On Fri 2018-09-14 10:46:00, Jason Baron wrote: > > > On 09/14/2018 10:34 AM, Petr Mladek wrote: > > On Thu 2018-09-13 11:10:15, Jason Baron wrote: > >> > >> > >> On 09/03/2018 12:54 PM, Jiri Kosina wrote: > >> > >> [...] > >> > >>> In case you'd like to have anything modified/added, please let me know. > >>> > >>> Thanks, > >>> > >> > >> Hi, > >> > >> I was interested in attending as well. I am interested in if there is > >> interest in providing livepatches for the -stable trees. And if so, what > >> might that process look like? > > > > What do you mean by providing livepatches for -stable trees, please? > > > > It is true that the livepatch is built from source code. But it might > > need to be customized for different binaries. For example, inlined > > functions cannot be livepatched directly. The callers need to be > > included into the livepatch instead. The affected functions > > would depend on compiler, compiler flags, configure options, etc. > > > > I think that more practical might be to discuss what needs to be > > done to automatize the livepatch creation. > > > > So an example would be for data structure changes where a custom patch > might need to be written. Where would that live? If that can all be > automated that's awesome... IMHO, the priority is to automatize the livepatch creation when there are no semantic changes. For example, we need to detect inlined functions and optimizations that require including more functions into the livepatch. Also we need a tool for creating the extra relocations entries. Then we have some ideas how to create and maintain the custom code more easily. For example, we would like an API to handle the state of a patched functionality. Then a followup atomic-replace-patch could take over the already patched stuff a more safe and maintainable way. To set the expectations. I could hardly imagine to create livepatches for all existing stable patches, especially with the current cadence. I still see livepatching as a way to handle the most critical issues without reboot. White the current stable maintainers takes almost any fix as long as it compiles and nobody complains. Also livepatching is mostly about security issues where the code sharing is problematic because of embargoes. Best Regards, Petr
