On Thu, Mar 12, 2015 at 12:55:13PM +0100, Petr Mladek wrote: > There is a notifier that handles live patches for coming and going modules. > It takes klp_mutex lock to avoid races with coming and going patches but > it does not keep the lock all the time. Therefore the following races are > possible: > > 1. The notifier is called sometime in STATE_MODULE_COMING. The module > is visible by find_module() in this state all the time. It means that > new patch can be registered and enabled even before the notifier is > called. It might create wrong order of stacked patches, see below > for an example. > > 2. New patch could still see the module in the GOING state even after > the notifier has been called. It will try to initialize the related > object structures but the module could disappear at any time. There > will stay mess in the structures. It might even cause an invalid > memory access. > > This patch solves the problem by adding a boolean variable into struct module. > The value is true after the coming and before the going handler is called. > New patches need to be applied when the value is true and they need to ignore > the module when the value is false. Acked-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe live-patching" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
