[intel smap, kpatch] weekly report #5

[Oliver Pinter]

This week I started the second phase of GSoC. In this design a
run-time kernel and module patching framework. This means that the
kernel able to dynamically change their code run-time.

In second phase's first week I investigated where must I implement the
functionality and which kernel APIs should I use.

You can found the current status in my wiki page.

On 6/21/14, Oliver Pinter <oliver.pntr at gmail.com> wrote:
> Hi!
>
> At this week i am hunting a triple fault during the boot. This caused
> by a compiler error, when CPUTYPE in /etc/make.conf was set to
> core-avx2, after removing this the first phase was done. All of my
> test running fine and the system are stable. Originally only amd64
> implementation required, but I added to i386 too - but the later not
> yet tested.
>
> In next phase I design a proper way how to patch kernel and modules at
> boot and run-time.
>
> What's done:
> * SMAP for amd64
> * test SMAP for amd64
> * build framework
> * VM creation
> * SMAP for i386 (not tested)
> * some other tool, that make my life easier
>
> The current status can you find on my wiki page.
>
> On 6/15/14, Oliver Pinter <oliver.pntr at gmail.com> wrote:
>> Hi all!
>>
>> In the last week I was mostly done with implementation, as you can see
>> on my wiki page. The most of i386 commits are not tested because a
>> cross-build problem on amd64 system.
>> Other resolvable problem are on amd64 system, where the machine triple
>> faulted, because wrong assembler statements generated with the
>> compiler. I'm deep in debugging both of two case. This issue are too
>> in my wiki page under this section:
>> https://wiki.freebsd.org/SummerOfCode2014/IntelSMAPandKernelPatching#notes
>>
>> I have at this week my last exam at Thursday. After that I'm focusing
>> fully on GSoC.
>>
>> On 6/6/14, Oliver Pinter <oliver.pntr at gmail.com> wrote:
>>> Hi all!
>>>
>>> Previous week I started to work on SMAP for amd64 and i386. For amd64
>>> many parts are in good state. The codes currently are only compile
>>> tested, at next week I create a VM, and create run-time tests. For
>>> i386 started the work on yesterday.
>>> All of my status can be found on my wiki page.
>>>
>>> What's done, but not tested in this week:
>>> * {amd64,i386} trap handler
>>> * amd64 initialization
>>> * {amd64,i386} identification
>>> * {amd64,i386} exceptions
>>> * amd64 pmap changes
>>> * amd64 support.S changes
>>> * amd64 ia32 compat exceptions
>>> * i386 ddb extension
>>>
>>> At next week I plan to finish all of amd64 things, and most of i386
>>> things, and begin to test; start to design a proper way to create
>>> kpatch and/or ifunc like things.
>>>
>>>
>>> svn: http://svnweb.freebsd.org/socsvn/soc2014/op/
>>> git: https://github.com/opntr/opBSD (branches:
>>> op/gsoc2014/{master,smap,kpatch} )
>>> wiki:
>>> https://wiki.freebsd.org/SummerOfCode2014/IntelSMAPandKernelPatching
>>>
>>>
>>> On 5/29/14, Oliver Pinter <oliver.pntr at gmail.com> wrote:
>>>> Hi all!
>>>>
>>>> I'm working on Intel SMAP technology in first half of GSoC.
>>>> At first week I investigated in SMAP technology and relevant FreeBSD
>>>> codes, whats changed since my Bsc thesis.
>>>>
>>>> I implemented a vulnerable kernel module and PoC to test allowed and
>>>> not allowed memory access scenario. Created my wiki page, svn repo,
>>>> and git repo.
>>>>
>>>> svn: http://svnweb.freebsd.org/socsvn/soc2014/op/
>>>> git: https://github.com/opntr/opBSD (branches:
>>>> op/gsoc2014/{master,smap,kpatch} )
>>>> wiki:
>>>> https://wiki.freebsd.org/SummerOfCode2014/IntelSMAPandKernelPatching
>>>> test-cases:
>>>> http://svnweb.freebsd.org/socsvn/soc2014/op/tests/smap-tester/
>>>>
>>>> Good days,
>>>> Oliver
>>>>
>>>
>>
>