lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1235521315-3424-5-git-send-email-tabbott@mit.edu>
Date:	Tue, 24 Feb 2009 19:21:55 -0500
From:	Tim Abbott <tabbott@....EDU>
To:	linux-kernel@...r.kernel.org
Cc:	Tim Abbott <tabbott@....edu>, Anders Kaseorg <andersk@....edu>,
	Jeff Arnold <jbarnold@....edu>, Waseem Daher <wdaher@....edu>,
	Denys Vlasenko <vda.linux@...glemail.com>,
	Nikanth Karthikesan <knikanth@...e.de>,
	Rusty Russell <rusty@...tcorp.com.au>,
	Andi Kleen <andi@...stfloor.org>
Subject: [PATCH v2 4/4] Ksplice: Support updating x86-32 and x86-64

From: Jeff Arnold <jbarnold@....edu>

Ksplice makes it possible to apply patches to the kernel without rebooting.

Signed-off-by: Jeff Arnold <jbarnold@....edu>
Signed-off-by: Anders Kaseorg <andersk@....edu>
Signed-off-by: Tim Abbott <tabbott@....edu>
Tested-by: Waseem Daher <wdaher@....edu>
---
 Documentation/ksplice.txt      |  304 ++++
 MAINTAINERS                    |   10 +
 arch/Kconfig                   |   14 +
 arch/x86/Kconfig               |    1 +
 arch/x86/kernel/ksplice-arch.c |   96 ++
 include/linux/kernel.h         |    1 +
 include/linux/ksplice.h        |  224 +++
 kernel/Makefile                |    3 +
 kernel/ksplice.c               | 2995 ++++++++++++++++++++++++++++++++++++++++
 kernel/panic.c                 |    1 +
 10 files changed, 3649 insertions(+), 0 deletions(-)
 create mode 100644 Documentation/ksplice.txt
 create mode 100644 arch/x86/kernel/ksplice-arch.c
 create mode 100644 include/linux/ksplice.h
 create mode 100644 kernel/ksplice.c

diff --git a/Documentation/ksplice.txt b/Documentation/ksplice.txt
new file mode 100644
index 0000000..648d015
--- /dev/null
+++ b/Documentation/ksplice.txt
@@ -0,0 +1,304 @@
+Ksplice
+-------
+
+CONTENTS:
+
+1. Concepts: updates, module changes, target modules
+2. What changes can Ksplice handle?
+3. Dependency model
+4. Locking model
+5. altinstructions, smplocks, and parainstructions
+6. sysfs interface
+7. debugfs interface
+8. Hooks for running custom code during the update process
+
+0. Design Description
+---------------------
+
+For a description of the Ksplice design, please see the Ksplice
+technical overview document: <http://www.ksplice.com/doc/ksplice.pdf>.
+For usage examples and the Ksplice man pages, please see
+<http://www.ksplice.com>.
+
+The document below assumes familiarity with the Ksplice design and
+describes notable implementation details and the interface between the
+Ksplice kernel component and the Ksplice user space component.
+
+1. Concepts: updates, module changes, target modules
+----------------------------------------------------
+
+A Ksplice update (struct update) contains one or more Ksplice module
+changes (struct ksplice_mod_change), one for each target kernel module
+that should be changed by the update.  ksplice_mod_changes are grouped
+together into a Ksplice update in order to allow multiple modules to
+be changed atomically.
+
+The contents of a Ksplice module change are documented via kernel-doc
+in include/linux/ksplice.h.  To construct a new Ksplice update to be
+performed atomically, one needs to:
+  1. Populate the fields of one or more ksplice_mod_change structures.
+  2. Call the Ksplice function init_ksplice_mod_change() on each
+     ksplice_mod_change to register them with the Ksplice kernel
+     component.  When init_ksplice_mod_change() is called on a
+     ksplice_mod_change, that ksplice_mod_change will be associated
+     with the other ksplice_mod_changes that share the same Ksplice
+     identifier (KID) field.
+  3. After all of the mod_changes intended for a particular Ksplice
+     update have been loaded, that update can be applied via the sysfs
+     interface (described in Section 7 below).
+
+Each ksplice_mod_change has a two modules associated with it: an
+old_code module and a new_code module.
+
+A ksplice_mod_change's "old_code" module contains materials needed
+only for preparing the update.  Specifically, the old_code module
+contains a copy of the pre-patch version of each of the compilation
+units changed by the ksplice_mod_change.  The old_code module can be
+unloaded after the update has been applied in order to save memory.
+
+The ksplice_mod_change's "new_code" module contains the new sections
+to be inserted by the update; it needs to remain loaded for as long as
+the update is applied.
+
+Here's an example:
+
+Let's say that the Ksplice user space component wants to update the
+core kernel and the isdn module.  The user space component will select
+a KID for this update (let's say 123abc) and generate four modules:
+
+ksplice_123abc_vmlinux_new (the new_code module for the vmlinux module change)
+ksplice_123abc_vmlinux_old (the old_code module for the vmlinux module change)
+ksplice_123abc_isdn_new (the new_code module for the isdn module change)
+ksplice_123abc_isdn_old (the old_code module for the isdn module change)
+
+Once both of the vmlinux modules have been loaded, one of the modules
+calls init_ksplice_mod_change on a ksplice_mod_change corresponding to
+the desired vmlinux changes.
+
+Similarly, once both of the isdn modules have been loaded, one of the
+modules calls init_ksplice_mod_change on a ksplice_mod_change
+corresponding to the desired isdn changes.
+
+Once all modules are loaded (in this example, four modules), the
+update can be applied atomically using the Ksplice sysfs interface.
+
+2. What changes can Ksplice handle?
+-----------------------------------
+
+The Ksplice user space component takes a source code patch and uses it
+to construct appropriate ksplice_mod_changes for an update.  Ksplice
+can handle source code patches that add new functions, modify the text
+or arguments of existing functions, delete functions, move functions
+between compilation units, change functions from local to global (or
+vice versa), add exported symbols, rename exported symbols, and delete
+exported symbols.  Ksplice can handle patches that modify either C
+code or assembly code.
+
+As described in the Ksplice technical overview document, a programmer
+needs to write some new code in order for Ksplice to apply a patch
+that makes semantic changes to kernel data structures.  Some other
+limitations also apply:
+
+Ksplice does not support changes to __init functions that been
+unloaded from kernel memory.  Ksplice also does not support changes to
+functions in .exit.text sections since Ksplice currently requires that
+all Ksplice updates affecting a module be reversed before that module
+can be unloaded.
+
+The Ksplice user space implementation does not currently support
+changes to weak symbols and changes to global read-only data
+structures (changes to read-only data structures that are local to a
+compilation unit are fine).
+
+Exported symbols:
+
+Ksplice can handle arbitrary changes to exported symbols in the source
+code patch.
+
+Ksplice deletes exported symbols by looking up the relevant struct
+kernel_symbol in the kernel's exported symbol table and replacing the
+name field with a pointer to a string that begins with DISABLED.
+
+Ksplice adds new exported symbols through the same mechanism; the
+relevant new_code module will have a ksymtab entry containing a symbol
+with a name beginning with DISABLED, and Ksplice will replace that
+with the name of the symbol to be exported when the update is
+atomically applied.
+
+Because the struct kernel_symbol for a newly exported symbol is
+contained in the Ksplice new_Code module, if a module using one of the
+newly exported symbols is loaded, that module will correctly depend on
+the Ksplice new_code module that exported the symbol.
+
+3. Dependency model
+-------------------
+
+Because Ksplice resolves symbols used in the post code using Ksplice
+relocations, Ksplice must enforce additional dependencies.  Ksplice
+uses the use_module function to directly add dependencies on all the
+modules that the post code references.
+
+4. Locking model
+----------------
+
+From a locking perspective, Ksplice treats applying or removing a
+Ksplice update as analogous to loading or unloading a new version of
+the kernel modules patched by the update.  Ksplice uses module_mutex
+to protect against a variety of race conditions related to modules
+being loaded or unloaded while Ksplice is applying or reversing an
+update; this approach also protects against race conditions involving
+multiple Ksplice updates being loaded or unloaded simultaneously as
+well.
+
+5. altinstructions, smplocks, and parainstructions
+--------------------------------------------------
+
+There are currently several mechanisms through which the Linux kernel
+will modify executable code at runtime.
+
+These mechanisms sometimes overwrite the storage unit of a relocation,
+which would cause problems if not handled properly by Ksplice.
+
+Ksplice solves this problem by writing "canary" bytes (e.g.,
+0x77777777) in the storage unit of the relocation in user space.
+Ksplice then checks whether the canary has been overwritten before
+using a Ksplice relocation to detect symbol values or to write a value
+to the storage unit of a Ksplice relocation.
+
+6. sysfs interface
+------------------
+
+Ksplice exports four sysfs files per Ksplice update in order to
+communicate with user space.  For each update, these four files are
+located in a directory of the form /sys/kernel/ksplice/$kid, with $kid
+replaced by the KID of the Ksplice update.
+
+A.  /sys/kernel/ksplice/$kid/stage (mode 0600)
+
+This file contains one of three strings:
+preparing: Indicates that this update has not yet been applied
+applied:   Indicates that this update has been applied and has not been reversed
+reversed:  Indicates that this update has been reversed
+
+When the stage is "preparing", the superuser can write "applied" to
+the stage file in order to instruct Ksplice to apply the update.  When
+the stage is "applied", the superuser can write "reversed" to the
+stage file in order to instruct Ksplice to reverse the update.
+Afterwards, the superuser can write "cleanup" to the stage file in
+order to instruct Ksplice to clean up the debugging information and
+sysfs directory associated with the reversed update.  Once an update
+is reversed, it cannot be re-applied without first cleaning up the
+update.
+
+B.  /sys/kernel/ksplice/$kid/debug (mode 0600)
+
+The file contains a single number: 1 if debugging is enabled for this
+Ksplice update and 0 otherwise.
+
+The superuser can write a new value to this file to enable or disable
+debugging.
+
+C.  /sys/kernel/ksplice/$kid/partial (mode 0600)
+
+The file contains a single number: 1 if the update should be applied
+even if some of the target modules are not loaded and 0 otherwise.
+
+D.  /sys/kernel/ksplice/$kid/abort_cause (mode 0400)
+
+This file contains a value indicating either 1) that Ksplice
+successfully completed the most recently requested stage transition or
+2) why Ksplice aborted the most recently requested stage transition.
+
+Each abort_code string is described below, along with the stage
+transitions that might potentially trigger each possible abort code.
+The stage transitions are abbreviated as follows: preparing->applied
+(P->A), applied->reversed (A->R).
+
+ok (P->A, A->R): The most recent stage transition succeeded.
+
+no_match (P->A): Ksplice aborted the update because Ksplice was unable
+to match the old_code module's object code against the running
+kernel's object code.
+
+failed_to_find (P->A): Ksplice aborted the update because Ksplice was
+unable to resolve some of the symbols used in the update.
+
+missing_export (P->A): Ksplice aborted the update because the symbols
+exported by the kernel did not match Ksplice's expectations.
+
+already_reversed (P->A): Ksplice aborted the update because once an
+update has been reversed, it cannot be applied again (without first
+being cleaned up and reinitialized).
+
+module_busy (A->R): Ksplice aborted the undo operation because the
+target Ksplice update is in use by another kernel module;
+specifically, either the target Ksplice update exports a symbol that
+is in use by another module or another Ksplice update depends on this
+Ksplice update.
+
+out_of_memory (P->A, A->R): Ksplice aborted the operation because a call to
+kmalloc or vmalloc failed.
+
+code_busy (P->A, A->R): Ksplice aborted the operation because Ksplice
+was unable to find a moment when one or more of the to-be-patched
+functions was not a thread's kernel stack.
+
+target_not_loaded (P->A): Ksplice aborted the update because one of
+the target modules is not loaded and the partial option
+(/sys/kernel/ksplice/$kid/partial) is not enabled.
+
+call_failed (P->A, A->R): One of the calls included as part of this
+update returned nonzero exit status.
+
+unexpected_running_task (P->A, A->R): Ksplice aborted the operation
+because Ksplice observed a running task during the kernel stack check,
+at a time when Ksplice expected all tasks to be stopped by
+stop_machine.
+
+unexpected (P->A, A->R): Ksplice aborted the operation because it
+encountered an unspecified internal error.  This condition can only be
+caused by an invalid input to Ksplice or a bug in Ksplice.
+
+E.  /sys/kernel/ksplice/$kid/conflicts (mode 0400)
+
+This file is empty until Ksplice aborts an operation because of a
+code_busy condition (see "abort_code" above).  This conflicts file
+then contains information about the process(es) that caused the stack
+check failure.
+
+Specifically, each line of this file consists of three space-separated
+values, describing a single conflict:
+
+$program_name $program_pid $conflict_label
+
+$program_name is the name of the program with the conflict.
+$program_pid is the pid of the program with the conflict.
+$conflict_label is the Ksplice label of the function with the conflict.
+
+7. debugfs interface
+--------------------
+
+Ksplice exports a single file to debugfs for each Ksplice update.  The
+file has a name of the form ksplice_KID, where KID is the unique
+identifier of the Ksplice update.  It contains debugging information
+in a human-readable format.
+
+8. Hooks for running custom code during the update process
+----------------------------------------------------------
+
+Ksplice allows a programmer to write custom code to be called from
+within the kernel during the update process.  The kernel component
+allows custom code to be executed at the following times:
+
+- pre_apply: Called before the update has been applied and before the
+machine has been stopped.  Allowed to fail.
+- check_apply: Called before the update has been applied but after the
+machine has been stopped.  Allowed to fail.
+- apply: Called when the update is definitely going to be applied and
+when the machine is stopped.  Not allowed to fail.
+- post_apply: Called when the update has been applied and the machine
+is no longer stopped.  Not allowed to fail.
+- fail_apply: Called when the update failed to apply and the machine
+is no longer stopped.  Not allowed to fail.
+
+Ksplice also provides analagous xxx_reverse hooks.
diff --git a/MAINTAINERS b/MAINTAINERS
index db65b4e..6b52212 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2636,6 +2636,16 @@ W:	http://miguelojeda.es/auxdisplay.htm
 W:	http://jair.lab.fi.uva.es/~migojed/auxdisplay.htm
 S:	Maintained
 
+KSPLICE
+P:	Jeff Arnold
+M:	jbarnold@...lice.com
+P:	Anders Kaseorg
+M:	andersk@...lice.com
+P:	Tim Abbott
+M:	tabbott@...lice.com
+W:	http://www.ksplice.com
+S:	Supported
+
 LAPB module
 L:	linux-x25@...r.kernel.org
 S:	Orphan
diff --git a/arch/Kconfig b/arch/Kconfig
index 550dab2..d84326b 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -43,6 +43,17 @@ config KPROBES
 	  for kernel debugging, non-intrusive instrumentation and testing.
 	  If in doubt, say "N".
 
+config KSPLICE
+	tristate "Ksplice rebootless kernel updates"
+	depends on KALLSYMS_ALL && MODULE_UNLOAD && SYSFS && \
+		   FUNCTION_DATA_SECTIONS
+	depends on HAVE_KSPLICE
+	help
+          Say Y here if you want to be able to apply certain kinds of
+          patches to your running kernel, without rebooting.
+
+          If unsure, say N.
+
 config HAVE_EFFICIENT_UNALIGNED_ACCESS
 	bool
 	help
@@ -75,6 +86,9 @@ config HAVE_IOREMAP_PROT
 config HAVE_KPROBES
 	bool
 
+config HAVE_KSPLICE
+	def_bool n
+
 config HAVE_KRETPROBES
 	bool
 
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index d3a991c..bc3e68a 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -26,6 +26,7 @@ config X86
 	select HAVE_OPROFILE
 	select HAVE_IOREMAP_PROT
 	select HAVE_KPROBES
+	select HAVE_KSPLICE
 	select ARCH_WANT_OPTIONAL_GPIOLIB
 	select ARCH_WANT_FRAME_POINTERS
 	select HAVE_FUNCTION_DATA_SECTIONS
diff --git a/arch/x86/kernel/ksplice-arch.c b/arch/x86/kernel/ksplice-arch.c
new file mode 100644
index 0000000..c60bf79
--- /dev/null
+++ b/arch/x86/kernel/ksplice-arch.c
@@ -0,0 +1,96 @@
+/*  Copyright (C) 2007-2009  Ksplice, Inc.
+ *  Authors: Jeff Arnold, Anders Kaseorg, Tim Abbott
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License, version 2.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
+ *  02110-1301, USA.
