Re: [PATCH v2 1/2] livepatch: introduce shadow variable API

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri 2017-07-21 11:12:18, Miroslav Benes wrote:
> 
> > >> +{
> > >> +	struct klp_shadow *shadow;
> > >> +	unsigned long flags;
> > >> +
> > >> +	shadow = kzalloc(new_size + sizeof(*shadow), gfp_flags);
> > >> +	if (!shadow)
> > >> +		return NULL;
> > >> +
> > >> +	shadow->obj = obj;
> > >> +	shadow->num = num;
> > >> +	if (new_data)
> > >> +		memcpy(shadow->new_data, new_data, new_size);
> > >> +
> > >> +	if (lock)
> > >> +		spin_lock_irqsave(&klp_shadow_lock, flags);
> > >> +	hash_add_rcu(klp_shadow_hash, &shadow->node, (unsigned long)obj);
> > > 
> > > We should check if the shadow variable already existed. Otherwise,
> > > it would be possible to silently create many duplicates.
> > > 
> > > It would make klp_shadow_attach() and klp_shadow_get_or_attach()
> > > to behave the same.
> > 
> > They would be almost exactly the same, except one version would bounce a
> > redundant entry while the other would return the existing one.  I could
> > envision callers wanting any of the following behavior:
> > 
> > If a shadow <obj, id> already exists:
> >   0 - add a second shadow variable (??? why)
> >   1 - return NULL, WARN
> >   2 - return the existing one
> >   3 - update the existing one with the new data and return it
> > 
> > * v2 klp_shadow_attach() currently implements #0, can be made to do #1
> > * v2 klp_shadow_get_or_attach() currently implements #2, but maybe #3
> > makes more sense
> 
> I have a feeling that we're becoming overprotective here again. I think 
> that klp_shadow_attach() adding a new entry makes sense. 
> Although I can imagine #1. I think it is a responsibility of the user to 
> know what to call. And that is what klp_shadow_get_or_attach() is for.

The shadow id is an integer. This prevents also from using the same
id by two patches for a different purpose. The two livepatches might
be crated months after each other. There might be many fixes
accumulated in the livepatch. Is it really almost impossible
to make mistakes so this rather small change is not worth it?

Another motivation is that the author of the livepatch usually
is not familiar with the patched code. It makes it more prone
to mistakes.

Best Regards,
Petr
--
To unsubscribe from this list: send the line "unsubscribe live-patching" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux