kpatch-build: Enable cross compiling with env TARGET_ARCH

llvm/clang supports cross compiling of the kernel. To build livepatch in
the same cross compile environment, enable specifying TARGET_ARCH for
kpatch-build. For example, in a x86_64 host, we can build livepatch for
aarch64 kernel with:

   TARGET=aarch64 kpatch-build ...

Signed-off-by: Song Liu <song@kernel.org>

Author: liu-song-6

doc/patch-author-guide.md

@@ -29,6 +29,8 @@ Table of contents
 - [Exported symbol versioning](#exported-symbol-versioning)
 - [System calls](#system-calls)
 - [Symbol Namespaces](#symbol-namespaces)
+- [Cross Compile](#cross-compile)
+
 
 Patch analysis
 --------------
@@ -259,7 +261,7 @@ index 9bff3b28c357..18374fd35bd9 100644
 @@ -1751,6 +1751,8 @@ struct task_struct *fork_idle(int cpu)
  	return task;
  }
- 
+
 +#include <linux/livepatch.h>
 +#define KPATCH_SHADOW_NEWPID 0
  /*
@@ -277,7 +279,7 @@ index 9bff3b28c357..18374fd35bd9 100644
 +						 NULL, NULL);
 +		if (newpid)
 +			*newpid = ctr++;
- 
+
  		trace_sched_process_fork(current, p);
 ```
 
@@ -294,7 +296,7 @@ index 39684c79e8e2..fe0259d057a3 100644
 @@ -394,13 +394,19 @@ static inline void task_seccomp(struct seq_file *m, struct task_struct *p)
  	seq_putc(m, '\n');
  }
- 
+
 +#include <linux/livepatch.h>
 +#define KPATCH_SHADOW_NEWPID 0
  static inline void task_context_switch_counts(struct seq_file *m,
@@ -309,7 +311,7 @@ index 39684c79e8e2..fe0259d057a3 100644
 +	if (newpid)
 +		seq_printf(m, "newpid:\t%d\n", *newpid);
  }
- 
+
  static void task_cpus_allowed(struct seq_file *m, struct task_struct *task)
 ```
 
