Re: [PATCH v5.1 15/15] livepatch: allow removal of a disabled patch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 6 Mar 2017, Josh Poimboeuf wrote:

> 
> Currently we do not allow patch module to unload since there is no
> method to determine if a task is still running in the patched code.
> 
> The consistency model gives us the way because when the unpatching
> finishes we know that all tasks were marked as safe to call an original
> function. Thus every new call to the function calls the original code
> and at the same time no task can be somewhere in the patched code,
> because it had to leave that code to be marked as safe.
> 
> We can safely let the patch module go after that.
> 
> Completion is used for synchronization between module removal and sysfs
> infrastructure in a similar way to commit 942e443127e9 ("module: Fix
> mod->mkobj.kobj potentially freed too early").
> 
> Note that we still do not allow the removal for immediate model, that is
> no consistency model. The module refcount may increase in this case if
> somebody disables and enables the patch several times. This should not
> cause any harm.
> 
> With this change a call to try_module_get() is moved to
> __klp_enable_patch from klp_register_patch to make module reference
> counting symmetric (module_put() is in a patch disable path) and to
> allow to take a new reference to a disabled module when being enabled.
> 
> Finally, we need to be very careful about possible races between
> klp_unregister_patch(), kobject_put() functions and operations
> on the related sysfs files.
> 
> kobject_put(&patch->kobj) must be called without klp_mutex. Otherwise,
> it might be blocked by enabled_store() that needs the mutex as well.
> In addition, enabled_store() must check if the patch was not
> unregisted in the meantime.
> 
> There is no need to do the same for other kobject_put() callsites
> at the moment. Their sysfs operations neither take the lock nor
> they access any data that might be freed in the meantime.
> 
> There was an attempt to use kobjects the right way and prevent these
> races by design. But it made the patch definition more complicated
> and opened another can of worms. See
> https://lkml.kernel.org/r/1464018848-4303-1-git-send-email-pmladek@xxxxxxxx
> 
> [Thanks to Petr Mladek for improving the commit message.]
> 
> Signed-off-by: Miroslav Benes <mbenes@xxxxxxx>
> Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> Reviewed-by: Petr Mladek <pmladek@xxxxxxxx>
> ---
> v5.1: improve error handling in enable path -- call module_put() in
>       klp_cancel_transition()

Looks good.

Acked-by: Miroslav Benes <mbenes@xxxxxxx>

if it is needed for Josh's code.

Regards,
Miroslav
--
To unsubscribe from this list: send the line "unsubscribe linux-s390" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Kernel Development]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Info]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Linux Media]     [Device Mapper]

  Powered by Linux