LKML Archive on
help / color / mirror / Atom feed
From: Joe Lawrence <>
To: Miroslav Benes <>, Josh Poimboeuf <>
Subject: Re: [PATCH 2/3] livepatch: Allow user to specify functions to search for on a stack
Date: Mon, 22 Nov 2021 10:53:21 -0500	[thread overview]
Message-ID: <> (raw)
In-Reply-To: <>

On 11/22/21 2:57 AM, Miroslav Benes wrote:
> On Fri, 19 Nov 2021, Josh Poimboeuf wrote:
>> Thanks for doing this!  And at peterz-esque speed no less :-)
>> On Fri, Nov 19, 2021 at 10:03:26AM +0100, Miroslav Benes wrote:
>>> livepatch's consistency model requires that no live patched function
>>> must be found on any task's stack during a transition process after a
>>> live patch is applied. It is achieved by walking through stacks of all
>>> blocked tasks.
>>> The user might also want to define more functions to search for without
>>> them being patched at all. It may either help with preparing a live
>>> patch, which would otherwise require additional touches to achieve the
>>> consistency
>> Do we have any examples of this situation we can add to the commit log?
> I do not have anything at hand. Joe, do you remember the case you 
> mentioned previously about adding a nop to a function?

I went looking in my inbox to see... Unfortunately the closest thing I
found was a kpatchset in which we added nops to coax kpatch-build into
reverting previous patch version changes.  Not applicable here, but I
was certain we entertained the same idea to increase the task stack
check for some other problem.

Maybe adding a hypothetical scenario to the commit log would suffice?

>>> or it can be used to overcome deficiencies the stack
>>> checking inherently has. For example, GCC may optimize a function so
>>> that a part of it is moved to a different section and the function would
>>> jump to it. This child function would not be found on a stack in this
>>> case, but it may be important to search for it so that, again, the
>>> consistency is achieved.
>>> Allow the user to specify such functions on klp_object level.
>>> Signed-off-by: Miroslav Benes <>
>>> ---
>>>  include/linux/livepatch.h     | 11 +++++++++++
>>>  kernel/livepatch/core.c       | 16 ++++++++++++++++
>>>  kernel/livepatch/transition.c | 21 ++++++++++++++++-----
>>>  3 files changed, 43 insertions(+), 5 deletions(-)
>>> diff --git a/include/linux/livepatch.h b/include/linux/livepatch.h
>>> index 2614247a9781..89df578af8c3 100644
>>> --- a/include/linux/livepatch.h
>>> +++ b/include/linux/livepatch.h
>>> @@ -106,9 +106,11 @@ struct klp_callbacks {
>>>   * struct klp_object - kernel object structure for live patching
>>>   * @name:	module name (or NULL for vmlinux)
>>>   * @funcs:	function entries for functions to be patched in the object
>>> + * @funcs_stack:	function entries for functions to be stack checked
>> So there are two arrays/lists of 'klp_func', and two implied meanings of
>> what a 'klp_func' is and how it's initialized.
>> Might it be simpler and more explicit to just add a new external field
>> to 'klp_func' and continue to have a single 'funcs' array?  Similar to
>> what we already do with the special-casing of 'nop', except it would be
>> an external field, e.g. 'no_patch' or 'stack_only'.
>> Then instead of all the extra klp_for_each_func_stack_static()
>> incantations, and the special cases in higher-level callers like
>> klp_init_object() and klp_init_patch_early(), the lower-level functions
>> like klp_init_func() and klp_init_func_early() can check the field to
>> determine which initializations need to be made.  Which is kind of nice
>> IMO as it pushes that detail down more where it belongs.  And makes the
>> different types of 'klp_func' more explicit.
> I thought about doing this for a moment but then I was worried there would 
> be many places which would require special-casing, so I tried to keep it 
> separate. But yes, it would be cleaner, so definitely worth trying for v2.

I'll add that the first thing that came to mind when you raised this
feature idea in the other thread was to support existing klp_funcs array
with NULL new_func's.  I didn't go look to see how invasive it would be,
but it will be interesting to see if a single list approach turns out
any simpler for v2.


  reply	other threads:[~2021-11-22 15:53 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-19  9:03 [PATCH 0/3] " Miroslav Benes
2021-11-19  9:03 ` [PATCH 1/3] livepatch: Move the initialization of old_func to a new function Miroslav Benes
2021-11-19  9:03 ` [PATCH 2/3] livepatch: Allow user to specify functions to search for on a stack Miroslav Benes
2021-11-19 10:17   ` Peter Zijlstra
2021-11-19 18:20   ` Josh Poimboeuf
2021-11-22  7:57     ` Miroslav Benes
2021-11-22 15:53       ` Joe Lawrence [this message]
2021-11-25 10:07         ` Petr Mladek
2021-11-25 10:20           ` Miroslav Benes
2021-12-03 16:01             ` Petr Mladek
2021-11-19  9:03 ` [PATCH 3/3] selftests/livepatch: Test of the API for specifying " Miroslav Benes
2021-11-25 14:39   ` Petr Mladek
2021-11-26  9:20     ` Miroslav Benes
2021-11-26 14:06       ` Petr Mladek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \ \ \ \ \ \ \
    --subject='Re: [PATCH 2/3] livepatch: Allow user to specify functions to search for on a stack' \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).