[Dev] External kernel module building and kernel ABI/API check.

Łukasz Stelmach l.stelmach at samsung.com
Fri Dec 20 16:36:14 GMT 2013


It was <2013-12-20 pią 16:39>, when Artem Bityutskiy wrote:
> On Fri, 2013-12-20 at 16:23 +0100, Łukasz Stelmach wrote:
>> It was <2013-12-13 pią 13:04>, when Artem Bityutskiy wrote:
>> > On Fri, 2013-12-13 at 12:27 +0100, Łukasz Stelmach wrote:
>> >>> Why not to just rebuilt them every time the kernel package changes,
>> >>> I wonder? Do you have hundreds of them out-of-tree modules?
>> >> 
>> >> It isn't about our modules, they can be rebuilt with OBS, but rather
>> >> about third party ones used/provided by OEMs outside of Tizen
>> >> repositories.
>> >
>> > I'd think that you either guarantee that ABI/API check is 100% correct,
>> > or just force external modules to recompile whenever the kernel changes.
>> 
>> We'd lik to make builds fail if ABI changes to prevent applying patches
>> that break ABI.
>
> The document I referred before explains that the internal kernel
> functions are not a stable ABI. They change all the time.  You can
> spend a lot of time and efforts trying to notice the changes, and you
> are never going to be 100% correct. But if you have idle resources,
> please, go for it, I do not mind. You can be quite accurate, and start
> believing the system works, until you get a big surprize with a major
> OEM because semantics of one of the internal function changed (but not
> API)...
>
> Kernel stable API and ABI are syscalls, ioctl's, sysfs and proc stuff,
> known netlink interfaces, etc. Those people try hard to not break, and
> Linus bashes those who break them badly.
>
> Modules use internal kernel functions. API and _semantics_ of those
> change all the time.

And we want be able to at least spot the change.

>> Yet another idea is to somehow (we don't have a solution ready yet) use
>> RPM dependencies to alert OEMs building their images that they need to
>> recompile their (or maybe even fourth party) modules.
>
> Modules have to be build exactly for the kernel they are going to run
> in. This is what you need to make sure.
>
> You can store hash of the kernel sources you built against all modules.
> Then make the kernel verify this hash against its own copy.
> If they mismatch - prevent loading.

This is already available as MODVERSIONS.

http://www.skynet.ie/~mark/home/kernel/symbols.html

We'd like somehow to export this idea to packaging system.

Personally I don't know the details of the design as I was not the one
who conceived it.

-- 
Łukasz Stelmach
Samsung R&D Institute Poland
Samsung Electronics
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://lists.tizen.org/pipermail/dev/attachments/20131220/cf4dd827/attachment.sig>


More information about the Dev mailing list