019 | Public include/linux/sched.h /* Used in tsk->state: */ #define TASK_RUNNING 0x0000 #define TASK_INTERRUPTIBLE 0x0001 #define TASK_UNINTERRUPTIBLE 0x0002 [...] #define TASK_WAKEKILL 0x0100 [...] /* Convenience macros for the sake of set_current_state: */ #define TASK_KILLABLE (TASK_WAKEKILL | TASK_UNINTERRUPTIBLE) DefinesUnhandled Cases How to handle changes to #defined values? #define TASK_RUNNING 0x0000 #define TASK_INTERRUPTIBLE 0x0001 -#define TASK_UNINTERRUPTIBLE 0x0002 +#define TASK_UNINTERRUPTIBLE 0x0004 [...] #define TASK_KILLABLE (TASK_WAKEKILL | TASK_UNINTERRUPTIBLE) Deduct defines and create trackable data structures. enum abi_enum { abi_TASK_RUNNING = 0x0000, abi_TASK_INTERRUPTIBLE = 0x0001, abi_TASK_UNINTERRUPTIBLE = 0x0002, abi_TASK_WAKEKILL = 0x0100, abi_TASK_KILLABLE = 0x0102 }; void abi_func(enum abi_enum e) { } Captured as ELF symbol
  • 33. 2019 | Public Questions? Dodji Seketeli dodji@seketeli.org Jessica Yu jeyu@kernel.org Matthias Männich maennich@android.com