From: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
To: Jiri Kosina <jkosina@suse.cz>
Cc: Steven Rostedt <rostedt@goodmis.org>,
Petr Mladek <pmladek@suse.cz>,
Seth Jennings <sjenning@redhat.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Vojtech Pavlik <vojtech@suse.cz>, Miroslav Benes <mbenes@suse.cz>,
Christoph Hellwig <hch@infradead.org>,
Greg KH <gregkh@linuxfoundation.org>,
Andy Lutomirski <luto@amacapital.net>,
live-patching@vger.kernel.org, x86@kernel.org, kpatch@redhat.com,
linux-kernel@vger.kernel.org
Subject: Re: Re: [PATCHv3 2/3] kernel: add support for live patching
Date: Wed, 03 Dec 2014 17:09:47 +0900 [thread overview]
Message-ID: <547EC54B.7040607@hitachi.com> (raw)
In-Reply-To: <alpine.LNX.2.00.1411252027040.23174@pobox.suse.cz>
(2014/11/26 4:29), Jiri Kosina wrote:
> On Tue, 25 Nov 2014, Steven Rostedt wrote:
>
>> It is not guaranteed from ftrace's stand point. What happens if we have
>> a kprobe handler that modifies it for someplace else? Changing the ip
>> address may not be a kpatch/kGraft privilege only.
>
> This brings me back to the RFC patch I sent back then in october ... what
> we really want to do is to at least warn about situations when we are
> going to redirect code flow (through IPMODIFY) for function that has a
> kprobe installed anywhere inside it.
Actually in my plan, normal kprobes/kretprobes don't set IPMODIFY
flag because it don't change the IP. Instead, you can even use
debugfs/kprobes/list to check whether the function is probed or not.
Or, I think we can provide atomic-conflict checking interface which
will iterate probes under locking kprobe list.
> Otherwise the probe will silently
> vanish (there is no way how to migrate it to the new function
> automatically), which might be very confusing for uses (cosider systemtap,
> for example).
Yeah, I think we can add --force option(or sysctl) to patch functions
just ignoring probed or not. (for emergency vulnerability fixes)
Thank you,
>
> I'll resurect my patch if noone beats me doing it. It should go in
> together with the live patching framework I believe.
>
> Thanks,
>
--
Masami HIRAMATSU
Software Platform Research Dept. Linux Technology Research Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@hitachi.com
next prev parent reply other threads:[~2014-12-03 8:09 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-20 22:29 [PATCHv3 0/3] Kernel Live Patching Seth Jennings
2014-11-20 22:29 ` [PATCHv3 1/3] kernel: add TAINT_LIVEPATCH Seth Jennings
2014-11-20 22:29 ` [PATCHv3 2/3] kernel: add support for live patching Seth Jennings
2014-11-21 0:22 ` Jiri Kosina
2014-11-21 14:44 ` Miroslav Benes
2014-11-21 15:00 ` Josh Poimboeuf
2014-11-21 15:46 ` Miroslav Benes
2014-11-21 16:13 ` Seth Jennings
2014-11-21 15:21 ` Josh Poimboeuf
2014-11-21 15:27 ` Jiri Kosina
2014-11-21 15:35 ` Josh Poimboeuf
2014-11-21 16:40 ` Seth Jennings
2014-11-21 17:35 ` Jiri Slaby
2014-11-21 18:29 ` Seth Jennings
2014-11-21 17:53 ` Andy Lutomirski
2014-11-21 2:39 ` Masami Hiramatsu
2014-11-25 16:39 ` Petr Mladek
2014-11-25 16:52 ` Steven Rostedt
2014-11-25 17:04 ` Petr Mladek
2014-11-25 17:16 ` Steven Rostedt
2014-11-25 19:29 ` Jiri Kosina
2014-12-03 8:09 ` Masami Hiramatsu [this message]
2014-11-24 11:13 ` Thomas Gleixner
2014-11-24 13:21 ` Jiri Kosina
2014-11-24 13:26 ` Thomas Gleixner
2014-11-24 13:31 ` Vojtech Pavlik
2014-11-24 14:25 ` Masami Hiramatsu
2014-11-24 13:31 ` Jiri Kosina
2014-11-24 13:23 ` Vojtech Pavlik
2014-11-24 13:24 ` Josh Poimboeuf
2014-11-24 13:27 ` Masami Hiramatsu
2014-11-20 22:29 ` [PATCHv3 3/3] kernel: add sysfs documentation " Seth Jennings
2014-11-21 2:49 ` Masami Hiramatsu
2014-11-21 16:41 ` Seth Jennings
2014-11-21 2:44 ` [PATCHv3 0/3] Kernel Live Patching Masami Hiramatsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=547EC54B.7040607@hitachi.com \
--to=masami.hiramatsu.pt@hitachi.com \
--cc=gregkh@linuxfoundation.org \
--cc=hch@infradead.org \
--cc=jkosina@suse.cz \
--cc=jpoimboe@redhat.com \
--cc=kpatch@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mbenes@suse.cz \
--cc=pmladek@suse.cz \
--cc=rostedt@goodmis.org \
--cc=sjenning@redhat.com \
--cc=vojtech@suse.cz \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.