From: Petr Mladek <pmladek@suse.com>
To: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Jessica Yu <jeyu@redhat.com>, Jiri Kosina <jikos@kernel.org>,
Miroslav Benes <mbenes@suse.cz>, Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Michael Ellerman <mpe@ellerman.id.au>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
x86@kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-s390@vger.kernel.org, Vojtech Pavlik <vojtech@suse.com>,
Jiri Slaby <jslaby@suse.cz>,
Chris J Arges <chris.j.arges@canonical.com>,
Andy Lutomirski <luto@kernel.org>
Subject: Re: [RFC PATCH v2 17/18] livepatch: change to a per-task consistency model
Date: Mon, 6 Jun 2016 15:54:41 +0200 [thread overview]
Message-ID: <20160606135441.GB10840@pathway.suse.cz> (raw)
In-Reply-To: <d60b2b9ce6911bb10dbbf244df58df31c7a8af66.1461875890.git.jpoimboe@redhat.com>
On Thu 2016-04-28 15:44:48, Josh Poimboeuf wrote:
> Change livepatch to use a basic per-task consistency model. This is the
> foundation which will eventually enable us to patch those ~10% of
> security patches which change function or data semantics. This is the
> biggest remaining piece needed to make livepatch more generally useful.
> diff --git a/kernel/livepatch/transition.c b/kernel/livepatch/transition.c
> new file mode 100644
> index 0000000..92819bb
> --- /dev/null
> +++ b/kernel/livepatch/transition.c
> +/*
> + * Try to safely switch a task to the target patch state. If it's currently
> + * running, or it's sleeping on a to-be-patched or to-be-unpatched function, or
> + * if the stack is unreliable, return false.
> + */
> +static bool klp_try_switch_task(struct task_struct *task)
> +{
> + struct rq *rq;
> + unsigned long flags;
This should be of type "struct rq_flags". Otherwise, I get compilation
warnings:
kernel/livepatch/transition.c: In function ‘klp_try_switch_task’:
kernel/livepatch/transition.c:349:2: warning: passing argument 2 of ‘task_rq_lock’ from incompatible pointer type [enabled by default]
rq = task_rq_lock(task, &flags);
^
In file included from kernel/livepatch/transition.c:24:0:
kernel/livepatch/../sched/sched.h:1468:12: note: expected ‘struct rq_flags *’ but argument is of type ‘long unsigned int *’
struct rq *task_rq_lock(struct task_struct *p, struct rq_flags *rf)
^
kernel/livepatch/transition.c:367:2: warning: passing argument 3 of ‘task_rq_unlock’ from incompatible pointer type [enabled by default]
task_rq_unlock(rq, task, &flags);
^
In file included from kernel/livepatch/transition.c:24:0:
kernel/livepatch/../sched/sched.h:1480:1: note: expected ‘struct rq_flags *’ but argument is of type ‘long unsigned int *’
task_rq_unlock(struct rq *rq, struct task_struct *p, struct rq_flags *rf)
And even runtime warnings from lockdep:
[ 212.847548] WARNING: CPU: 1 PID: 3847 at kernel/locking/lockdep.c:3532 lock_release+0x431/0x480
[ 212.847549] releasing a pinned lock
[ 212.847550] Modules linked in: livepatch_sample(E+)
[ 212.847555] CPU: 1 PID: 3847 Comm: modprobe Tainted: G E K 4.7.0-rc1-next-20160602-4-default+ #336
[ 212.847556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[ 212.847558] 0000000000000000 ffff880139823aa0 ffffffff814388dc ffff880139823af0
[ 212.847562] 0000000000000000 ffff880139823ae0 ffffffff8106fad1 00000dcc82b11390
[ 212.847565] ffff88013fc978d8 ffffffff810eea1e ffff8800ba0ed6d0 0000000000000003
[ 212.847569] Call Trace:
[ 212.847572] [<ffffffff814388dc>] dump_stack+0x85/0xc9
[ 212.847575] [<ffffffff8106fad1>] __warn+0xd1/0xf0
[ 212.847578] [<ffffffff810eea1e>] ? klp_try_switch_task.part.3+0x5e/0x2b0
[ 212.847580] [<ffffffff8106fb3f>] warn_slowpath_fmt+0x4f/0x60
[ 212.847582] [<ffffffff810cc151>] lock_release+0x431/0x480
[ 212.847585] [<ffffffff8101e258>] ? dump_trace+0x118/0x310
[ 212.847588] [<ffffffff8195d07c>] ? entry_SYSCALL_64_fastpath+0x1f/0xbd
[ 212.847590] [<ffffffff8195c8bf>] _raw_spin_unlock+0x1f/0x30
[ 212.847600] [<ffffffff810eea1e>] klp_try_switch_task.part.3+0x5e/0x2b0
[ 212.847603] [<ffffffff810ef0e4>] klp_try_complete_transition+0x84/0x190