+ */
+
+#define KSPLICE_IP(x) ((x)->thread.ip)
+#define KSPLICE_SP(x) ((x)->thread.sp)
+
+static struct ksplice_symbol trampoline_symbol = {
+	.name = NULL,
+	.label = "<trampoline>",
+};
+
+static const struct ksplice_reloc_howto trampoline_howto = {
+	.type = KSPLICE_HOWTO_RELOC,
+	.pcrel = 1,
+	.size = 4,
+	.dst_mask = 0xffffffffL,
+	.rightshift = 0,
+	.signed_addend = 1,
+};
+
+static const struct ksplice_reloc trampoline_reloc = {
+	.symbol = &trampoline_symbol,
+	.insn_addend = -4,
+	.target_addend = 0,
+	.howto = &trampoline_howto,
+};
+
+static abort_t trampoline_target(struct ksplice_mod_change *change,
+				 unsigned long addr, unsigned long *new_addr)
+{
+	abort_t ret;
+	unsigned char byte;
+
+	if (probe_kernel_read(&byte, (void *)addr, sizeof(byte)) == -EFAULT)
+		return NO_MATCH;
+
+	if (byte != 0xe9)
+		return NO_MATCH;
+
+	ret = read_reloc_value(change, &trampoline_reloc, addr + 1, new_addr);
+	if (ret != OK)
+		return ret;
+
+	*new_addr += addr + 1;
+	return OK;
+}
+
+static abort_t prepare_trampoline(struct ksplice_mod_change *change,
+				  struct ksplice_patch *p)
+{
+	p->size = 5;
+	((unsigned char *)p->contents)[0] = 0xe9;
+	return write_reloc_value(change, &trampoline_reloc,
+				 (unsigned long)p->contents + 1,
+				 p->repladdr - (p->oldaddr + 1));
+}
+
+static abort_t handle_paravirt(struct ksplice_mod_change *change,
+			       unsigned long pre_addr, unsigned long run_addr,
+			       int *matched)
+{
+	unsigned char run[5], pre[5];
+	*matched = 0;
+
+	if (probe_kernel_read(&run, (void *)run_addr, sizeof(run)) == -EFAULT ||
+	    probe_kernel_read(&pre, (void *)pre_addr, sizeof(pre)) == -EFAULT)
+		return OK;
+
+	if ((run[0] == 0xe8 && pre[0] == 0xe8) ||
+	    (run[0] == 0xe9 && pre[0] == 0xe9))
+		if (run_addr + 1 + *(int32_t *)&run[1] ==
+		    pre_addr + 1 + *(int32_t *)&pre[1])
+			*matched = 5;
+	return OK;
+}
+
+static bool valid_stack_ptr(const struct thread_info *tinfo, const void *p)
+{
+	return p > (const void *)tinfo
+	    && p <= (const void *)tinfo + THREAD_SIZE - sizeof(long);
+}
+
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index 7fa3718..95990e1 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -307,6 +307,7 @@ extern enum system_states {
 #define TAINT_OVERRIDDEN_ACPI_TABLE	8
 #define TAINT_WARN			9
 #define TAINT_CRAP			10
+#define TAINT_KSPLICE			11
 
 extern void dump_stack(void) __cold;
 
diff --git a/include/linux/ksplice.h b/include/linux/ksplice.h
new file mode 100644
index 0000000..fbedd25
--- /dev/null
+++ b/include/linux/ksplice.h
@@ -0,0 +1,224 @@
+#include <linux/types.h>
+
+/**
+ * struct ksplice_symbol - Ksplice's analogue of an ELF symbol
+ * @name:		The ELF name of the symbol
+ * @label:		A unique Ksplice name for the symbol
+ * @candidate_vals:	A linked list of possible values for the symbol, or NULL
+ * @value:		The value of the symbol (valid when vals is NULL)
+ **/
+struct ksplice_symbol {
+	const char *name;
+	const char *label;
+/* private: */
+	struct list_head *candidate_vals;
+	unsigned long value;
+};
+
+/**
+ * struct ksplice_reloc - Ksplice's analogue of an ELF relocation
+ * @blank_addr:		The address of the relocation's storage unit
+ * @symbol:		The ksplice_symbol associated with this relocation
+ * @howto:		The information regarding the relocation type
+ * @addend:		The ELF addend of the relocation
+ **/
+struct ksplice_reloc {
+	unsigned long blank_addr;
+	struct ksplice_symbol *symbol;
+	const struct ksplice_reloc_howto *howto;
+	long insn_addend;
+	long target_addend;
+};
+
+enum ksplice_reloc_howto_type {
+	KSPLICE_HOWTO_RELOC,
+	KSPLICE_HOWTO_RELOC_PATCH,
+	KSPLICE_HOWTO_DATE,
+	KSPLICE_HOWTO_TIME,
+	KSPLICE_HOWTO_BUG,
+	KSPLICE_HOWTO_EXTABLE,
+};
+
+/**
+ * struct ksplice_reloc_howto - Ksplice's relocation type information
+ * @type:		The type of the relocation
+ * @pcrel:		Is the relocation PC relative?
+ * @size:		The size, in bytes, of the item to be relocated
+ * @dst_mask:		Bitmask for which parts of the instruction or data are
+ * 			replaced with the relocated value
+ * 			(based on dst_mask from GNU BFD's reloc_howto_struct)
+ * @rightshift:		The value the final relocation is shifted right by;
+ * 			used to drop unwanted data from the relocation
+ * 			(based on rightshift from GNU BFD's reloc_howto_struct)
+ * @signed_addend:	Should the addend be interpreted as a signed value?
+ **/
+struct ksplice_reloc_howto {
+	enum ksplice_reloc_howto_type type;
+	int pcrel;
+	int size;
+	long dst_mask;
+	unsigned int rightshift;
+	int signed_addend;
+};
+
+#if BITS_PER_LONG == 32
+#define KSPLICE_CANARY 0x77777777UL
+#elif BITS_PER_LONG == 64
+#define KSPLICE_CANARY 0x7777777777777777UL
+#endif /* BITS_PER_LONG */
+
+/**
+ * struct ksplice_section - Ksplice's analogue of an ELF section
+ * @symbol:		The ksplice_symbol associated with this section
+ * @size:		The length, in bytes, of this section
+ * @address:		The address of the section
+ * @flags:		Flags indicating the type of the section, whether or
+ *			not it has been matched, etc.
+ **/
+struct ksplice_section {
+	struct ksplice_symbol *symbol;
+	unsigned long address;
+	unsigned long size;
+	unsigned int flags;
+	const unsigned char **match_map;
+};
+#define KSPLICE_SECTION_TEXT 0x00000001
+#define KSPLICE_SECTION_RODATA 0x00000002
+#define KSPLICE_SECTION_DATA 0x00000004
+#define KSPLICE_SECTION_STRING 0x00000008
+#define KSPLICE_SECTION_MATCHED 0x10000000
+
+#define MAX_TRAMPOLINE_SIZE 5
+
+enum ksplice_patch_type {
+	KSPLICE_PATCH_TEXT,
+	KSPLICE_PATCH_BUGLINE,
+	KSPLICE_PATCH_DATA,
+	KSPLICE_PATCH_EXPORT,
+};
+
+/**
+ * struct ksplice_patch - A replacement that Ksplice should perform
+ * @oldaddr:		The address of the obsolete function or structure
+ * @repladdr:		The address of the replacement function
+ * @type:		The type of the ksplice patch
+ * @size:		The size of the patch
+ * @contents:		The bytes to be installed at oldaddr
+ * @vaddr		The address of the page mapping used to write at oldaddr
+ * @saved:		The bytes originally at oldaddr which were
+ * 			overwritten by the patch
+ **/
+struct ksplice_patch {
+	unsigned long oldaddr;
+	unsigned long repladdr;
+	enum ksplice_patch_type type;
+	unsigned int size;
+	void *contents;
+/* private: */
+	void *vaddr;
+	void *saved;
+};
+
+#ifdef __KERNEL__
+#include <linux/module.h>
+#include <linux/stringify.h>
+
+#define _PASTE(x, y) x##y
+#define PASTE(x, y) _PASTE(x, y)
+#define KSPLICE_UNIQ(s) PASTE(s##_, KSPLICE_MID)
+#define KSPLICE_KID_UNIQ(s) PASTE(s##_, KSPLICE_KID)
+
+/**
+ * struct ksplice_module_list_entry - A record of a ksplice_mod_change's target
+ * @target_mod_name:	The name of the ksplice_mod_change's target module
+ * @new_code_mod_name:	The name of the ksplice_mod_change's new_code module
+ * @applied:		Whether the ksplice_mod_change was applied or not (this
+ *			will be false for ksplice_mod_changes patching targets
+ *			that are not loaded when the partial flag is set)
+ **/
+struct ksplice_module_list_entry {
+	const char *target_mod_name;
+	const char *new_code_mod_name;
+	const char *kid;
+	bool applied;
+/* private: */
+	struct list_head update_list;	/* list head for this is per-update */
+	struct list_head list;	/* list head for this is global */
+};
+
+/* List of all ksplice modules and the module they patch */
+extern struct list_head ksplice_modules;
+
+/* There are two actions, apply and reverse */
+#define KS_ACTIONS 2
+enum ksplice_action {
+	KS_APPLY,
+	KS_REVERSE,
+};
+
+/**
+ * struct ksplice_hooks - Hooks to be run during an action (apply or reverse)
+ * @pre:			Runs before the action;
+ * 				may return nonzero to abort the action
+ * @check:			Runs inside stop_machine before the action;
+ * 				may return nonzero to abort the action
+ * @intra:			Runs inside stop_machine during the action
+ * @post:			Runs after the action is successfully performed
+ * @fail:			Runs if the action is aborted for any reason
+ */
+struct ksplice_hooks {
+	const typeof(int (*)(void)) *pre, *pre_end, *check, *check_end;
+	const typeof(void (*)(void)) *intra, *intra_end, *post, *post_end,
+	    *fail, *fail_end;
+};
+
+/**
+ * struct ksplice_code - Ksplice metadata for an object
+ * @relocs:		The Ksplice relocations for the object
+ * @symbols:		The Ksplice symbols for the object
+ * @sections:		The Ksplice sections for the object
+ **/
+struct ksplice_code {
+	struct ksplice_reloc *relocs, *relocs_end;
+	struct ksplice_section *sections, *sections_end;
+	struct ksplice_symbol *symbols, *symbols_end;
+};
+
+/**
+ * struct ksplice_mod_change - Data for one module modified by a Ksplice update
+ * @name:			The name of the new_code module for the change
+ * @kid:			The Ksplice unique identifier for the change
+ * @target_name:		The name of the module modified by the change
+ * @new_code_mod:		The new_code module for the change
+ * @old_code:			The old code for run-pre matching
+ * @new_code:			The new code to switch to
+ * @patches:			The function replacements in the change
+ * @patches_end:		The end pointer for patches array
+ * @hooks:			Hooks to be run during apply and reverse
+ * @update:			The atomic update the change is part of
+ * @target:			The module modified by the change
+ * @safety_records:		The ranges of addresses that must not be on a
+ *				kernel stack for the patch to apply safely
+ **/
+struct ksplice_mod_change {
+	const char *name;
+	const char *kid;
+	const char *target_name;
+	struct module *new_code_mod;
+	struct ksplice_code old_code, new_code;
+	struct ksplice_patch *patches, *patches_end;
+	struct ksplice_hooks hooks[KS_ACTIONS];
+/* private: */
+	struct update *update;
+	struct module *target;
+	struct list_head temp_labelvals;
+	struct list_head safety_records;
+	struct list_head list;
+};
+
+
+int init_ksplice_mod_change(struct ksplice_mod_change *change);
+
+void cleanup_ksplice_mod_change(struct ksplice_mod_change *change);
+
+#endif /* __KERNEL__ */
diff --git a/kernel/Makefile b/kernel/Makefile
index 170a921..1a95df9 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -12,6 +12,8 @@ obj-y     = sched.o fork.o exec_domain.o panic.o printk.o \
 	    notifier.o ksysfs.o pm_qos_params.o sched_clock.o cred.o \
 	    async.o
 
+CFLAGS_ksplice.o += -Iarch/$(SRCARCH)/kernel
+
 ifdef CONFIG_FUNCTION_TRACER
 # Do not trace debug files and internal ftrace files
 CFLAGS_REMOVE_lockdep.o = -pg
@@ -71,6 +73,7 @@ obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
 obj-$(CONFIG_AUDITSYSCALL) += auditsc.o
 obj-$(CONFIG_AUDIT_TREE) += audit_tree.o
 obj-$(CONFIG_KPROBES) += kprobes.o
+obj-$(CONFIG_KSPLICE) += ksplice.o
 obj-$(CONFIG_KGDB) += kgdb.o
 obj-$(CONFIG_DETECT_SOFTLOCKUP) += softlockup.o
 obj-$(CONFIG_GENERIC_HARDIRQS) += irq/
diff --git a/kernel/ksplice.c b/kernel/ksplice.c
new file mode 100644
index 0000000..f6528e0
--- /dev/null
+++ b/kernel/ksplice.c
@@ -0,0 +1,2995 @@
+/*  Copyright (C) 2007-2009  Ksplice, Inc.
+ *  Authors: Jeff Arnold, Anders Kaseorg, Tim Abbott
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License, version 2.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
+ *  02110-1301, USA.
