From: Torsten Duwe <duwe@lst.de>
To: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Miroslav Benes <mbenes@suse.cz>, Joao Moreira <jmoreira@suse.de>,
live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
pmladek@suse.com, jikos@suse.cz, nstange@suse.de,
jroedel@suse.de, matz@suse.de, khlebnikov@yandex-team.ru,
jeyu@kernel.org
Subject: Re: [PATCH 0/8] livepatch: klp-convert tool
Date: Fri, 20 Oct 2017 15:44:12 +0200 [thread overview]
Message-ID: <20171020134412.GA28905@lst.de> (raw)
In-Reply-To: <20171020132432.majphjzzfrbcrdos@treble>
On Fri, Oct 20, 2017 at 08:24:32AM -0500, Josh Poimboeuf wrote:
> On Fri, Oct 20, 2017 at 02:44:32PM +0200, Torsten Duwe wrote:
> > On Thu, Oct 19, 2017 at 06:00:54PM +0200, Miroslav Benes wrote:
> > > On Thu, 19 Oct 2017, Josh Poimboeuf wrote:
> > > >
> > > > Sounds nice, though I wonder what the obstacles are?
> > >
> > > Those GCC optimizations you mentioned below and which I didn't connect to
> > > klp-convert itself.
> >
> > I have a bad feeling about the IPA stuff in general. An obj-based approach
> > is cool in a way that it still works, and is sure to work, if the IPA
> > assumptions that led to the optimisations still hold, but as soon as they
> > break, you're screwed big time.
>
> Huh? The obj-based approach (e.g., kpatch, bin-diff) inherently detects
> such changes. Or am I misunderstanding? If so, please elaborate.
If e.g. the old callee does not use a caller-saved reg, neither does the new
code, there is no reason to actually save it. IPA will detect this and spare
the reg save/restore. If now by any coincidence the new function needs that
register, what can you do? Patch all callers as well? You'll likely end up
with a far-too-big live patch or by coding something in assembler :-(
> > For -fpatchable-function-entries I switched
> > off IPA-RA, as especially on RISC there's _nothing_ you can do between
> > functions without at least one scratch reg. But for live patching, I'd like
> > the kernel to be compiled in the first place with 100% ABI adherence, IOW
> > all IPA optimisations turned off. Does anyone have numbers on the performance
> > impact?
>
> I agree that would be the best option.
I'm glad to hear this!-)
> > For example, if the patched functions and the fixes meet its criteria, you
> > could use CMBC (http://www.cprover.org/cbmc/) to _prove_ that the live patch
> > changes exactly what you claim to, and nothing else.
>
> Can it also prove that the patch is applied in a safe manner?
I assume this strongly depends on the test cases you build around it.
OTOH the more code you include in the test, the more likely you'll violate
the cbmc preconditions. So I guess the simple answer is "no". But this might
change in the future.
Torsten
next prev parent reply other threads:[~2017-10-20 13:44 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-29 19:01 [PATCH 0/8] livepatch: klp-convert tool Joao Moreira
2017-08-29 19:01 ` [PATCH 1/8] livepatch: Create and include UAPI headers Joao Moreira
2017-08-29 19:01 ` [PATCH 2/8] kbuild: Support for Symbols.list creation Joao Moreira
2017-08-31 15:24 ` Joe Lawrence
2017-08-31 17:34 ` Josh Poimboeuf
2017-09-04 7:23 ` Joao Moreira
2017-08-29 19:01 ` [PATCH 3/8] livepatch: Add klp-convert tool Joao Moreira
2017-08-30 20:03 ` Joao Moreira
2017-08-29 19:01 ` [PATCH 4/8] livepatch: Add klp-convert annotation helpers Joao Moreira
2017-08-29 19:01 ` [PATCH 5/8] modpost: Integrate klp-convert Joao Moreira
2017-08-29 19:01 ` [PATCH 6/8] modpost: Add modinfo flag to livepatch modules Joao Moreira
2017-08-29 19:01 ` [PATCH 7/8] livepatch: Add sample livepatch module Joao Moreira
2017-08-29 19:01 ` [PATCH 8/8] documentation: Update on livepatch elf format Joao Moreira
2017-08-30 18:00 ` [PATCH 0/8] livepatch: klp-convert tool Josh Poimboeuf
2017-10-10 14:17 ` Miroslav Benes
2017-10-11 2:46 ` Josh Poimboeuf
2017-10-11 12:42 ` Joao Moreira
2017-10-19 13:01 ` Josh Poimboeuf
2017-10-19 13:24 ` Miroslav Benes
2017-10-19 14:03 ` Josh Poimboeuf
2017-10-19 14:27 ` Miroslav Benes
2017-10-19 15:15 ` Josh Poimboeuf
2017-10-19 16:00 ` Miroslav Benes
2017-10-19 16:20 ` Josh Poimboeuf
2017-10-20 8:51 ` Miroslav Benes
2017-10-20 12:03 ` Josh Poimboeuf
2017-10-20 12:44 ` Torsten Duwe
2017-10-20 13:24 ` Josh Poimboeuf
2017-10-20 13:39 ` Miroslav Benes
2017-10-20 13:44 ` Torsten Duwe [this message]
2017-10-20 14:20 ` Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171020134412.GA28905@lst.de \
--to=duwe@lst.de \
--cc=jeyu@kernel.org \
--cc=jikos@suse.cz \
--cc=jmoreira@suse.de \
--cc=jpoimboe@redhat.com \
--cc=jroedel@suse.de \
--cc=khlebnikov@yandex-team.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=matz@suse.de \
--cc=mbenes@suse.cz \
--cc=nstange@suse.de \
--cc=pmladek@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.