From a4e189f7f21b4a034130e09c1831572f43e26d74 Mon Sep 17 00:00:00 2001 From: htpeng Date: Tue, 5 Aug 2025 14:35:41 +0800 Subject: [PATCH 1/2] doc: fix arguments error in Using section Signed-off-by: htpeng --- docs/zh/using_syscare.md | 60 ++++++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 27 deletions(-) diff --git a/docs/zh/using_syscare.md b/docs/zh/using_syscare.md index 643c9cc0..9523be27 100644 --- a/docs/zh/using_syscare.md +++ b/docs/zh/using_syscare.md @@ -38,14 +38,14 @@ ```shell syscare build \ - --patch_name HP001 \ + --patch-name HP001 \ --source kernel-5.10.0-60.66.0.91.oe2203.src.rpm \ --debuginfo kernel-debuginfo-5.10.0-60.66.0.91.oe2203.x86_64.rpm \ --output output \ --patch 001-kernel-patch-test.patch ``` - 热补丁制作过程将会在由`--workdir`参数所指定的目录中(默认为当前目录)创建以`syscare-build`开头的临时文件夹,用于存放临时文件及编译日志。 + 热补丁制作过程将会在由`--build-root`参数所指定的目录中(默认为当前目录)创建以`syscare-build`开头的临时文件夹,用于存放临时文件及编译日志。 示例: @@ -85,43 +85,49 @@ ```shell USAGE: - syscare build [OPTIONS] --patch_name --source --debuginfo ... --patch ... + syscare build [OPTIONS] --patch-name --source ... --debuginfo ... --patch ... OPTIONS: - -n, --patch_name Patch name - --patch_arch Patch architecture [default: x86_64] - --patch_version Patch version [default: 1] - --patch_release Patch release [default: 1] - --patch_description Patch description [default: (none)] - -s, --source Source package + -n, --patch-name Patch name + --patch-arch Patch architecture [default: x86_64] + --patch-version Patch version [default: 1] + --patch-release Patch release [default: 1] + --patch-description Patch description [default: (none)] + --patch-requires ... Patch requirements + -s, --source ... Source package(s) -d, --debuginfo ... Debuginfo package(s) - --workdir Working directory [default: .] + -k, --kconfig Kernel config name or path (kernel patch only) + -p, --patch ... Patch file(s) + --build-root Build directory [default: .] -o, --output Output directory [default: .] - -j, --jobs Parllel build jobs [default: 96] - --skip_compiler_check Skip compiler version check (not recommended) - --skip_cleanup Skip post-build cleanup + -j, --jobs Parallel build jobs [default: 2] + --override-line-macros Override line macros to a fixed value (userspace patch only) + --skip-compiler-check Skip compiler version check (not recommended) + --skip-cleanup Skip post-build cleanup -v, --verbose Provide more detailed info - -p, --patch ... Patch file(s) - -h, --help Prints help information - -V, --version Prints version information + -h, --help Print help information + -V, --version Print version information ``` |名称|描述|类型|备注| | ---- | ---- | ---- | ---- | -|-n, --patch_name ``|补丁名称|字符串|必选参数,需符合RPM命名规范| -|--patch_arch ``|补丁架构|字符串|默认为当前架构,需符合RPM命名规范| -|--patch_version ``|补丁版本号|字符串|默认值为1,需符合RPM命名规范| -|--patch_release ``|补丁release|数字|默认值为1,需符合RPM命名规范| -|--patch_description ``|补丁描述|字符串|默认为(none)| +|-n, --patch-name ``|补丁名称|字符串|必选参数,需符合RPM命名规范| +|--patch-arch ``|补丁架构|字符串|默认为当前架构,需符合RPM命名规范| +|--patch-version ``|补丁版本号|字符串|默认值为1,需符合RPM命名规范| +|--patch-release ``|补丁release|数字|默认值为1,需符合RPM命名规范| +|--patch-description ``|补丁描述|字符串|默认为(none)| +|--patch-requires `...`|补丁依赖|字符串|默认为(none)| |-s, --source ``|目标软件src.rpm源码包路径|字符串|必选参数,需为合法路径| |-d, --debuginfo `...`|目标软件debuginfo包路径|字符串|必选参数,可指定多个,需为合法路径| -|--workdir ``|临时文件夹路径|字符串|默认为当前执行目录,需为合法路径| +|-k, --kconfig ``|内核配置文件|字符串|默认为(openeuler_defconfig)| +|-p, --patch `...