+ */
+
+#include <linux/module.h>
+#include <linux/bug.h>
+#include <linux/ctype.h>
+#include <linux/debugfs.h>
+#include <linux/errno.h>
+#include <linux/kallsyms.h>
+#include <linux/kobject.h>
+#include <linux/kthread.h>
+#include <linux/pagemap.h>
+#include <linux/sched.h>
+#include <linux/sort.h>
+#include <linux/stop_machine.h>
+#include <linux/sysfs.h>
+#include <linux/time.h>
+#include <linux/uaccess.h>
+#include <linux/vmalloc.h>
+#include <linux/ksplice.h>
+
+enum stage {
+	STAGE_PREPARING,	/* the update is not yet applied */
+	STAGE_APPLIED,		/* the update is applied */
+	STAGE_REVERSED,		/* the update has been applied and reversed */
+};
+
+/* parameter to modify run-pre matching */
+enum run_pre_mode {
+	RUN_PRE_INITIAL,	/* dry run (only change temp_labelvals) */
+	RUN_PRE_DEBUG,		/* dry run with byte-by-byte debugging */
+	RUN_PRE_FINAL,		/* finalizes the matching */
+};
+
+enum { NOVAL, TEMP, VAL };
+
+typedef int __bitwise__ abort_t;
+
+#define OK ((__force abort_t) 0)
+#define NO_MATCH ((__force abort_t) 1)
+#define CODE_BUSY ((__force abort_t) 2)
+#define MODULE_BUSY ((__force abort_t) 3)
+#define OUT_OF_MEMORY ((__force abort_t) 4)
+#define FAILED_TO_FIND ((__force abort_t) 5)
+#define ALREADY_REVERSED ((__force abort_t) 6)
+#define MISSING_EXPORT ((__force abort_t) 7)
+#define UNEXPECTED_RUNNING_TASK ((__force abort_t) 8)
+#define UNEXPECTED ((__force abort_t) 9)
+#define TARGET_NOT_LOADED ((__force abort_t) 10)
+#define CALL_FAILED ((__force abort_t) 11)
+#define COLD_UPDATE_LOADED ((__force abort_t) 12)
+
+struct update {
+	const char *kid;
+	const char *name;
+	struct kobject kobj;
+	enum stage stage;
+	abort_t abort_cause;
+	int debug;
+#ifdef CONFIG_DEBUG_FS
+	struct debugfs_blob_wrapper debug_blob;
+	struct dentry *debugfs_dentry;
+#else /* !CONFIG_DEBUG_FS */
+	bool debug_continue_line;
+#endif /* CONFIG_DEBUG_FS */
+	bool partial;		/* is it OK if some target mods aren't loaded */
+	struct list_head changes,	/* changes for loaded target mods */
+	    unused_changes;		/* changes for non-loaded target mods */
+	struct list_head conflicts;
+	struct list_head list;
+	struct list_head ksplice_module_list;
+};
+
+/* a process conflicting with an update */
+struct conflict {
+	const char *process_name;
+	pid_t pid;
+	struct list_head stack;
+	struct list_head list;
+};
+
+/* an address on the stack of a conflict */
+struct conflict_addr {
+	unsigned long addr;	/* the address on the stack */
+	bool has_conflict;	/* does this address in particular conflict? */
+	const char *label;	/* the label of the conflicting safety_record */
+	struct list_head list;
+};
+
+struct labelval {
+	struct list_head list;
+	struct ksplice_symbol *symbol;
+	struct list_head *saved_vals;
+};
+
+/* region to be checked for conflicts in the stack check */
+struct safety_record {
+	struct list_head list;
+	const char *label;
+	unsigned long addr;	/* the address to be checked for conflicts
+				 * (e.g. an obsolete function's starting addr)
+				 */
+	unsigned long size;	/* the size of the region to be checked */
+};
+
+/* possible value for a symbol */
+struct candidate_val {
+	struct list_head list;
+	unsigned long val;
+};
+
+/* private struct used by init_symbol_array */
+struct ksplice_lookup {
+/* input */
+	struct ksplice_mod_change *change;
+	struct ksplice_symbol **arr;
+	size_t size;
+/* output */
+	abort_t ret;
+};
+
+static LIST_HEAD(updates);
+LIST_HEAD(ksplice_modules);
+EXPORT_SYMBOL_GPL(ksplice_modules);
+static struct kobject *ksplice_kobj;
+
+static struct kobj_type update_ktype;
+
+static struct update *init_ksplice_update(const char *kid);
+static void cleanup_ksplice_update(struct update *update);
+static void maybe_cleanup_ksplice_update(struct update *update);
+static void add_to_update(struct ksplice_mod_change *change,
+			  struct update *update);
+static int ksplice_sysfs_init(struct update *update);
+
+/* Preparing the relocations and patches for application */
+static abort_t apply_update(struct update *update);
+static abort_t reverse_update(struct update *update);
+static abort_t prepare_change(struct ksplice_mod_change *change);
+static abort_t finalize_change(struct ksplice_mod_change *change);
+static abort_t finalize_patches(struct ksplice_mod_change *change);
+static abort_t add_dependency_on_address(struct ksplice_mod_change *change,
+					 unsigned long addr);
+static abort_t map_trampoline_pages(struct update *update);
+static void unmap_trampoline_pages(struct update *update);
+static void *map_writable(void *addr, size_t len);
+static abort_t apply_relocs(struct ksplice_mod_change *change,
+			    const struct ksplice_reloc *relocs,
+			    const struct ksplice_reloc *relocs_end);
+static abort_t apply_reloc(struct ksplice_mod_change *change,
+			   const struct ksplice_reloc *r);
+static abort_t apply_howto_reloc(struct ksplice_mod_change *change,
+				 const struct ksplice_reloc *r);
+static abort_t apply_howto_date(struct ksplice_mod_change *change,
+				const struct ksplice_reloc *r);
+static abort_t read_reloc_value(struct ksplice_mod_change *change,
+				const struct ksplice_reloc *r,
+				unsigned long addr, unsigned long *valp);
+static abort_t write_reloc_value(struct ksplice_mod_change *change,
+				 const struct ksplice_reloc *r,
+				 unsigned long addr, unsigned long sym_addr);
+static abort_t create_module_list_entry(struct ksplice_mod_change *change,
+					bool to_be_applied);
+static void cleanup_module_list_entries(struct update *update);
+static void __attribute__((noreturn)) ksplice_deleted(void);
+
+/* run-pre matching */
+static abort_t match_change_sections(struct ksplice_mod_change *change,
+				   bool consider_data_sections);
+static abort_t find_section(struct ksplice_mod_change *change,
+			    struct ksplice_section *sect);
+static abort_t try_addr(struct ksplice_mod_change *change,
+			struct ksplice_section *sect,
+			unsigned long run_addr,
+			struct list_head *safety_records,
+			enum run_pre_mode mode);
+static abort_t run_pre_cmp(struct ksplice_mod_change *change,
+			   const struct ksplice_section *sect,
+			   unsigned long run_addr,
+			   struct list_head *safety_records,
+			   enum run_pre_mode mode);
+static void print_bytes(struct ksplice_mod_change *change,
+			const unsigned char *run, int runc,
+			const unsigned char *pre, int prec);
+static const struct ksplice_reloc *
+init_reloc_search(struct ksplice_mod_change *change,
+		  const struct ksplice_section *sect);
+static const struct ksplice_reloc *find_reloc(const struct ksplice_reloc *start,
+					      const struct ksplice_reloc *end,
+					      unsigned long address,
+					      unsigned long size);
+static abort_t lookup_reloc(struct ksplice_mod_change *change,
+			    const struct ksplice_reloc **fingerp,
+			    unsigned long addr,
+			    const struct ksplice_reloc **relocp);
+static abort_t handle_reloc(struct ksplice_mod_change *change,
+			    const struct ksplice_section *sect,
+			    const struct ksplice_reloc *r,
+			    unsigned long run_addr, enum run_pre_mode mode);
+static abort_t handle_howto_date(struct ksplice_mod_change *change,
+				 const struct ksplice_section *sect,
+				 const struct ksplice_reloc *r,
+				 unsigned long run_addr,
+				 enum run_pre_mode mode);
+static abort_t handle_howto_reloc(struct ksplice_mod_change *change,
+				  const struct ksplice_section *sect,
+				  const struct ksplice_reloc *r,
+				  unsigned long run_addr,
+				  enum run_pre_mode mode);
+#ifdef CONFIG_BUG
+static abort_t handle_bug(struct ksplice_mod_change *change,
+			  const struct ksplice_reloc *r,
+			  unsigned long run_addr);
+#endif /* CONFIG_BUG */
+static abort_t handle_extable(struct ksplice_mod_change *change,
+			      const struct ksplice_reloc *r,
+			      unsigned long run_addr);
+static struct ksplice_section *symbol_section(struct ksplice_mod_change *change,
+					      const struct ksplice_symbol *sym);
+static int compare_section_labels(const void *va, const void *vb);
+static int symbol_section_bsearch_compare(const void *a, const void *b);
+static const struct ksplice_reloc *
+patch_reloc(struct ksplice_mod_change *change,
+	    const struct ksplice_patch *p);
+
+/* Computing possible addresses for symbols */
+static abort_t lookup_symbol(struct ksplice_mod_change *change,
+			     const struct ksplice_symbol *ksym,
+			     struct list_head *vals);
+static void cleanup_symbol_arrays(struct ksplice_mod_change *change);
+static abort_t init_symbol_arrays(struct ksplice_mod_change *change);
+static abort_t init_symbol_array(struct ksplice_mod_change *change,
+				 struct ksplice_symbol *start,
+				 struct ksplice_symbol *end);
+static abort_t uniquify_symbols(struct ksplice_mod_change *change);
+static abort_t add_matching_values(struct ksplice_lookup *lookup,
+				   const char *sym_name, unsigned long sym_val);
+static bool add_export_values(const struct symsearch *syms,
+			      struct module *owner,
+			      unsigned int symnum, void *data);
+static int symbolp_bsearch_compare(const void *key, const void *elt);
+static int compare_symbolp_names(const void *a, const void *b);
+static int compare_symbolp_labels(const void *a, const void *b);
+static int add_kallsyms_values(void *data, const char *name,
+			       struct module *owner, unsigned long val);
+static abort_t new_export_lookup(struct ksplice_mod_change *ichange,
+				 const char *name, struct list_head *vals);
+
+/* Atomic update trampoline insertion and removal */
+static abort_t patch_action(struct update *update, enum ksplice_action action);
+static int __apply_patches(void *update);
+static int __reverse_patches(void *update);
+static abort_t check_each_task(struct update *update);
+static abort_t check_task(struct update *update,
+			  const struct task_struct *t, bool rerun);
+static abort_t check_stack(struct update *update, struct conflict *conf,
+			   const struct thread_info *tinfo,
+			   const unsigned long *stack);
+static abort_t check_address(struct update *update,
+			     struct conflict *conf, unsigned long addr);
+static abort_t check_record(struct conflict_addr *ca,
+			    const struct safety_record *rec,
+			    unsigned long addr);
+static bool is_stop_machine(const struct task_struct *t);
+static void cleanup_conflicts(struct update *update);
+static void print_conflicts(struct update *update);
+static void insert_trampoline(struct ksplice_patch *p);
+static abort_t verify_trampoline(struct ksplice_mod_change *change,
+				 const struct ksplice_patch *p);
+static void remove_trampoline(const struct ksplice_patch *p);
+
+static abort_t create_labelval(struct ksplice_mod_change *change,
+			       struct ksplice_symbol *ksym,
+			       unsigned long val, int status);
+static abort_t create_safety_record(struct ksplice_mod_change *change,
+				    const struct ksplice_section *sect,
+				    struct list_head *record_list,
+				    unsigned long run_addr,
+				    unsigned long run_size);
+static abort_t add_candidate_val(struct ksplice_mod_change *change,
+				 struct list_head *vals, unsigned long val);
+static void release_vals(struct list_head *vals);
+static void set_temp_labelvals(struct ksplice_mod_change *change, int status);
+
+static int contains_canary(struct ksplice_mod_change *change,
+			   unsigned long blank_addr,
+			   const struct ksplice_reloc_howto *howto);
+static unsigned long follow_trampolines(struct ksplice_mod_change *change,
+					unsigned long addr);
+static bool patches_module(const struct module *a, const struct module *b);
+static bool strstarts(const char *str, const char *prefix);
+static bool singular(struct list_head *list);
+static void *bsearch(const void *key, const void *base, size_t n,
+		     size_t size, int (*cmp)(const void *key, const void *elt));
+static int compare_relocs(const void *a, const void *b);
+static int reloc_bsearch_compare(const void *key, const void *elt);
+
+/* Debugging */
+static abort_t init_debug_buf(struct update *update);
+static void clear_debug_buf(struct update *update);
+static int __attribute__((format(printf, 2, 3)))
+_ksdebug(struct update *update, const char *fmt, ...);
+#define ksdebug(change, fmt, ...) \
+	_ksdebug(change->update, fmt, ## __VA_ARGS__)
+
+/* Architecture-specific functions defined in arch/ARCH/kernel/ksplice-arch.c */
+
+/* Prepare a trampoline for the given patch */
+static abort_t prepare_trampoline(struct ksplice_mod_change *change,
+				  struct ksplice_patch *p);
+/* What address does the trampoline at addr jump to? */
+static abort_t trampoline_target(struct ksplice_mod_change *change,
+				 unsigned long addr, unsigned long *new_addr);
+/* Hook to handle pc-relative jumps inserted by parainstructions */
+static abort_t handle_paravirt(struct ksplice_mod_change *change,
+			       unsigned long pre, unsigned long run,
+			       int *matched);
+/* Is address p on the stack of the given thread? */
+static bool valid_stack_ptr(const struct thread_info *tinfo, const void *p);
+
+#include "ksplice-arch.c"
+
+#define clear_list(head, type, member)				\
+	do {							\
+		struct list_head *_pos, *_n;			\
+		list_for_each_safe(_pos, _n, head) {		\
+			list_del(_pos);				\
+			kfree(list_entry(_pos, type, member));	\
+		}						\
+	} while (0)
+
+/**
+ * init_ksplice_mod_change() - Initializes a ksplice change
+ * @change:	The change to be initialized.  All of the public fields of the
+ * 		change and its associated data structures should be populated
+ * 		before this function is called.  The values of the private
+ * 		fields will be ignored.
+ **/
+int init_ksplice_mod_change(struct ksplice_mod_change *change)
+{
+	struct update *update;
+	struct ksplice_patch *p;
+	struct ksplice_section *s;
+	int ret = 0;
+
+	INIT_LIST_HEAD(&change->temp_labelvals);
+	INIT_LIST_HEAD(&change->safety_records);
+
+	sort(change->old_code.relocs,
+	     change->old_code.relocs_end - change->old_code.relocs,
+	     sizeof(*change->old_code.relocs), compare_relocs, NULL);
+	sort(change->new_code.relocs,
+	     change->new_code.relocs_end - change->new_code.relocs,
+	     sizeof(*change->new_code.relocs), compare_relocs, NULL);
+	sort(change->old_code.sections,
+	     change->old_code.sections_end - change->old_code.sections,
+	     sizeof(*change->old_code.sections), compare_section_labels, NULL);
+
+	for (p = change->patches; p < change->patches_end; p++)
+		p->vaddr = NULL;
+	for (s = change->old_code.sections; s < change->old_code.sections_end;
+	     s++)
+		s->match_map = NULL;
+	for (p = change->patches; p < change->patches_end; p++) {
+		const struct ksplice_reloc *r = patch_reloc(change, p);
+		if (r == NULL)
+			return -ENOENT;
+		if (p->type == KSPLICE_PATCH_DATA) {
+			s = symbol_section(change, r->symbol);
+			if (s == NULL)
+				return -ENOENT;
+			/* Ksplice creates KSPLICE_PATCH_DATA patches in order
+			 * to modify rodata sections that have been explicitly
+			 * marked for patching using the ksplice-patch.h macro
+			 * ksplice_assume_rodata.  Here we modify the section
+			 * flags appropriately.
+			 */
+			if (s->flags & KSPLICE_SECTION_DATA)
+				s->flags = (s->flags & ~KSPLICE_SECTION_DATA) |
+				    KSPLICE_SECTION_RODATA;
+		}
+	}
+
+	mutex_lock(&module_mutex);
+	list_for_each_entry(update, &updates, list) {
+		if (strcmp(change->kid, update->kid) == 0) {
+			if (update->stage != STAGE_PREPARING) {
+				ret = -EPERM;
+				goto out;
+			}
+			add_to_update(change, update);
+			ret = 0;
+			goto out;
+		}
+	}
+	update = init_ksplice_update(change->kid);
+	if (update == NULL) {
+		ret = -ENOMEM;
+		goto out;
+	}
+	ret = ksplice_sysfs_init(update);
+	if (ret != 0) {
+		cleanup_ksplice_update(update);
+		goto out;
+	}
+	add_to_update(change, update);
+out:
+	mutex_unlock(&module_mutex);
+	return ret;
+}
+EXPORT_SYMBOL_GPL(init_ksplice_mod_change);
+
+/**
+ * cleanup_ksplice_mod_change() - Cleans up a change if appropriate
+ * @change:	The change to be cleaned up
+ *
+ * cleanup_ksplice_mod_change is currently called twice for each
+ * Ksplice update; once when the old_code module is unloaded, and once
+ * when the new_code module is unloaded.  The extra call is used to
+ * avoid leaks if you unload the old_code without applying the update.
+ */
+void cleanup_ksplice_mod_change(struct ksplice_mod_change *change)
+{
+	if (change->update == NULL)
+		return;
+
+	mutex_lock(&module_mutex);
+	if (change->update->stage == STAGE_APPLIED) {
+		/* If the change wasn't actually applied (because we
+		 * only applied this update to loaded modules and this
+		 * target was not loaded), then unregister the change
+		 * from the list of unused changes.
