Re: [PATCH v2 2/2] livepatch: Delete the associated module of disabled livepatch

linux-modules.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Petr Mladek <pmladek@suse.com>
To: Josh Poimboeuf <jpoimboe@kernel.org>
Cc: Yafang Shao <laoar.shao@gmail.com>,
	jikos@kernel.org, mbenes@suse.cz, joe.lawrence@redhat.com,
	mcgrof@kernel.org, live-patching@vger.kernel.org,
	linux-modules@vger.kernel.org
Subject: Re: [PATCH v2 2/2] livepatch: Delete the associated module of disabled livepatch
Date: Mon, 6 May 2024 13:32:19 +0200	[thread overview]
Message-ID: <Zji_w3dLEKMghMxr@pathway.suse.cz> (raw)
In-Reply-To: <20240503211434.wce2g4gtpwr73tya@treble>

On Fri 2024-05-03 14:14:34, Josh Poimboeuf wrote:
> On Sun, Apr 07, 2024 at 11:57:30AM +0800, Yafang Shao wrote:
> >   $ ls /sys/kernel/livepatch/
> >   livepatch_test_1                  <<<< livepatch_test_0 was replaced
> > 
> >   $ cat /sys/kernel/livepatch/livepatch_test_1/enabled
> >   1
> > 
> >   $ lsmod  | grep livepatch
> >   livepatch_test_1       16384  1
> >   livepatch_test_0       16384  0    <<<< leftover
> > 
> > Detecting which livepatch will be replaced by the new one from userspace is
> > not reliable

BTW: we handle this in rpm post install script. It removes all not longer
used livepatch modules before installing the newly installed one.


> > , necessitating the need for the operation to be performed
> > within the kernel itself. With this improvement, executing
> > `insmod livepatch-test_1.ko` will automatically remove the
> > livepatch-test_0.ko module.
> >
> > Following this change, the associated kernel module will be removed when
> > executing `echo 0 > /sys/kernel/livepatch/${livepath}/enabled`. Therefore,
> > adjustments need to be made to the selftests accordingly.
> 
> If the problem is that the user can't see which livepatch has been
> disabled, we should just fix that problem directly by leaving the
> disabled module in /sys/kernel/livepatch with an 'enabled' value of 0.
> 'enabled' could then be made read-only for replaced files.

I agree that it might remove the race. We must make sure that the
value is false only when the module can be removed. Also it would
require adding an API to remove the sysfs files from the module_exit
callback.

> That seems less disruptive to the user (and more consistent with the
> previous interface), and continues to leave the policy up to the user to
> decide if/when they want to remove the module.

I do not see any reasonable reason to keep the replaced livepatch
module loaded. It is an unusable piece of code. IMHO, it would be
really convenient if the kernel removed it.

It would be a new behavior even for the module loader. But we could
see it as a version upgrade of a kernel module.

> It would also allow easily downgrading the replaced module in the future
> (once we have proper support for that).

Sigh, I still havn't found time to prepare v2 of the patchset
reworking the callbacks.

Best Regards,
Petr

next prev parent reply	other threads:[~2024-05-06 11:32 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-07  3:57 [PATCH v2 0/2] livepatch, module: Delete the associated module of disabled livepatch Yafang Shao
2024-04-07  3:57 ` [PATCH v2 1/2] module: Add a new helper delete_module() Yafang Shao
2024-04-24 12:09   ` Yafang Shao
2024-05-04 16:53     ` Greg KH
2024-05-04 22:26       ` Josh Poimboeuf
2024-05-04 21:36     ` Luis Chamberlain
2024-05-06 11:58   ` Petr Mladek
2024-04-07  3:57 ` [PATCH v2 2/2] livepatch: Delete the associated module of disabled livepatch Yafang Shao
2024-05-03 21:14   ` Josh Poimboeuf
2024-05-06 11:32     ` Petr Mladek [this message]
2024-05-07  2:35       ` Josh Poimboeuf
2024-05-07 14:03         ` Yafang Shao
2024-05-08  5:16           ` Josh Poimboeuf
2024-05-08  6:01             ` Yafang Shao
2024-05-08  7:03               ` Josh Poimboeuf
2024-05-09  2:17                 ` Yafang Shao
2024-05-09  5:20                   ` Josh Poimboeuf
2024-05-09  5:53                     ` Yafang Shao
2024-05-09 10:16                       ` Petr Mladek
2024-05-09 11:57                         ` Yafang Shao
2024-05-09 10:51         ` Petr Mladek
2024-05-06 12:20   ` Petr Mladek
2024-05-02 13:30 ` [PATCH v2 0/2] livepatch, module: " Joe Lawrence

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Zji_w3dLEKMghMxr@pathway.suse.cz \
    --to=pmladek@suse.com \
    --cc=jikos@kernel.org \
    --cc=joe.lawrence@redhat.com \
    --cc=jpoimboe@kernel.org \
    --cc=laoar.shao@gmail.com \
    --cc=linux-modules@vger.kernel.org \
    --cc=live-patching@vger.kernel.org \
    --cc=mbenes@suse.cz \
    --cc=mcgrof@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).