[ 212.847605] [<ffffffff810ed370>] __klp_enable_patch+0xb0/0x130
[ 212.847607] [<ffffffff810ed445>] klp_enable_patch+0x55/0x80
[ 212.847610] [<ffffffffa0000030>] ? livepatch_cmdline_proc_show+0x30/0x30 [livepatch_sample]
[ 212.847613] [<ffffffffa0000061>] livepatch_init+0x31/0x70 [livepatch_sample]
[ 212.847615] [<ffffffffa0000030>] ? livepatch_cmdline_proc_show+0x30/0x30 [livepatch_sample]
[ 212.847617] [<ffffffff8100041d>] do_one_initcall+0x3d/0x160
[ 212.847629] [<ffffffff81196c9b>] ? do_init_module+0x27/0x1e4
[ 212.847632] [<ffffffff810e7172>] ? rcu_read_lock_sched_held+0x62/0x70
[ 212.847634] [<ffffffff811fdea2>] ? kmem_cache_alloc_trace+0x282/0x340
[ 212.847636] [<ffffffff81196cd4>] do_init_module+0x60/0x1e4
[ 212.847638] [<ffffffff81111fd2>] load_module+0x1482/0x1d40
[ 212.847640] [<ffffffff8110ea10>] ? __symbol_put+0x40/0x40
[ 212.847643] [<ffffffff81112aa9>] SYSC_finit_module+0xa9/0xd0
[ 212.847645] [<ffffffff81112aee>] SyS_finit_module+0xe/0x10
[ 212.847647] [<ffffffff8195d07c>] entry_SYSCALL_64_fastpath+0x1f/0xbd
[ 212.847649] ---[ end trace e4e9f09d45443049 ]---
> + int ret;
> + bool success = false;
> +
> + /* check if this task has already switched over */
> + if (task->patch_state == klp_target_state)
> + return true;
> +
> + /*
> + * For arches which don't have reliable stack traces, we have to rely
> + * on other methods (e.g., switching tasks at the syscall barrier).
> + */
> + if (!IS_ENABLED(CONFIG_RELIABLE_STACKTRACE))
> + return false;
> +
> + /*
> + * Now try to check the stack for any to-be-patched or to-be-unpatched
> + * functions. If all goes well, switch the task to the target patch
> + * state.
> + */
> + rq = task_rq_lock(task, &flags);
> +
> + if (task_running(rq, task) && task != current) {
> + pr_debug("%s: pid %d (%s) is running\n", __func__, task->pid,
> + task->comm);
Also I think about using printk_deferred() inside the rq_lock but
it is not strictly needed. Also we use only pr_debug() here which
is a NOP when not enabled.
Best Regards,
Petr
next prev parent reply other threads:[~2016-06-06 13:54 UTC|newest]
Thread overview: 118+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-28 20:44 [RFC PATCH v2 00/18] livepatch: hybrid consistency model Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 01/18] x86/asm/head: clean up initial stack variable Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 02/18] x86/asm/head: use a common function for starting CPUs Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 03/18] x86/asm/head: standardize the bottom of the stack for idle tasks Josh Poimboeuf
2016-04-29 18:46 ` Brian Gerst
2016-04-29 20:28 ` Josh Poimboeuf
2016-04-29 19:39 ` Andy Lutomirski
2016-04-29 20:50 ` Josh Poimboeuf
2016-04-29 21:38 ` Andy Lutomirski
2016-04-29 23:27 ` Josh Poimboeuf
2016-04-30 0:10 ` Andy Lutomirski
2016-04-28 20:44 ` [RFC PATCH v2 04/18] x86: move _stext marker before head code Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 05/18] sched: add task flag for preempt IRQ tracking Josh Poimboeuf
2016-04-29 18:06 ` Andy Lutomirski
2016-04-29 20:11 ` Josh Poimboeuf
2016-04-29 20:19 ` Andy Lutomirski
2016-04-29 20:27 ` Josh Poimboeuf
2016-04-29 20:32 ` Andy Lutomirski
2016-04-29 21:25 ` Josh Poimboeuf
2016-04-29 21:37 ` Andy Lutomirski
2016-04-29 22:11 ` Jiri Kosina
2016-04-29 22:57 ` Josh Poimboeuf
2016-04-30 0:09 ` Andy Lutomirski
2016-04-29 22:41 ` Josh Poimboeuf
2016-04-30 0:08 ` Andy Lutomirski
2016-05-02 13:52 ` Josh Poimboeuf
2016-05-02 15:52 ` Andy Lutomirski
2016-05-02 17:31 ` Josh Poimboeuf
2016-05-02 18:12 ` Andy Lutomirski
2016-05-02 18:34 ` Ingo Molnar
2016-05-02 19:44 ` Josh Poimboeuf
2016-05-02 19:54 ` Jiri Kosina
2016-05-02 20:00 ` Jiri Kosina
2016-05-03 0:39 ` Andy Lutomirski
2016-05-04 15:16 ` David Laight
2016-05-19 23:15 ` Josh Poimboeuf
2016-05-19 23:39 ` Andy Lutomirski
2016-05-20 14:05 ` Josh Poimboeuf
2016-05-20 15:41 ` Andy Lutomirski
2016-05-20 16:41 ` Josh Poimboeuf
2016-05-20 16:59 ` Andy Lutomirski
2016-05-20 17:49 ` Josh Poimboeuf
2016-05-23 23:02 ` Jiri Kosina
