> IMHO, it might be easier to run just the callbacks from > the new patch. In reality, the author should always know > what it might be replacing and what needs to be done. I agree. I don't see a good solution to the problem. Imagine a crazy situation in which someone would like to patch the entry code. Callbacks would be non-empty, because of the need to write to MSR and IDT. Then there might be an atomic replace cumulative patch. You don't want to run callbacks of the previous patches, because that would make the system vulnerable again. On the other hand, callbacks in the replace patch could do what is necessary. It is not only entry patching of course. I think it is valid everytime you need to write a value to a global system variable of some sort. > By other words, it might be much easier to handle all > situations in a single script in the new patch. Alternative > would be doing crazy hacks to prevent the older scripts from > destroying what we would like to keep. We would need to > keep in mind interactions between the scripts and > the order in which they are called. Crazy, yes. > Or do you plan to use cumulative patches to simply > get rid of any other "random" livepatches with something > completely different? In this case, it might be much more > safe to disable the older patches a normal way. > > I would suggest to just document the current behavior. > We should create Documentation/livepatch/cummulative-patches.txt > anyway. Agreed. Regards, Miroslav -- To unsubscribe from this list: send the line "unsubscribe live-patching" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