@@ -324,7 +326,7 @@ index 148a7842928d..44b6fe61e912 100644
 @@ -791,6 +791,8 @@ static void check_stack_usage(void)
  static inline void check_stack_usage(void) {}
  #endif
- 
+
 +#include <linux/livepatch.h>
 +#define KPATCH_SHADOW_NEWPID 0
  void do_exit(long code)
@@ -333,7 +335,7 @@ index 148a7842928d..44b6fe61e912 100644
 @@ -888,6 +890,8 @@ void do_exit(long code)
  	check_stack_usage();
  	exit_thread();
- 
+
 +	klp_shadow_free(tsk, KPATCH_SHADOW_NEWPID, NULL);
 +
  	/*
@@ -395,7 +397,7 @@ semantic of the associated object:
         aio_put_req(iocb);
 +       if (klp_shadow_get(ctx, KPATCH_SHADOW_REQS_ACTIVE_V2))
 +               atomic_dec(&ctx->reqs_active);
- 
+
         /*
          * We have to order our ring_info tail store above and test
 ```
@@ -404,9 +406,9 @@ Likewise, shadow variable non-existence can be tested to continue applying the
 *old* data semantic:
 ```diff
 @@ -310,7 +312,8 @@ static void free_ioctx(struct kioctx *ctx)
- 
+
                 avail = (head <= ctx->tail ? ctx->tail : ctx->nr_events) - head;
- 
+
 -               atomic_sub(avail, &ctx->reqs_active);
 +               if (!klp_shadow_get(ctx, KPATCH_SHADOW_REQS_ACTIVE_V2))
 +                       atomic_sub(avail, &ctx->reqs_active);
@@ -415,14 +417,14 @@ Likewise, shadow variable non-existence can be tested to continue applying the
         }
 @@ -757,6 +762,8 @@ static long aio_read_events_ring(struct kioctx *ctx,
         pr_debug("%li  h%u t%u\n", ret, head, ctx->tail);
- 
+
         atomic_sub(ret, &ctx->reqs_active);
 +       if (!klp_shadow_get(ctx, KPATCH_SHADOW_REQS_ACTIVE_V2))
 +               atomic_sub(ret, &ctx->reqs_active);
  out:
         mutex_unlock(&ctx->ring_lock);
 ```
- 
+
 The previous example can be extended to use shadow variable storage to handle
 locking semantic changes.  Consider the [upstream fix](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1d147bfa64293b2723c4fec50922168658e613ba)
 for CVE-2014-2706, which added a `ps_lock` to `struct sta_info` to protect
@@ -439,7 +441,7 @@ index decd30c1e290..758533dda4d8 100644
 @@ -287,6 +287,8 @@ static int sta_prepare_rate_control(struct ieee80211_local *local,
  	return 0;
  }
- 
+
 +#include <linux/livepatch.h>
 +#define KPATCH_SHADOW_PS_LOCK 2
  struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
@@ -450,12 +452,12 @@ index decd30c1e290..758533dda4d8 100644
  	struct ieee80211_tx_latency_bin_ranges *tx_latency;
  	int i;
 +	spinlock_t *ps_lock;
- 
+
  	sta = kzalloc(sizeof(*sta) + local->hw.sta_data_size, gfp);
  	if (!sta)
 @@ -330,6 +333,10 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
  	rcu_read_unlock();
- 
+
  	spin_lock_init(&sta->lock);
 +	ps_lock = klp_shadow_alloc(sta, KPATCH_SHADOW_PS_LOCK,
 +				   sizeof(*ps_lock), gfp, NULL, NULL);
@@ -477,7 +479,7 @@ index 97a02d3f7d87..0edb0ed8dc60 100644
 @@ -459,12 +459,15 @@ static int ieee80211_use_mfp(__le16 fc, struct sta_info *sta,
  	return 1;
  }
- 
+
 +#include <linux/livepatch.h>
 +#define KPATCH_SHADOW_PS_LOCK 2
  static ieee80211_tx_result
@@ -487,7 +489,7 @@ index 97a02d3f7d87..0edb0ed8dc60 100644
  	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
  	struct ieee80211_local *local = tx->local;
 +	spinlock_t *ps_lock;
- 
+
  	if (unlikely(!sta))
  		return TX_CONTINUE;
 @@ -478,6 +481,23 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
@@ -588,7 +590,7 @@ local. That way patching the function doesn't inadvertently reset the variable
 to zero; instead the variable keeps its old value.
 
 To work around this limitation one needs to retain the reference to the static local.
-This might be as simple as adding the variable back in the patched function in a 
+This might be as simple as adding the variable back in the patched function in a
 non-functional way and ensuring the compiler doesn't optimize it away.
 
 Code removal
@@ -607,7 +609,7 @@ diff -Nupr src.orig/fs/proc/cmdline.c src/fs/proc/cmdline.c
 @@ -3,15 +3,15 @@
  #include <linux/proc_fs.h>
  #include <linux/seq_file.h>
- 
+
 -static int cmdline_proc_show(struct seq_file *m, void *v)
 -{
 -	seq_printf(m, "%s\n", saved_command_line);
@@ -618,13 +620,13 @@ diff -Nupr src.orig/fs/proc/cmdline.c src/fs/proc/cmdline.c
 +	seq_printf(m, "%s kpatch\n", saved_command_line);
 +	return 0;
 +}
- 
+
  static int cmdline_proc_open(struct inode *inode, struct file *file)
  {
 -	return single_open(file, cmdline_proc_show, NULL);
 +	return single_open(file, cmdline_proc_show_v2, NULL);
  }
- 
+
  static const struct file_operations cmdline_proc_fops = {
 ```
 will generate an equivalent kpatch module to this patch (dead
@@ -636,7 +638,7 @@ diff -Nupr src.orig/fs/proc/cmdline.c src/fs/proc/cmdline.c
 @@ -9,9 +9,15 @@ static int cmdline_proc_show(struct seq_
  	return 0;
  }
- 
+
 +static int cmdline_proc_show_v2(struct seq_file *m, void *v)
 +{
 +	seq_printf(m, "%s kpatch\n", saved_command_line);
@@ -648,7 +650,7 @@ diff -Nupr src.orig/fs/proc/cmdline.c src/fs/proc/cmdline.c
 -	return single_open(file, cmdline_proc_show, NULL);
 +	return single_open(file, cmdline_proc_show_v2, NULL);
  }
- 
+
  static const struct file_operations cmdline_proc_fops = {
 ```
 In both versions, `kpatch-build` will determine that only
@@ -964,3 +966,25 @@ ERROR: modpost: module livepatch-test uses symbol dma_buf_export from namespace
 ```
 To manually import the required namespace, add the MODULE_IMPORT_NS() macro to
 the patch source. For example: `MODULE_IMPORT_NS("DMA_BUF")`
+
+Cross Compile
+-------------
+
+It is recommended to build the livepatch in the same environment (compiler/library/etc.) as
+the target kernel. When the target kernel was cross compiled for a different architecture,
+it is recommended to cross compile the livepatch.
+
+There are two options to cross compile a livepatch.
+
+To specify a separate set of cross compilers,
+we can set the `CROSS_COMPILE` environment variable. For example, to use `aarch64-gcc` and `aarch64-ld`,
+we can run kpatch-build as
+```
+CROSSCOMPILE=aarch64- kpatch-build ...
+```
+
+llvm/clang supports cross compile with the same binaries. To specify a cross compile target, we can
+use the TARGET_ARCH environment variable, for example:
+```
+TARGET_ARCH=aarch64 kpatch-build ...
+```

