Support livepatch - part 1

[minglumlu]

This series contains the first part of changes to support live patch:

1. some existing codes are split into new files;
2. new functions to parse metadata of live patches from updateinfo;
3. get the status of running live patch (Xen and Kernel) on host;
4. get all applicable live patches from updateinfo;
5. calculate and consolidate guidance.

[lindig]

It would be better to use String.lowercase_ascii before the match is made.

[lindig]

Can we make this regex stronger? ([0-9_]+) seems to capture the expected version strings.

[minglumlu]

The version and release strings may contain other characters. Actually we don't have any expectations on the strings. Here we only need to separate them.

[robhoes]

Another option might be to chop off the livepatch_ prefix and then split the string on __. I suppose it doesn't really matter.

[lindig]

If we can describe the operation with a regular expression (because the number of fields is known in advance) I would prefer that over a procedural approach of chopping an splitting - let the regex engine do the work. A regex doesn't work if this becomes context sensitive - earlier information informs later decisions. In that case I would again consider using Angstrom because it is still quite declarative.

[lindig]

This could be expressed as when clause on the match case.

[lindig]

What is this code doing? It seems quite repetitive and using low-level operations. Parsing binary data could be easier using Angstrom which has operations to read bytes and Big Endian, Small Endian numbers.

[minglumlu]

It is going to read ELF notes from file /sys/kernel/notes to find out the running kernel's build id.
The file content is organized as some consecutive sections. For each section, at beginning of it, it's a header structure described by headers_struct. And the length of a section is determined by its headers. This function needs to find a specific section and read build id in it.

If Angstrom works for this in better way, I will look into it. Thanks :)

[lindig]

• https://github.com/lindig/fit/blob/main/lib/fit.ml#L213-L222

For example, this is code I wrote to read the (binary) header of a FIT file. There is more complex code in that file but it gives you a flavor how to read bytes, multi-byte numbers, and strings.

[psafont]

There's another example of using angstrom for decoding the output of a command, it might prove useful as well: https://github.com/xapi-project/xen-api/blob/47fae74032aa6ade0fc12e867c530eaf2a96bf75/ocaml/xapi/bios_strings.ml (and tests: https://github.com/xapi-project/xen-api/blob/47fae74032aa6ade0fc12e867c530eaf2a96bf75/ocaml/tests/test_bios_strings.ml)

Looking at the documentation of angstrom was useful when I developed the module: https://docs.ocaml.pro/docs/LIBRARY.angstrom@angstrom.0.15.0/Angstrom/index.html

[minglumlu]

Hi @lindig @psafont
Thanks for your pointers. I've reworked this with Angstrom which looks very great.

[lindig]

This needs doucumentation. What are these modules describing?

[minglumlu]

Hi Reviewers,
I reworked based on existing comments. May I please have your review more?
I squashed the fixup as I think the changes in rework are too dramatic. Sorry for this.

[lindig]

The code to extract the build information is much better now.

[lindig]

I am bit surprised about to_ - it is somewhat unusual. Does this indicate the version and release reached after applying the patch? Maybe a comment could clarify this.

[minglumlu]

Yes. It indicates that the version and release reached after applying the live patch.

[robhoes]

I see that there are comments that explain this in the mli file.

[lindig]

I'd use any_uint8 or any_int8 - which will result in an int.

[lindig]

Could we rename section' to section and get rid of this?

[lindig]

The code is using 41 but the comment says something is 4-byte aligned. What is the relevance of 41? What is the result of this function for a given x?

[lindig]

Sorry, I misread this. The 1 is actually an l - a size indicator. A comment what align 6 would do would be still helpful. Are we rounding up or down to a multiple of 4? I assume align x rounds x up to the next multiple of 4. I believe it could be simplified (here for integers):

let align4 n = ((n + 3) / 4) * 4

utop # align4 12;;
- : int = 12

utop # align4 10;;
- : int = 12

utop # align4 13;;
- : int = 16

[minglumlu]

Yeah, this is great. Thanks.

[lindig]

This could be done with a single match:

match Unix.lstat installed_symlink with
| Unix.{st_kind = S_LNK;_} -> ... Option .some
| exception _ -> None

[lindig]

This module looks too complicated to me. I would expect that a version is represented as a list of numbers and that we are comparing two strings to establish their order. I think it needs to be spelled out how strings and numbers are treated: is every string that can be read as a number considered a number, and or still a string? This makes a difference because "01" and "1" are different strings but the same number. Likewise, how is any string that cannot be read as a number treated? I am not sure but I would have started with:

type comp = Number of int | String of string
type version = comp list (* assuming a version is a list of components, each either a string or a number *)
val parse: string -> string * version (* split into package and version *)
val compare: version -> version -> int (* -1, 0, 1 *)

[minglumlu]

These bits are some existing lines which are moved into a new file only in this PR.

type comp = Number of int | String of string
This is defined as similarly as:
https://github.com/xapi-project/xen-api/pull/4678/files#diff-3c831fd11744c8735ff48fa1f9e436f357cb4316e4394855770ac300ed41dc69R55

val parse: string -> string * version (* split into package and version *)
is implemented like:
https://github.com/xapi-project/xen-api/pull/4678/files#diff-3c831fd11744c8735ff48fa1f9e436f357cb4316e4394855770ac300ed41dc69R183

and val compare: version -> version -> int (* -1, 0, 1 *) is implemented as:
https://github.com/xapi-project/xen-api/pull/4678/files#diff-3c831fd11744c8735ff48fa1f9e436f357cb4316e4394855770ac300ed41dc69R160

There are some examples to explain the rules of comparison:
https://github.com/xapi-project/xen-api/pull/4678/files#diff-3c831fd11744c8735ff48fa1f9e436f357cb4316e4394855770ac300ed41dc69R166

[lindig]

This is deprecated; use lowercase_ascii instead

[lindig]

How many lines is this function long? I would encourage to split out more functions that are defined in this function. If this is done just to keep the name space clean, I would use a local module rather than making this function larger and larger.

[minglumlu]

Thanks. I split some functions out. Indeed, the set_available_updates function was too long.

[robhoes]

It's not easy to get a good overview of the logic and control flow because there is a lot going on in the >1000 changed lines. I think it comes down to testing well. It mostly looks fine.

[robhoes]

Please do not merge yet: we are sorting out some build issues first.

[minglumlu]

It's not easy to get a good overview of the logic and control flow because there is a lot going on in the >1000 changed lines. I think it comes down to testing well. It mostly looks fine.

Sure. I will re-do tests before merging this one. And the following PRs will be unit tests and applying live patches.

[minglumlu]

Hi @lindig @robhoes
I appended a new commit for a minor fixup. 170e6c9
Would you please have a review again on it?

[robhoes]

Looks like there are now a few conflicts due to the warning-removal PR...

[minglumlu]

Tests have been done. And:
fe0634c is a result of rebasing and squashing.
8017dcf is a fixup for an issue found in test.
de7c897 is a fixup for "unused" warnings