`|补丁文件路径|字符串|必选参数,可指定多个,需为合法路径| +|--build-root ``|临时文件夹路径|字符串|默认为当前执行目录,需为合法路径| |-o, --output ``|补丁输出文件夹|字符串|默认为当前执行目录,需为合法路径| |-j, --jobs ``|并行编译线程数|数字|默认为cpu线程数| +|--override-line-macros|重写LINE宏为固定值|标识|-| |--skip-compiler-check|跳过编译器检查|标识|-| |--skip-cleanup|跳过临时文件清理|标识|-| |-v, --verbose|打印详细信息|标识|-| -|-p, --patch `...`|补丁文件路径|字符串|必选参数,可指定多个,需为合法路径| |-h, --help|打印帮助信息|标识|-| |-V, --version|打印版本信息|标识|-| @@ -129,8 +135,8 @@ OPTIONS: ```shell syscare build \ - --patch_name "HP001" \ - --patch_description "CVE-2021-32675 - When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users." \ + --patch-name "HP001" \ + --patch-description "CVE-2021-32675 - When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users." \ --source ./redis-6.2.5-1.src.rpm \ --debuginfo ./redis-debuginfo-6.2.5-1.x86_64.rpm \ --output ./output \ @@ -214,7 +220,7 @@ For more information, please check "/home/dev/syscare-build.345549/build.log" | digest | 补丁指纹 | | license | 目标软件许可证 | | description | 补丁描述 | -| patch| 补丁文件列表 | +| patches | 补丁文件列表 | 示例: @@ -230,7 +236,7 @@ target: redis-6.2.5-1 target_elf: redis-server, redis-benchmark, redis-cli license: BSD and MIT description: CVE-2021-32675 - When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users. -patch: +patches: 0001-Prevent-unauthenticated-client-from-easily-consuming.patch ``` -- Gitee From 932c3a1d0613181ed2b1f707996c557f1047f7bd Mon Sep 17 00:00:00 2001 From: htpeng Date: Tue, 5 Aug 2025 15:51:12 +0800 Subject: [PATCH 2/2] doc: modify description and format error in Constraint section Signed-off-by: htpeng --- docs/zh/constraints.md | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/docs/zh/constraints.md b/docs/zh/constraints.md index fe017060..69f0f05b 100644 --- a/docs/zh/constraints.md +++ b/docs/zh/constraints.md @@ -2,14 +2,14 @@ ## 版本约束 - 操作系统版本:当前SysCare仅支持openEuler 22.03 LTS SP1版本。 + 操作系统版本:当前SysCare支持openEuler 22.03 LTS SP1及以上版本。 硬件架构:x86_64 / aarch64。 ## 应用约束 - 1. 当前对LINE宏的处理需要对每个软件进行适配,当前仅考虑适配redis、nginx,其他未适配的软件可能会造成patch的size过大。后续会考虑引入参数支持用户自行适配。 - 2. 用户态热补丁对于一个ELF文件,只支持一个补丁,如需修复多个bug,可将多个bugfix的patch文件同时传入补丁制作参数中,可制作出修复多个bug的热补丁。 +1. 当前对LINE宏的处理需要对每个软件进行适配,当前仅考虑适配redis、nginx,其他未适配的软件可能会造成patch的size过大。后续会考虑引入参数支持用户自行适配。 +2. 用户态热补丁对于一个ELF文件,只支持一个补丁,如需修复多个bug,可将多个bugfix的patch文件同时传入补丁制作参数中,可制作出修复多个bug的热补丁。 ## 语言约束 @@ -18,18 +18,18 @@ ## 其他约束 - -前仅支持64位系统; - -当前仅支持ELF格式的热修复,暂不支持解释型语言; - -当前仅支持gcc / g++编译器; - -编译器需要支持`-gdwarf`、`-ffunction-sections`、`-fdata-sections`参数; - -仅支持DWARF格式的调试信息; - -暂不支持交叉编译; - -暂无法识别文件名相同,并且局部变量和函数名称完全一致的不同路径源码文件; - -暂不支持汇编修改(包括`.S`文件及内联汇编); - -不支持新增外部符号(动态库依赖); - -暂不支持对同一个二进制打多个补丁; - -暂不支持C & C++ 混合编译; - -暂不支持C++ exception修改; - -暂不支持group section: ```-g3```编译选项,特定编译优化选项,特定gcc plugin等; - -暂不支持新增ifunc: ```__attribute__((ifunc("foo")))```; - -暂不支持新增TLS变量: ```__thread int foo```。 +- 当前仅支持64位系统; +- 当前仅支持ELF格式的热修复,暂不支持解释型语言; +- 当前仅支持gcc / g++编译器; +- 编译器需要支持`-gdwarf`、`-ffunction-sections`、`-fdata-sections`参数; +- 仅支持DWARF格式的调试信息; +- 暂不支持交叉编译; +- 暂无法识别文件名相同,并且局部变量和函数名称完全一致的不同路径源码文件; +- 暂不支持汇编修改(包括`.S`文件及内联汇编); +- 不支持新增外部符号(动态库依赖); +- 暂不支持对同一个二进制打多个补丁; +- 暂不支持C & C++ 混合编译; +- 暂不支持C++ exception修改; +- 暂不支持group section: ```-g3```编译选项,特定编译优化选项,特定gcc plugin等; +- 暂不支持新增ifunc: ```__attribute__((ifunc("foo")))```; +- 暂不支持新增TLS变量: ```__thread int foo```。 -- Gitee