This patchset implements kfunc live-patching by allowing kernel modules
to override vmlinux kfuncs with the same name. This addresses the use
case suggested by Alexei where modules can provide enhanced, optimized,
or fixed versions of existing kfuncs without modifying the kernel, see [1].

Currently, when a kfunc exists in both vmlinux and a module, the vmlinux
version is always used, making it impossible for modules to override
kernel implementations. This limitation prevents useful scenarios like:
- Testing improved kfunc implementations before upstreaming
- Applying targeted fixes via modules without kernel recompilation
- Providing vendor-specific optimizations for certain kfuncs

The solution involves two coordinated changes:

Patch 1 modifies libbpf's find_ksym_btf_id() to search module BTFs
before vmlinux BTF, and encodes the kfunc source (vmlinux or module)
in the instruction's 'off' field during relocation.

Patch 2 updates the verifier to use insn->off for kfunc address
resolution: when off == 0, it looks up the kfunc in vmlinux via
kallsyms; when off > 0, it searches in the corresponding module's
symbol table.

Together, these changes enable module kfuncs to take precedence over
vmlinux kfuncs, while maintaining backward compatibility for programs
that don't use module BTFs.

[1]:https://lore.kernel.org/all/CAADnVQLVQW-Mb_d+zT+aSpPOZ042erPVcSHVBx9PMGET+a754Q@mail.gmail.com/


Song Chen (2):
  tools/lib/bpf/libbpf: Prioritize module kfuncs over vmlinux kfuncs
  kernel/bpf/verifier: Support module kfunc resolution via instruction
    offset

 kernel/bpf/verifier.c  | 12 ++++++++-
 tools/lib/bpf/libbpf.c | 60 +++++++++++++++++++++++++++++++-----------
 2 files changed, 56 insertions(+), 16 deletions(-)
 mode change 100644 => 100755 kernel/bpf/verifier.c

-- 
2.43.0

---
changelog:
v1 --- v2:
introduce namespace to specify module name