2016-05-24 1:42 ` Andy Lutomirski
2016-05-23 21:34 ` Andy Lutomirski
2016-05-24 2:28 ` Josh Poimboeuf
2016-05-24 3:52 ` Andy Lutomirski
2016-06-22 16:30 ` Josh Poimboeuf
2016-06-22 17:59 ` Andy Lutomirski
2016-06-22 18:22 ` Josh Poimboeuf
2016-06-22 18:26 ` Andy Lutomirski
2016-06-22 18:40 ` Josh Poimboeuf
2016-06-22 19:17 ` Andy Lutomirski
2016-06-23 16:19 ` Josh Poimboeuf
2016-06-23 16:35 ` Andy Lutomirski
2016-06-23 18:31 ` Josh Poimboeuf
2016-06-23 20:40 ` Josh Poimboeuf
2016-06-23 22:00 ` Andy Lutomirski
2016-06-23 0:09 ` Andy Lutomirski
2016-06-23 15:55 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 06/18] x86: dump_trace() error handling Josh Poimboeuf
2016-04-29 13:45 ` Minfei Huang
2016-04-29 14:00 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 07/18] stacktrace/x86: function for detecting reliable stack traces Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 08/18] livepatch: temporary stubs for klp_patch_pending() and klp_patch_task() Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 09/18] livepatch/x86: add TIF_PATCH_PENDING thread flag Josh Poimboeuf
2016-04-29 18:08 ` Andy Lutomirski
2016-04-29 20:18 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 10/18] livepatch/powerpc: " Josh Poimboeuf
2016-05-03 9:07 ` Petr Mladek
2016-05-03 12:06 ` Miroslav Benes
2016-04-28 20:44 ` [RFC PATCH v2 11/18] livepatch/s390: reorganize TIF thread flag bits Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 12/18] livepatch/s390: add TIF_PATCH_PENDING thread flag Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 13/18] livepatch: separate enabled and patched states Josh Poimboeuf
2016-05-03 9:30 ` Petr Mladek
2016-05-03 13:48 ` Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 14/18] livepatch: remove unnecessary object loaded check Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 15/18] livepatch: move patching functions into patch.c Josh Poimboeuf
2016-05-03 9:39 ` Petr Mladek
2016-04-28 20:44 ` [RFC PATCH v2 16/18] livepatch: store function sizes Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 17/18] livepatch: change to a per-task consistency model Josh Poimboeuf
2016-05-04 8:42 ` Petr Mladek
2016-05-04 15:51 ` Josh Poimboeuf
2016-05-05 9:41 ` Miroslav Benes
2016-05-05 13:06 ` Petr Mladek
2016-05-04 12:39 ` barriers: was: " Petr Mladek
2016-05-04 13:53 ` Peter Zijlstra
2016-05-04 16:51 ` Josh Poimboeuf
2016-05-04 14:12 ` Petr Mladek
2016-05-04 17:25 ` Josh Poimboeuf
2016-05-05 11:21 ` Petr Mladek
2016-05-09 15:42 ` Miroslav Benes
2016-05-04 17:02 ` Josh Poimboeuf
2016-05-05 10:21 ` Petr Mladek
2016-05-04 14:48 ` klp_task_patch: " Petr Mladek
2016-05-04 14:56 ` Jiri Kosina
2016-05-04 17:57 ` Josh Poimboeuf
2016-05-05 11:57 ` Petr Mladek
2016-05-06 12:38 ` Josh Poimboeuf
2016-05-09 12:23 ` Petr Mladek
2016-05-16 18:12 ` Josh Poimboeuf
2016-05-18 13:12 ` Petr Mladek
2016-05-06 11:33 ` Petr Mladek
2016-05-06 12:44 ` Josh Poimboeuf
2016-05-09 9:41 ` Miroslav Benes
2016-05-16 17:27 ` Josh Poimboeuf
2016-05-10 11:39 ` Miroslav Benes
2016-05-17 22:53 ` Jessica Yu
2016-05-18 8:16 ` Jiri Kosina
2016-05-18 16:51 ` Josh Poimboeuf
2016-05-18 20:22 ` Jiri Kosina
2016-05-23 9:42 ` David Laight
2016-05-23 18:44 ` Jiri Kosina
2016-05-24 15:06 ` David Laight
2016-05-24 22:45 ` Jiri Kosina
2016-06-06 13:54 ` Petr Mladek [this message]
2016-06-06 14:29 ` [RFC PATCH v2 17/18] " Josh Poimboeuf
2016-04-28 20:44 ` [RFC PATCH v2 18/18] livepatch: add /proc/<pid>/patch_state Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160606135441.GB10840@pathway.suse.cz \
--to=pmladek@suse.com \
--cc=chris.j.arges@canonical.com \
--cc=heiko.carstens@de.ibm.com \
--cc=jeyu@redhat.com \
--cc=jikos@kernel.org \
--cc=jpoimboe@redhat.com \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=live-patching@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mbenes@suse.cz \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=peterz@infradead.org \
--cc=vojtech@suse.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).