+		 */
+		struct ksplice_mod_change *c;
+		bool found = false;
+
+		list_for_each_entry(c, &change->update->unused_changes, list) {
+			if (c == change)
+				found = true;
+		}
+		if (found)
+			list_del(&change->list);
+		mutex_unlock(&module_mutex);
+		return;
+	}
+	list_del(&change->list);
+	if (change->update->stage == STAGE_PREPARING)
+		maybe_cleanup_ksplice_update(change->update);
+	change->update = NULL;
+	mutex_unlock(&module_mutex);
+}
+EXPORT_SYMBOL_GPL(cleanup_ksplice_mod_change);
+
+static struct update *init_ksplice_update(const char *kid)
+{
+	struct update *update;
+	update = kcalloc(1, sizeof(struct update), GFP_KERNEL);
+	if (update == NULL)
+		return NULL;
+	update->name = kasprintf(GFP_KERNEL, "ksplice_%s", kid);
+	if (update->name == NULL) {
+		kfree(update);
+		return NULL;
+	}
+	update->kid = kstrdup(kid, GFP_KERNEL);
+	if (update->kid == NULL) {
+		kfree(update->name);
+		kfree(update);
+		return NULL;
+	}
+	if (try_module_get(THIS_MODULE) != 1) {
+		kfree(update->kid);
+		kfree(update->name);
+		kfree(update);
+		return NULL;
+	}
+	INIT_LIST_HEAD(&update->changes);
+	INIT_LIST_HEAD(&update->unused_changes);
+	INIT_LIST_HEAD(&update->ksplice_module_list);
+	if (init_debug_buf(update) != OK) {
+		module_put(THIS_MODULE);
+		kfree(update->kid);
+		kfree(update->name);
+		kfree(update);
+		return NULL;
+	}
+	list_add(&update->list, &updates);
+	update->stage = STAGE_PREPARING;
+	update->abort_cause = OK;
+	update->partial = 0;
+	INIT_LIST_HEAD(&update->conflicts);
+	return update;
+}
+
+static void cleanup_ksplice_update(struct update *update)
+{
+	list_del(&update->list);
+	cleanup_conflicts(update);
+	clear_debug_buf(update);
+	cleanup_module_list_entries(update);
+	kfree(update->kid);
+	kfree(update->name);
+	kfree(update);
+	module_put(THIS_MODULE);
+}
+
+/* Clean up the update if it no longer has any changes */
+static void maybe_cleanup_ksplice_update(struct update *update)
+{
+	if (list_empty(&update->changes) && list_empty(&update->unused_changes))
+		kobject_put(&update->kobj);
+}
+
+static void add_to_update(struct ksplice_mod_change *change,
+			  struct update *update)
+{
+	change->update = update;
+	list_add(&change->list, &update->unused_changes);
+}
+
+static int ksplice_sysfs_init(struct update *update)
+{
+	int ret = 0;
+	memset(&update->kobj, 0, sizeof(update->kobj));
+	ret = kobject_init_and_add(&update->kobj, &update_ktype,
+				   ksplice_kobj, "%s", update->kid);
+	if (ret != 0)
+		return ret;
+	kobject_uevent(&update->kobj, KOBJ_ADD);
+	return 0;
+}
+
+static abort_t apply_update(struct update *update)
+{
+	struct ksplice_mod_change *change, *n;
+	abort_t ret;
+	int retval;
+
+	list_for_each_entry(change, &update->changes, list) {
+		ret = create_module_list_entry(change, true);
+		if (ret != OK)
+			goto out;
+	}
+
+	list_for_each_entry_safe(change, n, &update->unused_changes, list) {
+		if (strcmp(change->target_name, "vmlinux") == 0) {
+			change->target = NULL;
+		} else if (change->target == NULL) {
+			change->target = find_module(change->target_name);
+			if (change->target == NULL ||
+			    !module_is_live(change->target)) {
+				if (!update->partial) {
+					ret = TARGET_NOT_LOADED;
+					goto out;
+				}
+				ret = create_module_list_entry(change, false);
+				if (ret != OK)
+					goto out;
+				continue;
+			}
+			retval = use_module(change->new_code_mod,
+					    change->target);
+			if (retval != 1) {
+				ret = UNEXPECTED;
+				goto out;
+			}
+		}
+		ret = create_module_list_entry(change, true);
+		if (ret != OK)
+			goto out;
+		list_del(&change->list);
+		list_add_tail(&change->list, &update->changes);
+
+	}
+
+	list_for_each_entry(change, &update->changes, list) {
+		const struct ksplice_section *sect;
+		for (sect = change->new_code.sections;
+		     sect < change->new_code.sections_end; sect++) {
+			struct safety_record *rec = kmalloc(sizeof(*rec),
+							    GFP_KERNEL);
+			if (rec == NULL) {
+				ret = OUT_OF_MEMORY;
+				goto out;
+			}
+			rec->addr = sect->address;
+			rec->size = sect->size;
+			rec->label = sect->symbol->label;
+			list_add(&rec->list, &change->safety_records);
+		}
+	}
+
+	list_for_each_entry(change, &update->changes, list) {
+		ret = init_symbol_arrays(change);
+		if (ret != OK) {
+			cleanup_symbol_arrays(change);
+			goto out;
+		}
+		ret = prepare_change(change);
+		cleanup_symbol_arrays(change);
+		if (ret != OK)
+			goto out;
+	}
+	ret = patch_action(update, KS_APPLY);
+out:
+	list_for_each_entry(change, &update->changes, list) {
+		struct ksplice_section *s;
+		if (update->stage == STAGE_PREPARING)
+			clear_list(&change->safety_records,
+				   struct safety_record, list);
+		for (s = change->old_code.sections;
+		     s < change->old_code.sections_end; s++) {
+			if (s->match_map != NULL) {
+				vfree(s->match_map);
+				s->match_map = NULL;
+			}
+		}
+	}
+	if (update->stage == STAGE_PREPARING)
+		cleanup_module_list_entries(update);
+
+	if (ret == OK)
+		printk(KERN_INFO "ksplice: Update %s applied successfully\n",
+		       update->kid);
+	return ret;
+}
+
+static abort_t reverse_update(struct update *update)
+{
+	abort_t ret;
+	struct ksplice_mod_change *change;
+
+	clear_debug_buf(update);
+	ret = init_debug_buf(update);
+	if (ret != OK)
+		return ret;
+
+	_ksdebug(update, "Preparing to reverse %s\n", update->kid);
+
+	ret = patch_action(update, KS_REVERSE);
+	if (ret != OK)
+		return ret;
+
+	list_for_each_entry(change, &update->changes, list)
+		clear_list(&change->safety_records, struct safety_record, list);
+
+	printk(KERN_INFO "ksplice: Update %s reversed successfully\n",
+	       update->kid);
+	return OK;
+}
+
+static int compare_symbolp_names(const void *a, const void *b)
+{
+	const struct ksplice_symbol *const *sympa = a, *const *sympb = b;
+	if ((*sympa)->name == NULL && (*sympb)->name == NULL)
+		return 0;
+	if ((*sympa)->name == NULL)
+		return -1;
+	if ((*sympb)->name == NULL)
+		return 1;
+	return strcmp((*sympa)->name, (*sympb)->name);
+}
+
+static int compare_symbolp_labels(const void *a, const void *b)
+{
+	const struct ksplice_symbol *const *sympa = a, *const *sympb = b;
+	return strcmp((*sympa)->label, (*sympb)->label);
+}
+
+static int symbolp_bsearch_compare(const void *key, const void *elt)
+{
+	const char *name = key;
+	const struct ksplice_symbol *const *symp = elt;
+	const struct ksplice_symbol *sym = *symp;
+	if (sym->name == NULL)
+		return 1;
+	return strcmp(name, sym->name);
+}
+
+static abort_t add_matching_values(struct ksplice_lookup *lookup,
+				   const char *sym_name, unsigned long sym_val)
+{
+	struct ksplice_symbol **symp;
+	abort_t ret;
+
+	symp = bsearch(sym_name, lookup->arr, lookup->size,
+		       sizeof(*lookup->arr), symbolp_bsearch_compare);
+	if (symp == NULL)
+		return OK;
+
+	while (symp > lookup->arr &&
+	       symbolp_bsearch_compare(sym_name, symp - 1) == 0)
+		symp--;
+
+	for (; symp < lookup->arr + lookup->size; symp++) {
+		struct ksplice_symbol *sym = *symp;
+		if (sym->name == NULL || strcmp(sym_name, sym->name) != 0)
+			break;
+		ret = add_candidate_val(lookup->change,
+					sym->candidate_vals, sym_val);
+		if (ret != OK)
+			return ret;
+	}
+	return OK;
+}
+
+static int add_kallsyms_values(void *data, const char *name,
+			       struct module *owner, unsigned long val)
+{
+	struct ksplice_lookup *lookup = data;
+	if (owner == lookup->change->new_code_mod ||
+	    !patches_module(owner, lookup->change->target))
+		return (__force int)OK;
+	return (__force int)add_matching_values(lookup, name, val);
+}
+
+static bool add_export_values(const struct symsearch *syms,
+			      struct module *owner,
+			      unsigned int symnum, void *data)
+{
+	struct ksplice_lookup *lookup = data;
+	abort_t ret;
+
+	ret = add_matching_values(lookup, syms->start[symnum].name,
+				  syms->start[symnum].value);
+	if (ret != OK) {
+		lookup->ret = ret;
+		return true;
+	}
+	return false;
+}
+
+static void cleanup_symbol_arrays(struct ksplice_mod_change *change)
+{
+	struct ksplice_symbol *sym;
+	for (sym = change->new_code.symbols; sym < change->new_code.symbols_end;
+	     sym++) {
+		if (sym->candidate_vals != NULL) {
+			clear_list(sym->candidate_vals, struct candidate_val,
+				   list);
+			kfree(sym->candidate_vals);
+			sym->candidate_vals = NULL;
+		}
+	}
+	for (sym = change->old_code.symbols; sym < change->old_code.symbols_end;
+	     sym++) {
+		if (sym->candidate_vals != NULL) {
+			clear_list(sym->candidate_vals, struct candidate_val,
+				   list);
+			kfree(sym->candidate_vals);
+			sym->candidate_vals = NULL;
+		}
+	}
+}
+
+/*
+ * The new_code and old_code modules each have their own independent
+ * ksplice_symbol structures.  uniquify_symbols unifies these separate
+ * pieces of kernel symbol information by replacing all references to
+ * the old_code copy of symbols with references to the new_code copy.
+ */
+static abort_t uniquify_symbols(struct ksplice_mod_change *change)
+{
+	struct ksplice_reloc *r;
+	struct ksplice_section *s;
+	struct ksplice_symbol *sym, **sym_arr, **symp;
+	size_t size = change->new_code.symbols_end - change->new_code.symbols;
+
+	if (size == 0)
+		return OK;
+
+	sym_arr = vmalloc(sizeof(*sym_arr) * size);
+	if (sym_arr == NULL)
+		return OUT_OF_MEMORY;
+
+	for (symp = sym_arr, sym = change->new_code.symbols;
+	     symp < sym_arr + size && sym < change->new_code.symbols_end;
+	     sym++, symp++)
+		*symp = sym;
+
+	sort(sym_arr, size, sizeof(*sym_arr), compare_symbolp_labels, NULL);
+
+	for (r = change->old_code.relocs; r < change->old_code.relocs_end;
+	     r++) {
+		symp = bsearch(&r->symbol, sym_arr, size, sizeof(*sym_arr),
+			       compare_symbolp_labels);
+		if (symp != NULL) {
+			if ((*symp)->name == NULL)
+				(*symp)->name = r->symbol->name;
+			r->symbol = *symp;
+		}
+	}
+
+	for (s = change->old_code.sections; s < change->old_code.sections_end;
+	     s++) {
+		symp = bsearch(&s->symbol, sym_arr, size, sizeof(*sym_arr),
+			       compare_symbolp_labels);
+		if (symp != NULL) {
+			if ((*symp)->name == NULL)
+				(*symp)->name = s->symbol->name;
+			s->symbol = *symp;
+		}
+	}
+
+	vfree(sym_arr);
+	return OK;
+}
+
+/*
+ * Initialize the ksplice_symbol structures in the given array using
+ * the kallsyms and exported symbol tables.
+ */
+static abort_t init_symbol_array(struct ksplice_mod_change *change,
+				 struct ksplice_symbol *start,
+				 struct ksplice_symbol *end)
+{
+	struct ksplice_symbol *sym, **sym_arr, **symp;
+	struct ksplice_lookup lookup;
+	size_t size = end - start;
+	abort_t ret;
+
+	if (size == 0)
+		return OK;
+
+	for (sym = start; sym < end; sym++) {
+		if (strstarts(sym->label, "__ksymtab")) {
+			const struct kernel_symbol *ksym;
+			const char *colon = strchr(sym->label, ':');
+			const char *name = colon + 1;
+			if (colon == NULL)
+				continue;
+			ksym = find_symbol(name, NULL, NULL, true, false);
+			if (ksym == NULL) {
+				ksdebug(change, "Could not find kernel_symbol "
+					"structure for %s\n", name);
+				continue;
+			}
+			sym->value = (unsigned long)ksym;
+			sym->candidate_vals = NULL;
+			continue;
+		}
+
+		sym->candidate_vals = kmalloc(sizeof(*sym->candidate_vals),
+					      GFP_KERNEL);
+		if (sym->candidate_vals == NULL)
+			return OUT_OF_MEMORY;
+		INIT_LIST_HEAD(sym->candidate_vals);
+		sym->value = 0;
+	}
+
+	sym_arr = vmalloc(sizeof(*sym_arr) * size);
+	if (sym_arr == NULL)
+		return OUT_OF_MEMORY;
+
+	for (symp = sym_arr, sym = start; symp < sym_arr + size && sym < end;
+	     sym++, symp++)
+		*symp = sym;
+
+	sort(sym_arr, size, sizeof(*sym_arr), compare_symbolp_names, NULL);
+
+	lookup.change = change;
+	lookup.arr = sym_arr;
+	lookup.size = size;
+	lookup.ret = OK;
+
+	each_symbol(add_export_values, &lookup);
+	ret = lookup.ret;
+	if (ret == OK)
+		ret = (__force abort_t)
+		    kallsyms_on_each_symbol(add_kallsyms_values, &lookup);
+	vfree(sym_arr);
+	return ret;
+}
+
+/* Prepare the change's ksplice_symbol structures for run-pre matching */
+static abort_t init_symbol_arrays(struct ksplice_mod_change *change)
+{
+	abort_t ret;
+
+	ret = uniquify_symbols(change);
+	if (ret != OK)
+		return ret;
+
+	ret = init_symbol_array(change, change->old_code.symbols,
+				change->old_code.symbols_end);
+	if (ret != OK)
+		return ret;
+
+	ret = init_symbol_array(change, change->new_code.symbols,
+				change->new_code.symbols_end);
+	if (ret != OK)
+		return ret;
+
+	return OK;
+}
+
+static abort_t prepare_change(struct ksplice_mod_change *change)
+{
+	abort_t ret;
+
+	ksdebug(change, "Preparing and checking %s\n", change->name);
+	ret = match_change_sections(change, false);
+	if (ret == NO_MATCH) {
+		/* It is possible that by using relocations from .data sections
+		 * we can successfully run-pre match the rest of the sections.
+		 * To avoid using any symbols obtained from .data sections
+		 * (which may be unreliable) in the post code, we first prepare
+		 * the post code and then try to run-pre match the remaining
+		 * sections with the help of .data sections.
+		 */
+		ksdebug(change, "Continuing without some sections; we might "
+			"find them later.\n");
+		ret = finalize_change(change);
+		if (ret != OK) {
+			ksdebug(change, "Aborted.  Unable to continue without "
+				"the unmatched sections.\n");
+			return ret;
+		}
+
+		ksdebug(change, "run-pre: Considering .data sections to find "
+			"the unmatched sections\n");
+		ret = match_change_sections(change, true);
+		if (ret != OK)
+			return ret;
+
+		ksdebug(change, "run-pre: Found all previously unmatched "
+			"sections\n");
+		return OK;
+	} else if (ret != OK) {
+		return ret;
+	}
+
+	return finalize_change(change);
+}
+
+/*
+ * Finish preparing the change for insertion into the kernel.
+ * Afterwards, the replacement code should be ready to run and the
+ * ksplice_patches should all be ready for trampoline insertion.
+ */
+static abort_t finalize_change(struct ksplice_mod_change *change)
+{
+	abort_t ret;
+	ret = apply_relocs(change, change->new_code.relocs,
+			   change->new_code.relocs_end);
+	if (ret != OK)
+		return ret;
+
+	ret = finalize_patches(change);
+	if (ret != OK)
+		return ret;
+
+	return OK;
+}
+
+static abort_t finalize_patches(struct ksplice_mod_change *change)
+{
+	struct ksplice_patch *p;
+	struct safety_record *rec;
+	abort_t ret;
+
+	for (p = change->patches; p < change->patches_end; p++) {
+		bool found = false;
+		list_for_each_entry(rec, &change->safety_records, list) {
+			if (rec->addr <= p->oldaddr &&
+			    p->oldaddr < rec->addr + rec->size) {
+				found = true;
+				break;
+			}
+		}
+		if (!found && p->type != KSPLICE_PATCH_EXPORT) {
+			const struct ksplice_reloc *r = patch_reloc(change, p);
+			if (r == NULL) {
+				ksdebug(change, "A patch with no reloc at its "
+					"oldaddr has no safety record\n");
+				return NO_MATCH;
+			}
+			ksdebug(change, "No safety record for patch with"
+				"oldaddr %s+%lx\n", r->symbol->label,
+				r->target_addend);
+			return NO_MATCH;
+		}
+
+		if (p->type == KSPLICE_PATCH_TEXT) {
+			ret = prepare_trampoline(change, p);
+			if (ret != OK)
+				return ret;
+		}
+
+		if (found && rec->addr + rec->size < p->oldaddr + p->size) {
+			ksdebug(change, "Safety record %s is too short for "
+				"patch\n", rec->label);
+			return UNEXPECTED;
+		}
+
+		if (p->type == KSPLICE_PATCH_TEXT) {
+			if (p->repladdr == 0)
+				p->repladdr = (unsigned long)ksplice_deleted;
+		}
+	}
+	return OK;
+}
+
+/* noinline to prevent garbage on the stack from confusing check_stack */
+static noinline abort_t map_trampoline_pages(struct update *update)
+{
+	struct ksplice_mod_change *change;
+	list_for_each_entry(change, &update->changes, list) {
+		struct ksplice_patch *p;
+		for (p = change->patches; p < change->patches_end; p++) {
+			p->vaddr = map_writable((void *)p->oldaddr, p->size);
+			if (p->vaddr == NULL) {
+				ksdebug(change,
+					"Unable to map oldaddr read/write\n");
+				unmap_trampoline_pages(update);
+				return UNEXPECTED;
+			}
+		}
+	}
+	return OK;
+}
+
+static void unmap_trampoline_pages(struct update *update)
+{
+	struct ksplice_mod_change *change;
+	list_for_each_entry(change, &update->changes, list) {
+		struct ksplice_patch *p;
+		for (p = change->patches; p < change->patches_end; p++) {
+			vunmap((void *)((unsigned long)p->vaddr & PAGE_MASK));
+			p->vaddr = NULL;
+		}
+	}
+}
+
+/*
+ * map_writable creates a shadow page mapping of the range
+ * [addr, addr + len) so that we can write to code mapped read-only.
+ *
+ * It is similar to a generalized version of x86's text_poke.  But
+ * because one cannot use vmalloc/vfree() inside stop_machine, we use
+ * map_writable to map the pages before stop_machine, then use the
+ * mapping inside stop_machine, and unmap the pages afterwards.
