From: Josh Poimboeuf <jpoimboe@redhat.com>
To: Jessica Yu <jeyu@redhat.com>, Jiri Kosina <jikos@kernel.org>,
Miroslav Benes <mbenes@suse.cz>, Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Michael Ellerman <mpe@ellerman.id.au>,
Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
x86@kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-s390@vger.kernel.org, Vojtech Pavlik <vojtech@suse.com>,
Jiri Slaby <jslaby@suse.cz>, Petr Mladek <pmladek@suse.com>,
Chris J Arges <chris.j.arges@canonical.com>,
Andy Lutomirski <luto@kernel.org>
Subject: [RFC PATCH v2 00/18] livepatch: hybrid consistency model
Date: Thu, 28 Apr 2016 15:44:31 -0500 [thread overview]
Message-ID: <cover.1461875890.git.jpoimboe@redhat.com> (raw)
This is v2 of the livepatch hybrid consistency model, based on
linux-next/master.
v1 of this patch set was posted over a year ago:
https://lkml.kernel.org/r/cover.1423499826.git.jpoimboe@redhat.com
The biggest complaint at that time was that stack traces are unreliable.
Since CONFIG_STACK_VALIDATION was merged, that issue has been addressed.
I've also tried to address all other outstanding complaints and issues.
Ingo and Peter, note that I'm using task_rq_lock() in patch 17/18 to
make sure a task stays asleep while its stack gets checked. I'm not
sure if there's a better way to achieve that goal -- any suggestions
there would be greatly appreciated.
Patches 1-7 create a mechanism for detecting whether a given stack trace
can be deemed reliable.
Patches 8-18 add the consistency model. See patch 17/18 for more
details about the consistency model itself.
Remaining TODOs:
- how to patch kthreads without RELIABLE_STACKTRACE?
- safe patch module removal
- fake signal facility
- allow user to force a task to the patched state
- enable the patching of kthreads which are sleeping on affected
functions, via the livepatch ftrace handler
- WARN on certain stack error conditions
v2:
- "universe" -> "patch state"
- rename klp_update_task_universe() -> klp_patch_task()
- add preempt IRQ tracking (TF_PREEMPT_IRQ)
- fix print_context_stack_reliable() bug
- improve print_context_stack_reliable() comments
- klp_ftrace_handler comment fixes
- add "patch_state" proc file to tid_base_stuff
- schedule work even for !RELIABLE_STACKTRACE
- forked child inherits patch state from parent
- add detailed comment to livepatch.h klp_func definition about the
klp_func patched/transition state transitions
- update exit_to_usermode_loop() comment
- clear all TIF_KLP_NEED_UPDATE flags in klp_complete_transition()
- remove unnecessary function externs
- add livepatch documentation, sysfs documentation, /proc documentation
- /proc/pid/patch_state: -1 means no patch is currently being applied/reverted
- "TIF_KLP_NEED_UPDATE" -> "TIF_PATCH_PENDING"
- support for s390 and powerpc-le
- don't assume stacks with dynamic ftrace trampolines are reliable
- add _TIF_ALLWORK_MASK info to commit log
v1.9:
- revive from the dead and rebased
- reliable stacks!
- add support for immediate consistency model
- add a ton of comments
- fix up memory barriers
- remove "allow patch modules to be removed" patch for now, it still
needs more discussion and thought - it can be done with something
- "proc/pid/universe" -> "proc/pid/patch_status"
- remove WARN_ON_ONCE from !func condition in ftrace handler -- can
happen because of RCU
- keep klp_mutex private by putting the work_fn in core.c
- convert states from int to boolean
- remove obsolete '@state' comments
- several header file and include improvements suggested by Jiri S
- change kallsyms_lookup_size_offset() errors from EINVAL -> ENOENT
- change proc file permissions S_IRUGO -> USR
- use klp_for_each_object/func helpers
Jiri Slaby (1):
livepatch/s390: reorganize TIF thread flag bits
Josh Poimboeuf (16):
x86/asm/head: clean up initial stack variable
x86/asm/head: use a common function for starting CPUs
x86/asm/head: standardize the bottom of the stack for idle tasks
x86: move _stext marker before head code
sched: add task flag for preempt IRQ tracking
x86: dump_trace() error handling
stacktrace/x86: function for detecting reliable stack traces
