livepatch' is a command to apply binary patches on
running process. I wonder this is practical, but it seems to be
required in teleco area, according to
Pannus project page
(AVL.14.0 of OSDL CGL v3.0).
I just wrote it just for hacking
ptrace(2) and bfd library in a day. It was very fun!
livepatch" is just a small userland program which
provides functionalities of dynamic loading and overwriting on-memory
code & data in a running process. We don't need any unofficial
kernel patches and/or uncommon libraries.
While applying live patch, that is, overwriting on-memory code & data
in a target process, the target process will be in sleep status.
livepatch" makes it possible to
modify on-memory code & data and load ELF shared object or arbitrary
binary files in a running process.
livepatch" may meet
AVL.14.0 of OSDL CGL Availability Requirements Definition - version 3.0 (public draft)
in some level.
Note: it's not part of activities of OSDL nor OSDL Japan.
bfd library that comes with binutils. On Debian GNU/Linux, just install binutils-dev. (I used binutils-dev 2.15-4)
# apt-get install binutils-dev
You need at least livepatch.c and optionally Makefile.
$ ls Makefile README bfd.c fixup.c fixup.txt livepatch.c $ make cc -Wall -O2 -g -c -o livepatch.o livepatch.c cc -o livepatch livepatch.o -lbfd $
livepatch where you want to install.
You should prepare target processes executable files with symbol tables,
that is, not stripped version.
If stripped, '
livepatch' can't know
the symbol values of the target process. Note that the running process may
be a process invoked from stripped version of the binary file.
If you want to add code to the target, you should write it and compile with -fPIC and -shared, like followings:
$ cc -shared -fPIC -o foo.so foo.c
If you want to refer a symbol in the target, you should declare it
livepatch' will try to resolve these symbols when the
shared object file is loaded by "
instruction of '
patch instructions that 'livepatch' supports are follows:
set addr type value
new memname size
load memname filename
dl memname filename
jmp addr1 addr2
In addr, you can use the followings
load" or "
strtol(value, NULL, 0))
livepatch' will read patch instructions from standard input.
You can write them in a file or pass them through pipe.
run a target process in some terminal
apply patch with 'livepatch' in another terminal
$ echo 'dl foo patch.so jmp func_J $foo:func1 set str_P addr $foo:patch_message' | livepatch $(pidof target) ./target
Then, target's func_J function is replaced with func1 function in patch.so and target's str_P pointer variable points to patch_message in patch.so.
* Copyright (C) 2004 Fumitoshi UKAI <email@example.com> * All rights reserved. * This is free software with ABSOLUTELY NO WARRANTY. * * You can redistribute it and/or modify it under the terms of * the GNU General Public License version 2.