+ */
+static void *map_writable(void *addr, size_t len)
+{
+	void *vaddr;
+	int nr_pages = DIV_ROUND_UP(offset_in_page(addr) + len, PAGE_SIZE);
+	struct page **pages = kmalloc(nr_pages * sizeof(*pages), GFP_KERNEL);
+	void *page_addr = (void *)((unsigned long)addr & PAGE_MASK);
+	int i;
+
+	if (pages == NULL)
+		return NULL;
+
+	for (i = 0; i < nr_pages; i++) {
+		if (__module_address((unsigned long)page_addr) == NULL) {
+			pages[i] = virt_to_page(page_addr);
+			WARN_ON(!PageReserved(pages[i]));
+		} else {
+			pages[i] = vmalloc_to_page(addr);
+		}
+		if (pages[i] == NULL) {
+			kfree(pages);
+			return NULL;
+		}
+		page_addr += PAGE_SIZE;
+	}
+	vaddr = vmap(pages, nr_pages, VM_MAP, PAGE_KERNEL);
+	kfree(pages);
+	if (vaddr == NULL)
+		return NULL;
+	return vaddr + offset_in_page(addr);
+}
+
+/*
+ * Ksplice adds a dependency on any symbol address used to resolve
+ * relocations in the new_code module.
+ *
+ * Be careful to follow_trampolines so that we always depend on the
+ * latest version of the target function, since that's the code that
+ * will run if we call addr.
+ */
+static abort_t add_dependency_on_address(struct ksplice_mod_change *change,
+					 unsigned long addr)
+{
+	struct ksplice_mod_change *c;
+	struct module *m =
+	    __module_text_address(follow_trampolines(change, addr));
+	if (m == NULL)
+		return OK;
+	list_for_each_entry(c, &change->update->changes, list) {
+		if (m == c->new_code_mod)
+			return OK;
+	}
+	if (use_module(change->new_code_mod, m) != 1)
+		return MODULE_BUSY;
+	return OK;
+}
+
+static abort_t apply_relocs(struct ksplice_mod_change *change,
+			    const struct ksplice_reloc *relocs,
+			    const struct ksplice_reloc *relocs_end)
+{
+	const struct ksplice_reloc *r;
+	for (r = relocs; r < relocs_end; r++) {
+		abort_t ret = apply_reloc(change, r);
+		if (ret != OK)
+			return ret;
+	}
+	return OK;
+}
+
+static abort_t apply_reloc(struct ksplice_mod_change *change,
+			   const struct ksplice_reloc *r)
+{
+	switch (r->howto->type) {
+	case KSPLICE_HOWTO_RELOC:
+	case KSPLICE_HOWTO_RELOC_PATCH:
+		return apply_howto_reloc(change, r);
+	case KSPLICE_HOWTO_DATE:
+	case KSPLICE_HOWTO_TIME:
+		return apply_howto_date(change, r);
+	default:
+		ksdebug(change, "Unexpected howto type %d\n", r->howto->type);
+		return UNEXPECTED;
+	}
+}
+
+/*
+ * Applies a relocation.  Aborts if the symbol referenced in it has
+ * not been uniquely resolved.
+ */
+static abort_t apply_howto_reloc(struct ksplice_mod_change *change,
+				 const struct ksplice_reloc *r)
+{
+	abort_t ret;
+	int canary_ret;
+	unsigned long sym_addr;
+	LIST_HEAD(vals);
+
+	canary_ret = contains_canary(change, r->blank_addr, r->howto);
+	if (canary_ret < 0)
+		return UNEXPECTED;
+	if (canary_ret == 0) {
+		ksdebug(change, "reloc: skipped %lx to %s+%lx (altinstr)\n",
+			r->blank_addr, r->symbol->label, r->target_addend);
+		return OK;
+	}
+
+	ret = lookup_symbol(change, r->symbol, &vals);
+	if (ret != OK) {
+		release_vals(&vals);
+		return ret;
+	}
+	/*
+	 * Relocations for the oldaddr fields of patches must have
+	 * been resolved via run-pre matching.
+	 */
+	if (!singular(&vals) || (r->symbol->candidate_vals != NULL &&
+				 r->howto->type == KSPLICE_HOWTO_RELOC_PATCH)) {
+		release_vals(&vals);
+		ksdebug(change, "Failed to find %s for reloc\n",
+			r->symbol->label);
+		return FAILED_TO_FIND;
+	}
+	sym_addr = list_entry(vals.next, struct candidate_val, list)->val;
+	release_vals(&vals);
+
+	ret = write_reloc_value(change, r, r->blank_addr,
+				r->howto->pcrel ? sym_addr - r->blank_addr :
+				sym_addr);
+	if (ret != OK)
+		return ret;
+
+	ksdebug(change, "reloc: %lx to %s+%lx (S=%lx ", r->blank_addr,
+		r->symbol->label, r->target_addend, sym_addr);
+	switch (r->howto->size) {
+	case 1:
+		ksdebug(change, "aft=%02x)\n", *(uint8_t *)r->blank_addr);
+		break;
+	case 2:
+		ksdebug(change, "aft=%04x)\n", *(uint16_t *)r->blank_addr);
+		break;
+	case 4:
+		ksdebug(change, "aft=%08x)\n", *(uint32_t *)r->blank_addr);
+		break;
+#if BITS_PER_LONG >= 64
+	case 8:
+		ksdebug(change, "aft=%016llx)\n", *(uint64_t *)r->blank_addr);
+		break;
+#endif /* BITS_PER_LONG */
+	default:
+		ksdebug(change, "Aborted.  Invalid relocation size.\n");
+		return UNEXPECTED;
+	}
+
+	/*
+	 * Create labelvals so that we can verify our choices in the
+	 * second round of run-pre matching that considers data sections.
+	 */
+	ret = create_labelval(change, r->symbol, sym_addr, VAL);
+	if (ret != OK)
+		return ret;
+
+	return add_dependency_on_address(change, sym_addr);
+}
+
+/*
+ * Date relocations are created wherever __DATE__ or __TIME__ is used
+ * in the kernel; we resolve them by simply copying in the date/time
+ * obtained from run-pre matching the relevant compilation unit.
+ */
+static abort_t apply_howto_date(struct ksplice_mod_change *change,
+				const struct ksplice_reloc *r)
+{
+	if (r->symbol->candidate_vals != NULL) {
+		ksdebug(change, "Failed to find %s for date\n",
+			r->symbol->label);
+		return FAILED_TO_FIND;
+	}
+	memcpy((unsigned char *)r->blank_addr,
+	       (const unsigned char *)r->symbol->value, r->howto->size);
+	return OK;
+}
+
+/*
+ * Given a relocation and its run address, compute the address of the
+ * symbol the relocation referenced, and store it in *valp.
+ */
+static abort_t read_reloc_value(struct ksplice_mod_change *change,
+				const struct ksplice_reloc *r,
+				unsigned long addr, unsigned long *valp)
+{
+	unsigned char bytes[sizeof(long)];
+	unsigned long val;
+	const struct ksplice_reloc_howto *howto = r->howto;
+
+	if (howto->size <= 0 || howto->size > sizeof(long)) {
+		ksdebug(change, "Aborted.  Invalid relocation size.\n");
+		return UNEXPECTED;
+	}
+
+	if (probe_kernel_read(bytes, (void *)addr, howto->size) == -EFAULT)
+		return NO_MATCH;
+
+	switch (howto->size) {
+	case 1:
+		val = *(uint8_t *)bytes;
+		break;
+	case 2:
+		val = *(uint16_t *)bytes;
+		break;
+	case 4:
+		val = *(uint32_t *)bytes;
+		break;
+#if BITS_PER_LONG >= 64
+	case 8:
+		val = *(uint64_t *)bytes;
+		break;
+#endif /* BITS_PER_LONG */
+	default:
+		ksdebug(change, "Aborted.  Invalid relocation size.\n");
+		return UNEXPECTED;
+	}
+
+	val &= howto->dst_mask;
+	if (howto->signed_addend)
+		val |= -(val & (howto->dst_mask & ~(howto->dst_mask >> 1)));
+	val <<= howto->rightshift;
+	val -= r->insn_addend + r->target_addend;
+	*valp = val;
+	return OK;
+}
+
+/*
+ * Given a relocation, the address of its storage unit, and the
+ * address of the symbol the relocation references, write the
+ * relocation's final value into the storage unit.
+ */
+static abort_t write_reloc_value(struct ksplice_mod_change *change,
+				 const struct ksplice_reloc *r,
+				 unsigned long addr, unsigned long sym_addr)
+{
+	unsigned long val = sym_addr + r->target_addend + r->insn_addend;
+	const struct ksplice_reloc_howto *howto = r->howto;
+	val >>= howto->rightshift;
+	switch (howto->size) {
+	case 1:
+		*(uint8_t *)addr = (*(uint8_t *)addr & ~howto->dst_mask) |
+		    (val & howto->dst_mask);
+		break;
+	case 2:
+		*(uint16_t *)addr = (*(uint16_t *)addr & ~howto->dst_mask) |
+		    (val & howto->dst_mask);
+		break;
+	case 4:
+		*(uint32_t *)addr = (*(uint32_t *)addr & ~howto->dst_mask) |
+		    (val & howto->dst_mask);
+		break;
+#if BITS_PER_LONG >= 64
+	case 8:
+		*(uint64_t *)addr = (*(uint64_t *)addr & ~howto->dst_mask) |
+		    (val & howto->dst_mask);
+		break;
+#endif /* BITS_PER_LONG */
+	default:
+		ksdebug(change, "Aborted.  Invalid relocation size.\n");
+		return UNEXPECTED;
+	}
+
+	if (read_reloc_value(change, r, addr, &val) != OK || val != sym_addr) {
+		ksdebug(change, "Aborted.  Relocation overflow.\n");
+		return UNEXPECTED;
+	}
+
+	return OK;
+}
+
+static abort_t create_module_list_entry(struct ksplice_mod_change *change,
+					bool to_be_applied)
+{
+	struct ksplice_module_list_entry *entry =
+	    kmalloc(sizeof(*entry), GFP_KERNEL);
+	if (entry == NULL)
+		return OUT_OF_MEMORY;
+	entry->new_code_mod_name =
+	    kstrdup(change->new_code_mod->name, GFP_KERNEL);
+	if (entry->new_code_mod_name == NULL) {
+		kfree(entry);
+		return OUT_OF_MEMORY;
+	}
+	entry->target_mod_name = kstrdup(change->target_name, GFP_KERNEL);
+	if (entry->target_mod_name == NULL) {
+		kfree(entry->new_code_mod_name);
+		kfree(entry);
+		return OUT_OF_MEMORY;
+	}
+	/* The update's kid is guaranteed to outlast the module_list_entry */
+	entry->kid = change->update->kid;
+	entry->applied = to_be_applied;
+	list_add(&entry->update_list, &change->update->ksplice_module_list);
+	return OK;
+}
+
+static void cleanup_module_list_entries(struct update *update)
+{
+	struct ksplice_module_list_entry *entry;
+	list_for_each_entry(entry, &update->ksplice_module_list, update_list) {
+		kfree(entry->target_mod_name);
+		kfree(entry->new_code_mod_name);
+	}
+	clear_list(&update->ksplice_module_list,
+		   struct ksplice_module_list_entry, update_list);
+}
+
+/* Replacement address used for functions deleted by the patch */
+static void __attribute__((noreturn)) ksplice_deleted(void)
+{
+	printk(KERN_CRIT "Called a kernel function deleted by Ksplice!\n");
+	BUG();
+}
+
+/* Floodfill to run-pre match the sections within a change. */
+static abort_t match_change_sections(struct ksplice_mod_change *change,
+				   bool consider_data_sections)
+{
+	struct ksplice_section *sect;
+	abort_t ret;
+	int remaining = 0;
+	bool progress;
+
+	for (sect = change->old_code.sections;
+	     sect < change->old_code.sections_end; sect++) {
+		if ((sect->flags & KSPLICE_SECTION_DATA) == 0 &&
+		    (sect->flags & KSPLICE_SECTION_STRING) == 0 &&
+		    (sect->flags & KSPLICE_SECTION_MATCHED) == 0)
+			remaining++;
+	}
+
+	while (remaining > 0) {
+		progress = false;
+		for (sect = change->old_code.sections;
+		     sect < change->old_code.sections_end; sect++) {
+			if ((sect->flags & KSPLICE_SECTION_MATCHED) != 0)
+				continue;
+			if ((!consider_data_sections &&
+			     (sect->flags & KSPLICE_SECTION_DATA) != 0) ||
+			    (sect->flags & KSPLICE_SECTION_STRING) != 0)
+				continue;
+			ret = find_section(change, sect);
+			if (ret == OK) {
+				sect->flags |= KSPLICE_SECTION_MATCHED;
+				if ((sect->flags & KSPLICE_SECTION_DATA) == 0)
+					remaining--;
+				progress = true;
+			} else if (ret != NO_MATCH) {
+				return ret;
+			}
+		}
+
+		if (progress)
+			continue;
+
+		for (sect = change->old_code.sections;
+		     sect < change->old_code.sections_end; sect++) {
+			if ((sect->flags & KSPLICE_SECTION_MATCHED) != 0 ||
+			    (sect->flags & KSPLICE_SECTION_STRING) != 0)
+				continue;
+			ksdebug(change, "run-pre: could not match %s "
+				"section %s\n",
+				(sect->flags & KSPLICE_SECTION_DATA) != 0 ?
+				"data" :
+				(sect->flags & KSPLICE_SECTION_RODATA) != 0 ?
+				"rodata" : "text", sect->symbol->label);
+		}
+		ksdebug(change, "Aborted.  run-pre: could not match some "
+			"sections.\n");
+		return NO_MATCH;
+	}
+	return OK;
+}
+
+/*
+ * Search for the section in the running kernel.  Returns OK if and
+ * only if it finds precisely one address in the kernel matching the
+ * section.
+ */
+static abort_t find_section(struct ksplice_mod_change *change,
+			    struct ksplice_section *sect)
+{
+	int i;
+	abort_t ret;
+	unsigned long run_addr;
+	LIST_HEAD(vals);
+	struct candidate_val *v, *n;
+
+	ret = lookup_symbol(change, sect->symbol, &vals);
+	if (ret != OK) {
+		release_vals(&vals);
+		return ret;
+	}
+
+	ksdebug(change, "run-pre: starting sect search for %s\n",
+		sect->symbol->label);
+
+	list_for_each_entry_safe(v, n, &vals, list) {
+		run_addr = v->val;
+
+		yield();
+		ret = try_addr(change, sect, run_addr, NULL, RUN_PRE_INITIAL);
+		if (ret == NO_MATCH) {
+			list_del(&v->list);
+			kfree(v);
+		} else if (ret != OK) {
+			release_vals(&vals);
+			return ret;
+		}
+	}
+
+	if (singular(&vals)) {
+		LIST_HEAD(safety_records);
+		run_addr = list_entry(vals.next, struct candidate_val,
+				      list)->val;
+		ret = try_addr(change, sect, run_addr, &safety_records,
+			       RUN_PRE_FINAL);
+		release_vals(&vals);
+		if (ret != OK) {
+			clear_list(&safety_records, struct safety_record, list);
+			ksdebug(change, "run-pre: Final run failed for sect "
+				"%s:\n", sect->symbol->label);
+		} else {
+			list_splice(&safety_records, &change->safety_records);
+		}
+		return ret;
+	} else if (!list_empty(&vals)) {
+		struct candidate_val *val;
+		ksdebug(change, "run-pre: multiple candidates for sect %s:\n",
+			sect->symbol->label);
+		i = 0;
+		list_for_each_entry(val, &vals, list) {
+			i++;
+			ksdebug(change, "%lx\n", val->val);
+			if (i > 5) {
+				ksdebug(change, "...\n");
+				break;
+			}
+		}
+		release_vals(&vals);
+		return NO_MATCH;
+	}
+	release_vals(&vals);
+	return NO_MATCH;
+}
+
+/*
+ * try_addr is the the interface to run-pre matching.  Its primary
+ * purpose is to manage debugging information for run-pre matching;
+ * all the hard work is in run_pre_cmp.
+ */
+static abort_t try_addr(struct ksplice_mod_change *change,
+			struct ksplice_section *sect,
+			unsigned long run_addr,
+			struct list_head *safety_records,
+			enum run_pre_mode mode)
+{
+	abort_t ret;
+	const struct module *run_module = __module_address(run_addr);
+
+	if (run_module == change->new_code_mod) {
+		ksdebug(change, "run-pre: unexpected address %lx in new_code "
+			"module %s for sect %s\n", run_addr, run_module->name,
+			sect->symbol->label);
+		return UNEXPECTED;
+	}
+	if (!patches_module(run_module, change->target)) {
+		ksdebug(change, "run-pre: ignoring address %lx in other module "
+			"%s for sect %s\n", run_addr, run_module == NULL ?