livepatch: temporary stubs for klp_patch_pending() and
klp_patch_task()
livepatch/x86: add TIF_PATCH_PENDING thread flag
livepatch/powerpc: add TIF_PATCH_PENDING thread flag
livepatch: separate enabled and patched states
livepatch: remove unnecessary object loaded check
livepatch: move patching functions into patch.c
livepatch: store function sizes
livepatch: change to a per-task consistency model
livepatch: add /proc/<pid>/patch_state
Miroslav Benes (1):
livepatch/s390: add TIF_PATCH_PENDING thread flag
Documentation/ABI/testing/sysfs-kernel-livepatch | 8 +
Documentation/filesystems/proc.txt | 18 +
Documentation/livepatch/livepatch.txt | 132 ++++++-
arch/Kconfig | 6 +
arch/powerpc/include/asm/thread_info.h | 4 +-
arch/powerpc/kernel/signal.c | 4 +
arch/s390/include/asm/thread_info.h | 24 +-
arch/s390/kernel/entry.S | 31 +-
arch/x86/Kconfig | 1 +
arch/x86/entry/common.c | 9 +-
arch/x86/include/asm/realmode.h | 2 +-
arch/x86/include/asm/smp.h | 3 -
arch/x86/include/asm/stacktrace.h | 36 +-
arch/x86/include/asm/thread_info.h | 2 +
arch/x86/kernel/acpi/sleep.c | 2 +-
arch/x86/kernel/dumpstack.c | 108 +++++-
arch/x86/kernel/dumpstack_32.c | 22 +-
arch/x86/kernel/dumpstack_64.c | 53 ++-
arch/x86/kernel/head_32.S | 8 +-
arch/x86/kernel/head_64.S | 34 +-
arch/x86/kernel/smpboot.c | 2 +-
arch/x86/kernel/stacktrace.c | 24 ++
arch/x86/kernel/vmlinux.lds.S | 2 +-
fs/proc/base.c | 15 +
include/linux/init_task.h | 9 +
include/linux/kernel.h | 1 +
include/linux/livepatch.h | 57 ++-
include/linux/sched.h | 4 +
include/linux/stacktrace.h | 20 +-
kernel/extable.c | 2 +-
kernel/fork.c | 5 +-
kernel/livepatch/Makefile | 2 +-
kernel/livepatch/core.c | 342 +++++-----------
kernel/livepatch/patch.c | 254 ++++++++++++
kernel/livepatch/patch.h | 33 ++
kernel/livepatch/transition.c | 474 +++++++++++++++++++++++
kernel/livepatch/transition.h | 14 +
kernel/sched/core.c | 4 +
kernel/sched/idle.c | 4 +
kernel/stacktrace.c | 4 +-
lib/Kconfig.debug | 6 +
41 files changed, 1413 insertions(+), 372 deletions(-)
create mode 100644 kernel/livepatch/patch.c
create mode 100644 kernel/livepatch/patch.h
create mode 100644 kernel/livepatch/transition.c
create mode 100644 kernel/livepatch/transition.h
--
2.4.11
next reply other threads:[~2016-04-28 20:44 UTC|newest]
Thread overview: 121+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-28 20:44 Josh Poimboeuf [this message]
2016-04-28 20:44 ` [RFC PATCH v2 01/18] x86/asm/head: clean up initial stack variable Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 02/18] x86/asm/head: use a common function for starting CPUs Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 03/18] x86/asm/head: standardize the bottom of the stack for idle tasks Josh Poimboeuf
2016-04-29 18:46 ` Brian Gerst
2016-04-29 20:28 ` Josh Poimboeuf
2016-04-29 19:39 ` Andy Lutomirski
2016-04-29 20:50 ` Josh Poimboeuf
2016-04-29 21:38 ` Andy Lutomirski
2016-04-29 23:27 ` Josh Poimboeuf
2016-04-30 0:10 ` Andy Lutomirski
2016-04-28 20:44 ` [RFC PATCH v2 04/18] x86: move _stext marker before head code Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 05/18] sched: add task flag for preempt IRQ tracking Josh Poimboeuf
2016-04-29 18:06 ` Andy Lutomirski
2016-04-29 20:11 ` Josh Poimboeuf
2016-04-29 20:19 ` Andy Lutomirski
2016-04-29 20:27 ` Josh Poimboeuf
2016-04-29 20:32 ` Andy Lutomirski
2016-04-29 21:25 ` Josh Poimboeuf
2016-04-29 21:37 ` Andy Lutomirski
2016-04-29 22:11 ` Jiri Kosina
2016-04-29 22:57 ` Josh Poimboeuf
2016-04-30 0:09 ` Andy Lutomirski
2016-04-29 22:41 ` Josh Poimboeuf
2016-04-30 0:08 ` Andy Lutomirski
2016-05-02 13:52 ` Josh Poimboeuf
2016-05-02 15:52 ` Andy Lutomirski
2016-05-02 17:31 ` Josh Poimboeuf
2016-05-02 18:12 ` Andy Lutomirski
2016-05-02 18:34 ` Ingo Molnar
2016-05-02 19:44 ` Josh Poimboeuf
2016-05-02 19:54 ` Jiri Kosina
2016-05-02 20:00 ` Jiri Kosina
2016-05-03 0:39 ` Andy Lutomirski
2016-05-04 15:16 ` David Laight
2016-05-04 15:16 ` David Laight
2016-05-19 23:15 ` Josh Poimboeuf
2016-05-19 23:39 ` Andy Lutomirski
2016-05-20 14:05 ` Josh Poimboeuf
2016-05-20 15:41 ` Andy Lutomirski
2016-05-20 16:41 ` Josh Poimboeuf
2016-05-20 16:59 ` Andy Lutomirski
