On Mon, 13 Jul 2015, Jessica Yu wrote: > Do you think it would make sense for livepatch to instead establish a > module dependency requirement between the patch module and the > to-be-patched module(s), instead of relying on klp_module_notify()? i.e. > require the target module(s) be loaded before the patch module? Does it > make sense to apply a patch to a module that hasn't been loaded yet? In > what use cases would it make sense to patch module code without the > module itself being loaded? I think this is not a good idea, at least if we are targetting distro vendors as a primary consumers of livepatching infrastructure. Consider the (not unlikely) scenario where a bugfix needs to alter core network driver infrastructure (such as internal netdev API) and perform corresponding fixups in many networking drivers at the same time. As a distro vendor, you definitely want to ship this as a single livepatch, but you absolutely don't want it to cause force modprobing of every affected network driver on all systems that install that livepatch. At the same time, you really do want to make sure that once the networking driver gets eventually modprobed any time in the future (for example network device is hotplugged), it gets patched upon load. -- Jiri Kosina SUSE Labs -- To unsubscribe from this list: send the line "unsubscribe live-patching" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