+			"vmlinux" : run_module->name, sect->symbol->label);
+		return NO_MATCH;
+	}
+
+	ret = create_labelval(change, sect->symbol, run_addr, TEMP);
+	if (ret != OK)
+		return ret;
+
+	ret = run_pre_cmp(change, sect, run_addr, safety_records, mode);
+	if (ret == NO_MATCH && mode != RUN_PRE_FINAL) {
+		set_temp_labelvals(change, NOVAL);
+		ksdebug(change, "run-pre: %s sect %s does not match (r_a=%lx "
+			"p_a=%lx s=%lx)\n",
+			(sect->flags & KSPLICE_SECTION_RODATA) != 0 ? "rodata" :
+			(sect->flags & KSPLICE_SECTION_DATA) != 0 ? "data" :
+			"text", sect->symbol->label, run_addr, sect->address,
+			sect->size);
+		ksdebug(change, "run-pre: ");
+		if (change->update->debug >= 1) {
+			ret = run_pre_cmp(change, sect, run_addr,
+					  safety_records, RUN_PRE_DEBUG);
+			set_temp_labelvals(change, NOVAL);
+		}
+		ksdebug(change, "\n");
+		return ret;
+	} else if (ret != OK) {
+		set_temp_labelvals(change, NOVAL);
+		return ret;
+	}
+
+	if (mode != RUN_PRE_FINAL) {
+		set_temp_labelvals(change, NOVAL);
+		ksdebug(change, "run-pre: candidate for sect %s=%lx\n",
+			sect->symbol->label, run_addr);
+		return OK;
+	}
+
+	set_temp_labelvals(change, VAL);
+	ksdebug(change, "run-pre: found sect %s=%lx\n", sect->symbol->label,
+		run_addr);
+	return OK;
+}
+
+/*
+ * run_pre_cmp is the primary run-pre matching function; it determines
+ * whether the given ksplice_section matches the code or data in the
+ * running kernel starting at run_addr.
+ *
+ * If run_pre_mode is RUN_PRE_FINAL, a safety record for the matched
+ * section is created.
+ *
+ * The run_pre_mode is also used to determine what debugging
+ * information to display.
+ */
+static abort_t run_pre_cmp(struct ksplice_mod_change *change,
+			   const struct ksplice_section *sect,
+			   unsigned long run_addr,
+			   struct list_head *safety_records,
+			   enum run_pre_mode mode)
+{
+	int matched = 0;
+	abort_t ret;
+	const struct ksplice_reloc *r, *finger;
+	const unsigned char *pre, *run, *pre_start, *run_start;
+	unsigned char runval;
+
+	pre_start = (const unsigned char *)sect->address;
+	run_start = (const unsigned char *)run_addr;
+
+	finger = init_reloc_search(change, sect);
+
+	pre = pre_start;
+	run = run_start;
+	while (pre < pre_start + sect->size) {
+		unsigned long offset = pre - pre_start;
+		ret = lookup_reloc(change, &finger, (unsigned long)pre, &r);
+		if (ret == OK) {
+			ret = handle_reloc(change, sect, r, (unsigned long)run,
+					   mode);
+			if (ret != OK) {
+				if (mode == RUN_PRE_INITIAL)
+					ksdebug(change, "reloc in sect does "
+						"not match after %lx/%lx "
+						"bytes\n", offset, sect->size);
+				return ret;
+			}
+			if (mode == RUN_PRE_DEBUG)
+				print_bytes(change, run, r->howto->size, pre,
+					    r->howto->size);
+			pre += r->howto->size;
+			run += r->howto->size;
+			finger++;
+			continue;
+		} else if (ret != NO_MATCH) {
+			return ret;
+		}
+
+		if ((sect->flags & KSPLICE_SECTION_TEXT) != 0) {
+			ret = handle_paravirt(change, (unsigned long)pre,
+					      (unsigned long)run, &matched);
+			if (ret != OK)
+				return ret;
+			if (matched != 0) {
+				if (mode == RUN_PRE_DEBUG)
+					print_bytes(change, run, matched, pre,
+						    matched);
+				pre += matched;
+				run += matched;
+				continue;
+			}
+		}
+
+		if (probe_kernel_read(&runval, (void *)run, 1) == -EFAULT) {
+			if (mode == RUN_PRE_INITIAL)
+				ksdebug(change, "sect unmapped after %lx/%lx "
+					"bytes\n", offset, sect->size);
+			return NO_MATCH;
+		}
+
+		if (runval != *pre &&
+		    (sect->flags & KSPLICE_SECTION_DATA) == 0) {
+			if (mode == RUN_PRE_INITIAL)
+				ksdebug(change, "sect does not match after "
+					"%lx/%lx bytes\n", offset, sect->size);
+			if (mode == RUN_PRE_DEBUG) {
+				print_bytes(change, run, 1, pre, 1);
+				ksdebug(change, "[p_o=%lx] ! ", offset);
+				print_bytes(change, run + 1, 2, pre + 1, 2);
+			}
+			return NO_MATCH;
+		}
+		if (mode == RUN_PRE_DEBUG)
+			print_bytes(change, run, 1, pre, 1);
+		pre++;
+		run++;
+	}
+	return create_safety_record(change, sect, safety_records, run_addr,
+				    run - run_start);
+}
+
+static void print_bytes(struct ksplice_mod_change *change,
+			const unsigned char *run, int runc,
+			const unsigned char *pre, int prec)
+{
+	int o;
+	int matched = min(runc, prec);
+	for (o = 0; o < matched; o++) {
+		if (run[o] == pre[o])
+			ksdebug(change, "%02x ", run[o]);
+		else
+			ksdebug(change, "%02x/%02x ", run[o], pre[o]);
+	}
+	for (o = matched; o < runc; o++)
+		ksdebug(change, "%02x/ ", run[o]);
+	for (o = matched; o < prec; o++)
+		ksdebug(change, "/%02x ", pre[o]);
+}
+
+struct range {
+	unsigned long address;
+	unsigned long size;
+};
+
+static int reloc_bsearch_compare(const void *key, const void *elt)
+{
+	const struct range *range = key;
+	const struct ksplice_reloc *r = elt;
+	if (range->address + range->size <= r->blank_addr)
+		return -1;
+	if (range->address > r->blank_addr)
+		return 1;
+	return 0;
+}
+
+static const struct ksplice_reloc *find_reloc(const struct ksplice_reloc *start,
+					      const struct ksplice_reloc *end,
+					      unsigned long address,
+					      unsigned long size)
+{
+	const struct ksplice_reloc *r;
+	struct range range = { address, size };
+	r = bsearch((void *)&range, start, end - start, sizeof(*r),
+		    reloc_bsearch_compare);
+	if (r == NULL)
+		return NULL;
+	while (r > start && (r - 1)->blank_addr >= address)
+		r--;
+	return r;
+}
+
+static const struct ksplice_reloc *
+init_reloc_search(struct ksplice_mod_change *change,
+		  const struct ksplice_section *sect)
+{
+	const struct ksplice_reloc *r;
+	r = find_reloc(change->old_code.relocs, change->old_code.relocs_end,
+		       sect->address, sect->size);
+	if (r == NULL)
+		return change->old_code.relocs_end;
+	return r;
+}
+
+/*
+ * lookup_reloc implements an amortized O(1) lookup for the next
+ * old_code relocation.  It must be called with a strictly increasing
+ * sequence of addresses.
+ *
+ * The fingerp is private data for lookup_reloc, and needs to have
+ * been initialized as a pointer to the result of find_reloc (or
+ * init_reloc_search).
+ */
+static abort_t lookup_reloc(struct ksplice_mod_change *change,
+			    const struct ksplice_reloc **fingerp,
+			    unsigned long addr,
+			    const struct ksplice_reloc **relocp)
+{
+	const struct ksplice_reloc *r = *fingerp;
+	int canary_ret;
+
+	while (r < change->old_code.relocs_end &&
+	       addr >= r->blank_addr + r->howto->size &&
+	       !(addr == r->blank_addr && r->howto->size == 0))
+		r++;
+	*fingerp = r;
+	if (r == change->old_code.relocs_end)
+		return NO_MATCH;
+	if (addr < r->blank_addr)
+		return NO_MATCH;
+	*relocp = r;
+	if (r->howto->type != KSPLICE_HOWTO_RELOC)
+		return OK;
+
+	canary_ret = contains_canary(change, r->blank_addr, r->howto);
+	if (canary_ret < 0)
+		return UNEXPECTED;
+	if (canary_ret == 0) {
+		ksdebug(change, "run-pre: reloc skipped at p_a=%lx to %s+%lx "
+			"(altinstr)\n", r->blank_addr, r->symbol->label,
+			r->target_addend);
+		return NO_MATCH;
+	}
+	if (addr != r->blank_addr) {
+		ksdebug(change, "Invalid nonzero relocation offset\n");
+		return UNEXPECTED;
+	}
+	return OK;
+}
+
+static abort_t handle_reloc(struct ksplice_mod_change *change,
+			    const struct ksplice_section *sect,
+			    const struct ksplice_reloc *r,
+			    unsigned long run_addr, enum run_pre_mode mode)
+{
+	switch (r->howto->type) {
+	case KSPLICE_HOWTO_RELOC:
+		return handle_howto_reloc(change, sect, r, run_addr, mode);
+	case KSPLICE_HOWTO_DATE:
+	case KSPLICE_HOWTO_TIME:
+		return handle_howto_date(change, sect, r, run_addr, mode);
+#ifdef CONFIG_BUG
+	case KSPLICE_HOWTO_BUG:
+		return handle_bug(change, r, run_addr);
+#endif /* CONFIG_BUG */
+	case KSPLICE_HOWTO_EXTABLE:
+		return handle_extable(change, r, run_addr);
+	default:
+		ksdebug(change, "Unexpected howto type %d\n", r->howto->type);
+		return UNEXPECTED;
+	}
+}
+
+/*
+ * For date/time relocations, we check that the sequence of bytes
+ * matches the format of a date or time.
+ */
+static abort_t handle_howto_date(struct ksplice_mod_change *change,
+				 const struct ksplice_section *sect,
+				 const struct ksplice_reloc *r,
+				 unsigned long run_addr, enum run_pre_mode mode)
+{
+	abort_t ret;
+	char *buf = kmalloc(r->howto->size, GFP_KERNEL);
+
+	if (buf == NULL)
+		return OUT_OF_MEMORY;
+	if (probe_kernel_read(buf, (void *)run_addr, r->howto->size) == -EFAULT) {
+		ret = NO_MATCH;
+		goto out;
+	}
+
+	switch (r->howto->type) {
+	case KSPLICE_HOWTO_TIME:
+		if (isdigit(buf[0]) && isdigit(buf[1]) && buf[2] == ':' &&
+		    isdigit(buf[3]) && isdigit(buf[4]) && buf[5] == ':' &&
+		    isdigit(buf[6]) && isdigit(buf[7]))
+			ret = OK;
+		else
+			ret = NO_MATCH;
+		break;
+	case KSPLICE_HOWTO_DATE:
+		if (isalpha(buf[0]) && isalpha(buf[1]) && isalpha(buf[2]) &&
+		    buf[3] == ' ' && (buf[4] == ' ' || isdigit(buf[4])) &&
+		    isdigit(buf[5]) && buf[6] == ' ' && isdigit(buf[7]) &&
+		    isdigit(buf[8]) && isdigit(buf[9]) && isdigit(buf[10]))
+			ret = OK;
+		else
+			ret = NO_MATCH;
+		break;
+	default:
+		ret = UNEXPECTED;
+	}
+	if (ret == NO_MATCH && mode == RUN_PRE_INITIAL)
+		ksdebug(change, "%s string: \"%.*s\" does not match format\n",
+			r->howto->type == KSPLICE_HOWTO_DATE ? "date" : "time",
+			r->howto->size, buf);
+
+	if (ret != OK)
+		goto out;
+	ret = create_labelval(change, r->symbol, run_addr, TEMP);
+out:
+	kfree(buf);
+	return ret;
+}
+
+/*
+ * Extract the value of a symbol used in a relocation in the pre code
+ * during run-pre matching, giving an error if it conflicts with a
+ * previously found value of that symbol
+ */
+static abort_t handle_howto_reloc(struct ksplice_mod_change *change,
+				  const struct ksplice_section *sect,
+				  const struct ksplice_reloc *r,
+				  unsigned long run_addr,
+				  enum run_pre_mode mode)
+{
+	struct ksplice_section *sym_sect = symbol_section(change, r->symbol);
+	unsigned long offset = r->target_addend;
+	unsigned long val;
+	abort_t ret;
+
+	ret = read_reloc_value(change, r, run_addr, &val);
+	if (ret != OK)
+		return ret;
+	if (r->howto->pcrel)
+		val += run_addr;
+
+	if (mode == RUN_PRE_INITIAL)
+		ksdebug(change, "run-pre: reloc at r_a=%lx p_a=%lx to %s+%lx: "
+			"found %s = %lx\n", run_addr, r->blank_addr,
+			r->symbol->label, offset, r->symbol->label, val);
+
+	if (contains_canary(change, run_addr, r->howto) != 0) {
+		ksdebug(change, "Aborted.  Unexpected canary in run code at %lx"
+			"\n", run_addr);
+		return UNEXPECTED;
+	}
+
+	if ((sect->flags & KSPLICE_SECTION_DATA) != 0 &&
+	    sect->symbol == r->symbol)
+		return OK;
+	ret = create_labelval(change, r->symbol, val, TEMP);
+	if (ret == NO_MATCH && mode == RUN_PRE_INITIAL)
+		ksdebug(change, "run-pre: reloc at r_a=%lx p_a=%lx: labelval "
+			"%s = %lx does not match expected %lx\n", run_addr,
+			r->blank_addr, r->symbol->label, r->symbol->value, val);
+
+	if (ret != OK)
+		return ret;
+	if (sym_sect != NULL && (sym_sect->flags & KSPLICE_SECTION_MATCHED) == 0
+	    && (sym_sect->flags & KSPLICE_SECTION_STRING) != 0) {
+		if (mode == RUN_PRE_INITIAL)
+			ksdebug(change, "Recursively comparing string section "
+				"%s\n", sym_sect->symbol->label);
+		else if (mode == RUN_PRE_DEBUG)
+			ksdebug(change, "[str start] ");
+		ret = run_pre_cmp(change, sym_sect, val, NULL, mode);
+		if (mode == RUN_PRE_DEBUG)
+			ksdebug(change, "[str end] ");
+		if (ret == OK && mode == RUN_PRE_INITIAL)
+			ksdebug(change, "Successfully matched string section %s"
+				"\n", sym_sect->symbol->label);
+		else if (mode == RUN_PRE_INITIAL)
+			ksdebug(change, "Failed to match string section %s\n",
+				sym_sect->symbol->label);
+	}
+	return ret;
+}
+
+#ifdef CONFIG_GENERIC_BUG
+static abort_t handle_bug(struct ksplice_mod_change *change,
+			  const struct ksplice_reloc *r, unsigned long run_addr)
+{
+	const struct bug_entry *run_bug = find_bug(run_addr);
+	struct ksplice_section *bug_sect = symbol_section(change, r->symbol);
+	if (run_bug == NULL)
+		return NO_MATCH;
+	if (bug_sect == NULL)
+		return UNEXPECTED;
+	return create_labelval(change, bug_sect->symbol, (unsigned long)run_bug,
+			       TEMP);
+}
+#endif /* CONFIG_GENERIC_BUG */
+
+static abort_t handle_extable(struct ksplice_mod_change *change,
+			      const struct ksplice_reloc *r,
+			      unsigned long run_addr)
+{
+	const struct exception_table_entry *run_ent =
+	    search_exception_tables(run_addr);
+	struct ksplice_section *ex_sect = symbol_section(change, r->symbol);
+	if (run_ent == NULL)
+		return NO_MATCH;
+	if (ex_sect == NULL)
+		return UNEXPECTED;
+	return create_labelval(change, ex_sect->symbol, (unsigned long)run_ent,
+			       TEMP);
+}
+
+static int symbol_section_bsearch_compare(const void *a, const void *b)
+{
+	const struct ksplice_symbol *sym = a;
+	const struct ksplice_section *sect = b;
+	return strcmp(sym->label, sect->symbol->label);
+}
+
+static int compare_section_labels(const void *va, const void *vb)
+{
+	const struct ksplice_section *a = va, *b = vb;
+	return strcmp(a->symbol->label, b->symbol->label);
+}
+
+static struct ksplice_section *symbol_section(struct ksplice_mod_change *change,
+					      const struct ksplice_symbol *sym)
+{
+	return bsearch(sym, change->old_code.sections,
+		       change->old_code.sections_end -
+		       change->old_code.sections,
+		       sizeof(struct ksplice_section),
+		       symbol_section_bsearch_compare);
+}
+
+/* Find the relocation for the oldaddr of a ksplice_patch */
+static const struct ksplice_reloc *
+patch_reloc(struct ksplice_mod_change *change,
+	    const struct ksplice_patch *p)
+{
+	unsigned long addr = (unsigned long)&p->oldaddr;
+	const struct ksplice_reloc *r =
+	    find_reloc(change->new_code.relocs, change->new_code.relocs_end,
+		       addr, sizeof(addr));
+	if (r == NULL || r->blank_addr < addr ||
+	    r->blank_addr >= addr + sizeof(addr))
+		return NULL;
+	return r;
+}
+
+/*
+ * Populates vals with the possible values for ksym from the various
+ * sources Ksplice uses to resolve symbols
+ */
+static abort_t lookup_symbol(struct ksplice_mod_change *change,
+			     const struct ksplice_symbol *ksym,
+			     struct list_head *vals)
+{
+	abort_t ret;
+
+	if (ksym->candidate_vals == NULL) {
+		release_vals(vals);
+		ksdebug(change, "using detected sym %s=%lx\n", ksym->label,
+			ksym->value);
+		return add_candidate_val(change, vals, ksym->value);
+	}
+
+	if (strcmp(ksym->label, "cleanup_module") == 0 && change->target != NULL
+	    && change->target->exit != NULL) {
+		ret = add_candidate_val(change, vals,
+					(unsigned long)change->target->exit);
+		if (ret != OK)
+			return ret;
+	}
+
+	if (ksym->name != NULL) {
+		struct candidate_val *val;
+		list_for_each_entry(val, ksym->candidate_vals, list) {
+			ret = add_candidate_val(change, vals, val->val);
+			if (ret != OK)
+				return ret;
+		}
+
+		ret = new_export_lookup(change, ksym->name, vals);
+		if (ret != OK)
+			return ret;
+	}
+
+	return OK;
+}
+
+/*
+ * An update could one module to export a symbol and at the same time
+ * change another module to use that symbol.  This violates the normal
+ * situation where the changes can be handled independently.