2016-05-20 17:49 ` Josh Poimboeuf
2016-05-23 23:02 ` Jiri Kosina
2016-05-24 1:42 ` Andy Lutomirski
2016-05-23 21:34 ` Andy Lutomirski
2016-05-24 2:28 ` Josh Poimboeuf
2016-05-24 3:52 ` Andy Lutomirski
2016-06-22 16:30 ` Josh Poimboeuf
2016-06-22 17:59 ` Andy Lutomirski
2016-06-22 18:22 ` Josh Poimboeuf
2016-06-22 18:26 ` Andy Lutomirski
2016-06-22 18:40 ` Josh Poimboeuf
2016-06-22 19:17 ` Andy Lutomirski
2016-06-23 16:19 ` Josh Poimboeuf
2016-06-23 16:35 ` Andy Lutomirski
2016-06-23 18:31 ` Josh Poimboeuf
2016-06-23 20:40 ` Josh Poimboeuf
2016-06-23 22:00 ` Andy Lutomirski
2016-06-23 0:09 ` Andy Lutomirski
2016-06-23 15:55 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 06/18] x86: dump_trace() error handling Josh Poimboeuf
2016-04-29 13:45 ` Minfei Huang
2016-04-29 14:00 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 07/18] stacktrace/x86: function for detecting reliable stack traces Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 08/18] livepatch: temporary stubs for klp_patch_pending() and klp_patch_task() Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 09/18] livepatch/x86: add TIF_PATCH_PENDING thread flag Josh Poimboeuf
2016-04-29 18:08 ` Andy Lutomirski
2016-04-29 20:18 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 10/18] livepatch/powerpc: " Josh Poimboeuf
2016-05-03 9:07 ` Petr Mladek
2016-05-03 12:06 ` Miroslav Benes
2016-04-28 20:44 ` [RFC PATCH v2 11/18] livepatch/s390: reorganize TIF thread flag bits Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 12/18] livepatch/s390: add TIF_PATCH_PENDING thread flag Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 13/18] livepatch: separate enabled and patched states Josh Poimboeuf
2016-05-03 9:30 ` Petr Mladek
2016-05-03 13:48 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 14/18] livepatch: remove unnecessary object loaded check Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 15/18] livepatch: move patching functions into patch.c Josh Poimboeuf
2016-05-03 9:39 ` Petr Mladek
2016-04-28 20:44 ` [RFC PATCH v2 16/18] livepatch: store function sizes Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 17/18] livepatch: change to a per-task consistency model Josh Poimboeuf
2016-05-04 8:42 ` Petr Mladek
2016-05-04 15:51 ` Josh Poimboeuf
2016-05-05 9:41 ` Miroslav Benes
2016-05-05 13:06 ` Petr Mladek
2016-05-04 12:39 ` barriers: was: " Petr Mladek
2016-05-04 13:53 ` Peter Zijlstra
2016-05-04 16:51 ` Josh Poimboeuf
2016-05-04 14:12 ` Petr Mladek
2016-05-04 17:25 ` Josh Poimboeuf
2016-05-05 11:21 ` Petr Mladek
2016-05-09 15:42 ` Miroslav Benes
2016-05-04 17:02 ` Josh Poimboeuf
2016-05-05 10:21 ` Petr Mladek
2016-05-04 14:48 ` klp_task_patch: " Petr Mladek
2016-05-04 14:56 ` Jiri Kosina
2016-05-04 17:57 ` Josh Poimboeuf
2016-05-05 11:57 ` Petr Mladek
2016-05-06 12:38 ` Josh Poimboeuf
2016-05-09 12:23 ` Petr Mladek
2016-05-16 18:12 ` Josh Poimboeuf
2016-05-18 13:12 ` Petr Mladek
2016-05-06 11:33 ` Petr Mladek
2016-05-06 12:44 ` Josh Poimboeuf
2016-05-09 9:41 ` Miroslav Benes
2016-05-16 17:27 ` Josh Poimboeuf
2016-05-10 11:39 ` Miroslav Benes
2016-05-17 22:53 ` Jessica Yu
2016-05-18 8:16 ` Jiri Kosina
2016-05-18 16:51 ` Josh Poimboeuf
2016-05-18 20:22 ` Jiri Kosina
2016-05-23 9:42 ` David Laight
2016-05-23 9:42 ` David Laight
2016-05-23 18:44 ` Jiri Kosina
2016-05-24 15:06 ` David Laight
2016-05-24 15:06 ` David Laight
2016-05-24 22:45 ` Jiri Kosina
2016-06-06 13:54 ` [RFC PATCH v2 17/18] " Petr Mladek
2016-06-06 14:29 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 18/18] livepatch: add /proc/<pid>/patch_state Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1461875890.git.jpoimboe@redhat.com \
--to=jpoimboe@redhat.com \
--cc=chris.j.arges@canonical.com \
--cc=heiko.carstens@de.ibm.com \
--cc=jeyu@redhat.com \
--cc=jikos@kernel.org \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=live-patching@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mbenes@suse.cz \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=peterz@infradead.org \
--cc=pmladek@suse.com \
--cc=vojtech@suse.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.