kpatch-build/kpatch-build

@@ -40,6 +40,7 @@ set -o pipefail
 BASE="$PWD"
 SCRIPTDIR="$(readlink -f "$(dirname "$(type -p "$0")")")"
 ARCH="$(uname -m)"
+TARGET_ARCH="${TARGET_ARCH:-$ARCH}"
 CPUS="$(getconf _NPROCESSORS_ONLN)"
 CACHEDIR="${CACHEDIR:-$HOME/.kpatch}"
 KERNEL_SRCDIR="$CACHEDIR/src"
@@ -390,7 +391,7 @@ find_special_section_data() {
 	check[e]=true						# exception_table_entry
 
 	# Arch-specific features
-	case "$ARCH" in
+	case "$TARGET_ARCH" in
 		"x86_64")
 			check[a]=true					# alt_instr
 			kernel_version_gte 5.10.0 && check[s]=true	# static_call_site
@@ -722,6 +723,15 @@ print_supported_distro(){
 	fi
 }
 
+# Used in "make ARCH=xxx" when making the kernel.
+# Match "aarch64" to "arm64", while keep everything else the same.
+kernel_make_arch() {
+	if [[ "$1" == "aarch64" ]]; then
+		echo "arm64"
+	else
+		echo "$1"
+	fi
+}
 
 usage() {
 	echo "usage: $(basename "$0") [options] <patch1 ... patchN>" >&2
@@ -1299,6 +1309,11 @@ else
 	MAKEVARS+=("LD=${KPATCH_CC_PREFIX}${LD}")
 fi
 
+if [[ "$ARCH" != "$TARGET_ARCH" ]]; then
+	KARCH=$(kernel_make_arch "$TARGET_ARCH")
+	MAKEVARS+=("ARCH=$KARCH")
+fi
+
 
 # $TARGETS used as list, no quotes.
 # shellcheck disable=SC2086
@@ -1489,7 +1504,12 @@ fi
 cd "$TEMPDIR/output" || die
 # $KPATCH_LDFLAGS and result of find used as list, no quotes.
 # shellcheck disable=SC2086,SC2046
-"$LD" -r $KPATCH_LDFLAGS -o ../patch/tmp_output.o $(find . -name "*.o") 2>&1 | logger || die
+if [[ "$ARCH" != "$TARGET_ARCH" ]]; then
+	# if cross compiling, use LLD to link
+	"$LLD" -r $KPATCH_LDFLAGS -o ../patch/tmp_output.o $(find . -name "*.o") 2>&1 | logger || die
+else
+	"$LD" -r $KPATCH_LDFLAGS -o ../patch/tmp_output.o $(find . -name "*.o") 2>&1 | logger || die
+fi
 
 if [[ "$USE_KLP" -eq 1 ]]; then
 	cp -f "$TEMPDIR"/patch/tmp_output.o "$TEMPDIR"/patch/output.o || die