+ *
+ * new_export_lookup obtains symbol values from the changes to the
+ * exported symbol table made by other changes.
+ */
+static abort_t new_export_lookup(struct ksplice_mod_change *ichange,
+				 const char *name, struct list_head *vals)
+{
+	struct ksplice_mod_change *change;
+	struct ksplice_patch *p;
+	list_for_each_entry(change, &ichange->update->changes, list) {
+		for (p = change->patches; p < change->patches_end; p++) {
+			const struct kernel_symbol *sym;
+			const struct ksplice_reloc *r;
+			if (p->type != KSPLICE_PATCH_EXPORT ||
+			    strcmp(name, *(const char **)p->contents) != 0)
+				continue;
+
+			/* Check that the p->oldaddr reloc has been resolved. */
+			r = patch_reloc(change, p);
+			if (r == NULL ||
+			    contains_canary(change, r->blank_addr,
+					    r->howto) != 0)
+				continue;
+			sym = (const struct kernel_symbol *)r->symbol->value;
+
+			/*
+			 * Check that the sym->value reloc has been resolved,
+			 * if there is a Ksplice relocation there.
+			 */
+			r = find_reloc(change->new_code.relocs,
+				       change->new_code.relocs_end,
+				       (unsigned long)&sym->value,
+				       sizeof(&sym->value));
+			if (r != NULL &&
+			    r->blank_addr == (unsigned long)&sym->value &&
+			    contains_canary(change, r->blank_addr,
+					    r->howto) != 0)
+				continue;
+			return add_candidate_val(ichange, vals, sym->value);
+		}
+	}
+	return OK;
+}
+
+/*
+ * When patch_action is called, the update should be fully prepared.
+ * patch_action will try to actually insert or remove trampolines for
+ * the update.
+ */
+static abort_t patch_action(struct update *update, enum ksplice_action action)
+{
+	static int (*const __patch_actions[KS_ACTIONS])(void *) = {
+		[KS_APPLY] = __apply_patches,
+		[KS_REVERSE] = __reverse_patches,
+	};
+	int i;
+	abort_t ret;
+	struct ksplice_mod_change *change;
+
+	ret = map_trampoline_pages(update);
+	if (ret != OK)
+		return ret;
+
+	list_for_each_entry(change, &update->changes, list) {
+		const typeof(int (*)(void)) *f;
+		for (f = change->hooks[action].pre;
+		     f < change->hooks[action].pre_end; f++) {
+			if ((*f)() != 0) {
+				ret = CALL_FAILED;
+				goto out;
+			}
+		}
+	}
+
+	for (i = 0; i < 5; i++) {
+		cleanup_conflicts(update);
+		ret = (__force abort_t)stop_machine(__patch_actions[action],
+						    update, NULL);
+		if (ret != CODE_BUSY)
+			break;
+		set_current_state(TASK_INTERRUPTIBLE);
+		schedule_timeout(msecs_to_jiffies(1000));
+	}
+out:
+	unmap_trampoline_pages(update);
+
+	if (ret == CODE_BUSY) {
+		print_conflicts(update);
+		_ksdebug(update, "Aborted %s.  stack check: to-be-%s "
+			 "code is busy.\n", update->kid,
+			 action == KS_APPLY ? "replaced" : "reversed");
+	} else if (ret == ALREADY_REVERSED) {
+		_ksdebug(update, "Aborted %s.  Ksplice update %s is already "
+			 "reversed.\n", update->kid, update->kid);
+	} else if (ret == MODULE_BUSY) {
+		_ksdebug(update, "Update %s is in use by another module\n",
+			 update->kid);
+	}
+
+	if (ret != OK) {
+		list_for_each_entry(change, &update->changes, list) {
+			const typeof(void (*)(void)) *f;
+			for (f = change->hooks[action].fail;
+			     f < change->hooks[action].fail_end; f++)
+				(*f)();
+		}
+
+		return ret;
+	}
+
+	list_for_each_entry(change, &update->changes, list) {
+		const typeof(void (*)(void)) *f;
+		for (f = change->hooks[action].post;
+		     f < change->hooks[action].post_end; f++)
+			(*f)();
+	}
+
+	_ksdebug(update, "Atomic patch %s for %s complete\n",
+		 action == KS_APPLY ? "insertion" : "removal", update->kid);
+	return OK;
+}
+
+/* Atomically insert the update; run from within stop_machine */
+static int __apply_patches(void *updateptr)
+{
+	struct update *update = updateptr;
+	struct ksplice_mod_change *change;
+	struct ksplice_module_list_entry *entry;
+	struct ksplice_patch *p;
+	abort_t ret;
+
+	if (update->stage == STAGE_APPLIED)
+		return (__force int)OK;
+
+	if (update->stage != STAGE_PREPARING)
+		return (__force int)UNEXPECTED;
+
+	ret = check_each_task(update);
+	if (ret != OK)
+		return (__force int)ret;
+
+	list_for_each_entry(change, &update->changes, list) {
+		if (try_module_get(change->new_code_mod) != 1) {
+			struct ksplice_mod_change *change1;
+			list_for_each_entry(change1, &update->changes, list) {
+				if (change1 == change)
+					break;
+				module_put(change1->new_code_mod);
+			}
+			module_put(THIS_MODULE);
+			return (__force int)UNEXPECTED;
+		}
+	}
+
+	list_for_each_entry(change, &update->changes, list) {
+		const typeof(int (*)(void)) *f;
+		for (f = change->hooks[KS_APPLY].check;
+		     f < change->hooks[KS_APPLY].check_end; f++) {
+			if ((*f)() != 0)
+				return (__force int)CALL_FAILED;
+		}
+	}
+
+	/* Commit point: the update application will succeed. */
+
+	update->stage = STAGE_APPLIED;
+	add_taint(TAINT_KSPLICE);
+
+	list_for_each_entry(entry, &update->ksplice_module_list, update_list)
+		list_add(&entry->list, &ksplice_modules);
+
+	list_for_each_entry(change, &update->changes, list) {
+		for (p = change->patches; p < change->patches_end; p++)
+			insert_trampoline(p);
+	}
+
+	list_for_each_entry(change, &update->changes, list) {
+		const typeof(void (*)(void)) *f;
+		for (f = change->hooks[KS_APPLY].intra;
+		     f < change->hooks[KS_APPLY].intra_end; f++)
+			(*f)();
+	}
+
+	return (__force int)OK;
+}
+
+/* Atomically remove the update; run from within stop_machine */
+static int __reverse_patches(void *updateptr)
+{
+	struct update *update = updateptr;
+	struct ksplice_mod_change *change;
+	struct ksplice_module_list_entry *entry;
+	const struct ksplice_patch *p;
+	abort_t ret;
+
+	if (update->stage != STAGE_APPLIED)
+		return (__force int)OK;
+
+	list_for_each_entry(change, &update->changes, list) {
+		if (module_refcount(change->new_code_mod) != 1)
+			return (__force int)MODULE_BUSY;
+	}
+
+	list_for_each_entry(entry, &update->ksplice_module_list, update_list) {
+		if (!entry->applied &&
+		    find_module(entry->target_mod_name) != NULL)
+			return COLD_UPDATE_LOADED;
+	}
+
+	ret = check_each_task(update);
+	if (ret != OK)
+		return (__force int)ret;
+
+	list_for_each_entry(change, &update->changes, list) {
+		for (p = change->patches; p < change->patches_end; p++) {
+			ret = verify_trampoline(change, p);
+			if (ret != OK)
+				return (__force int)ret;
+		}
+	}
+
+	list_for_each_entry(change, &update->changes, list) {
+		const typeof(int (*)(void)) *f;
+		for (f = change->hooks[KS_REVERSE].check;
+		     f < change->hooks[KS_REVERSE].check_end; f++) {
+			if ((*f)() != 0)
+				return (__force int)CALL_FAILED;
+		}
+	}
+
+	/* Commit point: the update reversal will succeed. */
+
+	update->stage = STAGE_REVERSED;
+
+	list_for_each_entry(change, &update->changes, list)
+		module_put(change->new_code_mod);
+
+	list_for_each_entry(entry, &update->ksplice_module_list, update_list)
+		list_del(&entry->list);
+
+	list_for_each_entry(change, &update->changes, list) {
+		const typeof(void (*)(void)) *f;
+		for (f = change->hooks[KS_REVERSE].intra;
+		     f < change->hooks[KS_REVERSE].intra_end; f++)
+			(*f)();
+	}
+
+	list_for_each_entry(change, &update->changes, list) {
+		for (p = change->patches; p < change->patches_end; p++)
+			remove_trampoline(p);
+	}
+
+	return (__force int)OK;
+}
+
+/*
+ * Check whether any thread's instruction pointer or any address of
+ * its stack is contained in one of the safety_records associated with
+ * the update.
+ *
+ * check_each_task must be called from inside stop_machine, because it
+ * does not take tasklist_lock (which cannot be held by anyone else
+ * during stop_machine).
+ */
+static abort_t check_each_task(struct update *update)
+{
+	const struct task_struct *g, *p;
+	abort_t status = OK, ret;
+	do_each_thread(g, p) {
+		/* do_each_thread is a double loop! */
+		ret = check_task(update, p, false);
+		if (ret != OK) {
+			check_task(update, p, true);
+			status = ret;
+		}
+		if (ret != OK && ret != CODE_BUSY)
+			return ret;
+	} while_each_thread(g, p);
+	return status;
+}
+
+static abort_t check_task(struct update *update,
+			  const struct task_struct *t, bool rerun)
+{
+	abort_t status, ret;
+	struct conflict *conf = NULL;
+
+	if (rerun) {
+		conf = kmalloc(sizeof(*conf), GFP_ATOMIC);
+		if (conf == NULL)
+			return OUT_OF_MEMORY;
+		conf->process_name = kstrdup(t->comm, GFP_ATOMIC);
+		if (conf->process_name == NULL) {
+			kfree(conf);
+			return OUT_OF_MEMORY;
+		}
+		conf->pid = t->pid;
+		INIT_LIST_HEAD(&conf->stack);
+		list_add(&conf->list, &update->conflicts);
+	}
+
+	status = check_address(update, conf, KSPLICE_IP(t));
+	if (t == current) {
+		ret = check_stack(update, conf, task_thread_info(t),
+				  (unsigned long *)__builtin_frame_address(0));
+		if (status == OK)
+			status = ret;
+	} else if (!task_curr(t)) {
+		ret = check_stack(update, conf, task_thread_info(t),
+				  (unsigned long *)KSPLICE_SP(t));
+		if (status == OK)
+			status = ret;
+	} else if (!is_stop_machine(t)) {
+		status = UNEXPECTED_RUNNING_TASK;
+	}
+	return status;
+}
+
+static abort_t check_stack(struct update *update, struct conflict *conf,
+			   const struct thread_info *tinfo,
+			   const unsigned long *stack)
+{
+	abort_t status = OK, ret;
+	unsigned long addr;
+
+	while (valid_stack_ptr(tinfo, stack)) {
+		addr = *stack++;
+		ret = check_address(update, conf, addr);
+		if (ret != OK)
+			status = ret;
+	}
+	return status;
+}
+
+static abort_t check_address(struct update *update,
+			     struct conflict *conf, unsigned long addr)
+{
+	abort_t status = OK, ret;
+	const struct safety_record *rec;
+	struct ksplice_mod_change *change;
+	struct conflict_addr *ca = NULL;
+
+	if (conf != NULL) {
+		ca = kmalloc(sizeof(*ca), GFP_ATOMIC);
+		if (ca == NULL)
+			return OUT_OF_MEMORY;
+		ca->addr = addr;
+		ca->has_conflict = false;
+		ca->label = NULL;
+		list_add(&ca->list, &conf->stack);
+	}
+
+	list_for_each_entry(change, &update->changes, list) {
+		unsigned long tramp_addr = follow_trampolines(change, addr);
+		list_for_each_entry(rec, &change->safety_records, list) {
+			ret = check_record(ca, rec, tramp_addr);
+			if (ret != OK)
+				status = ret;
+		}
+	}
+	return status;
+}
+
+static abort_t check_record(struct conflict_addr *ca,
+			    const struct safety_record *rec, unsigned long addr)
+{
+	if (addr >= rec->addr && addr < rec->addr + rec->size) {
+		if (ca != NULL) {
+			ca->label = rec->label;
+			ca->has_conflict = true;
+		}
+		return CODE_BUSY;
+	}
+	return OK;
+}
+
+/* Is the task one of the stop_machine tasks? */
+static bool is_stop_machine(const struct task_struct *t)
+{
+	const char *kstop_prefix = "kstop/";
+	const char *num;
+	if (!strstarts(t->comm, kstop_prefix))
+		return false;
+	num = t->comm + strlen(kstop_prefix);
+	return num[strspn(num, "0123456789")] == '\0';
+}
+
+static void cleanup_conflicts(struct update *update)
+{
+	struct conflict *conf;
+	list_for_each_entry(conf, &update->conflicts, list) {
+		clear_list(&conf->stack, struct conflict_addr, list);
+		kfree(conf->process_name);
+	}
+	clear_list(&update->conflicts, struct conflict, list);
+}
+
+static void print_conflicts(struct update *update)
+{
+	const struct conflict *conf;
+	const struct conflict_addr *ca;
+	list_for_each_entry(conf, &update->conflicts, list) {
+		_ksdebug(update, "stack check: pid %d (%s):", conf->pid,
+			 conf->process_name);
+		list_for_each_entry(ca, &conf->stack, list) {
+			_ksdebug(update, " %lx", ca->addr);
+			if (ca->has_conflict)
+				_ksdebug(update, " [<-CONFLICT]");
+		}
+		_ksdebug(update, "\n");
+	}
+}
+
+static void insert_trampoline(struct ksplice_patch *p)
+{
+	mm_segment_t old_fs = get_fs();
+	set_fs(KERNEL_DS);
+	memcpy(p->saved, p->vaddr, p->size);
+	memcpy(p->vaddr, p->contents, p->size);
+	flush_icache_range(p->oldaddr, p->oldaddr + p->size);
+	set_fs(old_fs);
+}
+
+static abort_t verify_trampoline(struct ksplice_mod_change *change,
+				 const struct ksplice_patch *p)
+{
+	if (memcmp(p->vaddr, p->contents, p->size) != 0) {
+		ksdebug(change, "Aborted.  Trampoline at %lx has been "
+			"overwritten.\n", p->oldaddr);
+		return CODE_BUSY;
+	}
+	return OK;
+}
+
+static void remove_trampoline(const struct ksplice_patch *p)
+{
+	mm_segment_t old_fs = get_fs();
+	set_fs(KERNEL_DS);
+	memcpy(p->vaddr, p->saved, p->size);
+	flush_icache_range(p->oldaddr, p->oldaddr + p->size);
+	set_fs(old_fs);
+}
+
+/* Returns NO_MATCH if there's already a labelval with a different value */
+static abort_t create_labelval(struct ksplice_mod_change *change,
+			       struct ksplice_symbol *ksym,
+			       unsigned long val, int status)
+{
+	val = follow_trampolines(change, val);
+	if (ksym->candidate_vals == NULL)
+		return ksym->value == val ? OK : NO_MATCH;
+
+	ksym->value = val;
+	if (status == TEMP) {
+		struct labelval *lv = kmalloc(sizeof(*lv), GFP_KERNEL);
+		if (lv == NULL)
+			return OUT_OF_MEMORY;
+		lv->symbol = ksym;
+		lv->saved_vals = ksym->candidate_vals;
+		list_add(&lv->list, &change->temp_labelvals);
+	}
+	ksym->candidate_vals = NULL;
+	return OK;
+}
+
+/*
+ * Creates a new safety_record for a old_code section based on its
+ * ksplice_section and run-pre matching information.
+ */
+static abort_t create_safety_record(struct ksplice_mod_change *change,
+				    const struct ksplice_section *sect,
+				    struct list_head *record_list,
+				    unsigned long run_addr,
+				    unsigned long run_size)
+{
+	struct safety_record *rec;
+	struct ksplice_patch *p;
+
+	if (record_list == NULL)
+		return OK;
+
+	for (p = change->patches; p < change->patches_end; p++) {
+		const struct ksplice_reloc *r = patch_reloc(change, p);
+		if (strcmp(sect->symbol->label, r->symbol->label) == 0)
+			break;
+	}
+	if (p >= change->patches_end)
+		return OK;
+
+	rec = kmalloc(sizeof(*rec), GFP_KERNEL);
+	if (rec == NULL)
+		return OUT_OF_MEMORY;
+	/*
+	 * The old_code might be unloaded when checking reversing
+	 * patches, so we need to kstrdup the label here.
+	 */
+	rec->label = kstrdup(sect->symbol->label, GFP_KERNEL);
+	if (rec->label == NULL) {
+		kfree(rec);
+		return OUT_OF_MEMORY;
+	}
+	rec->addr = run_addr;
+	rec->size = run_size;
+
+	list_add(&rec->list, record_list);
+	return OK;
+}
+
+static abort_t add_candidate_val(struct ksplice_mod_change *change,
+				 struct list_head *vals, unsigned long val)
+{
+	struct candidate_val *tmp, *new;
+
+/*
+ * Careful: follow trampolines before comparing values so that we do
+ * not mistake the obsolete function for another copy of the function.
+ */
+	val = follow_trampolines(change, val);
+
+	list_for_each_entry(tmp, vals, list) {
+		if (tmp->val == val)
+			return OK;
+	}
+	new = kmalloc(sizeof(*new), GFP_KERNEL);
+	if (new == NULL)
+		return OUT_OF_MEMORY;
+	new->val = val;
+	list_add(&new->list, vals);
+	return OK;
+}
+
+static void release_vals(struct list_head *vals)
+{
+	clear_list(vals, struct candidate_val, list);
+}
+
+/*
+ * The temp_labelvals list is used to cache those temporary labelvals
+ * that have been created to cross-check the symbol values obtained
+ * from different relocations within a single section being matched.
+ *
+ * If status is VAL, commit the temp_labelvals as final values.
+ *
+ * If status is NOVAL, restore the list of possible values to the
+ * ksplice_symbol, so that it no longer has a known value.
+ */
+static void set_temp_labelvals(struct ksplice_mod_change *change, int status)
+{
+	struct labelval *lv, *n;
+	list_for_each_entry_safe(lv, n, &change->temp_labelvals, list) {
+		if (status == NOVAL) {
+			lv->symbol->candidate_vals = lv->saved_vals;
+		} else {
+			release_vals(lv->saved_vals);
+			kfree(lv->saved_vals);
+		}
+		list_del(&lv->list);
+		kfree(lv);
+	}
+}
+
+/* Is there a Ksplice canary with given howto at blank_addr? */
+static int contains_canary(struct ksplice_mod_change *change,
+			   unsigned long blank_addr,
+			   const struct ksplice_reloc_howto *howto)
+{
+	switch (howto->size) {
+	case 1:
+		return (*(uint8_t *)blank_addr & howto->dst_mask) ==
+		    (KSPLICE_CANARY & howto->dst_mask);
+	case 2:
+		return (*(uint16_t *)blank_addr & howto->dst_mask) ==
+		    (KSPLICE_CANARY & howto->dst_mask);
+	case 4:
+		return (*(uint32_t *)blank_addr & howto->dst_mask) ==
+		    (KSPLICE_CANARY & howto->dst_mask);
+#if BITS_PER_LONG >= 64
+	case 8:
+		return (*(uint64_t *)blank_addr & howto->dst_mask) ==
+		    (KSPLICE_CANARY & howto->dst_mask);
+#endif /* BITS_PER_LONG */
+	default:
+		ksdebug(change, "Aborted.  Invalid relocation size.\n");
+		return -1;
+	}
+}
+
+/*
+ * Compute the address of the code you would actually run if you were
+ * to call the function at addr (i.e., follow the sequence of jumps
+ * starting at addr)
+ */
+static unsigned long follow_trampolines(struct ksplice_mod_change *change,
+					unsigned long addr)
+{
+	unsigned long new_addr;
+	struct module *m;
+
+	while (1) {
+		if (!__kernel_text_address(addr) ||
+		    trampoline_target(change, addr, &new_addr) != OK)
+			return addr;
+		m = __module_text_address(new_addr);
+		if (m == NULL || m == change->target ||
+		    !strstarts(m->name, "ksplice"))
+			return addr;
+		addr = new_addr;
+	}
+}
+
+/* Does module a patch module b? */
+static bool patches_module(const struct module *a, const struct module *b)
+{
+	struct ksplice_module_list_entry *entry;
+	if (a == b)
+		return true;
+	list_for_each_entry(entry, &ksplice_modules, list) {
+		if (strcmp(entry->target_mod_name, b->name) == 0 &&
+		    strcmp(entry->new_code_mod_name, a->name) == 0)
+			return true;
+	}
+	return false;
+}
+
+static bool singular(struct list_head *list)
+{
+	return !list_empty(list) && list->next->next == list;
+}
+
+static void *bsearch(const void *key, const void *base, size_t n,
+		     size_t size, int (*cmp)(const void *key, const void *elt))
+{
+	int start = 0, end = n - 1, mid, result;
+	if (n == 0)
+		return NULL;
+	while (start <= end) {
+		mid = (start + end) / 2;
+		result = cmp(key, base + mid * size);
+		if (result < 0)
+			end = mid - 1;
+		else if (result > 0)
+			start = mid + 1;
+		else
+			return (void *)base + mid * size;
+	}
+	return NULL;
+}
+
+static int compare_relocs(const void *a, const void *b)
+{
+	const struct ksplice_reloc *ra = a, *rb = b;
+	if (ra->blank_addr > rb->blank_addr)
+		return 1;
+	else if (ra->blank_addr < rb->blank_addr)
+		return -1;
+	else
+		return ra->howto->size - rb->howto->size;
+}
+
+#ifdef CONFIG_DEBUG_FS
+
+static abort_t init_debug_buf(struct update *update)
+{
+	update->debug_blob.size = 0;
+	update->debug_blob.data = NULL;
+	update->debugfs_dentry =
+	    debugfs_create_blob(update->name, S_IFREG | S_IRUSR, NULL,
+				&update->debug_blob);
+	if (update->debugfs_dentry == NULL)
+		return OUT_OF_MEMORY;
+	return OK;
+}
+
+static void clear_debug_buf(struct update *update)
+{
+	if (update->debugfs_dentry == NULL)
+		return;
+	debugfs_remove(update->debugfs_dentry);
+	update->debugfs_dentry = NULL;
+	update->debug_blob.size = 0;
+	vfree(update->debug_blob.data);
+	update->debug_blob.data = NULL;
+}
+
+static int _ksdebug(struct update *update, const char *fmt, ...)
+{
+	va_list args;
+	unsigned long size, old_size, new_size;
+
+	if (update->debug == 0)
+		return 0;
+
+	/* size includes the trailing '\0' */
+	va_start(args, fmt);
+	size = 1 + vsnprintf(update->debug_blob.data, 0, fmt, args);
+	va_end(args);
+	old_size = update->debug_blob.size == 0 ? 0 :
+	    max(PAGE_SIZE, roundup_pow_of_two(update->debug_blob.size));
+	new_size = update->debug_blob.size + size == 0 ? 0 :
+	    max(PAGE_SIZE, roundup_pow_of_two(update->debug_blob.size + size));
+	if (new_size > old_size) {
+		char *buf = vmalloc(new_size);
+		if (buf == NULL)
+			return -ENOMEM;
+		memcpy(buf, update->debug_blob.data, update->debug_blob.size);
+		vfree(update->debug_blob.data);
+		update->debug_blob.data = buf;
+	}
+	va_start(args, fmt);
+	update->debug_blob.size += vsnprintf(update->debug_blob.data +
+					     update->debug_blob.size,
+					     size, fmt, args);
+	va_end(args);
+	return 0;
+}
+#else /* CONFIG_DEBUG_FS */
+static abort_t init_debug_buf(struct update *update)
+{
+	return OK;
+}
+
+static void clear_debug_buf(struct update *update)
+{
+	return;
+}
+
+static int _ksdebug(struct update *update, const char *fmt, ...)
+{
+	va_list args;
+
+	if (update->debug == 0)
+		return 0;
+
+	if (!update->debug_continue_line)
+		printk(KERN_DEBUG "ksplice: ");
+
+	va_start(args, fmt);
+	vprintk(fmt, args);
+	va_end(args);
+
+	update->debug_continue_line =
+	    fmt[0] == '\0' || fmt[strlen(fmt) - 1] != '\n';
+	return 0;
+}
+#endif /* CONFIG_DEBUG_FS */
+
+struct update_attribute {
+	struct attribute attr;
+	ssize_t (*show)(struct update *update, char *buf);
+	ssize_t (*store)(struct update *update, const char *buf, size_t len);
+};
+
+static ssize_t update_attr_show(struct kobject *kobj, struct attribute *attr,
+				char *buf)
+{
+	struct update_attribute *attribute =
+	    container_of(attr, struct update_attribute, attr);
+	struct update *update = container_of(kobj, struct update, kobj);
+	if (attribute->show == NULL)
+		return -EIO;
+	return attribute->show(update, buf);
+}
+
+static ssize_t update_attr_store(struct kobject *kobj, struct attribute *attr,
+				 const char *buf, size_t len)
+{
+	struct update_attribute *attribute =
+	    container_of(attr, struct update_attribute, attr);
+	struct update *update = container_of(kobj, struct update, kobj);
+	if (attribute->store == NULL)
+		return -EIO;
+	return attribute->store(update, buf, len);
+}
+
+static struct sysfs_ops update_sysfs_ops = {
+	.show = update_attr_show,
+	.store = update_attr_store,
+};
+
+static void update_release(struct kobject *kobj)
+{
+	struct update *update;
+	update = container_of(kobj, struct update, kobj);
+	cleanup_ksplice_update(update);
+}
+
+static ssize_t stage_show(struct update *update, char *buf)
+{
+	switch (update->stage) {
+	case STAGE_PREPARING:
+		return snprintf(buf, PAGE_SIZE, "preparing\n");
+	case STAGE_APPLIED:
+		return snprintf(buf, PAGE_SIZE, "applied\n");
+	case STAGE_REVERSED:
+		return snprintf(buf, PAGE_SIZE, "reversed\n");
+	}
+	return 0;
+}
+
+static ssize_t abort_cause_show(struct update *update, char *buf)
+{
+	switch (update->abort_cause) {
+	case OK:
+		return snprintf(buf, PAGE_SIZE, "ok\n");
+	case NO_MATCH:
+		return snprintf(buf, PAGE_SIZE, "no_match\n");
+	case CODE_BUSY:
+		return snprintf(buf, PAGE_SIZE, "code_busy\n");
+	case MODULE_BUSY:
+		return snprintf(buf, PAGE_SIZE, "module_busy\n");
+	case OUT_OF_MEMORY:
+		return snprintf(buf, PAGE_SIZE, "out_of_memory\n");
+	case FAILED_TO_FIND:
+		return snprintf(buf, PAGE_SIZE, "failed_to_find\n");
+	case ALREADY_REVERSED:
+		return snprintf(buf, PAGE_SIZE, "already_reversed\n");
+	case MISSING_EXPORT:
+		return snprintf(buf, PAGE_SIZE, "missing_export\n");
+	case UNEXPECTED_RUNNING_TASK:
+		return snprintf(buf, PAGE_SIZE, "unexpected_running_task\n");
+	case TARGET_NOT_LOADED:
+		return snprintf(buf, PAGE_SIZE, "target_not_loaded\n");
+	case CALL_FAILED:
+		return snprintf(buf, PAGE_SIZE, "call_failed\n");
+	case COLD_UPDATE_LOADED:
+		return snprintf(buf, PAGE_SIZE, "cold_update_loaded\n");
+	case UNEXPECTED:
+		return snprintf(buf, PAGE_SIZE, "unexpected\n");
+	default:
+		return snprintf(buf, PAGE_SIZE, "unknown\n");
+	}
+	return 0;
+}
+
+static ssize_t conflict_show(struct update *update, char *buf)
+{
+	const struct conflict *conf;
+	const struct conflict_addr *ca;
+	int used = 0;
+	mutex_lock(&module_mutex);
+	list_for_each_entry(conf, &update->conflicts, list) {
+		used += snprintf(buf + used, PAGE_SIZE - used, "%s %d",
+				 conf->process_name, conf->pid);
+		list_for_each_entry(ca, &conf->stack, list) {
+			if (!ca->has_conflict)
+				continue;
+			used += snprintf(buf + used, PAGE_SIZE - used, " %s",
+					 ca->label);
+		}
+		used += snprintf(buf + used, PAGE_SIZE - used, "\n");
+	}
+	mutex_unlock(&module_mutex);
+	return used;
+}
+
+/* Used to pass maybe_cleanup_ksplice_update to kthread_run */
+static int maybe_cleanup_ksplice_update_wrapper(void *updateptr)
+{
+	struct update *update = updateptr;
+	mutex_lock(&module_mutex);
+	maybe_cleanup_ksplice_update(update);
+	mutex_unlock(&module_mutex);
+	return 0;
+}
+
+static ssize_t stage_store(struct update *update, const char *buf, size_t len)
+{
+	enum stage old_stage;
+	mutex_lock(&module_mutex);
+	old_stage = update->stage;
+	if ((strncmp(buf, "applied", len) == 0 ||
+	     strncmp(buf, "applied\n", len) == 0) &&
+	    update->stage == STAGE_PREPARING)
+		update->abort_cause = apply_update(update);
+	else if ((strncmp(buf, "reversed", len) == 0 ||
+		  strncmp(buf, "reversed\n", len) == 0) &&
+		 update->stage == STAGE_APPLIED)
+		update->abort_cause = reverse_update(update);
+	else if ((strncmp(buf, "cleanup", len) == 0 ||
+		  strncmp(buf, "cleanup\n", len) == 0) &&
+		 update->stage == STAGE_REVERSED)
+		kthread_run(maybe_cleanup_ksplice_update_wrapper, update,
+			    "ksplice_cleanup_%s", update->kid);
+
+	mutex_unlock(&module_mutex);
+	return len;
+}
+
+static ssize_t debug_show(struct update *update, char *buf)
+{
+	return snprintf(buf, PAGE_SIZE, "%d\n", update->debug);
+}
+
+static ssize_t debug_store(struct update *update, const char *buf, size_t len)
+{
+	unsigned long l;
+	int ret = strict_strtoul(buf, 10, &l);
+	if (ret != 0)
+		return ret;
+	update->debug = l;
+	return len;
+}
+
+static ssize_t partial_show(struct update *update, char *buf)
+{
+	return snprintf(buf, PAGE_SIZE, "%d\n", update->partial);
+}
+
+static ssize_t partial_store(struct update *update, const char *buf, size_t len)
+{
+	unsigned long l;
+	int ret = strict_strtoul(buf, 10, &l);
+	if (ret != 0)
+		return ret;
+	update->partial = l;
+	return len;
+}
+
+static struct update_attribute stage_attribute =
+	__ATTR(stage, 0600, stage_show, stage_store);
+static struct update_attribute abort_cause_attribute =
+	__ATTR(abort_cause, 0400, abort_cause_show, NULL);
+static struct update_attribute debug_attribute =
+	__ATTR(debug, 0600, debug_show, debug_store);
+static struct update_attribute partial_attribute =
+	__ATTR(partial, 0600, partial_show, partial_store);
+static struct update_attribute conflict_attribute =
+	__ATTR(conflicts, 0400, conflict_show, NULL);
+
+static struct attribute *update_attrs[] = {
+	&stage_attribute.attr,
+	&abort_cause_attribute.attr,
+	&debug_attribute.attr,
+	&partial_attribute.attr,
+	&conflict_attribute.attr,
+	NULL
+};
+
+static struct kobj_type update_ktype = {
+	.sysfs_ops = &update_sysfs_ops,
+	.release = update_release,
+	.default_attrs = update_attrs,
+};
+
+static int init_ksplice(void)
+{
+	ksplice_kobj = kobject_create_and_add("ksplice", kernel_kobj);
+	if (ksplice_kobj == NULL)
+		return -ENOMEM;
+	return 0;
+}
+
+static void cleanup_ksplice(void)
+{
+	kobject_put(ksplice_kobj);
+}
+
+module_init(init_ksplice);
+module_exit(cleanup_ksplice);
+
+MODULE_AUTHOR("Ksplice, Inc.");
+MODULE_DESCRIPTION("Ksplice rebootless update system");
+MODULE_LICENSE("GPL v2");
diff --git a/kernel/panic.c b/kernel/panic.c
index 2a2ff36..90faf4a 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -156,6 +156,7 @@ static const struct tnt tnts[] = {
 	{ TAINT_OVERRIDDEN_ACPI_TABLE, 'A', ' ' },
 	{ TAINT_WARN, 'W', ' ' },
 	{ TAINT_CRAP, 'C', ' ' },
+	{ TAINT_KSPLICE, 'K', ' ' },
 };
 
 /**
-- 
1.6.1.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